As the University is considered to be a statutory authority by the Financial Management Act 2006, Schedule 1, the University has established an Internal Audit Group to ensure that effective controls are in place in all areas of the University with financial responsibility.

The Internal Audit Group is expected to:

• review and appraise the soundness, adequacy and application of accounting, financial and related administrative controls and systems
• ascertain the extent of compliance with established policies, plans and procedures
• ascertain the extent to which University assets are accounted for and safeguarded from loss
• ascertain the reliability of accounting, financial and related administrative data within the University
• recommend improvements in the system.

Internal Audit assists the University to meet its statutory responsibilities by:

• identifying major problems and exposures to risk
• determining and reporting the extent to which the University complies with all statutory requirements and instructions
• determining and reporting adequacy, reliability and effectiveness of managerial controls operating within the University
• suggesting improvements to business processes and controls
• reporting to managers on whether the resources under their control are being managed effectively and efficiently to achieve University objectives
• monitoring fraud control and prevention mechanisms.

Policy statement

Internal audit function

Internal Audit operates as an independent review team, reporting to the Audit and Review Committee or, if required, directly to the Vice-Chancellor. Internal Audit is empowered by the Internal Audit Charter to carry out the duties listed below to standards set by the Institute of Internal Auditors Inc.

Internal Audit also takes due regard to Government Auditing Standards prepared by the Australian National Audit Office and those standards established by the Australian Society of Certified Practising Accountants and the Institute of Chartered Accountants in Australia.

The activities of Internal Audit include, but are not limited to, the following:

• determining the extent of compliance with relevant statutes, regulations, directions, instructions, delegations and standards
• assessing the currency and reliability of delegations and instructions
• reviewing and appraising the effectiveness and appropriateness of financial and administrative controls
• monitoring the adequacy, reliability, integrity and security of accounting and other management information systems
• reviewing the efficiency and effectiveness of operations
• examining the validity of measures used to assess the achievement of University operational objectives.

To ensure the objectivity and impartiality of Internal Audit is not adversely affected nor unduly influenced, the Internal Auditor will not develop and/or install systems and procedures that they may be required to review. However, Internal Audit may at times have a consultative role in determining and making recommendations on the methods and standards of controls incorporated in new systems.

Provision has been made for the following services:

• To assist management to prevent, identify and correct inefficient, ineffective or unethical activities.
• To provide professional advice and guidance regarding control, risk and other issues during the development of new systems and when major changes are made to existing systems within the University.
• To provide professional advice and guidance on accounting and control procedures based on both University procedures and manuals and on generally accepted Australian accounting and auditing principles.

In order to fulfil this role, the Internal Audit office schedules specific activities and/or Schools/Areas for internal annual audits. This process involves initial contact with the Head of School/Area to advise that an audit of their School/Area has been nominated. After the audit has occurred, an audit report is issued by the Internal Auditor.

This report is responded to by the Head of School/Area and the report and response are tabled at the Audit and Review Committee of the Senate. Any items identified by the Internal Auditor should be actioned as agreed and followed in subsequent years and/or audits.

Cooperation and access to records

Section 3, Authorisation in the Internal Audit Charter, provides that officers of Internal Audit have at all times access to relevant information and property of the University for audit and review purposes. Section 3 also provides that officers of Internal Audit can require University staff to provide explanations necessary for audit purposes.

Therefore, Internal Audit has, for audit and review purposes, the right of access to all relevant University books, accounts, vouchers, statistical records, computer-based records, correspondence, other documentation, people and premises. University staff may be called upon to provide explanations and/or information necessary for internal auditors to perform their tasks.

To ensure Internal Audit is not unduly restricted in the performance of its duties, reasonable work conditions should be provided by the section being audited. Ordinarily this means the provision of a safe workstation (with a desk and chair as a minimum) and unrestricted access and close proximity to staff, telephone, fax and photocopier.

Internal auditors are staff of The University and are employed under the same terms and conditions as other general staff members. Internal auditors are part of the overall team of the University, though they retain an independent status, and are also a source of financial advice and/or guidance.

Timely response and action of audit requirements

It is expected that University Faculties/Schools/Areas and Central Administration will provide formal and timely responses to audit recommendations and action on agreed undertakings in accordance with audit findings. The Internal Audit Charter under General Audit Standards specifies that the Internal Audit Manager will ensure reports are presented promptly for their timely use by University managers.

The Charter also requires that matters formally raised with University management shall be responded to within 10 working days of receipt of the query. The section on Role in the Internal Audit Charter requires that Internal Audit provide the University with progress reports regarding remedial action taken by management and management service groups.

Under the terms of the Audit and Review Committee Charter, the Committee is authorised and directed to monitor and critique management's responsiveness to the findings and recommendations of Internal Audit. This process is facilitated by Internal Audit's monthly reporting of unsatisfactory or outstanding matters to the Deputy Vice-Chancellor and Executive Director, Finance and Resources. Matters which remain unresolved are presented on a quarterly basis to the Audit and Review Committee for discussion and direction.

Financial Services monitors all central procedure controls and ensures effective monthly reconciliation documentation and reporting in a timely and accurate manner. Internal Audit visits Financial Services at least four times per annum in order to conduct audits on Income, Expenditure, Assets and Investments. The results of these audits are also of value in the External audit process.

Financial Services has made a commitment to Internal Audit to undertake a number of audit functions which are reviewed as part of the regular audits by Internal Audit. These audit functions involve:

• receipt number audit
• physical asset audits
• system security audits
• spot cashier audits
• petty cash audits
• spot checks on authorisation signatories, cheque runs and the like.