In June 1999, the Institute of Internal Auditors’, (IIA)’s Board of Directors approved a new definition of auditing as ‘An independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
Kisii University College supports Internal Audit as an independent appraisal function to examine and evaluate activities at the University as a service to management and the council. The mission of internal audit is to support the departments in the effective discharge of their responsibilities. To this end, internal audit will furnish them with analyses, recommendations, and information concerning the activities examined.
The Internal Audit Charter sets out the purpose, authority and responsibility of the Internal Audit Department so that it can provide an efficient and effective service.
To be recognized for its exemplary professionalism in the discharge of its duties.
To provide independent, objective assurance and consulting services designed to add value and improve the University’s system of operations, control and governance processes to assist management in ethically, effectively and efficiently fulfilling its responsibilities.
SCOPE AND MODE OF OPERATIONS.
Internal Audit Department’s work will encompass all systems, processes, operational and management controls and shall not be restricted to the audit of systems and controls necessary to form an opinion on financial statements. All systems will be included in the audit risk assessments and hence considered for review subsequently.
In assessing the adequacy and effectiveness of the University’s internal control structure, the Internal Audit Department will;
a)Review the procedure for identification and management of risks for adequacy.
b)Review financial and operating information and the means used to identify, measure, classify and report such information to validate the reliability and integrity of the process.
c)Review policies, plans, procedures, rules and regulations that could have a significant impact on operations to determine whether the University is in overall compliance.
d)Review the means to safeguard assets as well as the adequacy and effectiveness of applicable policies and practices.
e)Appraise the economy and efficiency with which resources are acquired and employed respectively.
f)Review operations and programs to ascertain whether the results are consistent with established objectives.
AUTHORITY, INDEPENDENCE AND REPORTING LINES.
The internal audit department should have unlimited access to records, personnel, and physical properties relevant to the performance of engagements.
To permit the rendering of impartial and unbiased judgment essential to the proper conduct of audits, Internal Audit will be independent of the activities it audits. Internal Audit will not have direct responsibility for, or authority over, any of the activities reviewed and will not engage in activities, which would normally be reviewed by Internal Auditors. This will not preclude Internal Auditor’s proactive involvement with management in planning processes, committees or special assignments that have been approved by the Audit, Governance and Risk Management Committee.
The internal audit review and appraisal does not in any way relieve other persons in the organization of the responsibilities assigned to them. Responsibility for complying with policies as well as correcting deficiencies rests with the respective administrators and management.
The Internal Auditor reports to the Principal administratively and to the Audit, Governance and Risk Management Committee functionally. The functional reporting line should go directly to the Audit Committee to ensure the appropriate level of independence and communication. Consequently, the Internal Auditor will report to the Principal on issues concerning budgeting and management accounting, human resource administration, and administration of the organizations internal policies and procedures. The Audit Governance and Risk Management committee will approve the internal audit charter, internal audit risk assessment and related audit plan, and all decisions regarding the appointment, review of terms and conditions of service, replacement, reassignment or dismissal of the Internal Auditor and staff. This organization structure is designed to allow the Internal Audit Department to be independent and to effectively accomplish its purpose.
The Internal Audit Department will;
a)Conduct its work in accordance with the International Standards for the Professional Practice of Internal Auditing and the Code of Ethics promulgated by the Institute of Internal Auditors, the International Standards on Auditing as well as other professional auditing standards that may be applicable.
b)Annually develop and execute a work plan that is reviewed and approved by the Audit, Governance and Risk Management Committee.
c)Provide the Audit, Governance and Risk Management Committee with a preliminary written report of the results and recommendations of each audit, analysis, review or investigation carried out. The reports will contain the department’s and management’s response to recommendations and will be distributed to the members of the Audit, Governance and Risk Management Committee two weeks before its meeting. The report must include any significant issues up to the date of preparation of the report
d)Follow up on management’s response to Internal Audit’s recommendations to determine if agreed upon internal control improvements have been implemented.
e)Coordinate and follow up on all audit reports with independent or external auditors as well as any examinations performed by regulatory agencies
f)Investigate known or suspected acts of fraud involving University funds, property and employees in coordination with the appropriate University officers.
g)Conduct special audits or studies as directed by the Principal.
h)The Internal Auditor will be Secretary to the Audit, Governance and Risk Management Committee.
i)To observe the Code of Ethics as presented in Part 4 of the audit manual.