Board Policies
Chapter 1 - System Organization and Administration
Section D - Office Of Internal Auditing

Click here for a PDF copy of this policy.

Part 1. Internal Auditing
Internal auditing is an independent, objective, and forward looking function designed to add value and improve the operations of Minnesota State. It offers a variety of services including assurance, advisory, and fraud inquiry and investigation support services.

Part 2. Authority and Responsibilities

Subpart A. Reporting Structure
The executive director reports functionally to the Board of Trustees through the chair of the Audit Committee and administratively to the chancellor. The executive director has direct and unrestricted access to the board.

Subpart B. Internal Audit Charter
The executive director shall develop, and the office and its staff will adhere to an Internal Auditing Charter consistent with International Standards for the Professional Practice of Internal Auditing. The executive director shall annually review the charter and present any changes and updates to the Audit Committee for approval.

Subpart C. Authorization to Conduct Engagements
Internal auditing is authorized to:

  • Have full, free, and unrestricted access to all Minnesota State functions, records, property, and personnel pertinent to carrying out any engagement, subject to accountability for confidentiality and safeguarding of records and information in compliance with the Minnesota Data Practices Act and other applicable laws.
  • Allocate resources, set frequencies, select subjects, determine scopes of work, apply techniques required to accomplish engagement objectives, and issue reports.
  • Obtain assistance from the necessary personnel of Minnesota State, as well as other specialized services from within or outside Minnesota State, in order to complete an engagement.

Subpart D. Fraud Inquiry and Investigation Support Services
Fraud Inquiry and Investigation Support Services are intended to augment the efforts of colleges and universities to ensure that evidence of fraud or dishonest acts is investigated professionally and promptly. Internal auditing shall consult with legal counsel on any issues that may involve criminal action or reveal potential legal exposure. Internal auditing shall notify the legislative auditor as required by state law.

Subpart E. Reporting Significant Violations and Other Matters
The executive director has the right and responsibility to report to the board any circumstances that are significant violations of internal controls, board policy or system procedures and any other matters that the executive director believes warrant notification. The executive director has the right and responsibility to report any matters to the chancellor and presidents that warrant their notification or will assist them in improving their operations.

Subpart F. Reporting Project Results
The executive director will report to the Audit Committee and management the results of completed assurance and advisory projects.

Part 3. Internal Auditing Data
In accordance with Minn. Stat. § 13.392, subd. 1, data notes, and preliminary drafts of reports created, collected, and maintained by internal auditing are confidential data on individuals or protected nonpublic data while work is in progress. The final report is public data, except as provided under Minn. Stat. Ch. 13 or other applicable law.

In accordance with Minn. Stat. § 13.392 subd. 2, data on an individual supplying information for an audit or investigation that could reasonably be used to determine the individual’s identity, must be classified as private data on individuals if the information supplied was needed for an audit or investigation and would not have been provided to internal auditing without an assurance to the individual that the individual’s identity would remain private.


Related Documents:

To view any of the following related statutes, go to the Revisor's Web site (http://www.revisor.leg.state.mn.us/). You can conduct a search from this site by typing in the statute number.
  • Minnesota Statutes 13.392, Subdivision 1 and 2
  • Minnesota Government Data Practices Act

Policy History:

Date of Adoption: 7/19/00
Date of Implementation: 7/19/00
Date of Last Review: 11/20/19

Date & Subject of Amendments:

11/20/19 – As a result of internal auditing developing a separate Internal Auditing Charter in compliance with the International Standards for the Professional Practice of Internal Auditing, the policy was amended to remove language that was duplicative and addressed operational matters that were not needed in board policy.

Additional HISTORY.

-