Internal Audit conducts reviews of University records and operations and reports the results of these reviews to management and the Audit Committee of the Board of Governors. In fulfilling its responsibility to assist management and the Audit Committee in the effective discharge of their responsibilities, Internal Audit is committed to providing independent, objective and timely service to its customers, as well as responding to their request for advisory services, and to adding value to and improving the University’s operations. Internal Audit helps the University accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
The Internal Audit process begins with performing a university wide risk assessment to determine significant exposures of risk in achieving Western’s objectives. Based on this assessment, processes or departments affected by those risks are selected for review and incorporated into our Annual Audit Plan which is approved by the Audit Committee of the Board of Governors.
The Audit Team then works with Western’s units to review processes relating to risk management, internal control and governance to ensure:
- Risk is mitigated to a level that is acceptable to the University,
- Systems and internal control processes are working as intended,
- Compliance with policies, plans, procedures, laws and regulations that have a significant impact on operations
Internal Audit performs audits and reviews under two areas:
- Operational Reviews are designed to analyze processes to identify and manage risks and determine if controls are working as intended to achieve the objectives of the organization.
- Information Technology Reviews are designed to participate in system development projects and committees; pre- and post-implementation reviews of application systems; and information security reviews to ensure controls and processes are working as intended.
- Compliance Reviews determine if activities are meeting specific criteria such as internal policies or criteria from outside of the university like legislative requirements.
- Special Requests from management can be accommodated covering various types of concerns affecting operations. Some common examples of these types of requests include investigating suspicions of fraud and reviewing potential conflicts of interest.
Advisory and Support Services
- Process Improvements Reviews are performed with the objective of enhancing the efficiency and effectiveness of operations by applying best practices, promoting the use of technology, integrating manual and automated processes and simplifying or eliminating superfluous steps.
- Internal Audit participates in the following committees:
- Working Group on Information Security
- Bank Card Committee
- Freedom of Information and Privacy Advisory Committee
- President’s Advisory Committee on University Records and Archives
- Safe Campus Community Committee
The Internal Audit department reports to the Vice President (Resource and Operations) and to the Audit Committee. We are currently staffed by two employees (Sharon Farnell, Director of Internal Audit and Jim Loupos, Internal Auditor).