The mission of Internal Audit is to enhance and protect organizational value by providing risk-based and objective assurance and advice.
The Internal Audit Department (‘Internal Audit”) is to provide independent, objective assurance and consulting services of TRU’s operations by evaluating and improving the effectiveness of TRU’s risk management, internal controls and governance processes.
The Director Internal Audit reports administratively to the Vice-President Administration and Finance and reports functionally to the Audit Committee Chair.
This reporting structure is necessary to ensure independence from those directly responsible for operations under review, an unrestricted scope of activity and appropriate attention to audit findings (issues) and recommendations.
The Director as Chief Audit Executive will affirm to the Audit Committee, at least annually, the organizational independence of the Internal Audit Department.
Duties and Responsibilities of the TRU Audit Committee - Terms of reference with respect to Internal Audit- section 4.4:
- review and approve the terms of the Internal Auditor’s engagement;
- review and approve the Internal Audit plan;
- ensure the Internal Auditor’s approach to risk and internal controls are appropriate;
- determine whether the performance of the Internal Audit is satisfactory, effective and meets the requirements of TRU;
- ensure there are adequate resources for the internal control function;
- review problems experienced by the Internal Auditor in performing its functions, including any restriction imposed by Administration and all significant difficulties or disagreements with Administration; and
- meet with the Internal Auditor at least bi-annually, without TRU Administration present.
Internal Audit Access to Information
The Director Internal Audit as Chief Audit Executive and staff with strict accountability for confidentiality and safeguarding of information is granted authority for full, free, and unrestricted query and review access to any and all of TRU records (paper and electronic), systems, information, personnel and physical properties relevant to the performance of Internal Audit engagements.
The Internal Audit Department adheres to the Institute of Internal Auditors (IIA) Code of Ethics and, as much as is reasonable and practical for its size and resources, adheres to the IIA’s International Standards for the Professional Practice of Internal Auditing.
TRU’s Internal Audit department will maintain a Quality Assurance Improvement Program (QAIP) that covers all aspects of the internal audit activity including professional development. The Director Internal Audit will communicate annually to senior management and the Audit Committee on the Internal Audit’s QAIP, including results of ongoing internal assessments and external assessments conducted at least every five years.
The scope of Internal Audit activities includes providing assurance services and consulting services to the university. Assurance services are an objective examination of evidence for the purpose of providing an independent assessment on a department or business process. Consulting services are intended to add value and improve operations, without Internal Audit assuming management responsibility. The Internal Audit Department also performs investigations to support whistleblower concerns and or suspected fraud activity. Consulting Services and investigations are at the request of Senior Management and or the Audit Committee.
The scope of an internal audit may be narrow or broad depending on the significance of risks and concerns associated with the engagement. It is not limited to financial and accounting records and may include evaluation of:
- Determination of existence, effectiveness, and compliance with internal policies, procedures and plans as well as with external laws and regulations; which could have a significant impact on meeting TRU’s strategic change goals.
- Evaluating the adequacy and reliability of reporting and monitoring mechanisms including those related to achievement of TRU’s strategic change goals.
- Evaluating the extent to which resources are acquired economically, used efficiently and adequately safeguarded.
- Assessment of information systems to produce accurate and meaningful financial or management information and to ensure adequate stewardship for safeguarding of data.
The Director Internal Audit will establish an annual prior year summary of work and an annual risk-based audit plan consistent with the University’s mandate and its strategic change goals. These reports will be vetted by the Vice President Administration and Finance, and then approved by the Audit Committee.
A written report will be prepared by Internal Audit at the conclusion of each audit engagement and will be appropriately distributed. Reports are issued to the Audit Committee after vetting by relevant Vice President. The Internal Audit report may include managements’ responses and corrective action plans with timelines. TRU management is responsible for preparing responses and carrying out management action plans in a reasonable timeframe. The Internal Audit Department will be responsible for appropriate follow-up on issues and management action plans. All significant issues will be tracked and reported to relevant Vice President and Audit Committee until issues are cleared.
The Director Internal Audit will not provide to any external parties with engagement records or reports without prior consultation with Audit Committee or senior management
The Director Internal Audit may share information and coordinate activities with other TRU providers of assurance to minimize duplication of efforts.