Skip to Main Content

Auditing & Consulting Division of Administration & Business Affairs

Support Page Content

What is Internal Auditing?

Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish objectives by bringing a systematic disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

A typical internal audit is an independent and objective appraisal of the controls systems inherent in a unit's or an activity's policies, procedures and practices. Internal audit reviews can help you determine whether there are appropriate internal controls over your business activities and processes and can assist you with improving the efficiency and effectiveness of your operating procedures.

The emphasis of an internal audit is constructive improvement. Internal audit is more interested in helping and organization unit than in locating and reporting episodic, non-systemic errors.

Types of Audits

The International Standards for the Professional Practice of Internal Auditing from the Institute of Internal Auditors (IIA), recognizes a variety of audit techniques, commonly referred to as:

  • Operational Audits - Examine the use of unit resources to evaluate whether those resources are being used in the most effective and efficient manner to fulfill the University's mission and objectives. An operational audit may include elements of other audit types listed below.
  • Financial Audits - Focus on accounting and reporting of financial transactions, including commitments, authorizations and receipt and disbursement of funds. The purpose of this type of audit is to verify that there are sufficient controls over cash and cash-like assets, and that there are adequate process controls over the acquisition and use of resources. Unlike external financial audits, internal financial audits do not prepare or express professional opinions on the fairness of the presentation of financial statements.
  • Compliance Audits - Review adherence to laws, regulations, policies, and procedures. Examples include federal and state law, Trustee policies, and chancellor's office directives. Recommendations typically call for improvements in processes and controls intended to ensure compliance with regulations.
  • Information Systems (IS) Audits - Examine the internal control environment of automated information processing systems and how people use those systems. IS audits typically evaluate system input, output, and processing controls; backup and recovery plan; system security; and computer facility reviews. IS auditing projects can focus on existing systems, as well as systems in the development stage.
  • Internal Control Reviews - Focus on the components of the university and auxiliary organization major business activities. Areas such as payroll and benefits, cash handling, inventory and equipment and their physical security, grants and contracts, and financial reporting are usually subject to review.
  • Investigations - Seek to establish evidence of impropriety; imply a systematic track-down of information the auditor hopes to discover or needs to know. Investigations include alleged instances of fraud, waste and abuse, and improper governmental activities.
  • Advisory Services - More consultative in nature than traditional audits and performed in response to requests from campus management. Advisory services enhance awareness of risk, control and compliance issues and provide a proactive independent review and appraisal of specifically identified concerns. Advisory services may include internal control and risk management reviews, transition reviews, business process assessments, and other activities

Audits Performed at Sacramento State

Our campus is subject to audits from both internal and external entities.

External Audits

Auditing and Consulting Services acts as a liaison between our campus and several external auditing entities performing various audits as dictated by the laws, policies, and regulations governing campus operations.

If you receive notification of an impending audit, please contact Auditing and Consulting Services immediately by clicking here.

External Audit Entities

Internal Audits

Auditing and Consulting Services at Sacramento State may conduct internal audits as assigned by current policy and administration, based upon several factors including campus risk assessments, systemwide policy, and on the advice of our Chancellor's Office of Advisory Services (OAAS).

Internal Control Reviews

Internal Control Reviews at Sacramento State focus on the components of the University's major business activities, such as cash handling, student fee stewardship, and grants and contracts.

Consulting Services

ACS offers consulting services, free of cost, to campus departments and organizations. Consulting engagements can include internal controls and business process assessments, with a focus on process improvement within applicable policies and procedures.