Performed by professionals with an in-depth understanding of the business culture, systems, and processes, the internal audit activity provides assurance that internal controls in place are adequate to mitigate the risks, governance processes are effective and efficient, and organizational goals and objectives are met.
The Institute of Internal Auditors (IIA) has developed the globally accepted definition of internal auditing, as follows:
Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Independence is established by the organizational and reporting structure. Objectivity is achieved by an appropriate mind-set. The SCDOT Office of the Chief Internal Auditor evaluates risk exposures relating to the organization's governance, operations and information systems, in relation to:
The Office of the Chief Internal Auditor will provide recommendations for improvement in those areas where opportunities or deficiencies are identified. While management is responsible for internal controls, the internal audit activity provides assurance to the audit committee and management that internal controls are effective and working as intended.