• Trustee Roster
• Committees
• Calendar
• Agendas/Materials
• Minutes
• Board Policies
• Accountability

Board Policies
Chapter 1 - System Organization and Administration
Section D - Office Of Internal Auditing

Click here for a PDF copy of this policy.

1D.1 Office of Internal Auditing

Part 1. Mission. The Office of Internal Auditing provides independent and objective assurance and consulting services designed to add value and improve the MnSCU colleges and universities and their supporting systems.

Part 2. Values and Principles. Internal Auditing assists the Board of Trustees, Chancellor, presidents, and all other levels of management in accomplishing objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes, such as policies, practices, procedures, organizational structures, goals and objectives, information systems, and programs.

The Office of Internal Auditing is committed to:

• Supporting the success of public higher education (student success and learning),
• Practicing with integrity, honesty, and objectivity.
• Complying with professional and ethical standards
• Protecting confidentiality of information
• Conveying results first to appropriate management (no public surprises) and as necessary to other stakeholders
• Promoting accessibility to internal auditing services, both geographically and by fostering relationships with campus personnel
• Understanding the unique needs of individual institutions
• Maintaining excellence through innovative and proactive methodologies, professional development, and continuous learning.
• Celebrating success.

Part 3. Vision Statement. The Office of Internal Auditing is a catalyst for improvement.

Part 4. Services. Internal Auditing shall be an advocate to improve and maintain accountability and promote the proper management oversight of system office and college and university programs and activities. Internal Auditing is intended to complement, and not replace, other services available either on campuses or in the system office. It has particular expertise in topics such as auditing, accounting, internal controls, financial risk management, and organizational development. When dealing with matters outside its expertise, Internal Auditing shall seek the assistance of other experts in the organization or obtain external consultative services, if necessary. It offers the following types of services in order to assist the Board of Trustees, Chancellor and presidents in accomplishing their objectives and in improving operations.

a. Assurance Services consist of examinations designed to inform interested stakeholders about the reliability and accuracy of information and information systems. System-wide topics may be selected by formal action of the Board of Trustees. Internal Auditing may also enter into agreements to conduct special studies requested by the Chancellor or a president. Studies may focus on (1) compliance with board policies, laws, and regulations, (2) reliability of information, (3) economy and efficiency of operations, (4) effectiveness in meeting goals and objectives, or (5) safeguarding of assets. Internal Auditing shall coordinate all audit-related activities conducted by the Legislative Auditor and external auditors within MnSCU. Internal Auditing must follow-up on audit findings generated by either internal or external audits and ensure that findings are satisfactorily resolved.

b. Fraud Inquiry and Investigation Support Services are intended to augment the efforts of colleges and universities to ensure that evidence of fraud or dishonest acts is investigated professionally and promptly. Internal Auditing shall look to legal counsel for leadership on any issues that may involve criminal action or reveal potential legal exposures. It is recognized that these matters must be reported to the Legislative Auditor as required by state law.

c. Consulting Services may be provided at the request of presidents, the Chancellor, or senior administrative officials, subject to the availability of resources and internal auditing expertise. These services are characterized by an identified need for improvement, a spirit of partnership and collaboration between requestor and Internal Auditing, and a focus on organizational learning. They require management's leadership and commitment, allocation of time and other resources, and may include phasing of efforts to accommodate schedules and requestor's needs. Internal Auditing provides organizational expertise, data gathering and facilitation services to expedite desired changes.

d. Professional Advice shall promote an understanding and implementation of state laws and rules, federal laws and regulations, board policies and procedures, professional accounting and auditing standards, and best practices in management and organizational development. Advice may be communicated in response to questions for which Internal Auditing has expertise, through availability of self-assessment tools, by broadly relaying or publicizing information on selected topics, or by offering workshops or seminars.

Part 5. Authority and Responsibilities. Internal Auditing has the authority to audit all parts of MnSCU and is granted full and complete access to all MnSCU records (manual or electronic), physical properties and personnel relevant to any services provided according to this policy. Access is also granted, by contract, to relevant records of all MnSCU related foundations, contractors, and partners. Documents and information given to internal auditors shall be handled in compliance with provisions of the Minnesota Government Data Practices Act. Internal Auditing shall have no direct authority over or responsibility for any of the activities or operations they review. Unless extenuating circumstances dictate, internal auditors should not develop and install procedures, prepare records or engage in activities which would normally be reviewed by Internal Auditing. Internal Auditing may review proposed systems and processes prior to implementation to assure adequate controls will exist.

Part 6. Organization. The Executive Director of Internal Auditing reports directly to the Board of Trustees through the Chair of the Board of Trustees Audit Committee. The Chancellor will handle matters related to audit departmental operations in consultation with the Chair of the Audit Committee. The Executive Director of Internal Auditing shall present to the Audit Committee a system-wide risk assessment and audit plan for each fiscal year. The plan shall include all Internal Auditing and external audit activities planned for the ensuing fiscal year. The Executive Director shall report any significant changes to the audit plan throughout the year. The Executive Director has direct and unrestricted access to the Board of Trustees. The Executive Director has the right and responsibility to report to the Trustees any circumstances that are significant violations of MnSCU controls, policies or procedures and any other matters that the Executive Director believes warrant Trustee notification. Internal Auditing is a function shared with the Chancellor and the presidents. Therefore, the Executive Director has the right and responsibility to report any matters to the Chancellor and presidents that warrant their notification or assist them in improving their operations.

Part 7. Internal Auditing Data. As required by Minnesota State Statutes 13.392, Subdivision 1, data notes, and preliminary drafts of reports created, collected, and maintained by Internal Auditing are confidential data on individuals or protected nonpublic data while work is in progress. The final report is public data, except as provided under the Minnesota Government Data Practices Act. Also, as required by Minnesota State Statutes 13.392, Subdivision 2, data on an individual supplying information for an audit or investigation that could reasonably be used to determine the individual's identity, are private data on individuals if the information supplied was needed for an audit or investigation and would not have been provided to Internal Auditing without an assurance to the individual that the individual's identity would remain private.

Part 8. Reporting. Internal Auditing reports resulting from services requested by the Audit Committee shall be distributed to members of the Board of Trustees. Copies of these reports also shall be distributed to management as appropriate. The Executive Director shall enter into an agreement with the Chancellor, other senior administrative official, or a president to direct the distribution of Internal Auditing reports resulting from services not requested by the Audit Committee. Such reports shall be distributed to the Board of Trustees if the circumstances that are cited in Part 5 of this policy are revealed. The Executive Director shall present periodic follow-up reports to the Audit Committee that shows progress toward implementing internal and external audit findings previously reported to the committee. The Executive Director shall present an annual report to the Audit Committee that shows the results of audits conducted during the previous fiscal year, including a summary of significant audit results.

---

Related Documents:

• Minnesota Statutes 13.392, Subdivision 1 and 2
• Minnesota Government Data Practices Act

Date of Implementation: 7/19/00
Date of Adoption: 7/19/00

Date & Subject of Revisions:

7/19/00 - repealed MnSCU Policy 7.2 Parts 1-2 & 4-7.
There is no additional HISTORY for 1D.1 at this time.