Skip to main content

Audit, Risk, & Advisory Services Charter



To identify the responsibility and authority of Vanderbilt University's Audit, Risk, & Advisory Services function


Mission and Scope of Work

Audit, Risk, & Advisory Services is an independent and objective assurance and consulting activity that is guided by a philosophy of enhancing Vanderbilt University’s operations to support its pursuit of excellence in education, research and service. The scope of Audit's work is to determine whether Vanderbilt’s network of risk management, internal controls, compliance activities and governance processes, as designed and represented by management, is adequate and functioning in a manner to ensure:

  • Operational objectives, programs, and plans are achieved
  • Risks are appropriately identified and managed
  • Financial, managerial and operating information is accurate, reliable and timely
  • Employee actions are in compliance with applicable laws and regulations, University policies, standards, and procedures
  • Resources/assets are acquired economically, used efficiently and adequately protected
  • Quality and continuous improvement are fostered in Vanderbilt’s control processes
  • Interactions with various governance groups occur as needed



In order to achieve its mission, Vanderbilt University’s Chancellor and the Audit Committee of the Board of Trust have extended to the Associate Vice Chancellor for Audit, Risk, & Compliance (ARC) and Audit employees:

  • Unrestricted access to all University functions, records, data, property and personnel
  • Full and free access to the audit committee
  • Authority to allocate resources, set frequencies, select subjects, determine scopes of work and apply the techniques required to accomplish audit and centralized risk assessment objectives
  • Authority to obtain the necessary assistance of personnel in units of Vanderbilt where they perform audits, reviews or advisory services, as well as contract for other specialized services from within or outside the University


The Associate Vice Chancellor for ARC and Audit staff are not authorized to:

  • Perform any operational duties for Vanderbilt
  • Initiate or approve accounting transactions external to Audit
  • Direct the activities of any institutional employee not employed by Audit, except to the extent such employees have been appropriately assigned to assist with Audit engagements or activities



To provide for the independence of Audit, the Associate Vice Chancellor reports administratively to the Chancellor and functionally to the Audit Committee of the University Board of Trust



Audit has responsibility to:

  • Maintain a professional staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of this charter
  • Establish a quality assurance program by which the Associate Vice Chancellor assures the operation of Audit activities



Audit conducts financial, operational, and regulatory audits in accordance with approved plans and its established policies and procedures. In addition, Audit performs its activities guided by the Code of Ethics and the International Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors (IIA)


Audit, Risk, and Advisory Services include, but are not limited to:

  • Developing and implementing a flexible annual audit plan using appropriate risk- based methodology, including risks or control concerns identified by management. These plans are submitted to the Audit Committee of the Board of Trust for review and approval
  • Considering the scope of work of external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University at a reasonable overall cost
  • Examining and evaluating the adequacy and effectiveness of the systems of internal controls
  • Evaluating and assessing significant new or changing services, processes, operations, and controls coincident with their development and implementation
  • Identifying opportunities for reducing costs, improving processes, or enhancing the organization’s reputation
  • Reviewing the reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information
  • In conjunction with the Office of General Counsel and Administrative Compliance Committee, assessing compliance with laws, regulations, contract/grant provisions, and internal policies, plans, and procedures
  • Verifying that resources are acquired economically, used efficiently, accounted for accurately, and protected adequately
  • Reviewing operations or programs to ascertain whether results are consistent with established objectives
  • Conducting investigations of suspected fraudulent activities in conjunction with other University resources and notifying management and the Audit Committee of the results
  • Performing consulting services, beyond Audits’ assurance services, to assist management in meeting its objectives. Examples may include facilitation, process design, committee work, training, and advisory services
  • Facilitating and coordinating external audits
  • Evaluating emerging audit trends and implementing best practices
  • Facilitating the University’s enterprise risk management (ERM) process