8. Responsibility and Scope of Work
8.1 The OIA’s responsibilities are defined by the Audit Committee of the Council.
8.2 All activities and operations of the University fall within the ambit of the OIA. The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the University's risk management and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the University’s stated goals and objectives. The OIA’s responsibility includes:
a. Evaluating and appraising the soundness, adequacy and application of accounting, financial, non-financial and operating controls and recommending improvements wherever necessary.
b. Reviewing the reliability, timeliness, integrity and adequacy of the financial and operating information and data available for decision-making and for accountability purposes.
c. Reviewing management and administrative operations, programs, and activities to assist management in ascertaining and ensuring that results are consistent with the University’s established objectives and goals, and whether the operations, programs or activities are being carried out as planned within the established policies and given directions.
d. Appraising the adequacy of actions taken by line management to correct the reported deficiencies, administrative and management issues.
e. Evaluating the adequacy and effectiveness of the University's risk management policy, system and processes.
f. Evaluating risk exposures relating to the achievement of the University’s strategic objectives.
g. Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report risk related information.
h. Evaluating the means of safeguarding assets, and as appropriate, verifying the existence of such assets.
i. Appraising the effectiveness, efficiency and utilization of resources employed in respect of management and administrative operations and activities.
j. Evaluating the systems established to ensure the University’s compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the University’s activities, operations, and reports.
k. Performing consulting and advisory services related to risk management and control as appropriate for the University.
l. Reviewing as appropriate the design, development, documentation, and implementation of systems and procedures.
m. Undertaking investigations as required of potential instances of fraud, corruption, improper conduct, maladministration and serious and substantial waste of public monies.
n. Reporting significant risk exposures and control issues, including fraud risks and other matters as needed or requested by the Audit Committee.
o. Evaluating specific operations at the request of the Audit Committee or the University’s management, as appropriate.
8.3 The Director of Internal Audit shall make available to the External Auditor who conducts the annual audit for the University all Internal Audit working papers, programs, reports, files, etc. for review, if required. Both the OIA and the External Auditor should discuss their audit programs regularly to achieve effective coordination and employment of available resources to ensure the widest possible audit/review coverage and to minimize duplication of effort.