Internal Audit Charter

Purpose

The purpose of the IAO is to provide independent and objective assurance and advisory services designed to add value and improve the University’s governance, risk management and control processes in alignment with the University’s vision and strategic development.

Mission

The mission of the IAO is to be a trusted advisor on governance, risk management and internal controls, by conducting objective assurance and advisory services to enhance and protect the value of the University.

Standards of Audit Practice

All internal audit assignments must be undertaken with due professional care, adhering to the University’s policies, codes of ethics and the relevant standards and guidelines established by the Institute of Internal Auditors and the Hong Kong Institute of Certified Public Accountants.

Authority

The Director of Internal Audit (the “DIA”) reports administratively to the President and ViceChancellor via the Executive Vice-President (Administration and Finance), and functionally to the Council’s Audit Committee and the HKU SPACE Audit Committee.

The DIA will have unrestricted access to, and communicate and interact directly with, the Audit Committees, including in private meetings without management presence, where necessary.

To assure that the IAO has sufficient authority to fulfill its duties, the internal auditors will:

  • Have free and unrestricted access to all functions, records, property, and personnel pertinent to carrying out any engagement, subject to accountability for confidentiality and safeguarding of records and information.
  • Allocate resources, set frequencies, select subjects, determine scopes of work, apply the techniques required to accomplish audit objectives, and issue reports.
  • Obtain the necessary assistance from University personnel and specialised services from within or outside the University.

Independence & Objectivity

The DIA will ensure that the IAO remains free of conditions that threaten the ability of internal auditors to carry out their responsibilities in an unbiased manner, including matters of audit selection, scope, procedures, frequency, timing, and report content. If independence or objectivity is impaired in fact or appearance, the DIA will disclose the details of the impairment to the appropriate parties and relevant Audit Committees.

The IAO will have no direct operational responsibility or authority over any of the activities audited. The internal auditors will refrain from implementing internal controls, developing procedures, installing systems, preparing records, or engaging in any activities that may impair their judgement.

Scope of Internal Audit Activities

The scope of internal audit activities encompasses, but is not limited to:

  • Evaluating the effectiveness and efficiency of the University’s governance, risk management, and control processes.
  • Assessing the adequacy of the University’s internal controls to ensure the reliability and integrity of information, compliance with policies, regulations, and laws, safeguarding of assets, and accomplishment of the University’s goals and objectives.
  • Evaluating the University’s compliance with applicable laws, regulations, policies, and procedures.
  • Performing following up reviews to monitor the implementation progress of recommendations raised in audit reports. Conducting special investigations and consultations as requested by the University’s management or Audit Committee.
Back to Top
Skip to content