Frequently Asked Questions

Find answers to your frequently asked questions

Office of Internal Audit FAQ

Find answers to all of your frequently asked questions below.

Internal Audit reports directly to the Chancellor and to the Audit Committee.

The audit of most areas (other than special requests) is based on the periodic Risk Assessment. This assessment includes input from management and staff in identifying risks.

Business risks are circumstances, events, or activities that can adversely affect the achievement of the university’s objectives.

Primarily, we are reviewing internal controls and compliance with university policies.

We will make recommendations for improvement.

Audits can take from several days to several months depending on the type and complexity of the audit.

See Internal Controls.

To help identify internal control deficiencies in your area, an Internal Control Self-Assessment is available on our website (Self Assessment). The self-assessment questions address key areas such as cash receipting, departmental payroll processes, confidentiality, and IT, to name a few. Relevant policies are included, as well as suggestions for any “no” answers. Completion of this assessment should provide a clear picture of needed controls in your area. If you have any questions, you can always call us at (662)915-7017.

Internal Audit staff members are available to provide training on internal controls. Please contact the Office of Internal Audit at auditing@olemiss.edu to discuss your training needs.

See Audit Process.

Yes. Internal Audit will try and meet all audit requests. Audits can be requested on the Internal Audit Website at Request an Audit. Please keep in mind, however, that these requests will be weighed against our current audit plans to determine if and when they can be performed.

No. Internal Audit attempts to minimize the risk of fraud by identifying potential deficiencies in controls, which might enable fraud to be perpetuated. This process sometimes results in fraud being identified, in which case an investigation is performed.

Internal Audit is the main point of contact for concerns regarding fiscal misconduct (such as fraud), as outlined in the University Fiscal Misconduct Policy. Reports of fiscal misconduct can be made anonymously on the Internal Audit website at Reporting Fiscal Misconduct.

For guidance on maintaining records, please refer to the University Records Retention policy as well as our Common Record Retentions Guide.

Policies are maintained on the university’s policy website at the Policy Directory.

Frequently Asked Questions

Office of Internal Audit FAQ

To whom does Internal Audit report?

How are departments selected for an internal audit?

What are business risks?

What are internal auditors looking for?

What happens if areas of non-compliance are noted within the audit?

How long does an audit take?

What are internal controls?

What internal controls should my department have in place?

Who can provide training on internal controls?

What steps are involved in the audit process?

Can I request an audit?

Is it Internal Audit’s job to identify fraud?

How long must my office retain records?

Where can I find university policies?