Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations.it is a dynamic process involved in helping organizations achieve their objectives by evaluating and improving the effectiveness of risk management control and governance processes.
Contribution of DeKUT’s Audit, Risk and Compliance department
DeKUT’s Audit, Risk and Compliance department is a valuable resource to the university Council (through the Audit Committee), the University Management Board, the operating departments and other stakeholders in helping them discharge their responsibilities.
The Audit, Risk and Compliance department of DeKUT is established under Statutes XV of Dedan Kimathi University of Technology (2013) as set in accordance with the Universities Act 2012) No 42 of 2012) and the charters. The audit takes a risk-based approach guided by International Standards for the Professional Practice of Internal Auditing. It involves high-level risk profiling of the audit portfolio over time, with a view to reducing exposure to risk by focusing attention on areas of improvement.
In fulfillment of this mandate the department’s activities are not confined to but include:
- Increasing accountability by providing an independent and objective assurance on the effectiveness of key systems of internal control, risk management, compliance testing and corporate governance processes. This is achieved by appraising the robustness and application of financial and administrative controls; reliability of data that is developed within the university; evaluating sufficiency of and adherence to DeKUT’s plans, policies and procedures and compliance with government laws and regulations; safeguard of assets of the university and conducting appraisals on the effectiveness and efficiency in the operations and optimal use of university resources.
- The department also performs special reviews and consulting services as requested by the University Management Board. These activities are advisory and are designed to add value and to help the university to accomplish its objectives without the internal department assuming management responsibilities.
Authority, Access and Confidentiality
In order to achieve its missions and objectives the University Council through DeKUT audit charter grants the audit, risk and compliance department authority to carry out audit reviews on all departments of the university. The charter authorizes DeKUT’s audit function to have unrestricted access to all university campuses, functions, activities, operations, records, data files, computer programs, property, personnel and information necessary for the proper performance of audit engagements; with requirement for strict confidentiality and safeguarding of records and information that comes to its possession.
Code of ethics
DeKUT’s Audit, Risk and Compliance department ascribes to the Code of Ethics as outlined in the institute of internal auditors’ guidelines that seek to promote ethical culture in the profession of internal auditing.
In the quest of timely quality service, the department is guided by the following core values;
We are committed to the highest degree of ethical conduct in the performance of our work. Our actions shall be consistent with our words.
- Freedom of thought and expression
We shall promote and defend freedom of thought in all our activities.
- Personal development
We are committed to helping each member develop their skills and abilities to the maximum extent possible by providing education, training and professional opportunities. We are each responsible for our personal growth.
- Innovativeness and creativity
We will be creative and innovative in resource management
- Good corporate governance
We ensure openness, transparency and accountability in our processes
- Team spirit and teamwork
We foster a work environment characterized by team spirit and team work
We maintain ethical behavior, professional etiquette and honesty
- Commitment to quality
We shall continuously improve the accuracy, reliability, usefulness and timeliness of our products and services to ensure they are valuable to our clients
Reporting and monitoring
A written report shall be prepared and issued by the Chief Internal Auditor or designee following the conclusion of each audit engagement. The audit report may include management response and corrective action taken or to be taken in regard to the specific findings and recommendations. Management response should include a time table for anticipated completion of action to be taken and an explanation of corrective action that will not be implemented.
The Audit, Risk and Compliance department shall then make appropriate follow-up on engagement findings and recommendations and report to the Vice Chancellor and the Audit Committee any corrective actions not implemented.
Members of Staff
- James Munga Njaria
Chief Internal Auditor
- James Muthusi
- Cecilia Thuku
Senior Assistant Internal Auditor
- Humphrey Kirema
Assistant Internal Auditor