Skip to Content

Audit & Advisory Services

Audits

Sometimes people feel nervous when they learn their department is going to be audited, but there’s nothing to worry about. Just remember, we’re here to help you give your department a tune-up so you and your team can do your very best work for the university.

Auditing Process

Internal auditing […] helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

- from IIA's definition of Internal Auditing

The most important member of the audit team is you, the client. Your input is essential to a successful engagement. Our objective is to have you involved at every stage of the process, so you understand what we are doing and why.  Most audits consist of four stages:

At the beginning of this phase, we will hold a welcome meeting and conduct an Engagement Risk Assessment. We’ll explain our risk‐based approach, gather information about risks and controls, and determine the objectives for fieldwork. When planning our review, we welcome input from management on areas they would like to include.

During the Fieldwork phase, the actual work of the audit is performed through the testing of controls. This phase typically includes:

  • determining whether controls are operating efficiently and effectively.
  • assessing accuracy of financial reporting.
  • verifying that policies and procedures are available, up to date, and address risks adequately.
  • reviewing compliance with applicable laws, regulations, and policies.

Test results will be discussed with you and your management team during the fieldwork phase, and again at the engagement’s conclusion.

Draft Report — During a closing meeting, we will review the draft report with you and make any appropriate revisions.

Final Report — Management’s action plans, including responsible parties and a timeline for completion, are added to the report. The final report is distributed to management, appropriate university leadership, and the Board of Trustees.

Follow-up is the final phase of the auditing process. We will continue to check in with you periodically until the action plans developed in stage three are completed. Our team remains available to answer questions and assist you in reaching these goals. We maintain a tracking report to record open audit recommendations. This report is shared with the Audit, Compliance and Risk Committee of the Board of Trustees.


Audit Plans

Each year we perform a university-wide risk assessment which serves as the foundation for the development of an audit plan that addresses high risk areas. The audit process assists the university in strengthening its internal control structure and provides assurance that resources are used efficiently and effectively in keeping with mandated requirements and the university's mission, goals, and objectives. As new risks emerge throughout the year, our audit plan changes accordingly.

Academics/Student Support

  • ADA Compliance
  • Financial Aid Abatements & Withdrawl Refunds

Financial

  • HEERF Fund Expenditures

Information Technology

  • Strategic Planning
  • Managed Human Resources
  • Cybersecurity (Secure Configurations of Assets)
  • Cybersecurity (Remote Access is Managed)
  • Cybersecurity (Protections Against Data Leaks)
  • Managed Service Agreements
  • Suppliers and Third Party Risks

Operational

  • Classification and Compensation
  • College Business Operations - School of Law
  • Transporation Services - Columbia
  • University Policies and Procedures
  • USC Beaufort Business Operations
  • P-card monitoring (advisory)

Research

  • Grant Accounting

Safety & Security

  • Mental Health - Comprehensive Universities
  • Student Event Risk Mitigation
  • Title IX Operations
  • Campus Safety Training - Columbia

Strategic

  • Artificial Intelligence (advisory)

Reviews Required by Policy or Charter

  • Board Office and President's Expenses
  • Follow-up Reviews for Outstanding Audit Issues
  • IT Investment Analysis
  • Management Advisory Reviews
  • Special Investigations/Internal Control Reviews

Academics/Student Support

  • Financial Aid Abatements
  • Mental Health Access and Awareness

Compliance/Human Resources

  • Hiring and Retention
  • Student Athletes Medical Records Privacy

Financial

  • University Libraries (advisory)

Information Technology

  • IBM Support
  • Incident Management
  • IT Security Awareness
  • Network Availability
  • Research Computing Security
  • User Access Management
  • Wireless Network Upgrade-post implementation

Operational

  • Capital Maintenance - Utility Outages
  • College Business Operations
  • Development - Donor Relations
  • Housing Business Operations
  • P-Card Monitoring (advisory)
  • USC Upstate Business Operations

Research

  • Animal Care and Use in Research

Safety

  • Campus Safety - Comprehensive Universities

Strategic

  • Office of Institutional Research, Assessment, and Analytics

Reviews Required by Policy or Charter

  • Board Office and President's Expenses
  • Follow-up Reviews for Outstanding Audit Issues
  • IT Investment Analysis
  • Management Advisory Reviews
  • Special Investigations/Internal Control Reviews




Challenge the conventional. Create the exceptional. No Limits.

©