Internal Audit

Internal Audit is an independent and objective advisory service designed to improve the University’s operations and assist in the achievement of the Looking Ahead Strategic Plan (2020-2025). We are a trusted partner and advisor and we work collaboratively with you to improve the efficiency and effectiveness of your internal processes and controls.

Our audits are undertaken using a systematic audit methodology to evaluate the effectiveness of the University’s risk management, control and governance processes. We are passionate about providing recommendations for areas of improvement that are fit for purpose and add value.

The Internal Audit function complies with the International Professional Practices Framework (IPPF) issued by the Institute of Internal Auditors. This means you know the audit team is independent, professional, appropriately trained and follow best practice professional standards.

Internal Audit Team:

The Internal Audit team are experienced and qualified staff who are here to help you.

Meet the team:

Michelle Jarvie - Director, Assurance Services (Chief Audit Executive under IPPF Standards)

Matthew Long - Internal Audit Manager

Callum Bray - Internal Auditor, Fraud and Corruption Officer

Madison Harvey - Internal Auditor

Strategic Audit Plan

We plan a series of audits to make sure we review the areas, processes, projects, and controls that are most important to the University. These are determined from the University’s Strategic and Operational Risk Registers and are detailed in a three-year Internal Audit Plan. This plan is approved by the Risk Committee. We evaluate the risks and possible benefits to be realised from an audit and give priority to higher-risk and higher-benefit projects.

We plan our audits to ensure consistency with the University’s objectives; that management is getting helpful, relevant and timely information from the audit; and that relevant policies, procedures and regulations are understood and are being followed.

You can learn more about the reviews for 2020 here

Other ways we can help you

In addition to our planned reviews, we can provide advisory services right across the University. We can also act as a liaison for external audit interactions.

We can help you in many ways, for example:

  • offer another perspective — looking from the outside in;
  • assist you to manage risks through identification of design effective internal controls and processes;
  • highlight areas of non-compliance with regulation or policy and suggest improvements in your controls;
  • review of operational procedures and potential irregularities;
  • establish effective controls from the outset in relation to new systems, processes or projects; and
  • promote effective internal controls that benefit your area.

We encourage you to get in touch at any time if you would like to discuss or request our support.


What to expect from an audit

Sometimes, people can get the wrong idea about audits. We understand any feelings of trepidation you may have as we are also subject to our own periodic external reviews! We are not trying to ‘catch you out’ or point fingers, instead, we are here to help you and your team by identifying ways to improve business processes that will support the University deliver on its Strategic Plan

We follow a systematic process and methodology which means you know what to expect, and what is required of you, at each stage of a review. You can learn more about each audit stage and we’ve also provided answers to the questions we’re often asked.


The Risk Committee

The Assurance Services team reports to each meeting of the Council’s Risk Committee on the status of all audit work and annual Audit Plan progress. Additionally, every six months, the Director of Assurance Services will provide an update on how agreed management actions (identified to address issues raised in an audit) are being implemented. This reporting cycle supports Council’s governance responsibilities and aims to support the University operating effectively, efficiently, sustainably and compliantly.