Tufts University Logo SITE_NAME

Search  GO >

this site tufts.edu people
SITE_NAME SITE_NAME SITE_NAME  
 
SITE_NAME SITE_NAME 6

Charter

Role
As an assurance service to the Board of Trustees and management, AMAS serves as an independent and objective internal resource to examine and evaluate the University’s activities .

Independence

To maintain independence and objectivity, AMAS has no direct operating responsibility for or authority over management processes and operations that we review. The Executive Director has direct and unrestricted access to senior management and the Trustee Audit, Risk and Compliance Committee.  AMAS maintains organizational independence by requiring the Committee to:

  • Approve the internal audit charter
  • Approve the risk based annual internal audit plan
  • Periodically determine the adequacy of AMAS resources to perform its mission
  • Receive communications from the Executive Director concerning AMAS’ performance relative to the audit plan and other matters
  • Approve decisions regarding the appointment and removal of the Executive Director
  • Approve the remuneration of the Executive Director

Reporting Relationship and Authority

AMAS has a dual reporting relationship to the Board of Trustees Audit, Risk and Compliance Committee and the University’s Executive Vice President.  AMAS has full and unrestricted access to all University documents, records, information systems, facilities and personnel necessary to fulfill its mission.

AMAS is authorized by the Trustee Audit, Risk and Compliance Committee and senior management to conduct its audits in accordance with the annual Internal Audit Plan and engage in other independent reviews and consulting activities to support its mission.

 Professional Standards and Ethics

 AMAS staff are required to observe the Institute of Internal Auditors’ Code of Ethics which addresses aspects of Integrity, Objectivity, Confidentiality and Competency in conducting internal audits and providing consulting services. AMAS is guided by the International Standards for the Professional Practice of Internal Auditing and practice advisories as set forth by the Institute of Internal Auditors (IIA), the Association of College and University Auditors (ACUA), the Information Security Audit and Control Association (ISACA) and the Association of Certified Fraud Examiners (ACFE).

Scope of Services

AMAS conducts internal audits and consulting engagements with the objective of assisting Tufts management with identifying various categories of risks, complying with external regulations and University policies and procedures, protecting the institution’s assets, and developing and maintaining strong internal controls. AMAS periodically provides other services to support fraud investigations and special management requests.

Consulting

 AMAS is occasionally requested by management to participate on a University committee or task force, or analyze controls associated with a new work flow process, information system or application. In such instances, the Executive Director determines if the internal audit team can perform the work or participate in the activity. When AMAS performs consulting engagements, the reported results are more informal, resulting in recommendations that do not require follow-up audits to determine if they were implemented. AMAS also provides consultative support to management pertaining to the University Risk Register, certain school-based risk registers and the School of Dental Medicine compliance program.

Coordination of Services with Tufts’ External Audit Firm

AMAS and Tufts’ external audit firm provide complementary services to the institution.  Coordination of activities ensures more effective coverage of the University’s audit universe. AMAS and the external audit team strive to work together to assess institutional risks and coordinate their auditing activities.

AMAS DOES NOT:

  • Direct personnel to implement any audit recommendations. The adoption of audit recommendations is encouraged.  However, acceptance of the recommendations is the responsibility of management.
  • Make financial or operating decisions.
  • Perform internal control activities, as these are the responsibility of management.
  • Allow audit findings to represent or substitute for work performance evaluations.