University System of Maryland

Office of Internal Audit



The University System of Maryland maintains a central Internal Audit Office that independently appraises the System's activities to assist the Board of Regents and its Audit Committee in fulfilling the Board's fiduciary responsibilities. Internal Audit primarily functions to help managers discharge their responsibilities effectively, efficiently, and economically.

To that end, the Internal Audit staff reviews financial and operating activities, analyzes internal control structures and procedures, and recommends corrective measures to both administrators and operating managers. Internal Audit functions as a member of the System's management team, but responsibility for correcting deficiencies rests with the responsible administrators.


The function, which is part of the University of Maryland System, reports to and is responsible to the Board of Regents Audit Committee. The Audit Committee has authority for hiring, terminating, determining appropriate compensation, and performing annual performance reviews of the Director of Internal Audit. For administrative purposes, the Internal Audit Office reports to the Chancellor. Administratively, the Chancellor will work with the Director of Internal Audit to ensure that the Internal Audit Office maintains a professional level of independence, and that the internal audit function has adequate resources to accomplish its mission.

In carrying out its mission, the Internal Audit Office will have full, free, and unrestricted access to all System activities, including records, reports, property, and personnel. In addition, the Director of Internal Audit will have direct access to the Audit Committee, including meeting privately at least annually.

The Internal Audit Office is authorized, but not limited, to perform the following engagements:

  • Financial Audits
  • Operational Audits
  • Compliance Audits
  • Investigative Audits
  • Follow-up Audits
  • Information Systems Audits
  • Consulting Services

Internal Audit will be responsive and responsible to administrators and managers at all levels in the System. Similarly, each President and unit Director will ensure the cooperation of their administrators and managers throughout the internal audit process. Further, each President or unit Director is responsible for submitting a written response to each audit report.

The Director of Internal Audit will ensure that:

  • The audit staff is appropriately organized and competently supervised, and that professionalism is maintained through adherence to the applicable standards of the Institute of Internal Auditors (IIA), the Information System Audit and Control Association (ISACA), and the American Institute of Certified Public Accountants (AICPA).
  • Audits have been designed to detect significant operational and financial risks as well as to review the effectiveness, efficiency, and economy of operations.
  • The audit staff has sufficient knowledge to identify indicators of fraud but is not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud.
  • Operating managers, administrators, and chief executive officers are promptly and fully informed about the scope of each review, the findings, and the recommended measures for improvement.
  • An annual audit schedule is submitted for approval to the Board of Regents Audit Committee.

In addition, the Director of Internal Audit will periodically report audit activities to the Audit Committee, and will submit other reports as requested by the Audit Committee. Such written reports will include statements as to whether:

  • The Internal Audit Office has had the unrestricted access necessary to carry out its duties;
  • Appropriate action has been taken to correct findings described in audit reports; and
  • Internal and external audits have been coordinated to avoid duplicating effort.

The Director, with the Audit Committee's approval, is authorized to establish and revise procedures for carrying out this policy.