Your unit has been selected for an audit based upon an annual risk assessment that we perform.
We prepare an annual audit plan which guides our work for the fiscal year. We develop this audit plan based on a number of inputs including:
- Input from more than 150 university leaders, across all areas of the university, during annual risk assessment meetings
- Benchmarking with peer institutions to understand their significant and emerging risks
- Alignment with the university’s enterprise strategic risks
In addition to assessment of identified risks, we consider areas that have not been previously audited to achieve a comprehensive and balanced audit coverage across all three campuses of the university and Michigan Medicine. We also balance the audit plan by audit type: process, compliance, and information technology.
We then prioritize the results of the risk assessment. The resulting draft audit plan is shared with the president and executive officers who provide valuable feedback so adjustments can be made to the plan. The Regent’s Finance, Audit & Investment (FAI) Committee reviews and approves the annual audit plan which is then presented to the full Board of Regents for review and final approval.
Because the university operates in a dynamic environment, we refresh the risk assessment at mid-year and make modifications to the plan when they are warranted. We also include time for investigations and management requests in the audit plan.