An image of the letter initialed by the President is located at the following link: The President's Letter.
TO: Officers, Administrators, Deans and Department Chairs
FROM: Rev. John I. Jenkins, C.S.C., President
DATE: August 8, 2005
SUBJECT: Access and Authority of Audit & Advisory Services
Recent public-sector concerns and related legislative initiatives (e.g., the Sarbanes-Oxley Act of 2002) serve as reminders of our institutional responsibility to maintain proper corporate governance. The University’s corporate governance includes an annual statutory financial audit, as well as independent assurance services provided by the University’s internal audit function (i.e., Audit & Advisory Services). As the year-end statutory audit commences, this is an appropriate time to reiterate the mission and responsibilities of the University’s internal audit function to all departments and administrators.
The Audit & Advisory Services (AAS) Department reports directly to the President and the Audit Committee of the Board of Trustees, with ongoing operational guidance from the Executive Vice President and support from the Provost and the Vice President for Student Affairs. AAS is charged with the responsibility to conduct a comprehensive program of internal auditing that encompasses all University operations and academic programs. AAS is further authorized to have unrestricted access to all University records, resources, properties and personnel in order to conduct its audits thoroughly and effectively. The fiduciary responsibilities assigned to AAS include (but are not limited to) the following:
- Evaluating the accuracy and adequacy of the University’s internal control structure;
- Assessing compliance with policies, plans, procedures, laws and regulations;
- Verifying the existence of assets and ensuring that they are properly accounted for and safeguarded from losses of all kinds;
- Conducting special examinations and reviews, including investigating reported occurrences of fraud, embezzlement and theft in collaboration with the Office of General Counsel, as well as recommending controls to prevent or detect such occurrences. Moreover, all instances or concerns of financial irregularities, theft and fraud are required to be reported to AAS, regardless of materiality;
- Evaluating the economy and efficiency with which University resources are employed and recommending improvements in operations;
- Evaluating the reliability and integrity of Management’s information by reviewing the general control structure and security protocol associated with the University’s information systems;
- Determining the extent to which the established mission and objectives of the University’s business units and academic programs are being accomplished;
- Coordinating and assisting the University’s external auditors, PricewaterhouseCoopers LLP (PwC), with their annual internal control assessment and financial statement audit procedures.
AAS is responsible for managing all confidential information in a sensitive manner and exercising due professional care in the performance of each audit engagement. Individually and collectively, all AAS staff members are accountable for conducting themselves properly and prudently while acting within the department’s authority.
AAS has developed an enterprise-wide risk assessment survey, which will continue to be distributed to select University officers and administrators. This survey requests responses regarding risk factors relative to respective operations and functions of the University. In the future, if you or a member of your staff receives a risk assessment survey, please ensure that candid and timely responses are provided by the appropriate individual. Your assistance and cooperation with regard to this matter is appreciated.
Finally, all significant issues identified by AAS are formally communicated to auditees, along with the risks associated with such observations and recommended action plans. All auditees are expected to provide responses to AAS’ observations and recommendations for inclusion in the final audit report distributed to select University management. In the future, if AAS is conducting an audit of your operation, please ensure that management responses are provided within 15 business days following receipt of the draft audit report. Thank you in advance for your assistance with this process.
Please communicate or distribute this memorandum to the faculty and staff in your respective departments. You may direct any questions regarding the internal audit function or the risk assessment survey to Phil Iapalucci (1-3088), Director, Audit & Advisory Services.
cc: Patrick F. McCartan, Chairman, Board of TrusteesThomas G. Burish, Provost
John F. Affleck-Graves, Executive Vice President
William J. Shaw, Chairman, Audit Committee
Rev. James E. McDonald, C.S.C., Senior Executive Assistant and Counselor to the President
Philip J. Iapalucci Jr., Director, Audit & Advisory Services
PricewaterhouseCoopers LLP