An important element of good governance is the independence and objectivity of the external and the internal auditors. The provision of any non-audit related services to the University by the external or the internal auditors, or the provision of any services (courses, training, consultancy or other academic services) to the external or the internal auditors by the University or any member of University staff must not compromise this independence and objectivity. Philanthropic support or sponsorship must only be accepted from the external or the internal auditors where it does not affect, or cannot be perceived to affect, the auditors’ independence and objectivity.
The Policy to Safeguard the Independence of the External and the Internal Auditors sets out the University’s objectives for protection of the independence of the external and the internal auditors, and the arrangements it has adopted to enable it to safeguard the independence of the audit firms engaged by the University.
Internal Audit staff will remain independent of the University and they shall have no direct operational responsibility or authority over any of the activities they review. Therefore, they shall not develop nor install systems or procedures, prepare records or engage in any other activity which they would normally audit. Internal Audit staff with real or perceived conflicts of interest must inform the Engagement Partner, then the Audit Management Group, as soon as these issues become apparent so that appropriate safeguards can be put in place.
The Internal Audit function will perform its duties with professional competence and due care. Internal Audit will adhere to the Definition of Internal Auditing, Code of Ethics and the Standards for the Professional Practice of Internal Auditing that are published by the Institute of Internal Auditors.
Colleagues wishing to engage the internal auditors for the conduct of non-audit work, or to supply any academic services to the internal auditors, or to accept gifts or sponsorship from the internal auditors, are asked to contact the Head of Risk, Compliance and Assurance in the first instance (compliance@admin.ox.ac.uk).