| Introduction | Intro |
| Section A - Operating Policies | |
|---|---|
| University Policies Regarding Internal Audit | A-1 |
| Board of Visitors Policy No. 1610 | A-2 |
| University Policy No. 3002 (Authority) | A-3 |
| University Policy No. 3003 (Handling Fraud) | A-4 |
| University Policy No. 3005 (Reporting) | A-5 |
| Institute of Internal Auditors | A-6 |
| Professional Practices Framework | A-6.1 |
| Code of Ethics | A-6.2 |
| Reporting To The Audit Committee | A-7 |
| COSO - Internal Control Integrated Framework | A-8 |
| Section B - Overview - University Auditor's Office | |
| Mission | B-1 |
| Audit Charter | B-2 |
| Internal Audit Within The University | B-3 |
| Staff - Organization Chart | B-4 |
| Types Of Work Performed | B-5 |
| Commitment To Qulaity | B-6 |
| Auditee Questionnaire Memo | B-6.1 |
| Auditee Questionnaire | B-6.2 |
| Objectivity | B-7 |
| Due Professional Care and Fraud | B-8 |
| State Police Criminal Referral Form | B-8.1 |
| Professional Proficiency | B-9 |
| Continuing Professional Education Record | B-9.1 |
| Director of Internal Auditing Responsibilities | B-9.2 |
| Auditor-In-Charge Responsibilities | B-9.3 |
| Section C - Audit Procedures And Techniques | |
| Risk Assessment and Annual Audit Planning | C-1 |
| Project Assignment | C-2 |
| Project Assignment Form | C-2.1 |
| Project Budgets | C-3 |
| Project Budget Form | C-3.1 |
| Project Budget Form - Low Risk Audits | C-3.2 |
| Opening Conference | C-4 |
| Entrance Conference Memo | C-4.1 |
| Survey Techniques | C-5 |
| Preliminary Survey | C-6 |
| Preliminary Survey Program | C-6.1 |
| Preliminary Survey Forms | C-6.2, C-6.2.1, C-6.2.2, C-6.2.3, C-6.2.4, C-6.2.5, C-6.2.6, C-6.2.7, C-6.2.8, C-6.2.9, C-6.2.10, C-6.2.11, C-6.2.12, C-6.2.13 |
| Guide To COSO Evaluation Of Internal Control | C-6.3 |
| Documentation of Systems and Controls | C-7 |
| Flowcharting Documentation Standards | C-8 |
| Flowcharting Example | C-8.1 |
| Narrative Documentation Standards | C-9 |
| Narrative Documentation Example | C-9.1 |
| Evaluating Internal Control | C-10 |
| The Audit Program | C-11 |
| Audit Program Example | C-11.1 |
| Statistical Sampling In Audits | C-12 |
| Audit Work Papers | C-13 |
| Work paper Checklist | C-13.1 |
| Audit Work Paper Review | C-14 |
| Attributes Of A Well-Developed Audit Finding | C-15 |
| Security And Control Of Work Papers | C-16 |
| Exit Conference | C-17 |
| Audit Reports | C-18 |
| Audit Report Checklist | C-18.1 |
| Audit Report Format | C-18.2 |
| Follow-up Report Format | C-18.3 |
| Draft Report Cover Letter | C-18.4 |
| Vice President Draft Report Cover Letter | C-18.5 |
| Final Report Cover Letter | C-18.6 |
| Communications | C-19 |
| Post-Audit Review And Completion | C-20 |
| Post-Audit Review Form | C-20.1 |
| Follow-up Audits | C-21 |
| Follow-up Audit Memo | C-21.1 |
| Program Audits | C-22 |
| Economy And Efficiency Audits | C-23 |
| Scope and Objectives Of IT Auditing | C-24 |
| Data Center/Computer Operations (OCCS) Audits | C-25 |
| Applications Systems Audits | C-26 |
| Systems Development Audits | C-27 |
| Other Personal Or Departmental Environments | C-28 |
| Section D - Audit Administration | |
| Personal Conduct and Appearance | D-1 |
| Marketing The Internal Audit Function | D-2 |
| Internal Audit Duties Versus Line/Operational | D-3 |
| Assistance To External Auditors | D-4 |
| Project Numbering System | D-5 |
| Time Reporting | D-6 |
| Financial Administration | D-7 |
| Working Hours | D-8 |
| Leave Reporting Form | D-8.1 |
| Auditor Evaluations | D-9 |
| Quality Assurance Reviews | D-10 |
| Record Retention | D-11 |
| Reference Materials | D-12 |