The Board of Trustees of Mississippi's State Institutions of Higher Learning (IHL) hereby establishes an Internal Audit Office to assist the Board in meeting its fiduciary responsibilities. This charter establishes the authority and responsibility conferred by the Board of Trustees within which the Office of Internal Audit will operate to make a positive contribution to the system of higher education by examining and evaluating the business and administrative activities of the system's universities and executive office.

Internal auditing is an independent appraisal of the operations and systems of control within the Institutions of Higher Learning. The audit examines and evaluates the institutions' activities and their systems of controls to determine whether acceptable policies and procedures are followed; legislative requirements and established standards are met; resources are used efficiently and economically; planned missions are accomplished effectively; and the objectives of higher education are being achieved.

Internal Audit will assist the Board of Trustees and the Commissioner to achieve sound managerial control over all aspects of the operations of higher education, including accounting, asset management, information management and control systems, and other such activities for which the Board is responsible. The office will also coordinate the internal audit activities throughout the system and its institutions and assist the Commissioner and the Board of Trustees.

The attainment of the overall objective may involve:

• reviewing and assessing the adequacy and effectiveness of the system of internal controls;
  
• appraising the relevance, reliability and integrity of management, financial and operating data and reports;
  
• reviewing the systems established to ensure compliance with those policies, plans, procedures, statutory requirements and regulations which could have a significant impact on operations (all funds, including external funds, excluding foundations);
  
• reviewing the means of safeguarding assets and, as appropriate, verifying the existence of such assets;
  
• evaluating the economy, efficiency and effectiveness with which resources are employed, including reviews of business practices;
  
• reviewing operations or programs to ascertain whether results are consistent with IHL's established objectives and goals, and whether the operations or programs are being carried out as planned;
  
• assessing the adequacy of established systems and procedures; and
  
• conducting special assignments and investigations on behalf of the Board of Trustees and the Commissioner into any matter or activity affecting the probity, interests and operating efficiency of the IHL.

Internal auditing is an advisory function having independent status within the IHL. The Manager of Internal Audit:

• shall be functionally responsible to the Audit Committee and ultimately the Board of Trustees, but administratively will report directly to the Commissioner and be independent of any other section, branch or officer;
  
• shall have no executive or management powers, functions or duties except those relating to the management of the Internal Audit office;
  
• shall not be involved in the day-to-day operations of the IHL;
  
• shall not be responsible for the detailed development and/or implementation of new systems, but should be consulted during the system development process on the control measures to be incorporated in new or amended systems, and be advised of approved variations or new developments; and
  
• shall have oversight of the internal auditing functions of the various campuses, whose directors will report to their respective Institutional Executive Officers with a dotted reporting line to the Audit Committee of the Board of Trustees.

Subject to the approval of the Audit Committee, the Manager of Internal Audit is authorized to establish an effective internal audit function. No officer, administrator, or staff member shall prohibit the System Internal Auditor from examining any university record or interviewing any faculty/staff member or student that the auditors deem to be pertinent to their audits and reviews. Additionally, the System Internal Auditor has the authority to audit or cause to be audited the accounts of all organizations required to submit financial statements to the system or any of its universities.

Internal auditors of the system shall:

• decide, in consultation with the Audit Committee of the Board of Trustees, on the nature, scope and timing of audits;
  
• have access at all reasonable times to all books, documents, accounts, property, vouchers, records, correspondence and other data of the IHL which are necessary for the proper performance of the internal audit function; and
  
• have the right at reasonable times to enter any premises of the IHL and to request any officer to furnish all information and such explanations deemed necessary for them to form an opinion on the probity of action, adequacy of systems and/or of controls. The officer concerned shall respond promptly to such inquiries.

It is incumbent on all IHL Institutional Executive Officers that they render every assistance to the Internal Auditors in carrying out their audit duties.

Subject to the overall guidelines and policies of the Board of Trustees and the Audit Committee, the Office of Internal Audit shall be solely responsible for the planning, implementation, and reporting of the audits. For this purpose, the Manager of Internal Audit is entrusted with the responsibility to appraise the policies, procedures, and management controls of the system to ensure that the activities are properly managed and to promote effective controls at reasonable cost. In discharging the responsibility, the Manager of Internal Audit shall be responsible to the Board of Trustees Audit Committee for the functional control of audit activities in relation to:

• preparing a strategic plan to set the long-range direction and approach of audits;
  
• presenting a detailed annual audit plan and an annual budget in consultation with the Commissioner and/or Assistant Commissioner for Finance and Administration for submission to the Audit Committee for approval and to the Board of Trustees;
  
• assessing and recruiting the necessary personnel for appropriate levels of staff;
  
• carrying out all activities in an effective, proficient and timely manner;
  
• reporting to the auditee as soon as practical on completion of each audit;
  
• reporting, at least quarterly, to the Audit Committee;
  
• conducting oversight of campus Internal Audit's methods and procedures;
  
• preparing the scope and boundaries of audits;
  
• fulfilling the objectives of Internal Audit;
  
• utilizing the Internal Audit resources to maximize the efficiency and effectiveness of the Internal Audit function;
  
• reviewing systems and operations to assess achievement of institutional objectives, use of efficient use of resources, and adequacy of controls over activities;
  
• evaluating the reliability, integrity, and pertinence of management and financial information;
  
• assessing the method of safeguarding assets and verifying their existence;
  
• determining the extent of compliance with established policies, procedures and instructions;
  
• advising improvements in procedures and systems to prevent waste, abuse, over-spending, and fraud;
  
• directing attention on any failure to take remedial action;
  
• executing any ad hoc evaluations, assessments, investigations, examinations or reviews requested by the Audit Committee or by senior management of the Executive Office; and
  
• appraising the overall systemic risk assessment and management.

The scope of Internal Audit shall be sufficiently comprehensive to enable the effective and regular review of all operational, financial and related activities.

The Internal Audit coverage may extend to all areas under the management and control of the Board of Trustees and include financial, accounting, administrative, data quality, computing and other operational activities.

A strategic system-wide audit plan shall be prepared by the Audit Committee for the approval of the Board of Trustees. The plan shall provide for the review of significant operations of the IHL based on an assessment of risk pertaining to the achievement of IHL's objectives.

An annual Internal Audit plan consistent with the long-term strategic plan shall be prepared by the Audit Committee, in consultation with the Commissioner for approval by the Board of Trustees, if practicable, prior to commencement of each calendar year.

The system-wide audit plan will identify areas of audit concern on a campus-by-campus basis, as well as a system-wide approach. Proposed individual audit plans by the internal auditors on campuses will identify audits to be conducted at each campus during the year and will be incorporated into the proposed system-wide audit plan. A final system-wide plan will be reviewed and, if necessary, revised by the Audit Committee and then approved by the Board of Trustees at an open meeting.

The Board of Trustees Audit Committee is established to serve as a channel of communication with auditors. The Audit Committee shall meet at least four times annually and shall consist of the following members:

• members of the Board of Trustees Audit Committee;
  
• the Commissioner (non-voting);
  
• the Manager of Internal Audit (non-voting);
  
• the assistant Commissioner for Finance and Administration (non-voting); and
  
• a senior auditor representing the Office of the State Auditor may be invited as an observer at meetings of the Audit Committee by invitation of the committee.

The objectives of the Board of Trustees Audit Committee are:

• to review the proposed scope of the internal and the external audit functions;
  
• to review audit performance and to ensure that no limitation on audit has been interposed by management;
  
• to appraise the effectiveness of the audit;
  
• to review the management letter provided by the State Auditor's Office (or Internal Auditors on campuses) regarding any weaknesses in internal controls; organization and operating controls; and to consider the recommendations made by the auditor and the action taken by management in response to the auditor's suggestions; and
  
• to review and/or initiate any other act necessary to ensure:
  
  • compliance with policies, plans, procedures, laws and regulations;
    
  • safeguarding of IHL's assets;
    
  • efficient and proper use of resources;
    
  • accomplishment of established objectives and goals for operations or programs; and
    
  • attention to failure to take prompt remedial action relating to previously identified shortcomings.

For all audit projects, the person responsible for the activity under review shall be advised and given the opportunity to discuss:

• the objectives and scope of the audit to be conducted, prior to the commencement of such audit; and findings and
• proposed recommendations on the completion of an audit, and where appropriate make comment.

A written report will be prepared and issued by Internal Audit at the conclusion of each audit. A copy of the complete report will be distributed to the Institutional Executive Officer of the institution(s) involved in the audit. A summary of each report, including all audits performed on externally funded contracts, is to be made available to the Audit Committee, the Commissioner and the Assistant Commissioner for Finance and Administration within thirty days of completion of the audit. Audit reports related to issues that are of system-wide importance or audits that disclose issues that are material or recurring in nature will be presented to the Audit Committee at the next scheduled committee meeting following completion of the report. The Audit Committee will forward such reports along with appropriate recommendations to the Board of Trustees for action.

Audit reports will normally explain the scope and objectives of the audit, present findings and conclusions in an objective manner relevant to the specific user's needs, and make recommendations where appropriate.

Each institution audited will be given an opportunity to submit its responses to the audit findings to be included in the final audit report.

The Manager of Internal Audit shall liaise with the auditors from the State Auditor's Office, externally funded contracts and grants auditors, and the Internal Audit staffs on campuses to:

• coordinate all review, evaluation and/or investigation activities;
• ensure that the audit programs are complementary;
• foster a cooperative working relationship;
• reduce the incidence of duplication of effort; and
• promote appropriate sharing of information.

The Manager of the System Internal Audit function shall make available to the State Auditor's Office all Internal Audit working papers, programs, flow charts, and reports upon request.

The Manager of the System Internal Audit function ensures that university internal auditors conduct audits and reviews according to generally accepted auditing standards using such audit programs, techniques, and procedures considered necessary under the circumstances. The operation of the internal audit function is to be carried out consistent with The Code of Ethics, Professional Practices Framework, and Practice Advisories as defined by the Institute of Internal Auditors.

The standards for the performance of the audit function are to be developed from the following:

• Standards for the Professional Practice of Internal Auditing (Institute of Internal Auditors);
• Standards for Information Systems Auditing (Information Systems Audit and Control Associations); and
• Statements of Auditing Standards (American Institute of Certified Public Accountants).

To ensure that the quality of the Internal Audit is consistently at a high standard, the Manager of Internal Audit, in conjunction with members of the Board of Trustees Audit Committee, shall:

• develop and maintain comprehensive work reporting systems;
• maintain a regular review of audit plans, reports and working papers, and
• provide for staff training, as appropriate.