In order to meet the responsibilities and objectives as set forth in the General Statutes, it is necessary for Internal Audit and Advisory Services to perform reviews and audits of varying types depending on the circumstances and requests from management.
Each fiscal year a flexible audit plan is developed based on a risk assessment methodology, as well as requests from management. Internal Audit and Advisory Services provides the following types of audit services:
A financial audit serves as a basis for expressing an opinion regarding the fairness, consistency, and conformity to financial information with generally accepted accounting principles. They may be full or limited in scope, depending on the objectives.
The North Carolina Office of the State Auditor annually performs DPI's full scope financial audit.
Internal Audit and Advisory Services performs scope-limited financial audits. These can include a review of administrative systems such as purchasing, payroll, and payables or a special examination of the financial activities of a division.
Operational audits review the effectiveness and efficiency of operational units within the agency. Effectiveness measures how successfully an organization achieves its goals and objectives. Efficiency measures how well an entity uses its resources to achieve its goals.
A compliance audit measures the compliance of the client with established department, federal, or state laws, regulations, and/or policies.
INFORMATION TECHNOLOGY AUDITS
Information technology audits are conducted to evaluate the quality of the controls and safeguards over the information technology resources of the agency. These audits normally consist of reviewing the effective use of information technology resources, adherence to management's policies, and to encourage the design and implementation of adequate controls over computer applications and the computing environments in which they are used.
These audits are normally requested by management and/or anonymous tips and focused on alleged, irregular conduct such as internal theft, misuse of state property, and/or conflicts of interest.
Internal Audit and Advisory Services provides routine consultation and advisory services to DPI management. This may include, but is not limited to, interpreting policies and procedures, participation on standing committees, limited-life projects, ad-hoc meetings, and routine information exchange.
Other special projects may be performed by Internal Audit and Advisory Services as delegated by the State Superintendent. It should be noted that Internal Audit and Advisory Services uses an integrated audit approach, combining financial, operational, compliance, and information technology audits. This approach is a cost saving measure providing broader coverage of assurance.