Fiscal Control and Internal Auditing Act (FCIAA 30 ILCS 10)

INTERNAL CONTROL RESPONSIBILITY AND INTERNAL AUDIT REQUIREMENT:

The State of Illinois requires chief executive officers [(University Presidents)] of every State agency to effectively and efficiently manage their respective agency and establish and maintain an effective system of internal control (30 ILCS 10/1002).  Each designated State agency shall maintain a full-time program of internal auditing (30 ILCS 10/2001).

The [President’s] office of each State agency shall appoint a person as the chief internal auditor of the State agency for a 5-year term (30 ILCS 10/2001).  The chief internal auditor is required to have a bachelor’s degree and should be either a certified internal auditor by examination; or a certified public accountant who has at least 4 years of progressively responsible professional auditing experience; or an auditor with at least 5 years of progressively responsible professional auditing experience (30 ILCS 10/2002).

The chief internal auditor shall report directly to the chief executive officer [(University President)] and shall have direct communications with the chief executive officer [(University President)] and the governing board, if applicable, in the exercise of auditing activities.  All chief internal auditors and all full-time members of an internal audit staff shall be free of all operational duties (30 ILCS 10/2002).
 

In a nutshell:
The President of each State university is responsible for their system of internal control, and each State university must have an internal audit function and a chief internal auditor. Internal audit functions are not to be assigned to any other duties of the University.

 

ANNUAL "FCIAA" CERTIFICATION

By May 1 of each year, each chief executive officer of all State agencies shall, on the basis of an evaluation conducted in accordance with [established] guidelines, prepare and transmit to the Auditor General a certification that: (1) the systems of internal fiscal and administrative controls of the State agency fully comply with the requirements of this Act; or (2) the systems of internal fiscal and administrative controls of the State agency do not fully comply with the requirements of this Act… [and] shall include a report describing any material weaknesses… and the plans and schedule for correcting the weaknesses, or a statement of the reasons why the weaknesses cannot be corrected.
 

In a nutshell:
The President of each State university is required to have the internal control system evaluated, and report the results to the State of Illinois Auditor General annually by May 1.

 

State Internal Audit Advisory Board (“SIAAB”)

The FCIAA created the SIAAB which is charged with the responsibility to (1) promulgate a uniform set of professional standards and a code of ethics (based on the standards and ethics of the Institute of Internal Auditors [(The IIA)], the General Accounting Office, and other professional standards as applicable) to which all State internal auditors must adhere; (2) serve as a clearinghouse for the correlation of internal audit training needs and training designed to meet those needs; and (3) coordinate peer review activities among the State's internal audit units.

Selected specific requirements established by the SIAAB to support the FCIAA:

  • Unrestricted Access: Internal Audit Charters of each State agency are to provide the Internal Audit function with unrestricted access to records, personnel and the physical properties of the State agency or office in order to execute its responsibilities. This access relates to not just a specific engagement but anytime it is deemed necessary by the Chief Internal Auditor in order to execute the responsibilities of the office.
  • Status of Chief Internal Auditor: The chief internal auditor is to be equivalent in stature to those on the executive team who report directly to the Chief Executive Officer. Proper status and recognition of the internal audit function within the organization ensures independence and places the internal audit function at a level within the organization that enables internal audit to effectively fulfill its responsibilities and mission.
  • 5-Year Quality Assurance Reviews: Consistent with IIA standards, State agency internal audit functions are required to conduct an external quality assurance assessment (EQA) or a self-assessment with independent external validation (SAIV), at least once every five years by an independent reviewer or review team from outside the organization, in accordance with specific quality assurance guidelines.
     

In a nutshell:
The SIAAB establishes required standards for State university internal audit functions above and beyond other general professional standards that exist for the internal audit profession at large.