Title: INTERNAL AUDIT DEPARTMENT Internal Audit Services Departmental Compliance Audit Program (updated)
1INTERNAL AUDIT DEPARTMENTInternal Audit
ServicesDepartmental Compliance Audit Program
(updated)
- Daisy Asiñas Mahshid Parsi
- School of Medicine - 2006
2., and then a call from internal audit .
3Types of Internal Audit Services at Stanford
- Compliance, Financial, Operational
- Internal Control Consultations
- IT Reviews
- Risk and Control Self Assessment (RCSA)
- Review of Allegations
- Liasion with External Auditors such as PwC and
Govt Auditors
4Examples of Compliance Audits
- Departmental Compliance Audit (full or partial
scope) - Gift processing in Office of Develop or Dept.
- Pcards
- Travel audit
- Human subjects research protocol review
- Health and Safety
- Faculty or staff conflict of interests
commitments - A-133 (on behalf of PwC)
5Audit Program for Operating Unit Compliance
Audits - Dual Purpose
- Department/Unit Tool
- Areas of Focus
- Policies, Regulations
- Websites
- Internal Control Self Assessment
- Preparation for audit
- Training
- Management Oversight
- Prioritize department risks
- Easy to use
- Audit Program
- Opening Interview
- Internal Controls
- Areas IAD tests
- How IAD tests
- What IAD Measures against
- Efficient
- Effective
- Consistency
6Compliance Audit Program - Sections
- GENERAL ADMINISTRATION
- SPONSORED PROJECTS AND OTHER RESEARCH ISSUES
- REVENUE
- ACCOUNTS/EXPENDITURES
- PAYROLL/HUMAN RESOURCES
- INFRASTRUCTURE
- RPH Research Policy Handbook,
- GM Administrative Guide Memo
- http//www.stanford.edu/dept/internal-audit/docs/c
ompliance99.shtml -
7Areas of Audit Findings - (Since 2000)
7
1
1
10
12
12
5
2
4
3
9
2
1
4
1
6
5
5
7
6
4
7
5
3
6
7
5
9
14
7
6
5
17. Unapproved Effort Reduction
18. Faculty Bonuses
19. Staff Bonuses
20. NIH Cap
21. Allocations
22. Cost Transfers
23. Other Direct Charging
24. Unallowable Costs
25. IRB/APLAC
26. Indirect Rates
27. Other Sponsored Project
29. HR I-9
30. HR Overtime
31. HR Personnel Files
32. HR Perform./Appraisals
33. Other SU Policy
1. Property Control
2. Space Usage
3. Gift-Timeliness
4. Gift- Usage/Purpose
5. Gift- Forms/Sign./CoI
6. EHS Training
7. EHS Overall Controls
8. EHS Other
9. CoC/I
10. Overdrafts
11. Early Accounts
12. Certifications
13. Effort Charging/Reporting
14. SU-18's OTL Issues
15. Software Licenses
16. P-Card
8Recent Governmental Enforcement
- 3/06 - University of Rochester Unpaid OT. 9.5
Million settlement. - 1/06 - University of Connecticut Extra
Compensation Cost Sharing. 2.5 Million
settlement. - 5/05 - Mayo Clinic Allocation Cost Transfers.
6.5 Million settlement. - 6/05 - Cornell University Grant money used to
support patients care at affiliate hospital.
4.4 Million settlement. - 4/05 - University of Alabama-Birmingham. Effort
reporting. 3.4 Million - 6/04 - Harvard University and an affiliated
teaching hospital Effort reporting, equipment,
HR issues. 3.3 Million settlement - 3/04 - John Hopkins University Effort reporting.
2.6 Million settlement. - 2/03 - Northwestern University Effort reporting.
5.5 Million settlement
9Where do you turn in Compliance Audit Program?
- A single allocation methodology (number of FTEs)
is used to allocate phone toll, photocopying,
professional services, and lab supplies charges. - 3 PI salaries in excess of the NIH salary cap
were not recorded to an unallowable expenditure
type. - A subcontract invoice for 67,400 was charged to
a NIH grant. The invoice was not sufficiently
detailed, and the justification was presented as
expenses were budgeted. - A NIH grant was awarded with 25 PIs effort. The
PI recorded only 17 of his salary to this grant.
10Departmental Compliance Audit Program
Questions?