Office of Internal
The University System of Maryland maintains a central Internal
Audit Office that independently appraises the System's
activities to assist the Board
of Regents and its Audit Committee in fulfilling the Board's
fiduciary responsibilities. Internal Audit
primarily functions to help managers discharge their responsibilities
effectively, efficiently, and economically.
To that end, the Internal Audit staff
reviews financial and operating activities, analyzes internal control
structures and procedures, and recommends corrective measures to both
administrators and operating managers. Internal Audit
functions as a member of the System's management team, but responsibility for
correcting deficiencies rests with the responsible administrators.
The function, which is part of the University
of Maryland System, reports to and
is responsible to the Board of Regents Audit Committee. The Audit Committee has
authority for hiring, terminating, determining appropriate compensation, and
performing annual performance reviews of the Director of Internal
Audit. For administrative
purposes, the Internal Audit Office reports to
the Chancellor. Administratively, the Chancellor will work with the Director of
Internal Audit to ensure that the Internal
Audit Office maintains a professional level of independence,
and that the internal audit function has adequate resources to accomplish its
In carrying out its mission, the Internal Audit
Office will have full, free, and unrestricted access to all System activities,
including records, reports, property, and personnel. In addition, the Director
of Internal Audit will have direct access to
the Audit Committee, including meeting privately at least annually.
The Internal Audit Office is authorized,
but not limited, to perform the following engagements:
- Financial Audits
- Operational Audits
- Compliance Audits
- Investigative Audits
- Follow-up Audits
- Information Systems Audits
- Consulting Services
Internal Audit will be
responsive and responsible to administrators and managers at all levels in the
System. Similarly, each President and unit Director will ensure the cooperation
of their administrators and managers throughout the internal audit process.
Further, each President or unit Director is responsible for submitting a
written response to each audit report.
The Director of Internal Audit
will ensure that:
- The audit staff is
appropriately organized and competently supervised, and that
professionalism is maintained through adherence to the applicable
standards of the Institute of Internal Auditors
(IIA), the Information System Audit and Control Association (ISACA), and
the American Institute of Certified Public Accountants (AICPA).
- Audits have been designed to
detect significant operational and financial risks as well as to review
the effectiveness, efficiency, and economy of operations.
- The audit staff has sufficient
knowledge to identify indicators of fraud but is not expected to have the
expertise of a person whose primary responsibility is detecting and
- Operating managers,
administrators, and chief executive officers are promptly and fully
informed about the scope of each review, the findings, and the recommended
measures for improvement.
- An annual audit schedule is
submitted for approval to the Board of Regents Audit Committee.
In addition, the Director of Internal Audit
will periodically report audit activities to the Audit Committee, and will
submit other reports as requested by the Audit Committee. Such written reports
will include statements as to whether:
- The Internal
Audit Office has had the unrestricted access necessary
to carry out its duties;
- Appropriate action has been
taken to correct findings described in audit reports; and
- Internal and external audits
have been coordinated to avoid duplicating effort.
The Director, with the Audit Committee's approval, is authorized to establish
and revise procedures for carrying out this policy.
APPROVED BY THE BOARD OF REGENTS AUDIT COMMITTEE ON: 11/15/2007