There are many words that are spoken relating to internal auditing. Here are a few words and what they mean:

Assurance services

Assurance services give the Institute confidence that its processes are working effectively to control risk. To that end, the Department of Internal Auditing works with managers to evaluate their academic, research, and administrative processes and identify opportunities for improvement. 

Charter

Our charter is a formal document that defines our purpose, authority, and responsibility. It establishes our position within Georgia Tech; authorizes access to records, personnel, and physical properties relevant to the performance of engagements; and defines the scope of internal audit activities.

Controls

Controls are activities put in place to safeguard the Institute’s assets, provide reliable financial information, promote efficient and effective operations, avoid fraud, and ensure policy compliance.

Control Processes

Control processes make up a control framework. They are designed and operated to make sure that risks are contained within the level that the Institute is willing to accept.

Engagement

An engagement is our project (audit or consulting) that may include several tasks or activities designed to accomplish a specific set of related objectives.

Fraud

Fraud is any illegal act characterized by deceit, concealment, or violation of trust. These acts are not dependent upon the threat of violence or physical force. Frauds are perpetrated by individuals and organizations to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or professional advantage.

Governance

Governance is the combination of processes and structures implemented by the Institute to inform, manage, and monitor the activities of the Institute so that it can achieve its objectives.

Risk

Risk is the possibility of an event occurring that will harm Georgia Tech’s ability to achieve its objectives. The Department of Internal Auditing evaluates many risks, some of which are: operational, financial, and compliance. The Institute’s reputation is a consequence of these risks. Risk is rated in terms of impact and likelihood.