Skip Navigation.

Auditing & Advisory Services

Charter

AUTHORITY

The University of Texas (UT) System Policy UTS129, Internal Audit Activities authorizes the establishment of an Institutional Audit Committee (Committee). Exhibit A of UTS Policy 129 notes, “Each institution will organize and maintain an institutional audit committee.”

PURPOSE

The UTHealth Audit Committee is an essential part of the risk management and internal control infrastructure of the institution and The University of Texas System. Its primary responsibilities are to assist and advise the UT System Audit, Compliance, and Management Review Committee (ACMRC) and the institution’s President in the following matters:

  • Oversight of management activities and processes put in place to manage business and financial risk to the institution’s mission(s) and objectives
  • Oversight and direction of the internal audit function to ensure alignment of activities with areas of high risk and/or high potential for adding organizational value
  • Oversight of any external public accounting firms and review of their results
  • Evaluation of risks identified by management or through audit, advising management and elevating reporting of risk management and audit activities to the UT System (through internal audit or direct processes), including the ACMRC.
ROLES

Membership in the Audit Committee is made up of members who are external to the University in addition to key members of the Institutional management team.   

The Chairman of the committee will be nominated by the president and approved by the chair of the ACMRC.  The committee is functionally responsible to the ACMRC and assists the ACMRC in discharging its oversight duties for the UT System.  This is accomplished as the committee carries-out its responsibilities, as defined in this charter.  The committee chairman has direct access to the ACMRC chairman; however, most of the reporting and coordination of information is administratively facilitated through the Chief Audit Executive of the UT System.

At least three Audit Committee members must be external to the Institution and the Chairman must be one of the external members.  The external members will serve three-year terms with the eligibility to be appointed to one additional three-year term.  Members of management may be Audit Committee members or invited guests and should include the President.

Generally, the external Audit Committee members must be independent and objective, have management or governance leadership experience and possess skills which will complement the profile of skill to be held by an Audit Committee. Such skills include but are not limited to financial and technology acumen, academic and healthcare industry awareness, and basic risk and control understanding. Internal Audit and Management can aid members in seeking material and education to maintain current and adequate member skill.  All members of the Audit Committee should attend orientation which is provided by the Institutional internal audit organization. 

MEETINGS

The Audit Committee meets quarterly, with the authority to convene additional meetings as necessary. The meetings should provide for direct communication between the Chief Audit Executive, members, and the President. Evidence of actions taken by the Audit Committee should be reflected in recorded minutes. A majority of members constitutes a quorum and attendance should be recorded in the minutes. 

RESPONSIBILITIES

The Audit Committee’s specific responsibilities in carrying out its oversight and reporting roles are delineated below.

 GENERAL
Quarter Due

Meet at least four times per year (more frequently as circumstances require or at the request of the Audit Committee Chairman or President)

1,2,3,4

Have meeting agenda prepared by Chief Audit Executive in consultation with the Chairman of the Audit Committee

1,2,3,4

Have approved minutes of meetings maintained by Chief Audit Executive

1,2,3,4

Review the Audit Committee Charter and assess performance of the responsibilities delineated in that charter periodically

2

Perform such other functions as assigned by the Audit, Compliance, and Management Review Committee of the UT System Board of Regents

As Needed

The Committee will meet in private executive session as necessary to assess the performance of the internal audit function

As Needed

OVERSIGHT OF BUSINESS, TECHNOLOGY AND FINANCIAL RISK MANAGEMENT

 

Determine that institution management demonstrates responsibility for identifying and managing business risks; evidenced by clear understanding of these risks and effective response. Business risk responses include but are not limited: to formal objectives, oversight mechanisms (metrics, reporting, policies & procedures) and established business functions with capable people, adequate process and sufficient technology.  

On-going

Review key reports demonstrating the integrity of the institution’s financial statements such as:

• Certifications by the President and Financial Reporting Officer

• Internal audits of financial information and internal controls

• External financial audit results

• Report of management processes and tools for assessment and management of fraud

On-going

OVERSIGHT OF THE INTERNAL AUDIT ACTIVITY

 

Approve an Internal Audit Activity Charter that is consistent with the Texas Internal Auditing Act and Standards of the Professional Practice of Internal Auditing

1

Review the Internal Audit Activity Charter to ensure it encompasses any required revisions periodically

Periodically

Review the risk assessment methodology for capturing applicable business and financial risks for development of the Internal Audit Annual Audit Plan

4

Review the Annual Audit Plan to ensure appropriate coverage for risks identified in the risk assessment, including coverage of significant financial and information systems

4

Approve the Annual Audit Plan and all changes thereto

4

Review quarterly the status of completion of the Annual Audit Plan

1,2,3,4

Receive the results of all completed internal audit engagements

1,2,3,4

Receive reports of confidential internal reporting (hotline activity) related to internal controls, financial management, internal auditing, or external auditing

As Needed

Review all priority findings and management action plans to address the related recommendations made

1,2,3,4

Monitor the status of management action plans for recommendations to priority findings

1,2,3,4

Approve utilization of internal audit resources outside the Annual Audit Plan

As Needed

Review staffing and organization of the internal audit activity for appropriateness in relation to the institution and its identified risks and make recommendations to the President if necessary

4

Request an annual self-assessment by the internal audit function and review the results

1

Ensure that an external quality assessment is performed at least once every three years and review the results

Triennial

Provide input to the President and/or UT System Chief Audit Executive, as applicable, for the annual evaluation of the Chief Audit Executive

As Needed

Provide input to the President and UT System Chief Audit Executive on the hiring and dismissal of the Chief Audit Executive

As Needed

OVERSIGHT OF EXTERNAL FIRMS

 

Review any external audit firm contractual arrangements with the institution to confirm management compliance with the requirements of Regents’ Rule 20402 Provision of Audit and non-Audit Services by External Firms and the operating rules of the ACMR Committee of the UT System Board of Regents.

As Needed

Review the reports of any external audit firms contracted by the institution to perform financial, reporting, accounting, or internal audit activities

As Needed

Receive reports from Internal Audit and Management regarding the State Auditor’s Office audit activities

As Needed

UT SYSTEM COORDINATION

 

Develop open communication among the Institutional Audit Committee Chairman, the System Audit Office, and the ACMR Committee to create collaborative approach for business and financial risk management for the UT System as a whole

On-going

Institutional Audit Committee Chairman attends orientation or meetings, as requested by ACMR Committee members.

As Needed

Review reports providing the following to the System Audit Office for use by the ACMR Committee in discharging its oversight duties for the UT System:

• Annual Audit Plan and changes thereto

• Status of the Annual Audit Plan and completed engagements

• Report of internal confidentially disclosed (hotline) activity related to internal controls, financial management, internal auditing, or external auditing

• Priority recommendations

• Status of priority recommendations

• Contracts with external public accounting firms for financial related activity

• Other matters as requested by the ACMR Committee

On-going

The responsibilities outlined above will be updated periodically by the Audit Committee to reflect changes in UT System guidance, regulatory requirements, authoritative guidance or best practices in business, technology and financial risk management.