14. Audit Requirements
14.1.1 External auditors and business assurance staff shall have authority to:
- access University premises at reasonable times
- access all assets, records, documents and correspondence relating to any financial and other transactions of the University
- require and receive such explanations as are necessary concerning any matter under examination
- require any employee of the University to account for cash, stores or any other University property under his or her control
- access records belonging to third parties, such as contractors, when required
14.1.2 The Treasurer is responsible for drawing up a timetable for final accounts purposes and will advise staff and the external auditors accordingly.
14.1.3 Following consideration by the Executive Committee, the financial statements should be reviewed by the Audit and the Finance & General Purposes Committees. On the recommendation of these committees they will be submitted to the Council for approval.
14.2 External audit
14.2.1 The appointment of external auditors will take place annually and is the responsibility of the Council. The Council will be advised by the Audit Committee.
14.2.2 The primary role of external audit is to report on the University’s financial statements and to carry out such examination of the statements and underlying records and control systems as are necessary to reach their opinion on the statements and to report on the appropriate use of funds. Their duties will be in accordance with advice set out in HEFCE’s audit code of practice and the Auditing Practices Board’s statements of auditing standards.
14.3 Business Assurance
14.3.1 The Head of Business Assurance is appointed by the Council. The chair of the Audit Committee heads the appointing panel.
14.3.2 The University’s financial memorandum with HEFCE requires that it has an effective business assurance function whose duties and responsibilities must be in accordance with advice set out in HEFCE’s audit code of practice. The main responsibility of business assurance is to provide the Council, the Vice-Chancellor and senior management with assurances on the adequacy of the internal control system and in particular:
- the extent of compliance with relevant established policies, plans and procedures;
- the adequacy and application of financial and other related management controls;
- the extent to which the University’s assets and interests are accounted for and safeguarded from loss.
14.3.3 The business assurance service remains independent in its planning and operation but has direct access to the Council, Vice-Chancellor and Chair of the Audit Committee. The formal responsibilities of business assurance are detailed at Internal Audit (Business Assurance) : Audit Terms of Reference - Durham University. The Head of Business Assurance will also comply with the Auditing Practices Board’s auditing guideline Guidance for Internal Auditors.
14.4 Fraud and corruption
14.4.1 It is the duty of all members of staff, management and the Council to notify the Head of Business Assurance immediately whenever any matter arises which involves, or is thought to involve, irregularity, including fraud, corruption or any other impropriety.
14.4.2 The Head of Business Assurance shall immediately invoke the fraud response plan, which incorporates the following key elements (see Internal Audit (Business Assurance) : Fraud - Durham University for fuller details):
- hold a meeting of the fraud response group to determine the initial response (Registrar, Treasurer, Director of HR, Head of Business Assurance);
- notify the Vice Chancellor and the Audit Committee (through its chair) of the suspected irregularity;
- the Vice-Chancellor shall inform the police if a criminal offence is suspected of having been committed;
- any significant cases of fraud or irregularity shall be reported to HEFCE in accordance with their requirements as set out in the audit code of practice;
- investigation by the Head of Business Assurance as necessary into the suspected irregularity, including action to prevent further loss;
- the Business Assurance Service shall prepare a report for the Audit Committee on the suspected irregularity. Such report shall include advice on preventative measures.
14.4.3 If the suspected fraud is thought to involve the Treasurer and/or the Vice-Chancellor, the member of staff shall notify the Chair of the Audit Committee direct of their concerns regarding irregularities.
14.5 Value for money
14.5.1 It is a requirement of the financial memorandum with HEFCE that the Council of the University is responsible for delivering value for money from public funds. It should keep under review its arrangements for managing all the resources under its control, taking into account guidance on good practice issued from time to time by HEFCE, the National Audit Office, the Public Accounts Committee or other relevant bodies.
14.5.2 To fulfil this responsibility, the Head of Business Assurance will develop and revise each year a plan for value for money work that will provide evidence of compliance with the HEFCE’s requirements. It will be used to enable the Audit Committee to refer to value for money in its annual report.
14.6 Other auditors
The University may, from time to time, be subject to audit or investigation by external bodies such as HEFCE, National Audit Office, European Court of Auditors, HM Revenue and Customs. They have the same rights of access as external and internal auditors.
Return to Financial Management and Control