SKIP TO PAGE CONTENT Scroll to Top

Internal Audit Charter

  PDF this page

Introduction

This charter establishes the purpose, authority and responsibility conferred by the Lee College ("College") Board of Regents by which the Internal Auditor will operate to make a positive contribution to the College by examining, evaluating and recommending improvements regarding the effectiveness and adequacy of business and administrative activities of the College.

The internal audit charter is required by the International Standards for the Professional Practice of Internal Auditing. The charter is a formal document that defines Internal Audit's purpose, authority and responsibility; establishes the internal audit position within the College; authorizes access to records, personnel and physical properties relevant to the performance of audit work; and defines the scope of internal audit activities.

Purpose

Internal auditing is an independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of the College. Internal Audit assists the College in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of the College's governance, risk management, and internal controls.

The Internal Auditor assists College departments in assessing risks and evaluating both the design and operating effectiveness of controls that address those risks. Internal Audit provides departments with analyses, observations, counsel and information concerning the specific College activities under review. The objective is to promote effective controls and improved processes at reasonable costs.

Professional Standards

Internal Audit will govern itself by adherence to State of Texas Internal Auditing Act requirements, the Institute of Internal Auditors' guidance including the Definition of Internal Auditing, the Code of Ethics, and generally accepted government auditing standards (Standards). The guidance constitutes principles of the fundamental requirements for the professional practice of internal auditing and for evaluating the effectiveness of internal audit's performance.

In addition, the internal audit will adhere to College' relevant policies and procedures and the internal audit activity's standard operating procedures manual.

Authority

The Internal Auditor, with strict accountability for confidentiality and safeguarding records and information, is authorized full, free, and unrestricted access to any and all of College' records, physical properties, and personnel pertinent to carrying out any audit work. All employees are requested to assist Internal Audit in fulfilling its roles and responsibilities. The Internal Auditor will also have free and unrestricted access to the President, Board of Regents and its Committees.

Organization

The Internal Auditor reports directly to the President, has full access to the Audit & Investment Committee and the Board of Regents, and has a secondary, ancillary reporting (i.e., day-to-day operations) to the Vice President, Finance & Administration.

The Audit and Investment Committee of the Board of Regents will:

  • Approve the Internal Audit Charter
  • Approve the risk based internal audit plan
  • Approve the internal audit budget and resource plan
  • Receive communications from the Internal Auditor on internal audit's performance relative to its plan and other matters
  • Approve decisions regarding the appointment and removal of the Internal Auditor
  • Approve the Internal Auditor's recommended remuneration
  • Make appropriate inquiries of Administration and the Internal Auditor to determine whether there is inappropriate scope or resource limitations

Independence

Internal Audit activity will remain independent from any element in the College, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.

Internal audit will have no direct operational responsibility or authority over any of the activities audited. Accordingly, audit will not implement internal controls, develop procedures, install systems, prepare records, or engage in any other activity that may impair internal auditor's judgment.

Internal audit will exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined.

Internal audit will make a balanced assessment of all the relevant circumstances and not be unduly influenced by audit's own interests or by others in forming judgments. The Internal Auditor will confirm to the Audit and Investment Committee, at least annually, the organizational independence of internal audit.

Responsibility

The scope of internal auditing encompasses, but is not limited to, the examination and evaluation of the adequacy and effectiveness of the College's governance, risk management, and internal controls as well as the quality of performance in carrying out assigned responsibilities to achieve the College's stated goals and objectives.

This includes:

  • Evaluating risk exposure relating to achievement of the College's strategic objectives
  • Evaluating the reliability and integrity of information and the means used to identify, measure, classify, and report such information
  • Evaluating the systems established to ensure compliance with those policies, plans, procedures, laws, and regulations which could have a significant impact on the College
  • Evaluating the means of safeguarding assets and, as appropriate, verifying the existence of such assets
  • Evaluating the effectiveness and efficiency with which resources are employed
  • Evaluating operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned
  • Monitoring and evaluating governance processes
  • Monitoring and evaluating the effectiveness of the College's risk management processes
  • Investigating fraud allegations
  • Evaluating the quality of performance of external auditors and the degree of coordination with internal audit
  • Performing consulting and advisory services related to governance, risk management and control as appropriate for the College; e.g., service/product development, system implementation, process transformation
  • Reporting periodically on the internal audit activity's purpose, authority, responsibility, and performance relative to its plan
  • Reporting significant risk exposures and control issues, including fraud risks, governance issues, and other matters needed or requested by the Audit and Investment Committee
  • Evaluating specific operations at the request of the Audit and Investment Committee or Administration, as appropriate

Internal Audit Plan

At least annually, the Internal Auditor will submit to the Audit and Investment Committee an internal audit plan for approval. The internal audit plan will consist of a work schedule as well as budget and resource requirements for the next fiscal year. The Internal Auditor will communicate the impact of resource limitations and significant interim changes to the Audit and Investment Committee.

The internal audit plan will be developed based on a prioritization of the risks using a risk-based methodology, including input from College' leadership, departmental management, and the Audit and Investment Committee. The Internal Auditor will review and adjust the plan, as necessary, in response to changes in the College's business, risks, operations, programs, systems, and controls. Any significant deviation from the approved internal audit plan will be communicated to the Audit and Investment Committee through periodic activity reports.

Audit Reports

A written audit report will be prepared and issued by the Internal Auditor following the conclusion of each internal audit engagement and will be distributed to department management, appropriate stakeholders, the College President, and the Audit and Investment Committee. Internal audit results will also be communicated to the Board of Regents.

The internal audit report will include management's response and corrective action taken or to be taken in regard to the specific issues identified. Management's response will include a named responsible party and timetable for anticipated completion of action to be taken and an explanation for any corrective action that will not be implemented. Internal Audit will be responsible for conducting appropriate follow-up reviews on audit findings and recommendations. All issues with risk ratings of high or elevated will remain in an open issues file until cleared. The Internal Auditor will periodically report to the Board of Regents on the follow-up reviews.

In accordance with Texas's Internal Auditing Acting, the Internal Auditor will, within 30 days of issuing an audit report internally, file a copy of the audit report with governor's office responsible for budget and policy, the State Auditor, and the Legislative Budget Board.

In accordance with Texas's Internal Auditing Act, the Internal Auditor will submit an Annual Audit Report summarizing the fiscal year's audit activities and results to the College President, Audit and Investment Committee, Board of Regents, the Governor, Legislative Budget Board, and the State Auditor. This is due before Nov. 1.

Nature of Services

Assurance services involve the internal auditor's objective assessment of evidence to provide an independent conclusion regarding an entity, operation, function, process, system or other subject matter. The nature and scope of the assurance engagement are determined by internal audit. There are three parties involved in assurance services: (1) the person or group directly involved with the entity, operation, function, process, system or other subject matter, (2) the Internal Auditor, and (3) the person or group using the assessment – the user.

Consulting services are advisory in nature, and are generally performed at the specific request of management. The nature and scope of the consulting engagement are subject to agreement with management. Consulting services generally involve two parties: (1) the Internal Auditor and (2) the person or group seeking and receiving the advice – management. When performing consulting services, the internal auditor will maintain objectivity and not assume management responsibility.

Quality Assurance and Improvement Program

Internal Audit will maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. The program will include an evaluation of Internal Audit conformance State of Texas requirements, the Definition of Internal Auditing and the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The program also assesses the efficiency and effectiveness of the internal audit activity and identifies opportunities for improvement.

The Internal Auditor will communicate to the Board of Regents on the internal audit's quality assurance and improvement program, including results of ongoing internal assessments and external assessments conducted at least every five years.

Values

Internal Audit's primary focus is to provide excellent service to Lee. Internal Audit is committed to the highest degree of fairness, integrity and ethical conduct in the performance of its mission. Internal Audit will:

  • Comply with Texas statutory requirements for internal auditing
  • Adhere to the definition of Internal Auditing and the Code of Ethics as established by the Institute of Internal Auditors
  • Uphold the core values of the College
  • Ensure transparency

Audit's relationship with the Lee College community will be characterized by respect, helpfulness, sharing, patience, and openness. Audit is committed to maintaining professionalism as internal auditors through continuance of our education and training.

Authoritative Guidance

Approved by the Lee College Board of Regents' Audit & Investment Committee, Oct. 8, 2024