Audit reports communicate audit observations, recommendations, management action plans, and expected completion dates to all involved parties. Final audit reports are issued to the Dean or Director responsible for the unit or process being audited. The President, Executive Vice Presidents, General Counsel, Associate Vice President for Finance, Controller, and Director of Internal Controls receive all final audit reports. The Board of Regents periodically receives a summary of all audit reports issued. The Chief Information Officer and Chief Security Officer receive all IT audit reports.
Near the completion of an audit, a draft report is distributed to unit management. Using this report, management develops action plans to address audit observations. Action plans are included in the audit report.
Before the final report is issued, a closing meeting is held with upper management and department representatives. The purpose of the meeting is to finalize the audit observations, recommendations, and action plans provided by the client to ensure all parties involved have a clear understanding of the material.
Management Advisory Memo
A management advisory memo is usually supplemental to a formal audit report. They are used to communicate:
- Detailed supporting information for the issues presented in the formal audit report
- An issue that is outside the scope of the audit but observed during the audit
- Report of results of a limited project or request
- Report of individual findings to a sample unit within the broad audit scope
- An issue that is relevant to the area audited but cannot be resolved by that unit
A follow-up memo communicates the status of management’s actions to address risks identified during the audit. Once all risks have been satisfactorily addressed, a final follow-up memo is issued, closing the audit.
Reporting to the Board of Regents,
University Audits delivers a summary of all audit activity to the Finance, Audit, and Investment Committee on a periodic basis. This summary includes information on the status of follow-up actions. The month after the Finance, Audit, and Investment Committee receives this report, it is delivered to the full Board of Regents the month following.