May is Internal Audit Awareness Month

From: University Relations

Virginia Gov. Ralph Northam has proclaimed May to be Internal Audit Awareness Month in the Commonwealth of Virginia and is a time when internal auditors dedicate time to promote awareness of their profession.

For nearly 40 years internal auditing has been an essential function of Virginia Tech’s Office of Audit, Risk, and Compliance. “Although our office maintains an independent mindset and reporting line, we strive to add value to the university community and identify opportunities for enhanced efficiency and effectiveness to help Virginia Tech accomplish its objectives,” said Sharon Kurek, executive director of audit, risk, and compliance.

 Did you know?

·      More than 20 current Virginia Tech employees that formerly worked in the Office of Audit, Risk, and Compliance have gone on to prominent positions across the university in other divisions including finance, information technology, operations, policy and governance, research, and several academic colleges. 

·      The Office of Audit, Risk, and Compliance maintains a student internship program that employs both undergraduate and graduate students.

·      The Office of Audit, Risk, and Compliance adheres to strict professional standards promulgated by the Institute of Internal Auditors and undergoes an external quality assurance review every five years. This answers the age-old question of “who audits the auditors?” Answer: Other auditors.

The Office of Audit, Risk, and Compliance performs independent internal audits, plans and oversees the university risk management process, and oversees the institutional compliance program. Its mission is to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight as follows:

1.     Audit: Provide independent, objective assurance and advisory activity designed to add value and improve university operations. It helps the university accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

2.     Risk: Provide oversight of the enterprise risk management program by creating and maintaining the framework to effectively identify, assess, and manage risk.

3.     Compliance: Provide oversight of the institutional compliance program and the distributed processes that support compliance across the university.

Check out the Office of Audit, Risk, and Compliance website for more information, including what to expect during an audit, common audit topics, and who is on the current audit plan.

Contact: Office of Audit, Risk, and Compliance,, 540-231-5883