An adequate system of internal controls reduces exposure to business, financial, and accounting risks, with the following elements:

The University’s Internal Audit (Internal Audit) Office provides independent, objective assurance to the President and Board of Trustees Audit Committee regarding the effectiveness of University control, risk management and governance processes. Internal Audit is responsible for the coordination and monitoring of all audit matters of the University, including internal audits, external contracted audits, those carried out by the Office of the State Auditor, as well as various federal and state agencies. An annual audit plan is approved by the Audit Committee each year.

Internal Audit emphasizes four types of audit:

Financial audits involve the evaluation of internal control processes over revenues and expenses, and the accuracy of their reporting in accordance with laws, regulations and internally developed policies and procedures. In addition, the safeguarding of the University's assets, as well as the fair presentation of its rights and obligations may be the subject of financial audits.
Operational audits examine the use of the University's resources to evaluate whether those resources are being used in the most efficient and effective way to fulfill the University's mission and objectives. These are sometimes called performance audits. An operational audit may include elements of both a financial and compliance audit.
Compliance audits review both financial and operating controls and transactions to see how well they conform to established laws, standards, regulations and procedures. 
Information Technology audits evaluate the internal controls related to the management of information technology environments and related infrastructure, applications and data. 
Upon campus request Internal Audit may perform special reviews, for example: a department's internal controls, conflicts of interest or financial irregularities.

General Process for an Internal Audit

A notification statement will be sent to appropriate persons prior to the start of any internal audit. An entrance conference outlining the purpose, scope, timing, and process of the audit will be held with the Campus Audit Liaison and representatives of the operation, department or fund being reviewed. Certain audits may be carried out without prior notice at the discretion of the Director of Internal Audit (Director) or Audit Committee where the element of surprise is necessary or in the best interests of the University. Upon audit fieldwork completion, preliminary observations will be communicated to Management followed by a draft audit report. Management will provide official action plan responses, including the individual(s) responsible for the completion of the action plan and a due date(s), to all reported observations within 30 days of receiving the final draft report. The final report will be distributed to Management and the Chair and Vice Chair of the Audit Committee. For more information concerning Internal Audit please refer to the Internal Audit website Read more about University Internal Audit and Internal University Audit Charter. 

Controller Office Reviews

The campus Controller’s Office schedules department reviews to assist departments in financial matters and ensure reasonable internal controls are maintained. This includes reviewing expenditures to budget and verifying efficient revenue collection and deposit of cash on hand.