OAC's Internal Audit Charter was approved by the Committee on Audit and Compliance of the Board of Trustees. The Charter has six key areas:
- Purpose and Mission
- Scope of Authority
- Professional Standards and Ethics
Internal Audit is an independent and objective resource to review, assess, and enhance the internal control environment at the University and to assist the University community in upgrading business processes and mitigating business risk. Internal Audit provides recommendations to assist University offices and departments to ensure:
- Good stewardship of University assets;
- Integrity of operational and financial information; and
- Compliance with external laws and regulations and University policies and procedures.
- Examine and evaluate the adequacy and effectiveness of the University’s internal control structure.
- Assess business risk and provide assurance to management and the Board regarding stewardship of University assets, integrity of operational and financial information, and compliance with applicable laws, regulations, and University policies.
- Provide Internal Audit services to the Princeton Plasma Physics Laboratory (PPPL) in accordance with the Cooperative Audit Strategy requirements of the Department of Energy.
- Update the Committee on Audit and Compliance on the status of key financial, operational, and regulatory initiatives at the University.
- Review specific operations and/or conduct special investigations at the request of the Committee on Audit and Compliance or management, as appropriate.
- Collaborate with management in a consultative role to evaluate significant new or changing systems, services, operations, and processes.
- Manage out-sourced and co-sourced audit and compliance projects.
- Communicate with External Auditors to coordinate risk mitigation efforts.
- Keep the Committee on Audit and Compliance informed of key emerging trends and best practices in Internal Audit, risk management, and compliance matters.
- Develop a flexible annual Internal Audit work plan based on a prioritization determined by using relevant risk factors, including any risks or control concerns identified by management, and submit the plan to the Committee on Audit and Compliance for approval.
- Implement the annual Internal Audit work plan, as approved, including any special projects or audits requested by management and/or the Committee on Audit and Compliance.
- Report to the Committee on Audit and Compliance and the Executive Compliance Committee the results of completed internal audits, and the extent to which prior recommendations have been implemented.
- Maintain the University’s compliance hotline and report to the Executive Compliance Committee inquiries received via the hotline.
- Annually, submit to the Committee on Audit and Compliance a summary of the accomplishments of the past fiscal year and goals and objectives for the following fiscal year.
- Maintain a professional Internal Audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this Charter.
Internal Audit is a monitoring function and has no direct operational responsibility or authority over any of the activities reviewed. Therefore, an Internal Audit review does not relieve department heads/managers of their responsibility for the maintenance and improvement of controls in their respective areas. Further, Internal Audit shall not develop or install systems or procedures, prepare records, or engage in any other activity which would normally be audited.