Search Website
Resources
Western HR Operational Excellence provides practical, "how to learning" for administrative tasks performed at Western. The Department of Internal Audit supports the delivery of two workshops throughout the year.
OPER15 - Reporting Concerns of Financial Misuse
In this session, participants will learn about Western’s Safe Disclosure Policy (also known as a Whistleblower Policy); what it is, when it might apply and how to use it. Like a fire drill, be prepared. Learn how to recognize and respond to potential financial misuse. Know the process and tools available in the unlikely event that you need them. This course is a staple for all administrators.
Target Audience: Employees responsible for financial management and reporting, and administrative staff involved in financial transactions and monitoring functions.
Topics:
- Introduction to Internal Audit
- Fraud 101
- Origins of safe disclosure
- Western's safe disclosure policy
- What the policy covers, what it doesn't
- How to use the policy
- Overview of the investigation/reporting process
Format: In-person on campus
Length: 90 minutes
OPER2 - Financial Risk Management, Controls and Accountabilities
Western employees need to ensure that delegated financial responsibilities are discharged in a manner that meets financial control standards. You will leave this session understanding how to apply financial risk management. This session will also provide an overview of guiding policies at Western, the internal controls used and a briefing on fraud and what it might look like.
Target Audience: Budget Unit Heads and administrative staff and faculty responsible for financial budgeting, processing and reporting
Topics:
- Responsibilities and accountabilities
- Understanding risk and risk management
- Policies and guidelines
- Compliance
- Fraud and financial offense
- Areas of exposure
- Recommended internal controls for good business practices
- Audit requirements
- Accountability reports
Format: In-person on campus
Length: 90 minutes
Register for Available Sessions
- Institute of Internal Auditors (IIA)
- Three Lines Model of IIA
- Canadian Association of University Business Officers (CAUBO)
- Association of Colleges and Universities Auditors (ACUA)
- Chartered Accountants of Canada (CICA)
- Information Systems Audit and Control Association (ISACA)
- Committee of Sponsoring Organizations of the Treadway Commission (COSO)
|
What is Internal Audit? Internal Audit is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. |
|
Who are the Internal Auditors at Western? We are employees of Western with education and designations in business related fields such as business administration, accounting, auditing, and technology. Our department reports functionally to the Audit Committee of the Board of Governors which enables our independence. We report administratively to the Vice-President (Resources & Operations). |
|
Why am I being audited? Internal Audit conducts a university-wide risk assessment that identifies key risks at Western. We create an Audit Universe of core processes, key functions, and units that have a significant role in managing these risks. Audit projects are then selected to inform our annual Internal Audit plan, reviewed by senior management, and approved by the Audit Committee of the Board of Governors at Western. The risk-based audit plan ensures that we focus on what matters most to achieving Western’s objectives. We may also come about as part of investigation or advisory request. |
|
What does an audit look like? What will they look at? We work with your area to co-create the engagement objectives, criteria, and scope so that we evaluate the activities that matter most to you, your stakeholders, and Western overall. We typically take a look at what is happening and compare it to what should be happening, as defined by laws, regulations, policies, leading practices/frameworks, or sound business practices. We conduct interviews, review processes, and examine records to conclude on the audit objective. |
|
What do I need to do to prepare for an audit? a.Review Internal Audit website and introduction material b.Consider the following planning questions that will help in co-creating the engagement •What are our risks to achieving our objectives? What could go wrong if we don’t have controls in place? •What are our operational challenges? What areas have we had a lot of issues with? •What are our opportunities to improve governance, risk management, and controls? c.We will work together to craft communications to your team so everyone feels safe and prepared |
|
How long does an audit take? The length of the project will depend on the objectives and scope. Projects can range from 1 week to 3 months. We incorporate agile principles to achieve an audit process that is efficient and minimize disruptions of your day-to-day activities to the extent possible. The most successful audits are when you are actively involved in the entire process and help us understand your environment. |
|
What do audit reports look like? Who sees the audit results? Reports identify our observations, including strengths, and the associated impact. Observations include “what we found” against the audit criteria and the causes. Impacts highlights the “why this matters” from a risk or consequences perspective. We may also include recommendations on how to improve or correct the situation. Reports are always validated with unit leaders or process owners prior to issuing to other stakeholders such as key administrative members or the Audit Committee. |
|
Do I have a say in the audit results? What if I don’t agree? You always have a say in the audit results. Throughout the audit we actively communicate what we are finding in the moment with you. This helps ensure we collectively understand the context, work together to uncover root-causes, and collaborate on viable solutions. The goal it to have a report that we all support without any surprises. You also get to document your “plan of actions” to resolve the underlying issues in the report. On rare occasions we may have different perspectives and that’s okay. Your plan of actions can include your opinions and rationale for accepting these risks. |
|
Do the auditors understand what we do? We are not experts in your field, but we are experts in governance, risk management, process, and controls. During pre-planning activities, we take the time to do our research to understand your environment by reviewing your website documentation, past reports, and industry information. We will rely on you throughout the audit process to ensure we fully gather the context needed for a successful audit. Lastly, we are guided by the professional practice standards of the Institute of Internal Auditors (IIA) which requires us to engage only in those services for which we have the knowledge, skills, and experience to perform. |
|
Can I reach out to Internal Audit for help? Absolutely! We encourage it. We are all collectively here to advance Western towards achieving its objectives. Reach out when key controls change, when risks are increasing, when faced with a major decision, when solving a problem, when you could use an independent opinion, or when something doesn’t feel right. We are great in-house resource to help. |