Skip to main content

500.4 - Internal Audit Management Control

University Group Policy #500.4

I.  Policy Statement

Management is charged with the responsibility for establishing a network of processes with the objective of controlling the operations of Winston-Salem State University (WSSU) in a manner that provides the Board of Trustee’s reasonable assurance that:

  • Data and information published either internally or externally is accurate, reliable, and timely.
  • The actions of trustees, officers, and employees are in compliance with the University’s policies, standards, plans and procedures, and all relevant laws and regulations.
  • The University’s resources (including its people, systems, data/information bases, and customer goodwill) are adequately protected.
  • Resources are acquired economically and employed profitably; quality business processes and continuous improvement are emphasized.
  • The University’s plans, programs, goals, and objectives are achieved.

II.    Roles and Responsibilities

Controlling is a function of management and is an integral part of the overall process of managing operations. As such, it is the responsibility of managers at all levels of the organization to:

  • Identify and evaluate the exposures to loss that relate to their particular sphere of operations.
  • Specify and establish policies, plans, and operating standards, procedures, systems, and other disciplines to be used to minimize, mitigate, and/or limit the risks associated with the exposures identified.
  • Establish practical controlling processes that require and encourage trustees, officers, and employees to carry out their duties and responsibilities in a manner that achieves the five control objectives outlined in the preceding paragraph.
  • Maintain the effectiveness of the controlling processes they have established and foster continuous improvement to these processes.

The internal audit function is charged with the responsibility for ascertaining that the ongoing processes for controlling operations throughout the University are adequately designed and functioning in an effective manner. Internal auditing is also responsible for reporting to management and the audit committee of the Board of Trustees on the adequacy and effectiveness of the University’s systems of internal control, together with ideas, counsel, and recommendations to improve the systems.

The audit committee is responsible for monitoring, overseeing, and evaluating the duties and responsibilities of management, the internal audit activity, and the external auditors as those duties and responsibilities relate to the University’s processes for controlling its operations. The audit committee is also responsible for determining that all major issues reported by the internal audit department, the external auditor, and other outside advisors have been satisfactorily resolved. Finally, the audit committee is responsible for reporting to the full Board all-important matters pertaining to the University’s control processes.

III.     Applicability

This policy is applicable to the campus community of Winston-Salem State University.

Responsible Division: Chief Audit, Risk & Compliance Officer

Authority: Board of Trustees


  • Adopted December 6, 2013