skip to content

Governance and Compliance Division


Audit & assurance

The Office for Students requires the University to demonstrate that it meets certain conditions to stay registered as a Higher Education provider. One of these conditions is to demonstrate that the University has adequate and effective financial, operational and governance arrangements. The Audit Committee is responsible for checking the University's arrangements are in place and reports annually to the University Council with an opinion on how well these structures are operating.

To form its opinion, the Committee needs to know:

  1. the University has policies in place that set out requirements, responsibilities and guidance in areas of key risk;
  2. processes to support those policies are working effectively.

In other words, the Committee needs assurance that things are working as intended.


Assurance can be gained in three ways:

  1. Operational management: functions that own and manage risk.
  2. Risk management and compliance: functions that oversee risk.
  3. Independent assurance: functions that provide independent assurance (e.g. internal audit, commissioned reviews or specialist assurance assignments etc.)

Internal audit

The internal audit function is responsible for providing an independent appraisal of the University’s financial and operational activities. Internal audit:

  • can be thought of as a 'critical friend';
  • provides advice on improving particular processes or controls in key areas of risk; and
  • provides assurance to the Audit Committee and senior management that risk management, internal controls, processes and governance are working effectively

Where risks are identified, the University must consider what action it needs to take to address the underlying risk and subsequently demonstrate that it has done so.

The University has recently moved to a hybid, managed outsourced internal audit model. This comprises a single, outsourced internal audit firm (Deloitte LLP), with a dedicated member of the University with a broad understanding of the University who facilitates the work of the outsourced internal audit firm with a view to driving the effectiveness and efficiency of internal audit (Head of Assurance, Governance & Compliance Division). This approach allows the University to combine external and independent audit expertise with in-depth knowledge of the academic and administrative processes at the University.

External audit

An external audit function is also required by the University's Statutes. The external audit function gives an independent opinion on the University’s annual financial statements. These statements summarise the University’s financial performance during the year. The Council, on the advice of the Audit Committee, appoints the external auditor. The external auditors work both within institutions and the Finance Division.

Governance site links: