Audit and Compliance Committee Charter

Download the Committee Charter [PDF]

 

Purpose

The Audit and Compliance Committee of the Board of Trustees is established as required by Tennessee Code Annotated § 49-9-206(b)(1)(A) and in compliance with the State of Tennessee Audit Committee Act of 2005, codified at Tennessee Code Annotated §§ 4-35-101 et seq. (the “Tennessee Audit Committee Act”). The Committee will assist the Board in fulfilling its governance and oversight responsibilities.

 

Authority

The Audit and Compliance Committee has authority to conduct or authorize investigations into any matter within its scope of responsibility. The Committee is empowered to:

  • Seek any information it requires from employees – all of whom are directed to cooperate with the Committee’s requests – or external parties.
  • Meet with University officials, external and internal auditors, the General Counsel, or others as necessary.
  • Delegate authority to subcommittees to handle any matter within the Committee’s scope of responsibility, provided that actions of the subcommittee are presented to the full Committee at a previously scheduled or called meeting.
  • Oversee the internal audit and institutional compliance functions of the University, which will report directly to the Audit and Compliance Committee through the Chief Audit and Compliance Officer.
  • Conduct confidential, nonpublic executive sessions as authorized by law.

 

RESPONSIBILITIES

The Committee’s oversight responsibilities shall include the following matters:

Financial Statements

  • Provide oversight for the integrity of the University’s annual financial statements through review of the scope and results of the state auditor’s examination of the University’s annual financial statements and any other matters related to the conduct of the audit, which should be communicated to the Committee.
  • Review with management and the General Counsel any legal matters (including pending litigation) that may have a material impact on the University’s financial statements and any material reports or inquiries from regulatory or governmental agencies.
  • Resolve any differences between management and the state auditors regarding financial reporting.

Internal Control

  • Provide oversight of the University’s internal control structure and management practices by considering the effectiveness of the University’s internal control system, including information technology security and control.
  • Understand the scope of internal and external auditors’ review of internal controls over financial reporting.
  • Review management’s risk assessment and the University’s Code of Conduct.
  • Ensure that procedures exist for the receipt, retention, and treatment of complaints regarding fraud, waste, and abuse, including procedures for anonymous complaints.
  • Ensure that the Code of Conduct is easy to access, widely communicated, easy to understand, includes an anonymous reporting mechanism, and is enforced.
  • Ensure that the University’s conflict of interests policy is comprehensive, clearly defines the term “conflict of interests,” and contains procedures for adequately resolving and documenting potential conflicts.
  • Review the University’s process for monitoring compliance with laws and regulations.

Office of Audit and Compliance

  • Ensure that Audit and Compliance has direct and unrestricted access to the Chair and other Committee members.
  • Review the Chief Audit and Compliance Officer’s administrative reporting relationship to assure not only that the function is organizationally positioned to be performed independent from management, but adequate resources in terms of staff and budget are provided to enable Audit and Compliance to perform its responsibilities effectively.
  • Recommend to the Board the appointment, initial compensation, and other terms of employment of the Chief Audit and Compliance Officer.
  • Review the annual performance and compensation of the Chief Audit and Compliance Officer.
  • Review and approve the Chief Audit and Compliance Officer’s roles and responsibilities and any impairments to independence and safeguards necessary to protect independence carrying out those duties.
  • Recommend to the Board reassignment, demotion, or dismissal of the Chief Audit and Compliance Officer.
  • Review budget, structure, and staffing for Audit and Compliance.
  • Review compliance with professional standards.

Internal Audit

  • Review and approve the charter for the internal audit function.
  • Review and approve the comprehensive annual audit plan.
  • Review the results of the year’s work with the Chief Audit and Compliance Officer. Changes to the plan, including management requests for unplanned assignments, should also be reviewed.
  • Receive and review reports and other work prepared by the internal audit team.
  • Review any difficulties encountered in the course of performing audits, including restrictions on the scope of work and access to the data, records, information, personnel, and facilities necessary to fulfill the internal audit mandate.
  • Review the results of external and periodic internal assessments of the quality assurance and improvement program.

Institutional Compliance

  • Review of the University’s process for monitoring compliance with laws, regulations, and University policies.
  • Review and approve the annual institutional compliance work plan.
  • Review the results of the University’s compliance risk assessment process.
  • Review the results of compliance work on a regular basis.
  • Receive and review reports and other work prepared in conjunction with the institutional compliance efforts.

External Auditors

  • Present the external auditors’ conclusions to the full Board.
  • Meet regularly with the external auditors to discuss any matters that the Committee or auditors deem appropriate.

Communications and Reporting 

  • Provide an open avenue of communication among the state auditors, the Office of Audit and Compliance, senior management, and the Board.
  • Report regularly to the Board about Committee activities and issues that arise with such recommendations, as the Committee deems appropriate.

Other Responsibilities

Notwithstanding the foregoing, the Committee shall have such other responsibilities, powers, and duties as may be otherwise specified in the Tennessee Audit Committee Act. The Committee Chair, in consultation with Chief Audit and Compliance Officer, shall review the committee charter prior to each Annual Meeting of the Board to determine whether the Committee is carrying out its responsibilities effectively and whether any revisions to the charter should be submitted to the Committee for recommendation to the Board.

 

Membership

The Audit and Compliance Committee shall be composed of at least three (3) members of the Board of Trustees who meet the following membership requirements established in the Bylaws of the Board of Trustees:

All members of the Audit and Compliance Committee shall be financially literate, meaning they shall be able to read and understand fundamental financial statements, including a balance sheet, income statement, and cash flow statement. At least one member of the committee shall have extensive accounting, auditing, or financial management expertise.

Each member shall be free of any relationship that would interfere with his or her exercise of independent judgment or give the appearance of a conflict of interests. The Chair of the Board shall be an ex officio, voting member of the Committee. The Committee may include one voting member who is not a member of the Board of Trustees but who satisfies the membership requirements in the Bylaws, including the requirement of extensive accounting, auditing, or financial management expertise. An external member may not serve as Chair of the Audit and Compliance Committee.

Committee members and the Committee Chair shall be appointed by the Board of Trustees on the recommendation of the Chair of the Board. The term of appointment is two years. The Committee Chair may not serve more than three (3) consecutive two-year terms as chair except upon an affirmative roll-call vote of a majority of the total voting membership of the Board.

The President shall not serve as a member but shall attend meetings if requested by the Committee Chair.

 

Committee Education

The University’s senior management and the Chief Audit and Compliance Officer are responsible for providing the Committee with educational resources related to accounting principles, internal controls, applicable policies, regulations, compliance risks, risk management, and other information that may be requested by the Committee to maintain appropriate financial, risk management, and compliance literacy.

 

Meetings

Required Number, Call, and Location

The Committee shall meet as often as necessary to carry out its responsibilities but at least once annually. The Committee may meet in conjunction with regular meetings of the Board of Trustees, at stated times approved in advance by the Committee, or at any other time upon a call by the Chair of the Board, the President, the Committee Chair, or by the Secretary of the Board upon the written request of two members of the Committee. In accordance with Tennessee Code Annotated § 4-35-104, the Committee shall meet upon the request of the State Comptroller of the Treasury. Committee meetings may be held at any location in the State of Tennessee.

The Committee may invite members of management, auditors, or others to attend and provide pertinent information. In carrying out Committee responsibilities, members may find it necessary from time to time to meet individually with management and internal and external auditors.

Notice

At least five (5) days’ notice shall be given to all Committee members when feasible, but less notice may be given when there is a need for urgent action. Notice may be delivered by postal mail, courier, electronic mail, or facsimile transmission. If written notice is not feasible, by reason of urgency or other exigent circumstance, notice may be given by telephone.

As required by Tennessee Code Annotated § 8-44-103(a) and (b), adequate public notice shall be given of all Committee meetings. All meetings of the Committee shall be open to the public, except that the Committee may hold confidential, nonpublic executive sessions as permitted in accordance with Tennessee Code Annotated § 4-35-108 or as otherwise provided by the Tennessee Open Meetings Act or a judicially recognized exception to the Act.

Agenda

An agenda shall accompany the notice of every meeting of the Committee when feasible but, when not feasible, the notice shall state the purpose(s) for which the meeting is called.

Development of the Committee agenda shall be the responsibility of the Committee Chair, in consultation with the Chief Audit and Compliance Officer. The agenda shall list in outline form each item to be considered at the meeting. Items not set forth on the agenda or in the notice may be considered only upon an affirmative roll-call vote of a majority of the total voting membership of the Committee.

Quorum

A quorum shall be a majority (more than one-half) of the voting members of the Committee. The Chair of the Board, who is an ex officio, voting member of the Committee, shall be counted for quorum purposes only when present. In the absence of a quorum, those attending may adjourn the meeting until a quorum is present.

Action of the Committee

The action of a majority of the quorum of voting Committee members present at any meeting shall be the action of the Committee, except as otherwise provided in the Bylaws of the Board of Trustees, Board policy, or statute.

Minutes

The Secretary shall be responsible for ensuring that minutes are prepared and maintained for all Committee meetings, and the minutes shall be provided to all members of the Committee before the next meeting of the Committee.