Auditing Process
Internal auditing […] helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
- from IIA's definition of Internal Auditing
The most important member of the audit team is you, the client. Your input is essential to a successful engagement. Our objective is to have you involved at every stage of the process, so you understand what we are doing and why. Most audits consist of four stages:
At the beginning of this phase, we will hold a welcome meeting and conduct an Engagement Risk Assessment. We’ll explain our risk‐based approach, gather information about risks and controls, and determine the objectives for fieldwork. When planning our review, we welcome input from management on areas they would like to include.
During the Fieldwork phase, the actual work of the audit is performed through the testing of controls. This phase typically includes:
- determining whether controls are operating efficiently and effectively.
- assessing accuracy of financial reporting.
- verifying that policies and procedures are available, up to date, and address risks adequately.
- reviewing compliance with applicable laws, regulations, and policies.
Test results will be discussed with you and your management team during the fieldwork phase, and again at the engagement’s conclusion.
Draft Report — During a closing meeting, we will review the draft report with you and make any appropriate revisions.
Final Report — Management’s action plans, including responsible parties and a timeline for completion, are added to the report. The final report is distributed to management, appropriate university leadership, and the Board of Trustees.
Follow-up is the final phase of the auditing process. We will continue to check in with you periodically until the action plans developed in stage three are completed. Our team remains available to answer questions and assist you in reaching these goals. We maintain a tracking report to record open audit recommendations. This report is shared with the Audit, Compliance and Risk Committee of the Board of Trustees.
Audit Plans
Each year we perform a university-wide risk assessment which serves as the foundation
for the development of an audit plan that addresses high risk areas. The audit process
assists the university in strengthening its internal control structure and provides
assurance that resources are used efficiently and effectively in keeping with mandated
requirements and the university's mission, goals, and objectives. As new risks emerge
throughout the year, our audit plan changes accordingly.
Academics/Student Support
- International Visas
Athletics
- Athletics Revenue Sharing
Financial
- Dining Contract Compliance
- Health Sciences Capital Project (co-source)
- HR/Payroll Business Cycle
- Purchasing Card Program
Human Resources
- Succession Planning
Strategic
- AI Governance
- Compliance with Board Resolution on Anti-Discrimination
Operational
- Darla Moore School of Business Operations
- Emergency Communication Systems
- Office of Economic Engagement
- USC Aiken Business Operations
Research
- Research Accounting - Effort Reporting
- Research Security Program
Information Technology
- Compliance with Security and Privacy Standards:
- Athletics
- CarolinaCard
- College of Information and Communications
- McCausland College of Arts & Sciences
- School of Medicine - Columbia
- USC Beaufort
Reviews Required by Policy or Charter
- Board Office and President's Expenses
- Management Advisory Reviews
- Special Investigations/Internal Control Reviews
- Follow-up reviews/Quality self-assessment