Chapter 1: Audit and Consulting Services
1.1 Office of Auditing and Consulting Services
The Office of Auditing and Consulting Services (“OACS”) provides independent, objective assurance and consulting services designed to add value and improve operations of The University of Texas at El Paso (“University”). The OACS helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, operational, and governance processes.
Opportunities for improving management control may be identified within OACS's scope of work. These opportunities will be communicated to the appropriate management. Additionally, all reports will be distributed internally to the University President, Chief of Staff, Chief Compliance and Ethics Officer, and Internal Audit Committee members.
The scope of work of OACS is to determine whether the University's network of risk management, control, and processes, as designed and represented by management:
- is adequate and functioning in a manner to help ensure that risks are appropriately identified and managed;
- reports significant financial, managerial, and operating information that is complete, accurate, reliable, and timely;
- works to ensure employees' actions are in compliance with policies, standards, procedures, and applicable laws and regulations;
- ensures resources are acquired economically, used efficiently, and adequately protected;
- establishes campus-wide standards and guidelines so that objectives are achieved; and
- promotes quality and continuous improvement in the University’s control process.
1.2 Accountability
The OACS Chief Audit Executive, in the discharge of his/her duties, shall be accountable to the Internal Audit Committee to:
- provide assessments on the adequacy and effectiveness of the University’s processes for controlling its activities and managing its risks in the areas set forth under the mission and scope of work;
- report significant issues related to the processes for controlling the activities of the University and its affiliates, including potential improvements to those processes;
- periodically provide information on the status and results of OACS’s annual audit plan and the sufficiency of department resources; and
- coordinate the University’s interaction with the State Auditor’s Office and other external audit entities.
1.3 Independence
To provide for the independence of the internal auditing activity, the OACS Chief Audit Executive reports directly to the Internal Audit Committee and must be free of all operational and management responsibilities that would impair his/her ability to review independently all aspects of the University per the Texas Internal Auditing Act (Texas Government Code, Chapter 2102). The OACS Chief Audit Executive reports administratively to the President, and has an indirect reporting relationship to The University of Texas System (“UT System”) Chief Audit Executive, who has responsibility for oversight of the internal auditing activity for UT System as well as the reporting responsibility for all components, to the Board of Regents.
1.4 Responsibility
OACS has the following responsibilities:
- develop a flexible annual audit plan using an appropriate risk-based methodology, including any risk or control concerns identified by management, and submit the plan to the President, Internal Audit Committee, and the Board of Regents for review. The Internal Audit Committee gives final approval of the plan, as well as any material changes (audit/project additions or deletions) made throughout the plan year;
- implement the annual audit plan as approved, including as appropriate any special projects requested by executive management of the University, UT System officials, or the Board of Regents;
- have and maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of the audit charter and the Texas Internal Auditing Act;
- issue quarterly reports to the President, the Internal Audit Committee, and the Chief Compliance and Ethics Officer, at Internal Audit Committee meetings summarizing results of audit activities;
- assist in the investigation of significant issues within the University and notify appropriate members of executive management of the results;
- consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University;
- conduct quality assurance reviews in accordance with the International Standards for the Professional Practice of Internal Auditing, the authoritative guidelines of the International Professional Practice Framework (IPPF) issued by the Institute of Internal Auditors, and generally accepted government auditing standards (GAGAS);
- in accordance with GAGAS and the Texas Internal Auditing Act, take part in an external peer review at least once every three years;
- provide consulting and advisory services as appropriate;
- guide the University on control self-assessment by assisting management with risk self-assessment, and conducting self-audits;
- provide information to the UT System Chief Audit Executive as required or requested, to fulfill Systemwide audit oversight and reporting responsibilities;
- file internal audit reports and related responses or action plans with the UT System Audit Office, Budget and Policy Division of the Governor's Office, State Auditor, and Legislative Budget Board; and
- prepare the annual report required by the Texas Internal Auditing Act and submit the report to the President, Internal Audit Committee, Chief Compliance and Ethics Officer, UT System Audit Office, Budget and Policy Division of the Governor's Office, State Auditor, and Legislative Budget Board.
1.5 Authority
OACS staff are authorized to:
- have full, free, and unrestricted access to all functions, activities, records, property, information systems, and personnel;
- allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives; and
- obtain the necessary assistance of personnel in units where they perform audits, as well as other specialized services from within or outside the University.
1.6 Standards of Audit Practice
The activities of OACS will meet or exceed the International Standards for the Professional Practice of Internal Auditing and the authoritative guidelines of the IPPF issued by the Institute of Internal Auditors. OACS will also abide by GAGAS, the Texas Internal Auditing Act, and UT Systemwide Policies.