Committee Members:

Elizabeth A. Twohy, Chair
Timothy B. Robertson
James C. Wheat, III
Benjamin P.A. Warthen
John P. Ackerly, III, Ex Officio

I. ACTION ITEM (Ms. Deily)

Revisions to Audit Charter

II. INFORMATION REPORT (Ms. Deily)

Audit Schedule

AGENDA ITEM: I. Audit Charter

BACKGROUND: Mr. Sandridge will present the importance of an Audit charter before changes are discussed. This discussion will include the important elements of a charter as well as why changes are currently necessary. Ms. Deily will then present the recommended changes to the Audit Committee.

ACTION REQUIRED: Approval by the Audit Committee and the Board of Visitors

APPROVAL OF REVISIONS TO AUDIT CHARTER

The President will propose the adoption of the following resolution:

RESOLVED that the policy on the role of the Internal Audit Department be and it is hereby approved effective immediately.

ATTACHMENT
AUDIT CHARTER

It is the policy of the University to establish and support the Audit Department for the purpose of assisting management in the effective discharge of its responsibilities for the control of University resources.

The mission and objectives of the Audit Department are as follows:

To perform financial audits for the purpose of ensuring that:

(a) Cash, accounts receivable, and other assets of the University are promptly and completely recorded, accounted for, authorized and adequately safeguarded against losses and misappropriation.

(b) Liabilities of the University have been properly incurred and are properly recorded and discharged. Audits directed to financial accountability will include a review of records, source data, fiscal procedures and internal controls.

To perform operational audits for the purpose of ensuring that University operations are conducted efficiently, effectively, and in accordance with appropriate and adequately documented policies, plans, and procedures. Operational audits will encompass a review of the policies, plans, procedures, organizational structure, staffing, and output of the audited unit. These audits will also include evaluating the accomplishment of established objectives and goals for operations and programs.

To provide senior management with an independent, fair and objective appraisal of the effectiveness of the Universitys financial accountability systems and operational performance in accordance with the priorities established by the Director of Audits in coordination with the Executive Vice President and Chief Financial Officer and approved by the President and the Board of Visitors.

To provide management with constructive criticism and positive recommendations designed to strengthen and improve performance results and cost effectiveness of their operations.

To inform the Board of Visitors and Senior University management of any financial irregularities, investigations, or other risks to the institution that the auditors discover during the course of their work.

The work of the Audit Department will be conducted in accordance with the Standards for the Professional Practice of Internal Auditing as promulgated by the Institute of Internal Auditors. Other professional standards, such as the Government Accounting Office "Yellow Book", shall be utilized when appropriate.

The following policies identify the responsibilities of the Audit Department and provide guidelines for its interaction with all University departments and activities.

Organizational Responsibilities

The Director of Audits will coordinate the departments activities with the Board of Visitors, the President, and with the Executive Vice President and Chief Financial Officer. The Director will have unrestricted access and be responsible to the President and the Board of Visitors. The Director is responsible for the direction of the audit function and for seeing that the results of examinations and actions taken are communicated to appropriate levels of University management and, as appropriate, the President and the Board of Visitors.

The Director of Audits, with participation by the Executive Vice President and Chief Financial Officer, and with input from the other Vice Presidents and the audit staff, will draft an annual audit plan. The plan will be submitted to the President and the Board of Visitors for review and suggested changes in scope.

The Audit Department will give full consideration to scheduling special audit requests made by any department or activity. All requests should be in writing to the Director of Audits and state the purpose and scope of the audit.

Independence

The Audit Department will be organizationally and functionally independent from all University operations and will have no responsibility for the departments and activities being audited while being responsive to their needs and requirements. Because the Audit Department must be independent in carrying out its responsibility to monitor and evaluate control procedures instituted by management, the extent of audit work to be performed with respect to those procedures is limited to the assessment of such procedures.

The Audit Department normally performs tests of underlying records and documentary support for transactions. Accordingly, objectivity would be lost if the Audit Department participated in accumulating data or reconstructing records.

Authorities and Limitations

The Audit Department personnel will have complete, free and unrestricted access to all University departments, activities, records, properties and personnel, and is not to be restricted in their activities. Where appropriate, special arrangements will be made for the examination of confidential information.

Systems Planning and Development

The Audit Department will participate in the planning, development, implementation, and modification of major computer-based and manual systems to ensure that:

(a) adequate controls are incorporated in the system;

(b) thorough system testing is performed at appropriate stages;

(c) system documentation is complete and accurate; and

(d) the resultant system is a complete and accurate implementation of the system specifications.

The Audit Department will conduct post installation evaluations of major information technology systems to ensure that these systems meet their intended purpose and objectives. The department also will review computer operations supporting such systems to ensure that generally accepted standards for systems integrity and security, as well as system-specific controls, are being observed.

Security Investigations

The Audit, Risk Management and University Police Departments are to be notified if assets have been lost through defalcation or other security breaches. The Audit Department will perform sufficient tests and investigations to identify the weaknesses in procedures, which permitted the defalcation to occur. However, the investigation of the specific event with the objective of recovery and/or prosecution is the responsibility of the University Police Department, with the decision to prosecute being the responsibility of the appropriate Commonwealth's Attorney.

Coordination with External Auditing Agencies

The Director of Audits will coordinate the departments audit efforts with those of the University's independent public accountants or other external auditing agencies by participating in the planning and definition of the scope of proposed audits so the work of all auditing groups is complementary, and their combined efforts provide comprehensive, cost-effective audit coverage for the University. Duplication of work will be avoided as much as possible.

Reporting

Prior to the completion of a formal report, an exit conference will be conducted with the department or activity head. The conference will be a review of all findings, conclusions, and recommendations. A formal report will be issued at the conclusion of every audit, which will present a concise, clear and factual review of the conditions found, together with recommendations for improvement. A memorandum shall be issued to the Director of Audits within 30 days responding to each finding, recommendation, and exception included in the audit report. This memorandum will include the departments or activitys plan for implementing the recommendations or a presentation of significant disagreement with the findings and/or recommendations.

A follow-up review of significant audit recommendations will be made by the Audit Department to establish that agreed-to recommendations have been adopted. A memorandum will be issued on the follow-up review to the President and the Executive Vice President and Chief Financial Officer.

Distribution of Reports

Audit reports will be issued to the Vice President responsible for the department or activity involved. In addition, copies of all such reports will be distributed to the President, the Executive Vice President and Chief Financial Officer, and the senior fiscal administrator having a functional interest in the subject matter.

All audit reports will be available for review by the Board of Visitors.

A summary of significant audit findings will be prepared for each Board meeting and submitted to the Board of Visitors, the President, and the Executive Vice President and Chief Financial Officer

AGENDA ITEM: II. Information Report

DISCUSSION: Ms. Deily will inform the Board of the status of the completion of audit projects. This does not require formal action, but is information of which the Board should be made aware.

ACTION REQUIRED: None


MORE MEETING INFORMATION PAST MEETINGS PUBLIC MINUTES