Risk Assessment and Audit Planning Timeline

January-February:

Data gathering and analysis

March: 

1) Campuses complete risk assessment model 

2) Campuses prepares draft plan

March/April: 

1) Campus audit committees approve draft plans

2) UC Office of Ethics, Compliance, and Audit Services (ECAS) consolidates draft plans

April/May: 

1) Consolidated draft plan presented to President’s Compliance and Audit Committee (PCAC) and The Regents

2) campuses assess current plan status

3) campuses revise draft plans

May: 

1) Campus audit committees approve final plans 

2) ECAS consolidates final plans

July: 

Consolidated final plan presented to The Regents

Audit Risk Assessment Methodology

  • Data gathering and analysis

    • Interviews with management and staff

    • Surveys

    • Campus risk assessments

    • Substantive financial analytical review

    • Data/trend analysis (complaints, inquiries, incidents, external reviews)

    • Global research (emerging issues in higher education, information technology, research, etc.)

  • Coordinate with compliance risk assessment process

  •  Operational Excellence

  • Complete Risk Assessment Model

  • Universe of Processes, Functions, Units

  • Scoring Universe Using Predictive Factors

Audit Process 

Audit Notification

  • Notification of intent to audit

  • Preliminary scheduling discussions and document requests

  • Establishing key client contacts

Preliminary Audit Survey

  • Conducting a risk assessment

  • Developing an audit program

Fieldwork Entrance Conference

  • Sharing the audit program with the client

  • Establishing protoccols and coordination for executive of fieldwork

Fieldwork Detailed Appraisal

  • Analytical reviews

  • Interviews

  • Detailed testing

  • Status updates on findings

Ending Fieldwork

  • Sharing preliminary results with client

Reporting

  • Draft report

  • Obtaining management action plans

  • Exit meeting

  • Finalizing report

Follow-up

  • Client satisfaction survey

  • Monitoring completion of action plans

  • Reporting to campus audit committee and UCOP