Skip to Main Navigation. Each navigation link will open a list of sub navigation links.

Skip to Main Content

Apply to the University of Wyoming apply now

Global Resource Navigation

Visit Campus
Download UW Viewbook
Give to UW
Contact Us

Internal Audit Department

Old main, Rm 415

1000 E. University Ave

Laramie, WY 82071-2000

Phone: 307-766-2385

Fax: 307-766-3288

Internal Audit

About Internal Auditing

Audit Plan Development

Professional standards require the university's chief audit executive to develop a plan of engagement to measure institutional risks and to prioritize audit activity to address those risks.

The audit plan is developed by considering an audit universe which includes all departments of the institution.  The risk assessment measures the institutional risks against each department and solicits input from the University administrators, deans, and others to address identified risks. The Fiscal and Legal Affairs Committee (FLAC) members review and approve the annual internal audit plan. 

Basic risk categories considered in the audit plan development are:

  • Financial risks focus on managing the risks of potential loss of physical assets and financial resources. Business risks include contracts, cash and investments, revenue, and inventory.

  • Operational risks arise from the institution's business functions or day-to-day operations. Business risks include the effectiveness and efficiencies of the operation, unexpected operating results, major changes in operations or systems, size and complexity  of operations.  In addition, the risk encompasses the operations subject to a high level of public scrutiny.

  • Regulatory risks deal with the organization's ability to ensure compliance with applicable laws, regulations, and policies. Business risks include animal and human subjects, personnel laws, safety requirements, environmental, research and intellectual property and federal and state regulations.  In addition, this risk encompasses major changes in programs, controls or staff, increased regulatory scrutiny and accountability.

  • Strategic risks pertain to competitive positioning, joint ventures and partnerships, and nontraditional academic programs. Business risks include distance education, engagement, globalization, joint ventures, partnerships, other strategic initiatives and other strategic changes.

  • Technology risks include integrity, infrastructure, and data safeguards. Business risks include audit trails, access privileges, backup and recovery, change management, data protection, and networks.

  • Results of prior audits and time since area was last audited.


Internal Audit Process

Although every audit project is unique, the audit process is similar and usually consists of four stages. It is recognized that an audit results in a certain amount of time being diverted from an auditee's usual routine. The objective is to perform the audit efficiently and effectively, minimizing the disruption of that routine.

Preliminary Review

In the preliminary review stage, University administrators, who are responsible for coordinating the implementation of recommendations, if any, are notified before the audit begins. An opening conference is held with the auditee to define the scope of the audit and identify any areas of concern noted by the auditee. Unannounced audits are initiated where appropriate. 


Fieldwork is performed in accordance with the Standards adopted by the Internal Audit Office. Audit concerns are discussed with the auditee when identified. After the fieldwork is completed, University administrators, who have the responsibility for areas audited, receive a draft of the audit report. An exit (closing) conference is scheduled to review the report and respond to any observations prior to final issuance of the report.

Report Issuance

After the audit report is reviewed, the auditee must create written responses to each observation which indicates their corrective action plan for each item noted.  The responses are reviewed by all levels of management, including the Vice President of the Division.  After assurance that all issues have been satisfactorily addressed, and approved by management the audit is issued.


The President and members of the Fiscal and Legal Affairs Committee (FLAC) receive the audit report which contains the  recommendations as well as the responses or action plans.  The audit is closed by FLAC when they are satisfied with the responses.

Follow Up

The Fiscal and Legal Affairs Committee has tasked Internal Audit department to follow up with all auditees on the status of their corrective actions within 6 months of the closure of the audit.  The results of the follow up are presented to the Committee.



Share This Page:

Contact Us

Internal Audit Department

Old main, Rm 415

1000 E. University Ave

Laramie, WY 82071-2000

Phone: 307-766-2385

Fax: 307-766-3288

1000 E. University Ave. Laramie, WY 82071
UW Operators (307) 766-1121 | Contact Us | Download Adobe Reader

Twitter Icon Youtube Icon Instagram Icon Facebook Icon

Accreditation | Virtual Tour | Emergency Preparedness | Employment at UW | Gainful Employment | Privacy Policy | Harassment & Discrimination | Accessibility Accessibility information icon