Handbook of Operating Procedures > Series 200 General Policies and Procedures > 2.5.8 External Audits and Reviews – Required Communication

2.5.8 External Audits and Reviews – Required Communication

A. Purpose

The purpose of this Policy is to provide guidance to Employees whose areas are being audited or reviewed by an external entity.  This policy requires that all External Audits and Reviews are communicated to the Chief Audit Executive upon notification being received from the external entity.

B. Persons Affected

This Policy applies to all Employees. 

C. Definitions

1. CAE: Chief Audit Executive of the Internal Audit Department.
2. External Audits and Reviews:
   1. The procedures utilized by a regulatory entity or other authorized external entity to examine, evaluate, or inspect the University.
   2. May be referred to by a variety of terms, e.g., regulatory audit, examination, risk review, desk review, financial statement audit, assessment, or accreditation review for the University or a specific unit of the University.
3. External Auditors and External Reviewers:
   1. Any auditors or investigators that are not Employees.
   2. Includes federal, state, local and other outside, independent auditors that audit various University activities and programs at the University’s request, or as required by law, grant sponsors, or other external entities.
4. Internal Auditors: Employees of the University’s Internal Audit Department who conduct independent and objective assurance and audit consulting services within the University.

D. Policy

D.1. External Auditing Entities

1. Authorized entities. Various entities, such as the federal and state government, the UT System, and other agencies and groups that provide funds to the University, are entitled to audit the use of their funds.
2. Cooperation with entities. The University is to cooperate fully with external auditors, regulatory entities, and other external entities performing External Audits and Reviews within their authority to supervise, oversee, or evaluate the University and its programs and operations. 

D.2. Notification of External Audits and Reviews

1. Immediate notification. All Employees contacted by regulatory or other external entities regarding External Audits and Reviews must immediately report this to the CAE. 
2. Questions about notices. Employees who are unsure whether a notice or communication from an external entity should be reported under this policy should discuss the communication with the CAE.
3. Communication. The CAE is to be notified via email at sford@uttyler.edu.

D.3. Role of Internal Audit Department

1. Tracking and communication. The Internal Audit Department will track all External Audits and Reviews and ensure these are communicated to the University’s leadership team for its knowledge.
2. Implementation status. The implementation status of recommendations resulting from External Audits and Reviews will be tracked by the Internal Audit Department and reported to the University's Audit Committee.

E. Reference Sources and Authority

University of Texas at Tyler Administration

F. Review Responsibilities and Dates

The Division Head for this Policy is the Chief Audit Executive, and this Policy shall be reviewed every three (3) years or sooner, if necessary, by the Division Head or their designee.