Audit Charter and Ethics
Madison College's Internal Audit department follows the Charter and Code of Ethics described below.
- Internal Audit Charter
The Internal Audit Activity is an independent, objective assurance and consulting activity designed to add value and improve the College's operations. It helps the College accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of governance, risk management, and systems of internal controls.
The Audit Charter is a formal, written document approved by the President that defines the purpose, authority, and responsibility of the Internal Audit Activity. The audit charter:
- Establishes the position of the Internal Audit Activity within the College.
- Gives the Internal Audit Activity full, free, and unrestricted access to records, personnel, and physical properties relevant to the performance of the audit engagements.
- Defines the scope of work of the Internal Audit Activity.
The Senior Internal Auditor manages the A,µdit Activity, and reports functionally to the President and administratively to the VP of Administrative Services.
- Approves the Internal Audit Activity budget and resource plan.
- Approves the Internal Audit Activity annual audit plan.
- Receives communications from the Senior Internal Auditor on the Internal Audit Activity's performance relative to its plan, resources, and other matters.
The VP of Administrative Services oversees the Internal Audit Activity day-to-day administrative activities.
With strict accountability for confidentiality and safeguarding of the College's records and information, the President grants the Senior Internal Auditor full, free, and unrestricted access to records, personnel, and physical properties relevant to the performance of the audit engagements.
The Senior Internal Auditor shall be free from interference by any officer or element in the College in determining the scope of internal auditing, performing work, frequency, timing, and communicating audit results.
To achieve the degree of independence necessary to carry out the responsibilities of the Internal Audit Activity, the Senior Internal Auditor shall have full, free, and unrestricted access to the President. The Senior Internal Auditor shall also have full, free, and unrestricted access to the Board's legal counsel to coordinate any audit matters involving the President.
If the independence of the Internal Audit Activity is impaired, in fact or in appearance, the details of the impairment must be disclosed to the appropriate parties.
The Senior Internal Auditor shall not subordinate his judgement on audit matters to others. Threats to the Senior Internal Auditor's objectivity shall be managed at the individual and organizational levels.
The Internal Audit Activity shall govern itself in adherence to applicable Federal and State laws, Wisconsin Technical Colleges System (WTCS) regulations, and Madison Area Technical College policies.
The Internal Audit Activity shall also govern itself in adherence to the Institute of Internal Auditors (IIA) mandatory guidance, code of ethics, and International Standards for the Professional Practice of Internal Auditing (ISPPIA).
The Senior Internal Auditor shall handle any information obtained during any consulting or assurance audit in the same prudent manner of the custodian of such information.
The Senior Internal Auditor shall maintain sufficient knowledge, skills, and competencies to fulfill the Internal Audit Activity mission and responsibilities.
The Senior Internal Auditor has the responsibility to:
- Confirm to the President, at least annually, the organizational independence of the Internal Audit Activity.
- Report to the President significant governance, risk management, systems of internal controls issues, and exposure to the risk of fraud or waste.
- Foster quality and continuous improvement throughout the College's operations and processes.
- Provide consulting and advisory services related to governance, risk management, and systems of internal controls.
- Provide management with guidance on trends and best practices.
- Evaluate specific operations and programs at the request of the President.
- Develop a comprehensive risk-based annual audit plan.
- Implement the approved annual audit plan, and provide periodic updates on the status of the annual audit plan and the sufficiency of the Internal Audit Activity resources.
- Make recommendations to add value and improve the College's operations, governance, risk management, and systems of internal controls.
- Assist with the investigations of suspected fraud activities within the College.
- Manage the College reporting mechanism.
- Present quarterly and periodic reports to the President, disclosing the results of each completed audit.
- Delegate duties, allocate resources, select subjects, determine scope of works, and select required techniques to accomplish audit objectives.
- Obtain necessary assistance of personnel in audited units and other specialized services within or outside the College.
- Consider the sco_pe of work of external auditors and regulators to provide wider audit coverage.
The Senior Internal Auditor shall not:
- Perform any operational duties.
- Initiate or approve accounting transactions external to the Internal Audit Activity.
- Direct the activities of any staff members who are not employed by the Internal Audit Activity, except those who have been assigned to assist with the audit engagements.
- Implement internal controls.
- Develop procedures.
- Install systems.
- Prepare records.
- Engage in any activity that may impair the Internal Audit Activity independence and the Senior Internal Auditor's objectivity and judgement.
- Engage in any activity that may create, in appearance or in fact, a potential conflict of interest.
Scope of Work
The scope of work of the Internal Audit Activity includes, but is not limited to:
- Examination and evaluation of the adequacy and effectiveness of the College's governance, risk management, and systems of internal controls.
- Evaluating the College risk exposure to achieving strategic and operational objectives.
- Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information.
- Evaluating the systems established to ensure compliance with applicable laws and regulations and College's relevant policies and procedures.
- Evaluating the means of safeguarding assets, and when appropriate, verifying the existence of such assets.
- Evaluating the effectiveness and efficiency with which resources are acquired and employed.
- Evaluating operations and programs to ascertain whether results are consistent with established objectives and goals, and whether operations or programs are being carried out as planned.
- Evaluate the efficiency of management's response to audit observations.
- Assisting in the investigation of alleged or suspected fraudulent or unethical activities within the College.
Reporting and Monitoring
The Senior Internal Auditor shall prepare and issue an internal audit report following the conclusion of each audit engagement. The President and the management of the evaluated activity shall receive the issued reports.
The management of each examined or evaluated area shall provide a 'Management Response' to the audit findings within 30 days from the date of the audit report. Management response shall include corrective actions taken or to be taken in regard to specific audit findings. Management response shall include a timetable for anticipated completion of corrective actions to be taken, and an explanation for any corrective action that will not be implemented.
Internal audit reports shall include management's response and corrective actions taken or to be taken in regard to specific audit findings. The Senior Internal Auditor shall be responsible for appropriate follow-up on engagements' findings, recommendations, or management's corrective actions. All significant findings shall remain open until corrected.
The President shall annually review, update, and approve the Audit Charter to ensure its relevancy.
- Internal Audit Code Of Ethics
The Institute of Internal Auditors (IIA) code of ethics includes the rules of conduct that describe behavioral norms expected of internal auditors. The code includes the following principles that internal auditors are expected to apply and uphold.
Integrity – The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. Internal auditors:
- Shall perform their work with honesty, diligence, and responsibility.
- Shall observe the law and make disclosures expected by the law and the profession.
- Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization.
- Shall respect and contribute to the legitimate and ethical objectives of the organization.
Objectivity – Internal auditors exhibit the highest level of professional objectivity in gathering,
evaluating, and communicating information about the activity or process being examined.
Internal auditors make a balanced assessment of all the relevant circumstances and are not
unduly influenced by their own interests or by others in forming judgments. Internal auditors
- Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization.
- Shall not accept anything that may impair or be presumed to impair their professional judgment.
- Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
Confidentiality – Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. Internal auditors
- Shall be prudent in the use and protection of information acquired in the course of their duties.
- Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
Competency – Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. Internal auditors
- Shall engage only in those services for which they have the necessary knowledge, skills, and experience.
- Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing.
- Shall continually improve their proficiency and the effectiveness and quality of their services.