Internal Audit Charter

PREFACE

This Policy Manual provides the general guidelines under which the Internal Auditing function at the District operates. The Manual's primary purpose is to document Internal Audit's broad objectives, nature, professional status, and reporting responsibilities.

The Manual also describes Internal Audit's relationship with the District's Board of Trustees (the Board), the Superintendent, and Management of the District. It is not intended to be a set of specifications to be rigidly followed nor is it intended to be a substitute for independent judgment. The Manual is designed to serve the District as a set of procedures under which its objectives will be directed.

The methods and procedures specified in the manual should always conform to the techniques and practices being in the profession and should be comparable with the conditions that exist at the District. This Manual will comply with all Texas Association of School Board, Federal and State rules and regulations and will be updated to adapt to the continuous changes in the District's environment.

POLICY

It is the policy of the District to maintain an Internal Audit function. The purpose of the Internal Audit function is to provide the Board and Management with independent analysis, appraisals, and recommendations concerning the adequacy and effectiveness of the District's systems of internal control and management performance. To accomplish the stated purpose, Internal Audit within economic limitations should provide reasonable assurance that:

The District's records and reports comply with State and Federal rules and regulations, and are reliable.
Internal accounting controls are adequate, effective in promoting efficiency and protecting the assets of the District, and provide reasonable assurance that the District's objectives and goals are met efficiently and economically.
The operational policies and standards promoting the well-being of the District are enforced, and deviations from such policies and standards are identified, analyzed, and communicated to those responsible for corrective action.
The District is in compliance with the established policy, plans, procedures, laws, and regulations that could have a significant impact on its operation

REPORTING RELATIONSHIP

Internal Audit will have different functional and administrative reporting relationships. Functionally, Internal Audit will report to the Audit Committee of the Board. This relationship underscores that Internal Audit is a function that is independent of Management and will conduct reviews independently and objectively. Administratively, Internal Audit will report to the Superintendent. The Superintendent is responsible for oversight over the administrative operations of Internal Audit. While Internal Audit functionally has unlimited access to the Board of Trustees, direct oversight is retained by the Audit Committee.

RESPONSIBILITY

AUDIT COMMITTEE:

The Audit Committee of the Board is responsible for providing direction to Internal Audit in carrying out its duties and responsibilities.

SUPERINTENDENT:

The Superintendent should provide the authorization so that Internal Audit has sufficient access to all the District's records, documents, personnel, and facilities including electronic data files and records pertaining to such assigned duties and responsibilities. The Superintendent will also have oversight over the approved budget and administrative responsibility over the Internal Audit function.

INTERNAL AUDIT:

Internal Audit is responsible for:

Establishing and maintaining a five year Internal Audit plan;
Continuous evaluation of financial, operational and compliance risk involved in the changing environment of the District;
Developing audit programs that follow the appropriate professional standards and accomplish the objectives of the audit;
Ascertaining the skill levels and resources necessary to accomplish the Internal Audit plan within the authorization of the Audit Committee;
Communication to the Board, Audit Committee and Management on a routine, timely basis as established by the Audit Committee.

DEPARTMENT AND ACTIVITY MANAGERS:

The manager of each operating department, or activity is responsible for:

Providing sufficient access to all necessary records, documents, personnel, and facilities to enable the Internal Audit carry out its assigned function;
Providing timely written responses to audit finding, indicating actions taken or planned regarding the recommendations set forth in the Audit Report.

INDEPENDENCE

The Internal Auditors should be independent of the activity they audit. Independence permits Internal Auditors to render the impartial and unbiased judgments essential to the proper conduct of audits. Independence is achieved through organizational status and the Auditor's mental attitude in performing assigned audits. In order to retain the highest degree of independence and objectivity, Internal Audit has reporting responsibility to the Audit Committee and the Board of Trustees.

OBJECTIVITY

Internal Auditors should maintain an independent mental attitude in performing assigned audits and not subordinate their judgment on audit matters to that of others. To be objective, Internal Auditors should perform an audit in such a manner that they have an honest belief in their work product and that no significant quality compromises are made. Internal Auditors are not to be placed in situation in which they feel unable to make objective professional judgments.

An Internal Auditors' objectivity is presumed to be impaired when auditing any activity for which they have authority over or responsibility for and such should be considered when the audit results are reported. The Internal Auditor's objectivity is not adversely affected when the Auditor recommends standards of control for systems or review procedures before they are implemented.

STANDARDS OF INTERNAL AUDIT

Internal Audit shall adhere to the standards regarding Internal Auditing as set by the Institute of Internal Auditors, its Statement of Responsibilities of Internal Auditing, Standards for the Professional Practice of Internal Auditing, Institute of Internal Auditors, Inc, Code of Ethics, and Statements on Auditing Standards issued by the American Institute of Certified Public Accountants.

PROFESSIONAL PROFICIENCY

Internal Audit Personnel should perform their duties with proficiency and due professional care. It is the responsibility of the manager of Internal Audit to assign field work to staff who collectively possess the necessary knowledge, skills, and disciplines to properly conduct the assigned audit. The manager of Internal Audit should establish suitable criteria of education and experience for filling staff positions, giving due consideration to scope of work and level of responsibility.

It is the responsibility of Internal Audit to provide means to maintain the technical competence of Internal Audit Personnel. The staff should be kept informed of improvements and current developments in Internal Auditing standards, procedures, and techniques and should be provided continuing education through membership and participation in professional and participation in professional societies attendance at conferences, seminars, college courses, and in-house training programs.

Internal Audit Personnel are responsible for continuing education in order to maintain their proficiency and technical competence.

DUE PROFESSIONAL CARE

Internal Auditors should use reasonable audit skill and judgment, and exercise due professional care in performing the audit. The application of care and skill expected from Internal Auditors is that of similar individuals in the same or similar audit circumstances. The Internal Auditor is required to conduct examinations and verifications of the activity under audit to reasonable extents, but not required to perform detail audits of all transactions. Accordingly, the Internal Auditor can not give absolute assurance that noncompliance or irregularities do not exist. Nevertheless, the possibility of material irregularities or noncompliance should be considered whenever the Internal Auditor undertakes an Internal Auditing assignment.

SCOPE

The scope of Internal Auditing at the District is an examination of activities prioritized through a risk assessment of such activities. Internal Audit is concerned with any phase of the District's activities wherein he or she can be of service to the Audit Committee, Management and the Board of Trustees.

AUDIT COMMITTEE

The Audit Committee of the Board is assigned the direct oversight of the Internal Audit function. The Committee shall have the following responsibilities:

All Members of the Committee shall be independent of the District's activities.
The Audit Committee shall review, revise, and approve the District's long-term Internal Audit Plan and recommend other special audits, reviews, or analysis as deemed necessary. For an effective audit, the Committee shall consider the Internal Audit Plan confidential as to the date and scope of its activities.
The Committee shall meet with Internal Audit a minimum every three months for the purpose of reviewing the results of the audits, other procedures, and Management's response.
The Chairperson of the Audit committee is responsible for communicating Internal Audit reports to the members of the Board.
The Committee shall have such other duties as may be lawfully delegated to it from time-to-time by the Board of Trustees.

TYPES OF AUDITS

Internal Audit will be involved in the following audit, review and analysis, activities:

Financial Audits
Concentrate on the review of specific financial transactions and operating data, to ensure the reliability and accuracy of the District's financial and operating reports. Financial audits also focus on continued evaluation of internal accounting and financial controls such as:

Physical control over the District's assets
System of authorization and approval
Separation of accounting duties and responsibilities from those concerned with operation or custody of the District's assets
Environmental controls over Management Information Systems

Compliance Audits
Seek to determine whether the Department or areas under review has complied with applicable statutory laws, regulations both internal and external, institutional policy and procedures, and commonly acceptable principles of good management.

Operational Audits
Involve an independent, systematic evaluation of the activities under review for the purpose of improving organizational and operating effectiveness, increasing the attainment of District objectives, as well as the achievement of program purposes. The operational audit seeks to ensure the maximum benefit received for the resources expanded.

Investigative Audits
Generally unplanned and may result from findings during a routine audit or may take place due to information received from Board members, employees, general public, external auditors, management, or security personnel.

AUDIT PLAN

A confidential audit plan will be submitted to the Audit Committee of the Board of Trustees by May of each fiscal year for approval describing the suggested activities for the next fiscal year. This Audit plan should list all departments, accounts, and activities subject to review within the next fiscal year. It should be consistent with the long-term Internal Audit Plan.

The extent of time required to complete each audit area will depend upon the strength or the weaknesses of the established internal control of the operation, the selected sample size, and the availability of the data provided to perform the field work. Timing and duration of the audits will vary due to the circumstances.

In addition to the scheduled audits, there are areas that may require investigative audits as a result of information received from other sources. Additionally, unplanned audits may be performed based on the professional judgment of Internal Audit. All such audit activities must be approved by the Audit Committee.

The frequency of Internal Audit activities in a particular area is to be determined, in part, by such factors as the nature of the activity, external requirements, change in the personnel, significant change in the volume of work, the introduction of new or revised procedures, and the adequacy of the established internal control.

The Audit plan shall consider time for special investigations, projects, or review, analysis, and studies authorized by the Audit Committee.

ACCESS TO RECORDS

To perform the audit, the Internal Auditor should have complete access to the District's records, reports, and transaction files, including financial and student records relevant to the activity under review. Internal Audit should also be free to review, analyze, and appraise all of the District's procedures, documents, financial information, accounting transactions, and student data files without hindrance. Such access enables the Internal Auditor to conduct an effective examination of activities under audit.

MANAGEMENT RESPONSIBILITY

It is the responsibility of the Department Manager or Activity Officer to make available to Internal Audit all financial records, documentation, access to key individuals within the department and related information including custodial accounts that are in any way related to the review or the audit conducted by the Auditors. The department must also provide Internal Audit with adequate working space in their department if necessary, to facilitate the work being performed.

The Internal Auditor cannot be expected to be completely knowledgeable about all activities, systems, procedures, and interrelationships within the organization. They can not be expected to search all the flies in the auditee's office or to master all procedures in a limited time without full cooperation of the department or area under review.

MANAGEMENT REPRESENTATION

In connection with any examination, it is the responsibility of the Department Manager or Activity Officer to disclose possible irregularities involving Management or employees that could have a significant impact on District operations. Acknowledgment of such responsibility at times may be requested in writing.

Responsible officials should to the best of their knowledge and belief confirm that there are no:

Violations or possible violations of laws or regulations whose effect should be considered for disclosure in the audit review or as a basis for recording a loss contingency.
There are no material actions that have not been properly recorded in the accounting or operating records, and complied with all aspects of the contractual agreements that would have a material effect on the activities under review in the event of noncompliance.

AUDIT REPORTS

Appropriate audit findings when identified are to be communicated to the administrator of the audited activity in an exit conference and prior to issuing the formal report. This procedure allows the administrator to prepare written comments for the Audit Committee on particular audit findings. It also provides an opportunity to correct any errors in fact and resolve any misunderstanding of material presented in the draft report prepared by the Internal Audit.

The audited unit administrator will be expected to prepare a written response to the audit findings explaining his/her plan of action to improve the cited weakness, if any, within 15 days after the exit conference. The auditee's responses will be incorporated in the body of the Audit Report. The Superintendent is ultimately responsible for assuring that the appropriate written response to the audit report is prepared on a timely basis.

A formal "Internal Audit Report" is to be submitted directly to the Superintendent and the Audit Committee explaining material findings and their possible adverse effect, recommendations to improve the cited deficiencies, and Management's response.

AUDIT REPORT FORMAT

The format of audit reports will vary and is dependent on the nature of the audit conducted, as to the financial, compliance, or operational audit, but in formal written reports, the elements listed below should usually be included:

Transmittal Sheet: This identified the document as an Internal Audit report, which includes the name of the area audited, and the date of the report.

Statement of Purpose: The audit report should contain a brief statement of purpose to identify the objectives of the audit.

Scope of Examination: The audit report should contain a statement of the scope of examination, and describe any limitation that the review did not include. The phases of the activities that were not audited should also be mentioned in the audit report.

Opinion: The opinion part of the audit report, where deemed appropriate, is a brief description of the Auditor's professional judgment--in assessment of the condition detected within the stated purpose. In some circumstances, due to the nature of the procedures, the Auditor's findings replace the Auditors overall opinion.

Findings: The findings are based on certain criteria and describe the conditions or results of the activity .based upon particular attributes or uniqueness of the activity reviewed. The findings may be reported by breaking down the detected problem in several components and can be used as a basis in reaching the Auditor's judgment and rendering an opinion.

Recommendations: The Audit Report should contain the Auditor's specific recommendations to correct the noted deficiencies. Prior to the issuance of the final report, the Auditor's recommendation should be reviewed with the department administrator as to such considerations as practicality, economic limitation, and factual matters. When disagreement arises, the auditee's position should be clearly stated and the Auditor's comment made thereon. The intent of both Auditor and auditee should be to resolve all disagreements prior to finalizing the report.

Management Response: The auditee's concurrence with the findings and his specific plan of action will be included in the formal audit report and to the Superintendent and the Audit committee of the Board of Trustees.

ORAL REPORT

An oral report on an audit or review can be used by the Auditor to present findings to the auditee and the Audit Committee. Use of an oral report as and alternative to the formal written report is based on professional judgment of the Internal Auditor and may be used whenever a written report is deemed unnecessary.

AUDIT WORKPAPERS

Audit workpapers must be prepared professionally and be retained in a manner that preserves their existence, restricts their availability, and facilitates their retrieval. Access to the audit workpapers is restricted to the audit staff and others authorized by the Audit Committee. Audit workpapers contain confidential information. Moreover, there are administrative reasons for carefully controlled access, such as minimizing the chance of losing or misplacing part of the audit workpapers. To reasonably assure restricted access, workpapers must be kept in a secure area. Storage facilities should be selected with due consideration to such risks as fire and theft sensitivities in the audit report may also impact storage decision.

AUDIT WORKPAPER RETENTION

It is the policy of the District that all audit workpapers and audit reports be kept for 5 and 10 years respectively. A longer retention period may be determined by the Internal Auditor's professional judgment based on the unique circumstances involved.

PURPOSE

The Internal Audit function is established to provide the Board of Trustees and Management of the McAllen Independent School District (the District) with independent analysis, appraisals, and recommendations concerning the adequacy and effectiveness of the District's systems of internal control and the quality of the performance of Management in carrying out assigned responsibilities.

AUTHORITY

The Internal Audit function is established by the Board of Trustees of the District. Direct oversight of the Internal Audit function will be the responsibility of the Audit Committee of the Board of Trustees.

Internal Auditors shall have full access to all of the District's records, facilities, properties and personnel relevant to the department or system under review, and are free to review and appraise policies, plans, procedures and records as deemed necessary. The Internal Auditors shall use discretion in their review of the records and assure the confidentiality of all matters that come to their attention.

Internal Audit shall have no direct responsibility or authority over financial, compliance or operational issues that may be subject to review. The independence of the Internal Audit function shall not be deemed adversely affected by determining and recommending standards of control to be applied to the development of the departments, systems and procedures being reviewed.

RESPONSIBILITIES

Internal Audit shall execute a comprehensive long-term Internal Audit plan to insure activities of the District are reviewed at appropriate internals based on a risk assessment of activities. The Internal Audit plan shall encompass financial, operational, and compliance concerns as identified in the District's risk assessment. The extent of effort, skill level, and resources required will be considered in the approved Internal Audit plan. The long-term Internal Audit plan should be reviewed and approved annually by the Audit Committee.

Management will provide access to all requested records and personnel. Management is responsible for providing Internal Audit with a detailed written response to reported conditions.

STANDARDS OF INTERNAL AUDIT

Internal Audit shall adhere to the standards regarding Internal Auditing as set by the Institute of Internal Auditors in its Statement of Responsibilities on Internal Auditing, Standards for the Professional Practice of Internal Auditing, and Statements on Internal Auditing Standards.