Skip to content | Change text size
 

Audit & Risk Management Charter

This Charter establishes the authority and responsibilities conferred by the Council of Monash University on the University's Audit & Risk Management Office.

1. Role

The Audit & Risk Management Office comprises an important part of the University’s governance framework. The role of the Office is to assist management at all levels to achieve goals and objectives consistent with the University’s strategic plan. The Office provides independent assessments as to the economy, efficiency, effectiveness, compliance and financial regularity of the University’s operations and evaluates the adequacy of the University’s risk management framework.

2. Independence

The Audit & Risk Management Office has independent status within the University and for that purpose:-

  • the Director, Audit & Risk Management reports directly to the Vice-Chancellor and holds office on the authority of the Chairperson of the Audit Committee;
  • the Director, Audit & Risk Management has no executive or managerial powers, authorities, functions or duties, except those relating to the management of the Audit & Risk Management Office itself.

3. Authority

Council has determined that staff from the Audit & Risk Management Office shall:-

  • have the right of access to all premises of the University and the right to inspect all correspondence, files, records, accounts and all other forms held by the University as is necessary to properly perform their duties;
  • have the right to require all officers of the University and its controlled entities to supply such information, explanations and documentation as is necessary for the performance of their duties;
  • receive every assistance from University staff whilst carrying out their duties.

4. Responsibilities

The Audit & Risk Management Office is responsible to the Vice-Chancellor and to the Audit Committee of Council for the following activities:-

  • appraising the adequacy of controls in the University’s administrative systems;
  • evaluating the adequacy of controls in the University’s computing and communications systems;
  • reviewing systems and procedures and recommending improvements to existing processes and procedures, where appropriate;
  • ensuring that effective risk management strategies and policies are in place;
  • reviewing the University’s risk management guidelines, policies and procedures;
  • reviewing the adequacy of the risk management framework;
  • reporting significant risk exposures and serious incidents of non-compliance to management;
  •  ensuring that appropriate resources are directed towards areas of high risk;
  • overseeing the implementation of the University’s compliance framework;
  • assessing the extent of compliance with relevant legislation, regulations and industry codes;
  • assessing the extent of compliance with University and/or other relevant policies, guidelines and procedures;
  • appraising the economy, efficiency and effectiveness with which University resources are employed;
  • assessing the accuracy and adequacy of management information;
  • providing an on-going audit of the income and expenditure of the University;
  • providing audit certifications and audit opinions as required by various granting bodies;
  • providing advice on a range of administrative and financial matters;
  • maintaining contact and liaising with the University’s external auditors to ensure an effective use of resources and to avoid possible duplication of effort; and
  • conducting ad hoc and confidential investigations at the request of senior management of the University.

5. Scope of Activities

The scope of the Audit & Risk Management program shall include the total activities and operations of:

  • all academic and administrative departments, organisational and functional units and centres of Monash University;
  • all auxiliary operations; and
  • all controlled entities.

A Strategic Plan shall be prepared for approval by the Audit Committee. This Plan will provide for the audit of significant operations of the University based on an assessment of risk and the achievement of University goals. In addition, a comprehensive annual work plan shall be prepared which ensures an effective and regular audit is conducted of all high risk activities.

Version Date: November 2004