Colorado State University’s Audit Follow-Up Process By Stephanie Wolvington
ABOUT THE COLORADO STATE UNIVERSITY SYSTEM he mission of the Colorado State University (CSU) System is to support, enhance and protect the unique missions of its constituent institutions and to encourage collaboration that benefits students and Colorado. The CSU System is made up of three member institutions, CSU, CSU-Pueblo and CSU-Global Campus.
T
CSU is home to several top centers and programs, including one of the top-ranked veterinary medicine programs in the country.
CSU, located in Fort Collins, Colorado, was founded in 1870 and is the state’s land grant institution. The student body totals nearly 30,000. CSU is home to several top centers and programs, including one of the top-ranked veterinary medicine programs in the country. CSU-Pueblo, located in Pueblo, Colo., was first established in 1933 as a junior college. In 1963, CSU-Pueblo became a four-year degree granting college. It has a student body of over 5,000. It has been designated a Hispanic Serving Institution.
CSU-Global Campus is a 100 percent online public university that focuses on learning opportunities for nontraditional students and working adults. It began enrolling students in fall of 2008 and has a current student body of over 5,600. CSU SYSTEM INTERNAL AUDITING OFFICE The CSU System Internal Auditing office reports through the Audit and Finance committee of the CSU System Board of Governors. The office was founded in 1967 and employs eight people, including a director, IT audit manager, audit manager, principal auditor, three senior auditors and a part-time administrative assistant. The majority of the staff is located in Fort Collins.
ABOUT THE AUTHOR
Stephanie Wolvington is the IT Audit Manager for the Colorado State University System. She has worked in internal audit for more than 15 years. She holds a Bachelor’s degree in Accounting and Business Administration and a Master’s Degree in Accounting and Information Systems, both from the University of Kansas.
WHY DO AUDIT FOLLOW-UP? According to the Institute of Internal Auditors International Professional Practices Framework, audit follow-up “is a process by which internal auditors evaluate the adequacy, effectiveness and timeliness of actions taken by management on reported observations and recommendations.” According to Standard 2500, it is the As auditors, we perform responsibility of the Chief Audit Executive to establish and maintain follow-up engagements a system to monitor the disposition of results communicated to manbecause the standards agement. require them. As auditors, we perform follow-up engagements because the standards require them. If an issue is important enough to report on in the first place, shouldn’t we conduct follow-up procedures to monitor the final outcome? And what about a natural sense of curiosity? As auditors, many of us have this trait. We would like to know the results of our audit findings and recommendations and what impact they have had on business operations. PREVIOUS FOLLOW-UP PROCESS At CSU, audit follow-up was done every six months. This meant that every six months, the auditor who had completed an audit would initiate a follow-up engagement to track the 18 COLLEGE & UNIVERSITY AUDITOR