Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Key Focus Areas: System Office Audit
• Auxiliary Operations & Finances (Athletics)
• Budget & Financial Management
• Fiscal Operations: Accounts Receivable, Cash,
Inventory
• Fraud Prevention and Detection
• Information Technology Security
• Presidential Transition Audits
• Public Private Venture Program
• Student Financial Aid
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Audit Plan: In-Process
Assurance
Consulting
•Albany State Special Review (ISSUED) •Cash Counts (ISSUED) •Compliance w/BOR Admissions Standards (ISSUED) •Fort Valley Special Review (ISSUED ‐ added) •Ga. Perimeter College Special Review (ISSUED) •GEFA ARRA (ISSUED) •Lawful Presence Verification (ISSUED) •Skidaway Institute (ISSUED) •Southern Polytechnic State Univ. (ISSUED) •PPV Audit – Albany (ISSUED) •PPV Audit – Valdosta (ISSUED) •Dalton State College (DRAFT – added) •Georgia Gwinnett College – PPV & Audit (DRAFT) •Savannah State Univ. (DRAFT) •Information Technology Security – DNS (ONGOING) •University System Office (ONGOING) •USG Policy & Procedure (ISSUED) •Georgia Highlands College Advancement Program (ISSUED – added) •Affiliated Organizations Inventory (DRAFT) •Columbus State IT (DRAFT) •Academic Program Review (ONGOING) •Consolidation Assistance (ONGOING) •Compliance Awareness (PLANNING)Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Audit Plan: Near-Term
Assurance
Consulting
•Albany State University •Darton State College •Presidential Transition: College of Coastal Georgia (added) •Presidential Transition: Fort Valley State University (added) •Presidential Transition: University of Georgia (added) •Telecommunications Billing (added) •USG Information Technology Security Program (moved) •Archives Transition Assistance/Review (added) •Annual Report•PPV Audit – Darton State College
•PPV Audit – University of West Georgia (moved) •PPV Audit – Georgia Southern University (moved)
Near‐Term
Medium‐Term
Long‐Term
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit and Compliance
Assurance
Consulting
•Abraham Baldwin Agricultural College •Auxiliary Financials – System‐wide (added) •Clayton State University (added) •Georgia Southwestern State University •State Audit Support (added) •Upon Request •PPV Audit – Kennesaw State University (moved) •PPV Audit – Southern Polytechnic State Univ. (moved) •PPV Audit – System‐Wide Inspection Review (added) • PPV Consult – Mgt. Request (added)Near‐Term
Medium‐Term
Long‐Term
7/13 12/13 7/14 12/14
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit and Compliance
Assurance
Consulting
•Bainbridge College •Fort Valley State University •Middle Georgia State College •South Georgia State College •System‐Wide Audit (To Be Determined) •Upon Request •Annual Report •Shared Services Assistance •Upon Request • PPV Audit – Middle Georgia State College • PPV Audit – To Be Determined PPV Consult – Mgt. RequestNear‐Term
Medium‐Term
Long‐Term
7/13 12/13 7/14 12/14
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Potential Issue Areas
Operational: Compliance
1. Information Technology: Is the institution adequately protecting our
information systems from external threats? Is the institution controlling how employees can access and use our information systems? Is the institution effectively managing information technology resources? Are the institution’s IT systems prepared in the event of a natural or man-made disaster?
2. Capital Assets & Inventory Management: Is the institution properly tracking equipment?
3. Human Resources: Is the institution performing the required background checks? Is employee leave appropriately managed? Is the institution
complying with I-9 requirements? Is the institution properly classifying employees as exempt versus non-exempt and as contractors versus
employees?
4. Public Private Ventures: Are IRS rules complied with? Are conflicts of interest managed? What is the financial strength of PPV projects?
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Potential Issue Areas
Financial: Reporting & Compliance
5. Budget & Cash Flow Management: Is the budget development and
oversight process effective? Is the institution projecting and managing cash flow? Has the institution adequately considered the impact of enrollment declines?
6. Cashiering Operations: Is the institution adequately protecting cash assets? Do Bursar operations have sufficient segregation of duties?
7. Fraud Prevention/Detection: Has the institution implemented adequate controls to prevent and detect fraud?
8. Procurement Life Cycle: Is the institution managing their contracts? Is the institution following purchasing policy and procedure? Is the institution managing its P-Card usage?
9. Federal Grant Compliance: Has the institution complied with applicable Federal rules governing federal grants, e.g., conflict of interest, effort reporting, monitoring, and human subjects research protection?
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Potential Issue Areas
Students: Compliance, Financial, & Strategic
10. Student Fees: Is the institution adhering to Board Policy and USG procedures governing the budgeting and use of student fees?
11. Financial Aid: Is the institution properly administering federal and state financial aid programs? Is the institution managing its default rate?
12. International Students: Is the institution managing the Federal requirements associated with tracking international students attending the institution?
13. Tuition and Fees: Is the institution following Board Policy in its admissions practices? Is the institution properly classifying students with respect to in-state/out-of-state tuition? Is the institution collecting accounts receivable? Are waivers of mandatory fees and mandatory housing requirements
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Campus Internal Audit:
Engagements by Type
Assurance 84% Consulting 16%Assurance
Consulting
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit and Compliance Compliance 27% Financial 23% Information Tech. 8% Operations 28% TBD 14%
Compliance
Financial
Information Tech.
Operations
TBD
Campus Internal Audit:
Engagements by Focus
Audit – Consultation – Compliance and Ethics – Enterprise Risk Management – Investigations Office of Internal Audit
and Compliance
Institution Compliance Financial Operations Info Tech. TBD Grand Total
Georgia Institute of Technology 16 8 6 2 2 34 Georgia Regents University 4 3 6 5 2 20 Georgia State University 5 6 2 2 15 University of Georgia 23 4 1 2 2 32 Georgia Southern University 4 1 2 3 10 Valdosta State University 3 6 2 2 13 Albany State University 2 8 8 1 2 21 Armstrong Atlantic State University 1 2 2 2 7 Clayton State University 3 3 1 1 2 10 Columbus State University 3 2 2 7 Georgia College & State University 6 2 2 2 2 14 Kennesaw State University 2 3 13 1 3 22 Savannah State University 3 5 5 2 15 Southern Polytechnic State University 2 9 2 2 15 University of North Georgia 2 4 3 2 11 University of West Georgia 1 2 9 3 2 17 Atlanta Metropolitan State College 1 2 5 1 2 11 College of Coastal Georgia 2 2 1 3 2 10 East Georgia State College 4 5 3 2 14 Georgia Gwinnett College 5 2 1 2 2 12 Georgia Highlands College 3 1 2 1 2 9 Georgia Perimeter College 3 3 7 1 2 16 Middle Georgia State College 2 2 5 2 11 Grand Total 92 81 96 29 48 346