Internal Audit


The office of Internal Audit is established by the Board of Governors through its Audit and Risk Management Committee. The responsibilities of the office of Internal Audit are defined by the Audit and Risk Management Committee as part of its oversight role. The office of Internal Audit will remain free from interference by any element in the University, including matters of audit selection, scope, procedures, frequency, timing, or report content to permit maintenance of a necessary independent and objective mental attitude.

Mission Statement

The mission of the office of Internal Audit is to assist the University in accomplishing its objectives and meeting its fiduciary and administrative responsibilities by providing independent and objective assurance and consulting activity that is guided by a philosophy of adding value to improve the operations of the University. This is performed by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of University governance, risk management, and the system of internal controls and administrative processes.


  1. Enhancing the efficiency and effectiveness of University functions - the internal audit activity adds value to the University (and its stakeholders) when it provides objective and relevant assurance, and contributes to the effectiveness and efficiency of governance, risk management, and control processes.
  2. Improving internal controls - the internal audit activity assists the University in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.
  3. Ensuring compliance with University policies and procedures and other applicable Acts and Regulations - the internal audit activity evaluates risk exposures relating to the University’s governance, operations, and information systems regarding the compliance with laws, regulations, policies, procedures, and contracts.
  4. Contributing to the assessment of business risk - the internal audit activity evaluates the effectiveness and contributes to the improvement of risk management processes at the University. The internal audit activity may gather the information to support this assessment during multiple engagements. The results of these engagements, when viewed together, provide an understanding of the University’s risk management processes and their effectiveness.
  5. Meeting the University's fiduciary requirements - the internal audit activity assesses and makes appropriate recommendations for improving the governance process in its accomplishment of the following objectives:

    • promoting appropriate ethics and values within the University;
    • ensuring effective performance management and accountability;
    • communicating risk and control information to appropriate areas of the University; and,
    • coordinating the activities to communicate information among the Board of Governors, its committees, management, and external and internal stakeholders.

Services provided

Assurance services – these services include the assessment of evidence by the internal audit to provide an independent opinion or conclusions and recommendations regarding an operation, function, process, system, or other subject matter.

Consulting services – these services are advisory in nature, and are generally performed at the specific request of the Board of Governors, the Audit and Risk Management Committee, or management. Examples of outcomes from these services can include counsel, advice, facilitation, and training.

Investigations – the office of Internal Audit may be involved in investigating and/or supporting investigations or alleged violations of policies, procedures, errors, fraud or misuse of University assets or resources, including activities that relate to research and other grants. Investigations will be performed upon request from the Audit and Risk Management Committee and University management.

Related Information

Internal Audit Policy

Audit and Risk Management Committee Terms of Reference (67 KB)

International Standards for the Professional Practice of Internal Auditing (Standards)

Code of Ethics of the Institute of Internal Auditors

Core Principles for the Professional Practice of Internal Auditing

Definition of Internal Auditing