The WVU Internal Audit Office conducts a University-wide risk assessment near the
end of each fiscal year. Input from University and departmental management regarding
their assessment of the institution’s exposure to potential loss is a significant
part of this risk assessment and has a major influence in the selection of audits
to be included in the annual audit plan. Another source of input for the plan comes
from within the WVU Internal Audit Office itself. Our professional training, experience
and in-depth knowledge of the overall operating practices and policies of the University
places us in a position to assess the types of audit projects that will best reduce
the University’s exposure to loss.
An audit plan is developed for the subsequent year based on the results of the
assessment and the department’s available resources. The assessment of risk is
based on many factors such as:
Given the scope and complexity of the University with its hundreds of operating units and the relatively small size of the Internal Audit Office staff, it is impossible to audit all University activities. Instead, areas with the highest perceived risk and those activities that have the greatest potential benefit to the University are given higher consideration for inclusion within the annual plan. The audits selected may relate to specific departments, to processes that are carried out across a number of departments or may have a University-wide impact. The annual audit plan is reviewed and approved by the Audit Committee of the WVU Board of Governors.
Additionally, unannounced audits may be performed at the discretion of the Director of Internal Audit, the Board of Governors, the WVU President, or management.