About Us
The mission of Audit & Management Advisory Services (AMAS) is to support Tufts University by evaluating internal controls, assessing adherence to policies and procedures and performing consulting and advisory services. AMAS also assists management and the Tufts Board of Trustees in the evaluation of risk management and governance processes. AMAS upholds the university community in maintaining the highest standards of business conduct, using resources effectively and efficiently, and complying with established policies and procedures.
Our Services
One type of consulting service that we can provide is helping department administrators identify any significant risks that might prevent their organizations from optimizing its resources or achieving its key objectives. At other times we offer to help management review a proposed new policy or workflow from an internal control perspective, or we look for cost savings opportunities or revenue enhancements. Our methodology includes understanding and documenting how a particular process or administrative activity works, reviewing pertinent policies and procedures, identifying opportunities for improvement, and working together on viable and practical solutions. We also offer our services to any schools or divisions that are interested in conducting their own risk assessments in accordance with the methodology that has been adopted by the University.
-
As defined by the Institute of Internal Auditors (IIA), internal auditors support an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.
Their roles include monitoring, assessing, and analyzing organizational risk and controls; and reviewing and confirming information and compliance with policies, procedures, and laws. Working in partnership with management, internal auditors provide the board, the audit committee, and executive management assurance that risks are held at bay and that the organization’s corporate governance is strong and effective. When there are opportunities for improvement anywhere within the organization, internal auditors make recommendations for enhancing processes, policies, and procedures.”
-
AMAS exists by charter and Trustee by-law to assist university management and the Audit, Risk and Compliance Committee of the Board of Trustees in effectively fulfilling their responsibilities. We are charged with reviewing the reliability and integrity of information; observance with policies, plans, laws, and regulations; the safeguarding of assets; and the economical and efficient use of resources.
-
External auditors are independent of the university organization. The university enters into a contract with a public account firm to provide annual opinions on the accuracy of the university’s financial statements as presented. External auditors may also be government auditors that focus on university compliance with government regulations and the terms of grant and contract awards.
Internal auditors are an integral part of the university organization and provide ongoing monitoring and assessment of university operations. This includes evaluation of the adequacy of internal controls, the university’s level of compliance with government regulations, and the level of compliance with university policies and procedures by the various components of the university community.
-
Internal auditors are primarily concerned with the observance of an organization’s policies and procedures, risk assessment and the proper design of internal control as well as opportunities to help management mitigate operating, financial and compliance risks that could affect their areas of responsibility. We also look for gaps in policies and procedures that could raise fraud risk and make recommendations to improve controls that will help prevent or detect fraudulent activities.
Charter
In alignment with the university’s mission and values, our charter establishes the framework for independently conducting audits with impartiality.
Role
AMAS serves as an independent and objective internal resource to examine and evaluate the university’s activities as an assurance service to the Board of Trustees and senior management.
Independence
To maintain independence and objectivity, AMAS has no direct operating responsibility for or authority over management processes, activities or operations that are reviewed.
Reporting Relationship and Authority
AMAS reports to the Audit Committee of the Board of Trustees and to the Executive Vice President. AMAS is authorized by the Board of Trustees and senior management to conduct audits in accordance with the Annual Audit Plan approved by the Trustee Audit, Risk and Compliance Committee and to engage in other independent reviews and consulting activities.
AMAS has full and unrestricted access to all university activities, documents, records, systems, facilities and personnel as necessary to fulfill its objectives. Information obtained will be maintained with appropriate confidentiality.
Professional Standards and Ethics
AMAS is guided by The Standards for the Professional Practice of Internal Auditing and related practice advisories as set forth by the Institute of Internal Auditors (IIA), the Association of College and University Auditors (ACUA), the Information Security Audit and Control Association (ISACA) and the Association of Certified Fraud Examiners (ACFE).
Members of AMAS are expected to maintain high standards of conduct, independence, confidentiality and objectivity in performing their duties.
Scope of Services
AMAS conducts internal audits and consulting engagements with the objective of encouraging Tufts management to anticipate and manage business risks, comply with external regulations and university policies and procedures, protect assets and develop strong internal controls and administrative procedures that will help ensure the effectiveness and efficiency of operations and the reliability of financial information. AMAS also provides other services related to fraud investigations and management consulting requests.
AMAS personnel conduct financial, compliance, operational and information technology audits. While it is appropriate to consider our reviews in accordance with these categories, we often combine elements of each in order to reflect a particular organization’s goals, objectives and activities. While most of our work is based on an annual risk-based audit plan as informed by the University Risk Register and Heat Map, AMAS is available as an in-house consultant on internal control matters and to provide guidance on control aspects of new systems and procedures.
Coordination of Services with Tufts’ External Audit Firm
AMAS and Tufts’ external audit firm provide complementary services to the institution. Coordination of activities ensures comprehensive coverage of the university’s audit universe. The Director of AMAS and the external audit firm work together to assess institutional risks and coordinate audit activities.