Audit and Business Process Review
An annual audit plan is developed and approved by the audit committee of the RIT Board of Trustees based on an assessment of risk across the Institute. There are three parts to an audit or business process review: planning, fieldwork, and reporting.
A formal report is prepared and shared with the engagement area's management, the audit committee, and appropriate RIT administration. It includes an assessment of the internal control environment within the scope areas, and summarizes issues and corresponding management action plans. Discussion items may also be identified during an engagement. As such, these discussion items are shared only with the engagement area's management and do not require the development and implementation of management action plans. These items are of lesser concern and may represent opportunities for enhancing controls, increasing efficiencies, or improving operations.
