Cookies

We use cookies to ensure that we give you the best experience on our website. You can change your cookie settings at any time. Otherwise, we'll assume you're OK to continue.

Business Assurance Service

About Us

The framework of audit in higher education

The role of Business Assurance

The role of the Service is set out in the Higher Education Funding Council's (HEFCE's) Circular 2004/27 Audit Code of Practice (2004, amended 2005) where it states:

95. 'Accordingly, within the Higher Education (HE) sector the prime responsibility of the Internal Audit Service is to provide the governing body, the designated officer and the other managers of the Higher Education Institute (HEI), with assurance over the adequacy and effectiveness of risk management, control and governance arrangements. Responsibility for these arrangements remains fully with management, who should recognise that Internal Audit can provide 'reasonable assurance' and cannot provide any guarantee against material errors, loss or fraud. Internal Audit also plays a valuable role in helping management to improve risk management, control and governance, so reducing the effects of any significant risks faced by the HEI.

96. Internal Audit can also provide independent and objective consultancy advice specifically to help management improve risk management, control and governance, so contributing to the achievement of corporate objectives. Such advisory work contributes to the opinion which Internal Audit provides on risk management, control and governance.'

The circular also sets out the role of Business Assurance in the monitoring of the achievement of economy and effectiveness (value for money) and the University's arrangements in the case of fraud. This is formally reported, on an annual basis, to the University's Council, via its Audit Committee. This report should cover:

Is Business Assurance necessary?

The University is accountable for its public funds, under its financial memorandum with HEFCE, HEFCE require that in their Audit Code of Practice that each HEI should have an Internal Audit Service (paragraph 89).

The Business Assurance function remains independent of University management to protect the objectivity and independence of its work. The Director of Business Assurance formally reports to the Vice Chancellor and the Audit Committee, although de facto the Director of the Service reports to the Registrar for ongoing liaison and resource planning.

What is the scope of Business Assurance?

The scope of the Business Assurance Service is:

'The whole internal control system of the institution, including all its operations, resources, staff, services and responsibilities for other bodies. It should cover all activities associated with the institution, including those not funded by the HEFCE.'