Differences Between Internal Audit and Compliance
| Office Attributes | Internal Audit | Compliance |
|---|---|---|
| Mission Statement | To enhance and protect organizational value by providing risk-based and objective assurance, advice and insight to UT Dallas and UT System executive management relating to the achievement of the University’s strategic and operational objectives. | To promote and support a culture at The University of Texas at Dallas (UTD) which builds compliance and ethics consciousness into the daily activities of the University and encourages all employees to conduct University business with the highest standards of honesty and integrity. |
| When to Seek Assistance | You have questions internal controls, such as how to separate duties; how to evaluate your operations for effectiveness and efficiency; how to safeguard your property, information; how to assess your departmental risks; how to minimize fraud risks. You would like to request a change in leadership audit or a consulting review of your operations. You suspect fraud. |
You have questions on policies and procedures. You have questions about compliance training. |
| Purpose | Monitors and evaluates the internal control environment as to its adequacy, efficiency and effectiveness. Evaluates the control structure |
Ensures that the University is complying with all applicable laws, rules and regulations, as well as internal codes of conduct, policies and procedures. Part of the control structure. |
| Reports to | Administratively to the UT Dallas President and Vice President and Chief of Staff, with indirect reporting relationship to UT System Audit and functionally to the UT Dallas President and UT Dallas Audit Committee. | UT Dallas Vice President and Chief of Staff |
| Scope | All organizational risks | Compliance with policies and procedures |
| Primary Activities | Assurance services in the form of financial audits, operational audits, information technology audits, compliance audits, and other projects. Consulting services as requested by management Participation on committees, such as implementation teams, business process teams Investigates fraud and other allegations Follows up on previous audit recommendations Liaison to external auditors |
Assist high-risk compliance areas with development and maintenance of their compliance programs Identify high-risk compliance areas and communicate status of monitoring, training and reporting to executive management Facilitates University compliance training Investigate instances of noncompliance with policies and procedures |
| Key Differences | Provide independent, objective assurance to management that risks are being managed to an acceptable level, particularly those risks that management has elected to address through internal controls, including compliance risks. Provide assurance over risks regarding the reliability and integrity of financial and operational; information, the risks that the University’s assets are not safeguarded, and the risks that the University will not achieve its strategic and operating objectives. |
Facilitate and ensure that management is addressing key risk areas related to compliance with any rules, regulations, laws and/or policies that must be followed. Provide assurance that the management mechanisms put into place to resolve compliance risks effectively mitigate the potential and/or real compliance risks identified. |
| Fraud | Responsible for investigating potential fraud in compliance with UTS 118. | Responsible for ensuring that the hotline is in place for employees to raise issues without fear of retribution and/or retaliation. |
| Governance | UTS 129; Internal Audit Charter | UTS 119 |
| Professional Standards | Institute of Internal Auditors International Standards Global Internal Audit Standards Generally Accepted Government Auditing Standards |
Not applicable |
| Who Audits Us? | External quality assurance reviews must be performed on our operations every three years per Texas State Law | Internal Audit |