The Board of Trustees of Mississippi's State Institutions of Higher Learning (Board) hereby establishes a System Internal Audit Office and appoints a director to assist the Board in meeting its fiduciary responsibilities. This charter establishes the authority and responsibility conferred by the Board of Trustees within which the Office of Internal Audit will operate to make a positive contribution to the system of higher education by examining and evaluating the business and administrative activities of the system's universities and executive office.

The Board directs each Institutional Executive Officer (IEO) to appoint an internal audit director. Employment of each university internal audit director shall be contingent on the approval of both the IEO and the Board's System Internal Audit Director. In addition, each IEO shall employ a sufficient number of professional and support staff to assist the university internal audit director in implementing an effective program of internal auditing.

Internal auditing is an independent appraisal of the operations and systems of control within the Institutions of Higher Learning. The audit examines and evaluates the institutions' activities and their systems of controls to determine whether acceptable policies and procedures are followed, whether legislative requirements and established standards are met; whether resources are used efficiently and economically, whether planned missions are accomplished effectively, and whether the objectives of higher education are being achieved.

The Board’s Office of Internal Audit will assist the Board of Trustees, the Commissioner and IEOs to achieve sound managerial control over all aspects of the operations of higher education, including accounting, asset management, information management and control systems, and other such activities for which the Board is responsible. The Board’s System Internal Audit Office will also coordinate the internal audit activities throughout the system and its institutions and assist the IEOs, Commissioner and the Board of Trustees.

The attainment of the overall objective of the Board’s System Office of Internal Audit may involve:

• reviewing and assessing the adequacy and effectiveness of the system of internal controls;
• appraising the relevance, reliability and integrity of management, financial and operating data and reports;
• reviewing the systems established to ensure compliance with those policies, plans, procedures, statutory requirements and regulations which could have a significant impact on operations (all funds, including external funds, excluding foundations);
• reviewing the means of safeguarding assets and, as appropriate, verifying the existence of such assets;
• evaluating the economy, efficiency and effectiveness with which resources are employed, including reviews of business practices;
• reviewing operations or programs to ascertain whether results are consistent with IHL's established objectives and goals, and whether the operations or programs are being carried out as planned;
• assessing the adequacy of established systems and procedures; and
• conducting special assignments and investigations on behalf of the Board of Trustees, the Commissioner and IEOs into any matter or activity affecting the probity, interests and operating efficiency of the IHL.

Internal auditing is an advisory function to management having independent status within the system. The Board’s System Internal Audit Office Director:

• shall be functionally responsible to the Budget, Finance and Audit Committee and ultimately to the Board of Trustees, but administratively will report to the Commissioner and be independent of any other IHL division, section, branch or officer;
• shall have oversight of the internal auditing functions of the various campuses, whose directors shall be functionally responsible to the Budget, Finance and Audit Committee and ultimately the Board of Trustees through the Board's System Internal Audit Director, but will administratively report to the IEO;
• shall, in agreement with the IEO, appoint all university internal audit directors; and
• shall, in agreement with the IEO, make recommendation of the termination of any university internal audit staff after notification to the Budget, Finance and Audit Committee and the university's compliance with applicable state law and system policy; If there is disagreement between the IEO and the Board's system internal audit director over a recommendation of termination of a university internal audit employee, the Board shall be informed of same and shall make the decision regarding the termination.

Both the Board’s System Internal Audit Director and the University Internal Audit Directors:

• shall have no executive or management powers, functions or duties except those relating to the management of the Internal Audit office;
• shall not be involved in the day-to-day operations of the system;
• shall not be responsible for the detailed development and/or implementation of new systems, but should be consulted during the system development process on the control measures to be incorporated in new or amended systems, and be advised of approved variations or new developments.

Subject to the approval of the Budget, Finance and Audit Committee, the Board’s System Internal Audit Director and University Internal Audit Directors are authorized to establish an effective internal audit function. No officer, administrator, or staff member shall prohibit the Board’s System Internal Auditors from examining any university record or interviewing any faculty/staff member or student that the auditors deem to be pertinent to their audits and reviews. Additionally, the Board’s System Internal Auditors have the authority to audit or cause to be audited the accounts of all organizations required to submit financial statements to the system or of any of its universities.

Both the Board’s System and University Internal Auditors shall:

• develop an internal audit plan, in consultation with the Budget, Finance and Audit Committee of the Board of Trustees on the nature, scope and timing of audits;
  • develop an annual and three year audit plan to be based on the findings of periodic documented risk assessment;
  • ensure that internal controls are reviewed periodically;
  • address concerns of the Board of Trustees, Commissioner and IEOs;
  • submit proposed individual university internal audit plans to the respective IEOs, and submit all proposed internal audit plans to the Commissioner and to the Board's System Internal Audit Director for review and approval by each before submission for approval to the Budget, Finance and Audit Committee by the Board's System Internal Audit Director.
• have access at all reasonable times to all books, documents, accounts, property, vouchers, records, correspondence and other data of the system, which are necessary for the proper performance of the internal audit function; and
• have the right at reasonable times to enter any premises of the system and to request any employee or officer to furnish all information and such explanations deemed necessary for them to form an opinion on the probity of action, adequacy of systems and/or of controls. The employee or officer concerned shall respond promptly to such inquiries.

All system employees must cooperate fully with the Board’s System Internal Audit Staff on any system issues, allegations, or audit matters directed to be performed on behalf of the Board, the Budget, Finance and Audit Committee and/or the Commissioner.

Subject to the overall guidelines and policies of the Board of Trustees and the Budget, Finance and Audit Committee, the Board’s System and University Internal Audit Offices shall be solely responsible for the planning, implementation, and reporting of the audits. For this purpose, the Director of the Board’s System Internal Audit Office is entrusted with the responsibility to appraise the policies, procedures, and management controls of the system to ensure that the activities are properly managed and to promote effective controls at reasonable cost. In discharging the responsibility, the Board’s Director of the System Internal Audit Office shall be responsible to the Board of Trustees’ Budget, Finance and Audit Committee for the functional control of system and university audit activities in relation to:

• preparing a strategic plan to set the long-range direction and approach of audits;
• presenting a detailed annual audit plan and an annual budget in consultation with the Commissioner and IEOs for submission to the Budget, Finance and Audit Committee for approval and to the Board of Trustees;
• assessing and recruiting the necessary personnel for appropriate levels of staff;
• carrying out all activities in an effective, proficient and timely manner;
• reporting to the auditee as soon as practical on completion of each audit;
• reporting, at least quarterly, to the Budget, Finance and Audit Committee;
• conducting oversight of campus Internal Audit's methods and procedures;
• preparing the scope and boundaries of audits;
• fulfilling the objectives of Internal Audit;
• utilizing the Internal Audit resources to maximize the efficiency and effectiveness of the Internal Audit function;
• reviewing systems and operations to assess achievement of institutional objectives, efficient use of resources, and adequacy of controls over activities;
• evaluating the reliability, integrity, and pertinence of management and financial information;
• assessing the method of safeguarding assets and verifying their existence;
• determining the extent of compliance with established policies, procedures and instructions;
• advising improvements in procedures and systems to prevent waste, abuse, overspending, and fraud;
• directing attention on any failure to take remedial action;
• executing any ad hoc evaluations, assessments, investigations, examinations or reviews requested by the Budget, Finance and Audit Committee or by senior management of the Executive Office or university; and
• appraising the overall systemic risk assessment and management.

The scope of Internal Audit shall be sufficiently comprehensive to enable the effective and regular review of all operational, financial and related activities.

The scope of Internal Audit coverage extends to all areas under the management and control of the Board of Trustees and include financial, accounting, administrative, data quality, computing and other operational activities.

An annual Internal Audit plan consistent with the long-term strategic plan shall be prepared by the Board’s System and University Internal Auditors, in consultation with the Commissioner and IEOs, for approval by the Budget, Finance and Audit Committee and shall be provided to the full Board of Trustees, if practicable, prior to commencement of each fiscal year.

The system-wide audit plan will identify areas of audit concern on a campus-by-campus basis, as well as a system-wide approach. Proposed individual audit plans by the university internal auditors on campuses will identify audits to be conducted at each campus during the year and will be incorporated into the proposed system-wide audit plan. A final system-wide plan will be reviewed and, if necessary, revised and approved by the Budget, Finance and Audit Committee and then provided to the Board of Trustees at an open meeting.

However, the Commissioner may direct at any time the Board’s System Internal Audit Director and the IEO may direct at any time the University Internal Audit Director to perform an audit, inquiry or investigation of any special program, activity, function or organizational unit related to their respective institution.

The Budget, Finance and Audit Committee may designate one or more members of the committee to serve as a channel of communication with the internal auditors and to have other duties as designated.

Some of the objectives of the Board of Trustees’ Budget, Finance and Audit Committee are:

• to review the proposed scope of the internal and the external audit functions;
• to review audit performance and to ensure that no limitation on audit has been interposed by management;
• to appraise the effectiveness of the audit;
• to review the management letter provided by the State Auditor's Office (or Internal Auditors on campuses) regarding any weaknesses in internal controls; organization and operating controls; and to consider the recommendations made by the auditor and the actions taken by management in response to the auditor's suggestions; and
• to review and/or initiate any other act necessary to promote:
• compliance with policies, plans, procedures, laws and regulations;
• safeguarding of System's assets;
• efficient and proper use of resources;
• accomplishment of established objectives and goals for operations or programs; and
• attention to failure to take prompt remedial action relating to previously identified shortcomings.

For all audit projects, the person responsible for the activity under review shall be advised and given the opportunity to discuss:

• the objectives and scope of the audit to be conducted, prior to the commencement of such audit; and
• findings and proposed recommendations on the completion of an audit, and where appropriate make comment.

A written report will be prepared and issued by Internal Audit at the conclusion of each audit. Internal audit reports shall be confidential, but shall be provided to the Board upon completion. The Board hereby delegates to the Board’s System Internal Audit Director the responsibility of collecting and reviewing the confidential audit reports on behalf of the Board. The Board’s System Internal Audit Director shall then brief the Budget, Finance and Audit Committee regarding the confidential audit reports. The Budget, Finance and Audit Committee will forward such reports to the full Board with appropriate recommendations for action when warranted.

A copy of the complete report will be distributed to the applicable Commissioner and/or IEOs to which the audit applies. A summary of each report, including all audits performed on externally funded contracts, audits or investigations, is to be made available to the Budget, Finance and Audit Committee and the Commissioner within thirty days of completion of the audit. Audit reports related to issues that are of system-wide importance or audits that disclose issues that are material or recurring in nature will be presented to the Budget, Finance and Audit Committee at the next scheduled committee meeting following completion of the report. The Budget, Finance and Audit Committee will forward such reports along with appropriate recommendations to the Board of Trustees for action. Audit reports will normally explain the scope and objectives of the audit, present findings and conclusions in an objective manner relevant to the specific user’s needs, and make recommendations where appropriate. Each institution audited will be given an opportunity to submit its responses to the audit findings to be included in the final audit report.

The Commissioner and IEOs shall ensure the Board’s System Internal Audit staff and University internal audit staff liaise with all auditors from the State Auditor’s Office, with the Legislative PEER Committee, with externally funded contracts and grants auditors and/or external investigators/auditors regarding audits, investigations or inquiries to:

• Coordinate all review, evaluation and/or investigation activities;
• Ensure that the audit programs are complementary;
• Foster a cooperative working relationship;
• Reduce the incidence of duplication of effort; and
• Promote appropriate sharing of information.

The Commissioner, IEOs and University Internal Audit Directors shall make known to the Board’s System Internal Audit Director any determined fraud, waste or abuse or reasonably substantiated fraud, waste or abuse as a result of the audits, inquiries, investigations or complaints so such cases can be communicated to the Commissioner and the Budget, Finance and Audit Committee and so that efforts can be made to ensure internal controls are sufficient to deter such actions in the future.

The Board’s System Internal Audit Director shall make available to the State Auditor’s Office all Internal Audit working papers, programs, flow charts, and reports upon request.

The Board’s System Internal Audit Director is responsible for requiring that university internal auditors conduct audits and reviews according to generally accepted auditing standards using such audit programs, techniques, and procedures considered necessary under the circumstances. The operation of the internal audit function is to be carried out consistent with The Code of Ethics, Professional Practices Framework, and Practice Advisories as defined by the Institute of Internal Auditors. The standards for the performance of the audit function are to be developed from the following:

• Standards for the Professional Practice of Internal Auditing (Institute of Internal Auditors);
• Standards for Information Systems Auditing (Information Systems Audit and Control Associations); and
• Statements of Auditing Standards (American Institute of Certified Public Accountants).

To ensure that the quality of the Internal Audit is consistently at a high standard, the Board’s System Internal Audit Director, in conjunction with members of the Board of Trustees’ Budget, Finance and Audit Committee, shall:

• develop and maintain comprehensive work reporting systems;
• maintain a regular review of audit plans, reports and working papers, and
• provide for staff training, as appropriate.