Date Published:Wednesday, January 7, 2015
UNC Charlotte has more than 350 registered student organizations. These organizations are student-led with faculty or staff advisors, and many collect dues and conduct fundraising events to finance their annual activities.
During the last semester, there was a rash of incidents involving financial losses due to inappropriate activity by officers of student organizations, said Tom York,...
Date Published:Thursday, October 30, 2014
In December 2011, the University of North Carolina (UNC) Information Technology Security Council (ITSC) recommended the adoption of ISO 27002 as the common security framework baseline for the UNC system to the UNC Chief Information Officer (CIO) Council. The following month, the UNC CIO Council accepted the recommendation to use ISO 27002 as the official security framework of the UNC system. In...
Date Published:Wednesday, September 10, 2014
When the Internal Audit Department reviews a business process in a campus unit, it is seeking the answers to two critical questions: What is the process trying to achieve (overall objectives), and how does the unit ensure the process works as intended (control objectives)?
Auditors often receive straight-forward responses to the first question, such as:
Timesheets are completed as required by...
Date Published:Friday, August 22, 2014
The Internal Audit Department has seen a rise in time and attendance issues, and officials want to offer some reminders regarding time and attendance basics.
“Some of our recent observations stem from employees’ lack of awareness of their FLSA status,” said Tom York, director of internal audit. “Every employee’s position has a status under the Fair Labor Standards Act, or FLSA, as either FLSA...
Date Published:Thursday, July 24, 2014
University Policy 317 sets the standards and conditions for requesting and authorizing an allowance for business use of an employee’s personal mobile communication device (MCD). This practice is part of a growing trend termed “Bring Your Own Device” (BYOD) environment.
According to Tom York, director of internal audit, promoting a BYOD environment can have positive implications for an...
Date Published:Friday, June 27, 2014
Download the new Internal Audit Org Chart.
Date Published:Thursday, May 29, 2014
As the University’s observance of Internal Audit Awareness Month draws to a close, Tom York said it is important for employees to consider three key areas throughout the year – information security, internal controls and fraud detection and mitigation.
“Compliance is not the same as cybersecurity,” said York, director of internal audit. “While we have a strong program to ensure compliance with...
Date Published:Wednesday, May 21, 2014
Employees of the University are expected to hold themselves to the highest standards of ethical behavior.
University Policy 804 “Standards of Ethical Conduct” establishes 11 standards that employees are expected to meet. According to staff auditor Raheel Qureshi, employees should consider the following questions:
Am I correctly accounting for my time at work?
Am I using University...
Date Published:Friday, May 16, 2014
Part of the Internal Audit Department’s mission statement is to “add value and improve the University’s operations.” Diana Hill, a staff auditor, said throughout the audit process, the Internal Audit Department adds value in a number of ways.
“We serve in a governance role by performing a series of audits and reviews and making recommendations for corrective actions and improvements to...
Date Published:Wednesday, May 7, 2014
May is Internal Audit Awareness Month, and staff auditor Julie Earls said she and her colleagues want to help educate the campus community about their role on campus.
“The word ‘audit’ often has a negative connotation,” stated Earls. “People usually think we, as internal auditors, are trying to catch them doing something wrong. That is inaccurate. Our goal is to add value to the University as...