Duke University Duke University Health System

Office of Internal Audits - Duke University

Duke University SkylineDuke University Skyline

Office of Internal Audits
705 Broad Street, Suite 210
Box 90436
Durham, NC 27708-0436
Tel   – (919) 613-7630
Fax  – (919) 613-7631

Audit Charter

Introduction

Internal auditing is an independent appraisal activity established within Duke University to examine and evaluate the risk management, internal control, compliance and governance activities.  The objectives of internal auditing are to assist members of the organization in the effective discharge of their responsibilities by furnishing them with analyses, appraisals, recommendations, counsel, and information concerning the activities reviewed and by promoting effective control at reasonable cost.  Duke University, Duke Medicine and DUMAC, LLC have one auditing department, the Office of Internal Audits, to conduct all internal auditing activity.

Accountability

The Executive Director of Internal Audits, the chief audit executive (“CAE”), in the discharge of his/her duties, shall be accountable to management and the Audit Committees to:

 

  • Provide assessments on the adequacy and effectiveness of Duke’s processes for controlling its activities and managing its risks based on audits performed in the areas set forth under the mission and scope of work.

  • Report significant issues related to the processes for controlling the activities of Duke, including potential improvements to those processes, and provide information concerning such issues through resolution.

  • Provide information periodically on the status and results of the annual audit plans and the sufficiency of department resources.

  • Coordinate with and provide oversight of other control and monitoring functions (e. g. risk management, compliance, security, legal, ethics, environmental, external audit).

 

Independence

To provide for the independence of the OIA, its personnel report to the CAE, who reports administratively to the President of the University and functionally to the Boards and Audit Committees in a manner outlined in the above section on accountability.  It will include as part of its reports to the Audit Committees a regular report on internal audit personnel.

 

Responsibility

The CAE and staff of OIA have responsibility to:

 

  • Develop flexible annual audit plans using appropriate risk-based methodology, including any risks or control concerns identified by management, and submit those plans to the Audit Committees for review and approval.

  • Implement the annual audit plans, as approved, including, and as appropriate, any special tasks or projects requested by management and the Audit Committees.

  • Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this charter.

  • Establish a quality assurance program by which the CAE assures the operation of internal auditing activities.

  • Perform consulting services, beyond OIA’s assurance services, to assist management in meeting its objectives.  Examples may include facilitation, process design, training, and advisory services.

  • Evaluate and assess significant merging/consolidating functions and new or changing services, processes, operations, and control processes coincident with their development, implementation, and/or expansion.

  • Issue periodic reports to the Audit Committees and management summarizing results of audit activities.

  • Keep the Audit Committees informed of emerging trends and successful practices in internal auditing.

  • Provide a list of significant measurement goals and results to the Audit Committees.

  • Assist in the investigation of significant suspected fraudulent activities within the organization and notify management and the Audit Committee Chairmen of the results.

  • Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to Duke at a reasonable overall cost.

 

Authority

The CAE and staff of OIA are authorized to:

 

  • Have unrestricted access to all functions, records, property, and personnel.

  • Have full and free access to the Audit Committees.

  • Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.

  • Obtain the necessary assistance of personnel in units of Duke where they perform audits, as well as other specialized services from within or outside Duke.

 

The CAE and staff of OIA are not authorized to:

 

  • Perform any operational duties for Duke.

  • Initiate or approve accounting transactions external to OIA.

  • Direct the activities of any organization employee not employed by OIA, except to the extent such employees have been appropriately assigned to auditing teams or to otherwise assist the internal auditors.

 

Standards of Audit Practice

The internal auditing department will meet or exceed the International Standards for the Professional Practice of Internal Auditing of The Institute of Internal Auditors.