Responsibilities and Objectives
The Internal Audit Department of William Paterson University has been established as an independent appraisal activity to examine and evaluate accounting, financial, and other operations as a service to management. Internal audit functions by examining and evaluating the adequacy and effectiveness of controls; examines the University’s activities and evaluates risk; compliance with and adequacy of applicable policies and procedures; and compliance with applicable laws and regulations. The objective of internal auditing is to assist management in the effective discharge of their responsibilities. To this end internal auditing furnishes analysis, appraisals, recommendations, counsel, and information concerning the activities reviewed.

Scope of Activities
Internal Audit examines, evaluates and reports on the three broad objectives and five interrelated components of Internal Control as defined by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission. The objectives of the University’s system of internal controls include:

  1. Effectiveness and efficiency of operations (including the safeguarding of resources);
  2. Reliability of financial reporting; and
  3. Compliance with applicable laws and regulations

To address these objectives and to promote early identification of known potential problems, internal audit will, as appropriate, evaluate the five interrelated components of internal control, which are:

  1. Control Environment-Control environment factors include the integrity, ethical values and competence of the University’s associates; director philosophy and operating style; the assignment of authority and responsibility, organization and development of associates and the attention and direction provided by the Board of Trustees.
  2. Risk Assessment-Risk Assessment is the identification and analysis of relevant risks to achievement of established objectives, forming a basis for determining how the risk should be managed;
  3. Control Activities-Control activities are the polices and procedures that help ensure that directives are carried out;
  4. Information and Communication-Pertinent information must be identified, captured and communicated in a form and time frame that enables the University to carry out its responsibilities
  5. Monitoring-The internal control systems needed to be monitored. The processes that assess the quality of the system’s performance over time.

The internal audit function of William Paterson University shall carry out its duties and responsibilities in accordance with the Institute of Internal Auditor’s Standards for the Professional Practice of Internal Auditing and its Code of Ethics.

Professional Proficiency
Internal Audit evaluations require proficiency and due professional care. As such, the Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors will be used in the planning and execution of the Internal Audit function

Scope of Work
The scope of internal audit procedures includes the risk based examination and evaluation of the adequacy and effectiveness the University’s system of internal control; evaluation of compliance with applicable policies and procedures and the evaluation of compliance with applicable laws and regulations. All organizations and programs, directly or indirectly managed by the University are subject to review by the internal auditor.

The internal auditor will develop a formally approved audit plan for the areas of audit and will perform the following procedures:

  1. Conduct an entry interview with the appropriate vice president, dean, director or department head of the area selected for audit.
  2. Perform an audit review based on the formal audit procedures developed for that area
  3. At the conclusion of the audit a draft report will be prepared.
  4. The draft report will be presented to the appropriate vice president, dean, director or department head of the area under audit for review with the internal auditor
  5. Prepare a final audit report including responses of corrective actions to be taken.
  6. Prepare periodic summary reports of audits performed. The summary will include a “Recommendation Follow-up Matrix” which will serve as a tool to track audit recommendations until final resolution

Periodically the internal auditor will perform unscheduled checks or reviews of certain activities. In these instances, an entry interview will not be conducted. The internal auditor will arrive at the audit location on an unannounced basis. The remainder of the procedures listed above will not change.

The Director of Internal Audit reports operationally to the Vice President, Administration and Finance, administratively to the President and to the Finance and Audit Committee of the Board of Trustees. The Director of Internal Audit will meet privately with the Finance and Audit Committee of the Board of Trustees.

To carry out its duties and responsibilities, the internal auditor has full, free and unrestricted access to all relevant University activities, records, property and associates. Internal audit has no authority or responsibility for the activities evaluated. Internal audit may not have any organizational relationships, duties or operating responsibilities that impair objectivity.