(1) The Assurance and Audit Charter provides a broad framework, professional standards and guidance for the conduct of assurance and audit activities. (2) This Charter applies to all activities undertaken by Assurance and Audit. (3) The primary objective of Assurance and Audit is to add value to the University's operations and assist the University to achieve its corporate goals by providing independent and objective analysis, appraisals, recommendations, counsel and information on the University's systems of internal control, effectiveness of risk management and the quality of performance. This is achieved by examining and evaluating the adequacy, economy, effectiveness and efficiency of risk management, systems of internal control, and the quality of management in a systematic, disciplined and professional manner. (4) Internal audit is an independent, objective assurance and consulting activity designed to add value and improve the effectiveness of the University’s operations. It aims to assist the University by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of the University’s risk management, internal controls and governance processes. (5) Assurance and Audit does not develop or implement procedures or systems and is not engaged in operational or processing functions. This does not exclude Assurance and Audit from suggesting system development projects or being consulted on proposed and/or existing systems, policies and procedures. Assurance and Audit may evaluate and assess significant projects or change initiatives and activities, including structural changes, or changes to processes, systems, services and controls. (6) An audit or appraisal by Assurance and Audit does not in any way relieve officers of the University of their individual responsibilities and accountabilities. (7) The Director, Assurance and Audit, is authorised to direct a broad, comprehensive program of assurance, internal audit and consulting activities across the University. The Director, Assurance and Audit, and staff are authorised to have full, free and unrestricted access to all functions, property, personnel, records, accounts, files and other documentation. Information accessed in the course of audits must be used strictly for audit purposes. (8) The Director, Assurance and Audit is responsible for the management of internal audits and other assurance (grant audits) and integrity services for the University. (9) Independence is essential to the effectiveness of the delivery of assurance and internal audit services. This independence is obtained primarily through organisational status and objectivity. (10) The Director, Assurance and Audit is functionally responsible to the Risk and Audit Committee for ensuring not only the broadest range of assurance and internal audit coverage but also adequate consideration of internal audit reports and appropriate action on audit recommendations. (11) Assurance and Audit operates within the Chancellery directly reporting, for administrative purposes, to the General Counsel. The Director, Assurance and Audit is responsible to the General Counsel for the performance of the internal audit function and the performance of staff in Assurance and Audit in accordance with the University’s relevant Human Resources policies and procedures. (12) The General Counsel is responsible for ensuring resourcing support in respect of the Assurance and Audit function within the context and constraints of the University's planning and resourcing framework and principles. Resources can be provided by Assurance and Audit staff who are employees of the University, or by external contractors and consultants. (13) The Director, Assurance and Audit: (14) Assurance and Audit staff must be independent of the activities they audit and will report to the Director, Assurance and Audit any situations in which a conflict of interest (whether actual, potential or perceived) may arise. Assurance and Audit staff must not assume operating responsibilities and must be objective in performing their work. (15) Assurance and Audit complies with the following: (16) Assurance and Audit professionals are required to: (17) An Annual Assurance and Audit Plan (Plan) must be prepared by the Director, Assurance and Audit for approval by the Risk and Audit Committee. The Plan is based on an assessment of the University's business risks pertaining to the achievement of the University's priorities outlined in Connections - the QUT Strategy 2023 to 2027. The Plan requires agreement from the Vice-Chancellor and President prior to obtaining approval from the Risk and Audit Committee. (18) The actual audit performance shall be regularly reviewed against the Plan by the Risk and Audit Committee. Any necessary amendments to the Plan shall be submitted to the Risk and Audit Committee for endorsement. (19) The scope of Assurance and Audit encompasses the examination and evaluation of the adequacy, effectiveness and efficiency of governance, risk management and the systems of internal control and management performance, as well as all activities of the University and its controlled entities. It involves the review of all financial and non-financial operations, including information systems and business processes. The frequency of internal audits shall be assessed based on the relevant risk exposure. (20) Assurance and Audit uses the most appropriate auditing methodology for each audit depending on the nature of the audit, the risk exposure and the predetermined parameters. (21) On conclusion of an internal audit, a copy of the final report on the internal audit outcome shall be issued to the relevant organisational head and shall be circulated to Risk and Audit Committee members. (22) The report shall present the overall audit objectives, scope, the conclusion based on the outcome of the audit, and an agreed implementation timeframe for audit recommendations. (23) Assurance and Audit must establish and maintain a system to monitor the University response to recommendations communicated to management. (24) Assurance and Audit will consider the scope of work of other assurance providers, internal and external, as appropriate, for the purpose of providing optimal internal audit coverage to the University in an efficient and effective manner. (25) The Director, Assurance and Audit, must establish and maintain a quality assurance program to evaluate the operations of Assurance and Audit. The program will incorporate benchmarking and review of the function in accordance with the requirement of the Institute of Internal Auditors. (26) The purpose of this program is to provide assurance that audit work conforms with The Institute of Internal Auditors, International Professional Practices Framework (IPPF) and the QUT Assurance and Audit Charter, and is both cost effective and efficient. The quality assurance program is to include an independent review of Assurance and Audit once every 5 years. (27) The Director, Assurance and Audit must communicate the results of the quality assurance program to senior management and the Risk and Audit Committee. (28) In accordance with the Risk and Audit Committee meeting schedule, the Director, Assurance and Audit, shall submit to the Risk and Audit Committee a report summarising all assurance and internal audit activities undertaken during the reporting period. An annual report on the performance of Assurance and Audit against the agreed key performance indicators shall be submitted by the Director, Assurance and Audit to the Risk and Audit Committee. (29) This charter is reviewed periodically to ensure it is relevant, aligned with organisational changes and good practices, and an appropriate level of cost-effective value-added services is achieved. (30) Internal and external audit activities should be coordinated to ensure adequate audit coverage and to minimise duplication of effort. In accordance with the Institute of Internal Auditors Standards, Assurance and Audit will consult with the external auditor during the preparation of the annual audit plan and individual audits where relevant. (31) Periodic meetings between Assurance and Audit and external auditors shall be held to discuss matters of mutual interest. (32) Internal Audit programs, working papers and reports may be made available for review by external auditors. (33) Refer to Register of Authorities and Delegations (C062) (QUT staff access only)QUT Assurance and Audit Charter
Section 1 - Purpose
Section 2 - Application
Section 3 - Roles and Responsibilities
Top of Page
Section 4 - Assurance and Audit Objectives and Approach
Section 5 - Authority
Section 6 - Independence
Section 7 - Professional Practices Including Standards
Top of PageSection 8 - Internal Audit
Internal Audit Plans
Scope and Frequency of Audit
Internal Audit Technique
Internal Audit Report
Coordination of Assurance Activities
Section 9 - Quality Assurance Program
Section 10 - Reporting and Review
Section 11 - Liaison with External Auditors
Section 12 - Delegations
View Document
This is the current version of this document. You can provide feedback on this document to the document author - refer to the Status and Details on the document's navigation bar.
Position
Responsibility
Risk and Audit Committee
Approves the QUT Assurance and Audit Charter.
Advises Council and the Vice-Chancellor and President on the performance of functions under the Financial Accountability Act 2009 (Qld) and Financial and Performance Management Standard 2019 (Qld).
Other responsibilities for Assurance and Audit function as detailed in the Risk and Audit Committee Charter.
Director, Assurance and Audit
Provides independent and objective assurance to the Risk and Audit Committee on the adequacy and effectiveness of the University's internal control activities.
Provides other advisory assurance services (including training, facilitation and advisory) beyond audit services to assist management with achieving University priorities.
Assists in investigation of suspected corruption and fraudulent activities within the University, reporting to the Vice-President (Administration) and University Registrar, management and Risk and Audit Committee accordingly.
Informs Risk and Audit Committee of emerging trends and current practices in assurance and audit.
Reports on the performance of Assurance and Audit against key performance indicators agreed with the Risk and Audit Committee.