NCSU INTERNAL AUDIT DIVISION ANNUAL REPORT

Similar documents
Grants, Research and Sponsored Programs (GRASP) Compliance Program and Plan

EMPLOYEE HANDBOOK EMPLOYEE HANDBOOK. Code of Conduct

Financial Administrator Development Program. October 19, 2017

Office of Internal Audit Status Report BOARD OF TRUSTEES

Subj: MISSION, FUNCTIONS, AND TASKS OF THE BUREAU OF NAVAL PERSONNEL

STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA

Florida State Courts System Office of Inspector General. Annual Report Fiscal Year

Federal Regulatory Cost Burden: A Multi-institutional Study Overview and Findings Completed by and with the Boston Consulting Group

Lewis Sheats Entrepreneur focused on Opportunity Creation, Execution, and Education

National Policy Library Document

2012 Medicare Compliance Plan

LOCAL GOVERNMENTS & DISASTER PLANNING Disaster Cost Recovery Lessons Learned

NORTH CAROLINA FAMILIES ACCESSING SERVICES THROUGH TECHNOLOGY (NC FAST)

WAKE COUNTY SHERIFF S OFFICE

United States Air Force

The Uniform Guidance 2 CFR 200 A Guide to Risk-Based Grants Management

Development Enterprise Strategic Plan. FY15-FY17 Rev. 2/25/15

National Policy Library Document

ASI Budget Allocation and Spending

STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA

Office of Veterans Affairs Performance Oversight Questions and Answers

UNIVERSITY OF VIRGINIA BOARD OF VISITORS MEETING OF THE COMMITTEE ON THE UNIVERSITY OF VIRGINIA'S COLLEGE AT WISE JUNE 5, 2014

Fiscal Compliance: Desk Audit and Fiscal Monitoring Reviews

Board of Trustees Athletics and Advancement Committee Meeting November 9, 2017 Agenda

Forging resilient leaders of character through transformational competitive athletic experiences

DATE: AUGUST 20, 2008 SUBJECT: UAN CONTINUING EDUCATION TRAINING SCHEDULE

Faculty Effort Reporting. Washington University School of Medicine Fiscal 2006

St. Jude Children s Research Hospital. Code of Conduct

AGENDA REGULAR MEETING OF THE BOARD OF REGENTS FOR THE OKLAHOMA AGRICULTURAL AND MECHANICAL COLLEGES

Inspector General: Investigations

STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA DEPARTMENT OF PUBLIC SAFETY

MANUFACTURING SOLUTIONS CENTER & TEXTILE TECHNOLOGY CENTER:

REPORT 2015/056 INTERNAL AUDIT DIVISION. Audit of the conduct and discipline function in the United Nations Interim Force in Lebanon

Freedom Balloon Fest Mission Update, Background & Community Information

Wake Forest University Financial Services: Grants Accounting and Compliance

AUDITOR GENERAL S REPORT

Presenter: David V. Foster, CPA Vavrinek, Trine, Day & Co.

Board of Trustees Meeting Minutes. Thursday, January 29, :00 a.m. Raquel N. Soriano Boardroom, GE 3 rd Floor

Supply Inventory Management

Prepare to Pack Your Bags!

The Texas A&M University System Internal Audit Department INTERNAL AUDIT ANNUAL REPORT FOR FISCAL YEAR 2017

September 14, Dear Dr. McLellan,

STATE OF NORTH CAROLINA OFFICE OF THE STATE AUDITOR BETH A. WOOD, CPA

THE UNIVERSITY OF NORTH CAROLINA AT CHAPEL HILL BOARD OF TRUSTEES FINANCE AND INFRASTRUCTURE COMMITTEE

FLORIDA LOTTERY OFFICE OF INSPECTOR GENERAL ANNUAL REPORT FISCAL YEAR

Case 1:08-cv JR Document 9-6 Filed 08/11/2008 Page 1 of 76. James Madison Project v. CIA, Civil Action No (D.D.C.

Ashe Memorial Hospital, Inc. 200 Hospital Avenue, Jefferson, NC (336) JOINT NOTICE OF PRIVACY PRACTICES

The Intersection of Health Care Fraud and Patient Safety

Appendix H: Sexual Harassment Data

Navigating the New Uniform Grant Guidance. Jack Reagan, Audit Partner Grant Thornton LLP. Grant Thornton. All rights reserved.

Report to the 2016 North Carolina General Assembly Joint Legislative Education Oversight Committee

County of Sonoma Agenda Item Summary Report

UPDATE OF QUALITY ASSURANCE HANDBOOK

Regional Economic Development Commissions/Partnerships

Rob McInturf, Director of Alumni Relations Board of Trustees External Affairs Committee Report. Executive Summary Statement:

BOARD OF REGENTS POLICY

Compliance Program, Code of Conduct, and HIPAA

Management Alert. District of Columbia Public Schools Lack Important Information Needed to Efficiently Operate Food Services.

OSPREY FANS NCAA COMPLIANCE FOR BOOSTERS

Welcome to Focus on Finance! May 17, 2018

NORTH CAROLINA OFFICE OF STATE HUMAN RESOURCES Barbara Gibson, Director

The Strategic Plan of the University of Vermont Foundation. July 1, 2015 June 30, 2020

2017 Community Report

National Policy Library Document

Department of Defense

TABLE OF CONTENTS. Page OBJECTIVES, SCOPE AND METHODOLOGY... 1 BACKGROUND Organizational Structure and Personnel... 4

AUXILIARY ORGANIZATIONS CALIFORNIA STATE UNIVERSITY, EAST BAY. Audit Report June 18, 2014

Ashland Hospital Corporation d/b/a King s Daughters Medical Center Corporate Compliance Handbook

LOW-INCOME HOME ENERGY ASSISTANCE

FIRST AMENDED Operating Agreement. North Carolina State University and XYZ Foundation, Inc. RECITALS

Agency/Item State General Fund All Other Funds All Funds FTEs 0 99,636 99, ,985 3, Board of Mortuary Arts

Crowdfunding Best Practices

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process


PARTNERSHIP FOR DEFENSE INNOVATION Defense Security Technology Accelerator (DSTA) Program

University of California Health Science Compliance Program Executive Summary*

SUBJECT: SEE BELOW DATE: November 30, 2016

Department of Defense

Current Status: Active PolicyStat ID: Origination: 09/2004 Last Approved: 02/2017 Last Revised: 09/2013 Next Review: 02/2019

In fiscal year 2012, the Triangle Region assisted 3,258 community members affected by fires and other local disasters.

OFFICE OF THE STATE INSPECTOR GENERAL FLORIDA DEPARTMENT OF MILITARY AFFAIRS St. Francis Barracks P.O. Box 1008 St. Augustine, Florida

New Jersey Institute for Social Justice Development Associate

2015 Legislative Update

City and County of San Francisco Nonprofit Contractor Corrective Action Policy

Financial Research Compliance. April 2013

Investing in Youth and Education. Providing Comfort and Support for Seniors and those in Need

PARKS FOR ALL FOREVER CORPORATE VOLUNTEERING

Executive Job Codes and Descriptions

OFFICE OF THE VIRGIN ISLANDS INSPECTOR GENERAL Fiscal Year 2016 Budget Proposal

»» General Fund revenue allocation for transportation. »» TRANS bond renewal. »» Federal infrastructure funding

Minority, Women, and Small Business Enterprise Program. Board of Education Management Oversight Report Aug. 23, 2011

Draft ALUMNI ENGAGEMENT FIVE-YEAR STRATEGIC PLAN

Single Audit Report. State of North Carolina. For the Year Ended June 30, Office of the State Auditor Beth A. Wood, CPA State Auditor

Division of Development and Alumni Relations PBA Scott Cooksey. Vice President UVU CEO UVU Foundation


President Stricker called the meeting to order at 7:53 p.m. Clerk Grisco called the roll and the following Trustees answered present:

BUSINESS RELATIONSHIPS BETWEEN STAFF AND PHARMACEUTICAL INDUSTRY REPRESENTATIVES

SEMIANNUAL REPORT. Central Intelligence Agency Inspector General TO THE DIRECTOR OF CENTRAL INTELLIGENCE. John L. Helgerson Inspector General

Any questions about grant invoices, charges or financial information

North Carolina Social Work Certification and Licensure Board Ethics Case Presentation

Transcription:

OUR MISSION Our mission is to support the University s successful achievement of its strategic goals by serving as a partner in identifying and balancing risks through objective, flexible, and proactive audit and consultation services. OUR VALUES Teamwork: Integrity: Accountability: Service: We each view the University and Division s success as primary We hold ourselves to the same high standard to which we hold others We hold ourselves and others accountable and expect them to do the same We give back to the University and local community HIGHLIGHTS OF THE YEAR Partnered with the University s Compliance and Integrity Program to launch EthicsPoint, an online portal for anonymously reporting compliance and ethics concerns in April 2017. Provided advisory services to Office of Research, Innovation and Economic Development and Office of Finance and Administration on Sponsored Research Post-Award Processes where we identified University-wide issues and opportunities for improvement at the Colleges, Contracts and Grants, and SPARCS. In addition, IAD provided college specific business process maps that denoted internal control weaknesses, efficiencies and inefficiencies in the process, best practices, and suggested opportunities for improvement. Provided advisory services to the Office of Research, Innovation and Economic Development (ORIED), Office of Finance and Administration (OFA), OIT, and Office of General Counsel as they developed a collaborative compliance process to assist the University in achieving its research goals while maintaining compliance with National Institute of Standards and Technology (NIST) 800-171 "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations" and NIST 800-53 "Security and Privacy Controls for Federal Information Systems and Organizations". Conducted an audit of the User Controls Over Ultra-Sensitive Data to assess how current University users with access to ultra-sensitive data are protecting the data as it travels through their business processes. This resulted in 23 issues related to both University governance over sensitive data security and individual unit handling of this data. Audit recommendations have resulted in greater employee awareness and ongoing improvement to processes, governance activities, and security. The University Employee Time and Leave Management audit identified issues and inefficiencies with the University-wide manual processes used in timekeeping and processing payroll payments. This resulted in Human Resources implementing an electronic time-keeping system, WolfTime, to go-live in July 2017. Collaborated with the Poole College of Management Enterprise Risk Management Institute to evaluate strategic risks within the Division of Student Development, Health and Wellness. Results included response strategies for the risks identified. Partnered with the Office of Information Technology (OIT) in the Information Technology Risk Assessment for Power America to identify gaps between the current information processing Page 1 of 8

environment and the standards outlined in the Power America Information Security and Compliance Program. In addition, assisted in the identification of potential solutions and resources needed to address identified gaps and maintain ongoing compliance with the requirements. The results of this assessment will be leveraged to facilitate and inform similar improvements for the broader secure research IT environment and, especially, for those research projects that require more stringent information security. Processed 19 reports of waste, fraud, abuse of state assets, violations of Federal or State law, or non-compliance were reported in the fiscal year to the Internal Audit Hot Line. o 17 of the 19 allegations were from internal sources o 14 allegations became Investigations o 2 allegations became Audits o 1 allegation became a Consulting project o 2 allegations were either handled internally within the department or unsubstantiated Provided advisory services to ORIED and OFA in their replacement of custom-developed legacy software systems used for electronic Research Administration (era) activities with a new comprehensive and sustainable system. IAD assisted in identifying business processes and University-wide needs throughout the proposal and award lifecycle. This resulted in developing a Request for Proposal for vendors to submit bids for providing the new system. Fiscal Year 2017 Hotline Allegations Methods Received as of 6/30/17 In Person 10% Email 30% Phone Call 50% Mail 5% Delegated by Office of the State Auditor 5% Page 2 of 8

ENGAGEMENT STATISTICS IAD closed 39 engagements this year as noted in the chart below. This represents an increase of 30% over Fiscal Year 2016. Fiscal Year 2017 Engagements Status as of 6/30/17 Closed/Completed (39) 9 7 11 7 5 Special Assignments (11) In Process (20) 2 4 8 6 Consulting (12) Returned to Risk Inventory (3) 1 2 Investigations (19) Not Started/On Hold (0) Follow-Up (7) Canceled (2) 2 Audits (15) Our success this year was due to a dedicated staff, full time and temporary, who devoted 80% of their time directly to these engagements as illustrated in the chart below. Fiscal Year 2017 Effort Expended as % of Total as of 6/30/17 80% Effort on Engagements Investigations 13% Assurance Audits 10% Follow-Up Audits 8% Information System Audits 10% Ad Hoc and Minor Advisory 3% Consulting/Special Assignments 33% Non-Engagement Effort 20% Professional Development 3% Page 3 of 8

This year extra attention was placed on ensuring the timely closure of reported audit issues and we are very proud to note that University management achieved a 90% audit issue closure rate for FY17. Fiscal Year 2017 Audit Issue Resolution as of 6/30/17 Corrective Action Not Started, 4 Corrective Action in Follow-Up 6 Corrective Action In Process 1 53 Issues Reported Resolved 42 90% Completion Rate IAD engagement activities covering the University s Strategic Risk Areas are noted in the chart below. Fiscal Year 2017 Engagement Coverage of Top 10 University Strategic Risk Areas as of 6/30/17 Research Scandal 6 Loss of Research Grants 8 Faculty Loss (Infrastructure) 2 Technology Disruption 11 Regulatory Non- Compliance 17 Employee Misconduct 23 Other 53 Effectiveness and Efficiency of Process 12 Internal Controls 22 Data Breach 19 Governance 2 Page 4 of 8

AUDIT PLAN Each year in April, the Board of Trustees (Board) reviews and approves a new Audit Plan (Plan) for the coming fiscal year. That Plan is a snapshot in time of the current risks identified as of February 1 (the end of our planning year) and selected to be addressed through audit, consultative, or special project engagements during the following fiscal year. It is subject to change as we use on-going analysis throughout the year to weigh emerging areas of risk, management requests, and potential investigations received against the engagements on the original approved Plan. The impact of this is that some engagements on the Plan will be replaced by or postponed for new ones that carry higher or more immediate risk. All planned engagements that are not completed during the fiscal year are returned to our Continuous Risk Assessment process for on-going monitoring and potential inclusion in a later plan. If an engagement has been canceled, the risk has been addressed by management or is no longer applicable. This results in a more responsive, comprehensive audit process. Fiscal Year 2017 Audit Plan as of 6/30/17 9 19 6 Special Assignments Investigations 12 Consulting 3 1 5 18 9 Follow-Up Audits Audits 9 7 8 7 15 Planned Engagements 25 Added Engagements 39 Total Engagements 64 Page 5 of 8

RISK ASSESSMENT All team members visit faculty and staff across the University throughout the year to discuss their unit s strategic plans, goals, and risk posture. This includes new and on-going activities related to their academic, research, and outreach missions and potential concerns or emerging risks to both strategic and tactical goals at the unit and University level. This process supports the identification of potential audit and consulting engagements and is used as an objective tool in the development of our Annual Audit Plan. The charts below show the team s risk assessment meetings by unit. Fiscal Year 2017 Risk Assessments by Unit as of 6/30/17 Advancement 4 General Counsel 1 Fin & Admin 5 Provost 52 81 Risk Assessments Performed ORIED 5 DASA 4 OIT 8 Athletics 2 STAFF NEWS Staff New Appointment Anthony V. Workman, is joining IAD in July 2017 as an Information Technology Auditor. He will be coming to IAD from the Office of Information Technology Security and Compliance Division. Anthony has over 14 years of information technology experience in the military, public, and private sectors beginning his career in the US Navy as a Computer Network Defense Specialist. After relocating to North Carolina, he worked for the City of Henderson and the State of North Carolina Judicial Branch prior to starting at NC State University. Anthony has a MS in Information Assurance and a BS in Liberal Studies with a focus in Computer Information Science. He is also certified as a Certified Information Systems Security Professional. Page 6 of 8

Staff Kudos, Professional Activities, and Recognition Cecile M. Hinson, Director, celebrated 15 years with the University in February 2017. Nancy L. Burgart, became the Assistant Director in October 2016. She has been with IAD for over 12 years and with the University for 20 years. Prior to becoming the Assistant Director, Nancy held several positions within IAD: Auditor, Investigative Auditor, IT Auditor, and Interim Operational Audit Manager. S. Neil Holloway, Advanced Auditor, was nominated for the Chancellor s Unit Awards for Excellence for customer service. Frank J. Dziepak, Investigative Auditor, celebrated 1 year with IAD in April 2017. M Shiela R. Hawthorne, Auditor, is serving as Treasurer for the UNC Auditor Association for fiscal year 2018. Gail J. Kashulon, part-time Information Technology Auditor, returned to IAD from retirement to assist with information technology engagements. Denise W. Hall, University Program Specialist, celebrated 15 years with the University in December 2016. ENHANCING THE STUDENT EXPERIENCE Jennifer Corey joined our audit team as our student intern from the Poole College of Management s (PCOM) Internal Auditing concentration program. An internship experience in the NC State University Internal Audit Division provides a student with total immersion in the "real world" of the internal auditing profession. The student is assigned to audit projects and, with the coaching and mentorship of a senior auditor, performs all aspects of a typical project from risk assessment and planning to developing audit findings and writing the report. This is more exposure to the full audit project life-cycle than many auditors receive in their first two years of corporate or public experience. The students also have the opportunity to obtain experience on consulting projects. This experience positions the student ahead of many new graduates and even some experienced junior auditors; thus, improving their ability to compete for jobs in the market place. It also connects Internal Audit staff to the student body and gives them an appreciation for the skills and knowledge of NCSU s students. Through the PCOM Audit Intern program, the Internal Audit Division has been able to play a small part in contributing to one of the PCOM s key metrics related to the percent of students who had at least one internship at any time during their college years (10 percent). This is the ninth internship opportunity IAD has provided through the PCOM Audit Intern program. Where Are They Now? Jennifer (Jenna) Corey will be graduating in December 2017 when she ll receive a Bachelor s of Science in Accounting with a concentration in Internal Auditing. She is working in IAD as a temporary part-time auditor during Summer 2017. COMMUNITY OUTREACH Throughout the year, the Internal Audit Division participates in opportunities to give back to both our local and global communities. Each year the team spends 8-12 hours in community service by volunteering for unanimously selected activities in the community. These activities not only benefit our communities but also Page 7 of 8

provide a valuable opportunity for strengthening our team bonds. This year the IAD staff: Sponsored and coordinated a 3 hour project for University faculty and staff volunteers to prepare food boxes for victims of Hurricane Matthew at the Food Bank of Central and Eastern North Carolina. Participating volunteers were from the Office of General Counsel, the College of Textiles, and Finance and Administration. We set a new Food Bank record by packing 591 bags and boxes with 10,800 pounds of food in just 3 hours. That equates to 9,094 meals! Way to go Wolf Pack! Donated lunch hours this spring to participate in the Wolfpack Citizen Science Challenge, a collaboration between the University and the NC Museum of Natural Sciences to place outdoor cameras in designated areas to document local biodiversity. Our cameras recorded wildlife of the winged, four-legged, and two-legged varieties all coexisting within the urban areas of the campus. Resulting photos were uploaded to a national website and added to the Museum s Natural North Carolina project. Adopted 4 senior citizens for the holidays through the Be a Santa to a Senior program and put together large holiday gift bags filled with both practical and fun gifts for each of them. Participated in Wake County SPCA s new program, Love on a Leash, which allows volunteers to walk and play with homeless dogs housed at the SPCA s Holding Center to help better assess the dog s potential for adoption. Joined the Special Olympics Delegation Greeters and Porters to welcome the athletes to campus. We unloaded the athlete s luggage, showed them to their assigned dorm rooms, and provided refreshments to the athletes and their families. Achieved a 100% participation rate in the State Employees Combined Campaign (SECC) with Frank Dziepak as the Internal Audit Division s Team Captain. Page 8 of 8

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback