Internal Audit Frequently Asked Questions

1. How are audits selected to be performed?

The SUU Risk Management Committee annually evaluates a comprehensive list of potential risks identified by administration and senior management from throughout the University. These risks are categorized and ranked according to likelihood and potential impact to the University. Some of the risks that are ranked at a higher level of risk are selected as part of the annual audit plan which is approved by the Audit Committee. Audits are designed to help mitigate risks found through the risk assessment process. The USHE system also has required audits and reviews that are performed.

2. I have a complaint that I would like to make anonymously, how do I do so?

There is an ethics hotline where you may submit your concerns. All submissions remain anonymous unless you decide to disclose your identity. Please feel free to submit a report.

3. Can Internal Audit assist in other ways than audits?

Yes, we have a wide variety of Services.

4. What is the difference between internal and external auditing?

Internal auditors work for Southern Utah University. Internal auditing is an independent activity established within an organization. It is a control that functions by evaluating the adequacy and effectiveness of operational control. External auditors work for State, Federal, or CPA agencies/firms. External auditing is an independent audit limited to assurance of fairness of financial statements, financial aid, and grants.

5. Who do I contact for questions about my University purchasing card?

For questions regarding purchasing card audits, please reach out to suuaudit@suu.edu. For all other purchasing card questions, contact the Purchasing office.