University of Alberta

Types of Audit

Types of Audits

There are many types of audits; Internal Audit Services determines which kind to undertake based on a formal risk assessment process.  The following provides examples of some of the audits that could be undertaken:

Operational Audits

Provide an objective evaluation of an area, department or functional operation. The process assesses the adequacy and effectiveness of controls designed to manage risks and ensure objectives are met.


Financial Audits

A historically oriented, independent evaluation performed for the purpose of attesting to the fairness, accuracy, and reliability of financial data. The University's external auditors, the Office of the Auditor General of Alberta, perform this type of review annually.  Internal audit will also conduct audits focussing on a financial system's controls to ensure that financial controls are adequate and effective.


Information Systems Audits

There are many types of information systems audits that focus on the controls that govern the development, operation, maintenance, and security of application systems in a particular environment. This type of audit might involve reviewing a data center, an operating system, a security software tool, or processes and procedures (such as the procedure for controlling production program changes), etc.  Internal Audit Services may also review of the development of a new application system.


Compliance Audits

These audits address the specific unit adherence to laws and regulations, policies and procedures, federal and provincial requirements, and restrictions imposed on endowments and grants etc.

Follow-up Audits

These are audits conducted after an internal or external audit report has been issued. They are designed to evaluate corrective action that has been taken on the audit issues reported in the original report.

Consulting Services

The types of consulting work that are undertaken by audit include facilitation services for control self-assessment; control framework development for new programs; and advice regarding applications controls for systems under development.