Audit

Policy

20-1: Audits

Effective: September 25, 1995
Revised: October 10, 2025
Approved by: Van Christensen
Reference: Utah Code 63A-3-203, 63J-1-209(8)

Purpose

This policy outlines how audits conducted by the GovOps Division of Finance are used to monitor whether agencies have effectively implemented the internal controls established by the GovOps Division of Finance.

The GovOps Division of Finance plays an important role in safeguarding the state of Utah’s financial resources and ensuring the integrity of its operations. This role is accomplished by establishing internal controls. The GovOps Division of Finance designs and communicates internal controls by adopting policies. These internal controls are then monitored or reviewed to determine whether they have been implemented and are operating effectively at state agencies. These monitoring activities align with the widely recognized internal control framework established by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The monitoring activities are performed through these audits.

Definitions

Agency – Any agency, board, bureau, commission, office, department, or other administrative subunit of the executive branch of state government.

Concur – Software used by the state to manage travel, reimbursements, and p-card transactions.

Internal Control A system of policies and procedures put in place by an organization to:

  • Safeguard its assets.
  • Ensure the accuracy and reliability of its financial records.
  • Promote operational efficiency.
  • Encourage adherence to laws and regulations.

Vantage – The financial management system used by the state for payroll, accounting, budget control, and reporting. It includes Vantage Financial, Vantage Payroll, and Vantage HR.

Policy

A – The GovOps Division of Finance performs audits to monitor internal controls

1 – The GovOps Division of Finance performs audits to determine whether internal controls have been implemented and are operating effectively at state agencies.

2 – The GovOps Division of Financeperforms audits of internal control for all agencies with transactions in Vantage and Concur.

2a – Audits for executive branch agencies, including independent state agencies subject to executive branch controls, will be performed for effective internal controls and compliance with certain policies. Policies selected for testwork will be determined by the GovOps Division of Finance.

2b – Audits for agencies of the legislative and judicial branches and constitutional offices will be limited to key internal controls related to Vantage and/or Concur as applicable.

2c – The GovOps Division of Finance will not monitor compliance with agency policies or laws specific to those agencies.

2d – The GovOps Division of Finance generally limits audits to those internal controls and policies established by the division. However, policies established by other divisions within GovOps or outside agencies may be reviewed if they impact proper recording in Vantage, financial reporting, or compliance with IRS regulations.

3 – The GovOps Division of Finance adopts the best audit techniques and practices but will not cite any particular audit standards when conducting audits. Therefore, they are not required to adhere to audit standards.

4 The GovOps Division of Finance may provide training and support to assist agencies in implementing and understanding internal controls as requested.

B – Agencies must respond to all requests and questions

1 – All agencies must comply with requests and questions during the audit process.

1a – The GovOps Division of Finance will generally allow a minimum of 10 working days for the agencies to respond to requests or inquiries.

2 – Agencies should provide requested documentation and responses within 10 business days of receiving requests.

2a – If agencies are unable to meet deadlines, they must work with the GovOps Division of Finance to determine a deadline that will allow for timely audit results.

C – Reports of findings and recommendations will be issued

1 – The GovOps Division of Finance will issue reports of findings and recommendations related to internal controls, noncompliance with policies, or other matters as determined necessary.

1a – For executive branch agencies, copies of these reports may be sent to the governor’s chief of staff.

2 – The GovOps Division of Finance must allow agencies the opportunity to discuss and respond to findings before the report is issued.

3 – Agencies should provide a written response of corrective actions to the draft findings within 15 working days of receiving the draft report.

 3a – If agencies don’t respond within 15 days, the report will be issued without a response unless other arrangements have been made.

4 – Auditors will perform follow-up procedures to determine that corrective actions were implemented.

4a – Auditors will compile sampling results to track the number and type of issues.

You might also like...

Policies

View all finance policies.