Portrait image in blue office environment.

The review and evaluation of governance and operational processes is the focus of chief internal auditor Sven Jungerhem. Photo: Mikael Wallerstedt.

2020-06-09

Governance under review by Internal Audit

Internal Audit assesses how well internal governance and control is functioning on behalf of the University Board.

Uppsala University is one of some 70 public authorities tasked by the Government with conducting an internal auditof governance and operational processes to ensure that these are functioning satisfactorily. Organisationally, Internal Audit is an independent division of the University reporting to the University Board.
“The purpose of Internal Audit is to review and evaluate operational processes and internal governance and control in order to assess whether these are being conducted in the manner decided on by the University Board and management. And whether operations are being conducted efficiently,” explains chief internal auditor Sven Jungerhem.

As a public authority Uppsala University is subject to the Swedish Government Agencies Ordinance (SFS 2007:515), Section 3 of which states that the authority’s operations must be carried out effectively and in accordance with applicable law, and reported in a reliable, true and fair manner, and that the authority must manage state funds responsibly.
“When we conduct an audit, we ask ourselves whether internal governance and control is working to ensure compliance with the Government Agencies Ordinance and the fulfilment of the University’s goals. Do we have an effective organisation for achieving the objectives of the Ordinance and the University? In this way, one can say that Internal Audit contributes to the ability to achieve the University’s goals.”

Among the things Internal Audit looks at when performing an audit is whether there is a regulatory framework in place, if it is being complied with, and whether it is kept up to date and meets statutory requirements.
“In terms of internal governance and control we prefer to focus on controls that help the organisation to develop internal governance in order to make the best use of resources to achieve the goals. Of course, sometimes we may need to point out that something is not acceptable or functioning adequately.”

But surely you can’t be experts in every field?
“Although our team consists of four people with broad experience, we are of course not expert in every field; rather, I would say that our strength lies in assessing internal governance and controls in relation to international standards and advising accordingly.”

How do you select what to audit?
“That is decided by the University Board based on our annual risk analysis.”

In the risk analysis, auditors compile potential risks that they have identified as worthy of further investigation based on business intelligence, the University’s own risk assessments, previous audits, etc.
“We assess identified risks based on probability and likely consequences. We try to find significant risks, given the need to prioritise among the risks we see. Might this happen and, if so, what happens then? How will it impact on the University’s ability to operate successfully? Is there a risk that the University’s reputation will be harmed? Might the University suffer financial losses due to liability or corruption? Is there a risk of some form of irregularity?”

Anders Berndt

The auditing year begins in February

In February each year, the University Board decides on the coming year’s audits. At the same time, work is being concluded on the previous year’s audits, which are reported to the University Board in December and April.

In spring 2020, however, April reporting is postponed until the June meeting.

One audit that has attracted considerable attention is the audit of secondary occupations conducted in 2019, which showed that very few employees of the University reported any secondary employment. The term secondary occupation refers to any professional activities in addition to employment at the University, all of which must be reported by all teaching staff, managers and some administrative positions.

“When we audited secondary occupations, it became apparent that the regulatory framework was outdated and information regarding the regulations was difficult for employees to grasp,” says chief internal auditor Sven Jungerhem. “A number of measures have now been taken to improve the situation and we will be monitoring these to assess whether they have had the desired effect. It is important that we deal with secondary occupations correctly, not least from a reputational perspective, given that any deviation from regulations risks harming public confidence in the University.”

When the auditors have completed an audit report, it is submitted to the University Board and the vice-chancellor is given the opportunity to comment and propose solutions.
“The University Board then decides on any measures in relation to the audit.”The auditors will then return with a follow-up report on the audited area, to see whether the measures have been implemented and what effects they have had.

Audit Plan 2020

During 2020, Internal Audit will be auditing;

selected departments, divisions and units;
museums and collections;
contract education;
cheating in examinations;
the use of legal entities in teaching (in-depth follow up); and
the whistle-blower function (follow up).