Types of Audits-Audit - Carnegie Mellon University

Types of Audits

There are five general categories of IA reviews:

  • Financial Audits address questions of accounting, recording, and reporting of financial transactions. Reviewing the adequacy of internal controls also falls within the scope of financial audits.
  • Compliance Audits seek to determine if departments are adhering to federal, state, and University rules, regulations, policies, and procedures.
  • Operational Audits examine the use of department/university resources to evaluate whether those resources are being utilized in the most efficient and effective way to fulfill the department's/University's mission and objectives. An operational audit may include elements of a compliance audit, a financial audit, and an information systems audit.
  • Investigative Audits are performed when appropriate. These audits focus on alleged violations of federal and state laws and of University policies and regulations. This may result in prosecution or disciplinary action. Internal theft, misuse of University assets, and conflicts of interest are examples of investigative audits.
  • Information Systems (IS) Audits address the internal control environment of automated information processing systems and how these systems are used. IS audits typically evaluate system input, output and processing controls, backup and recovery plans, and system security, as well as computer facility reviews.

IA’s scope of work is comprehensive and considers all aspects of the organization - both financial and non-financial - with an emphasis on constructive improvement.