Internal Audit

Reporting

The results of each engagement are shared with management using either a final report or memo depending on the type and formality of the engagement. Each report or memo contains a summary of the work completed and lists any findings and recommendations along with responses from management if necessary.

Consistent with guidance from the Institute of Internal Auditors, our office issues the following audit opinions:

Effective

Controls evaluated are adequate, appropriate, and effective to provide reasonable assurance that risks are being managed and objectives should be met.

Some Improvement Needed

A few specific control weaknesses were noted; generally however, controls evaluated are adequate, appropriate, and effective to provide reasonable assurance that risks are being managed and objectives should be met. 

Major Improvement Needed

Numerous specific control weaknesses were noted.  Controls evaluated are unlikely to provide reasonable assurance that risks are being managed and objectives should be met.

Unsatisfactory

Controls evaluated are not adequate, appropriate, or effective to provide reasonable assurance that risks are being managed and objectives should be met. 

Reports and memos are distributed to the department head of the area under review and to senior management, including the Chancellor. Our office reports directly the Audit, Risk, and Compliance Committee of the Board of Trustees, and final documents are shared with the committee. Our office is also required to send reports to the Vice President for Compliance and Audit Services at UNC General Administration and to the North Carolina Office of Internal Audit.

In an effort to reduce waste, reports and memos are distributed electronically. Hard copies are available upon request.