Mission and Purpose
The University Audit Office supports the mission of Cornell University by partnering with University management and assisting the Audit Committee and the Executive Committee of the Board of Trustees in the effective discharge of their responsibilities to protect the assets and reputation of the University and to promote operational effectiveness and efficiency. The Audit Office is committed to promoting governance, risk management, and compliance by collaborating with the University Risk Management Council and the responsible offices.
The University Audit Office shall be an independent and objective resource responsible for internal audits of the University's operations, programs and systems of internal control and for making recommendations for the improvement thereof. The Audit Office also provides advisory services where management requests such a review.
Authority, Independence and Objectivity
Consistent with the authority set forth in the University Bylaws, the University Audit Office will be free from interference in selecting the activities to be examined and the audit techniques or procedures to be used. The University Audit Office shall have direct access to data*, assets, facilities, and personnel in any area of the University necessary for the effective discharge of its responsibilities. Affected personnel are fully expected to cooperate in this regard. Information obtained will be secured by the University Audit Office and will be held in confidence to the extent possible under the law and in accordance with advice of University Counsel.
To provide independence, the University Auditor functionally reports to the Audit Committee of the Board of Trustees, with administrative reporting (i.e., day to day operations) to the Vice President for Finance and Chief Financial Officer (CFO). The reporting relationships, duties, and responsibilities of the University Auditor are contained in the University Bylaws Article XI. Per the Bylaws, the University Auditor shall have authority to make specific reports directly to the President, the Audit Committee and/or the Executive Committee of the Board of Trustees.
To remain objective, university auditors will have no operational responsibility or authority over any operations or activities they review, unless specifically approved by the Audit Committee. Furthermore, an internal audit does not relieve management from their responsibility to review their operations. University auditors will not engage in any activity that could in appearance or fact compromise the independence or objectivity of their positions.
Responsibility and Scope of Work
The University Audit Office is responsible for examining and evaluating the adequacy and effectiveness of the risk, control and governance processes and their related policies and procedures in order to add value to the institution.
The scope of the University Audit Office's responsibilities includes examining and evaluating the policies, procedures, programs and systems which are in place to ensure:
- Risks are appropriately identified and managed;
- Significant financial, managerial and operating information is accurate, reliable, and timely;
- Compliance with policies, plans, procedures, and applicable laws and regulations;
- Assets are safeguarded; and
- Economical and efficient use of resources
If there are any known or suspected fraudulent activities, the University Audit Office shall be notified. It is the responsibility of the University Audit Office to investigate and report on suspected fraudulent activities.
The University Auditor, in the discharge of his/her duties, shall be accountable to the Audit Committee and senior management to report on significant risk and control areas, including fraud risks. An internal audit plan will be submitted annually to the Audit Committee for approval after consultation with appropriate University leadership. The plan will be developed using a risk based methodology and will consist of a budget and resource requirements for the year. Performance relative to the plan and any significant deviation will be communicated to the Audit Committee throughout the year.
The University Auditor will review this charter periodically and present it to the Vice President for Finance and CFO and the Audit Committee for approval.
Consistent with the authority set forth in the University Bylaws, the University Audit Office will govern itself by adherence to The Institute of Internal Auditors' (IIA) mandatory guidance in the International Standards for the Professional Practice of Internal Auditing (Standards), which includes the definition of internal auditing and the IIA Code of Ethics.
The University Audit Office will also adhere to the University Bylaws, University policies and the Audit Office procedures manual. Members of the University Audit Office are responsible to maintain exemplary ethics along with high standards of independence, confidentiality, and objectivity while performing their duties. A confidential attestation will be required for each member of the University Audit Office.
Approved by Board of Trustees Audit Committee
March 27, 2014
395 Pine Tree Road
Ithaca, NY 14850
Phone: (607) 255-9300
Fax: (607) 255-9303
Weill Medical College Office
418 E. 71 Street, Suite 42
New York, NY 10021
Phone: (212) 746-1897
Fax: (212) 746-8872