Internal and External Audit

Internal Audit

Internal Audit is a key part of an effective governance process; it does not form part of the University's internal control framework itself, but provides an objective evaluation of the effectiveness of that framework.

Internal Audit is an independent assessment activity within the University that focuses on the review of our operations.  It assists management of the University by providing independent advice on operations and performance; and by assessing the effectiveness of internal controls and governance framework.  The function aims to promote efficiency, economy and effectiveness of management processes as well as reliability and accuracy of operations.

The University's Internal Audit function serves an important role in providing assurance key risk areas are being appropriately addressed and managed and that appropriate controls and activities relating to the key risks identified by management are in place.

Internal Audit also assists the Audit and Risk Management Committee to discharge its responsibilities, in general terms monitoring the University's governance, risk and compliance frameworks and administrative operations, and reviews the activities of the controlled entities on behalf of the Council.

The Internal Audit function at the University is conducted under a co-sourced arrangement between outsourced suppliers and the University's internal audit team.  The University has developed its own internal audit framework which is compliant with the Institute of Internal Audit (IIA) standards, uses a risk-based approach, and links into the University's risk management framework.

Internal Audit Plan

The individual audit engagements comprising the 1 year (tactical) and 4 year (strategic) audit plans are determined through a rigorous Internal Audit Planning Methodology which involves assessing potential audit areas against the following criteria:

  • Impact of auditable area on strategic objectives
  • Area subject to recent internal/external change
  • Risk category and overall risk assessment
  • Understanding of the university's risk appetite
  • Other internal or external reviews being undertaken in the area
  • Available resources
  • Time since last internal or external audit and estimated audit frequency
  • History of audit issues


External Audit

The external audit is conducted by the New South Wales Audit Office. The New South Wales Audit Office performs an annual audit of the University's Financial Statements to "identify whether agencies comply with accounting standards and relevant laws, regulations and government directions". The "financial report audits also highlight opportunities for agencies to improve their accounting and financial systems".

Managing Audit issues

The Internal and External Audits conducted on the University culminate in reports being presented to University Management that detail issues identified and recommendations on how they should be dealt with. The issues raised are assigned to a person within the organisation to then provide management comments including responding to the recommendations and detailing how the issue will be managed/resolved.

Each issue is assigned to an issue owner whose responsibility it is to provide updates on how the issue is being managed through to its resolution.

The Risk and Assurance Services (RAS) team provides quarterly reporting to the Audit and Risk Management Committee on the progress of the resolutin of issues raised in previous internal and external audit reports.

Audit and Risk Management Committee

Documents (staff access only)

Contact Us

Surname First Name Telephone Position
Siegers Anne (02) 4921 5127
Associate Director
Risk and Assurance
Hacker Andrew (02) 4985 4983
Senior Auditor/Analyst
Audit Services
Taherbhoy Aamir (02) 4921 5342
Audit Services