Audit and Compliance Committee Charter
The Audit and Compliance Committee of the Board of Trustees is established pursuant to the State of Tennessee Audit Committee Act of 2005, codified at Tennessee Code Annotated §§ 4-35-101 et seq. The Committee will assist the Board in fulfilling its governance and oversight responsibilities.
The Audit and Compliance Committee has authority to conduct or authorize investigations into any matter within its scope of responsibility. The Committee is empowered to:
- Seek any information it requires from employees – all of whom are directed to cooperate with the Committee’s requests – or external parties.
- Meet with University officials, external and internal auditors, the General Counsel, or others as necessary.
- Delegate authority to subcommittees to handle any matter within the Committee’s scope of responsibility, provided that actions of the subcommittee are presented to the full Committee at a previously scheduled or called meeting.
- Oversee the internal audit and institutional compliance functions of the University, which will report directly to the Audit and Compliance Committee through the Chief Audit and Compliance Officer.
- Conduct confidential, nonpublic executive sessions as authorized by law.
Composition of the Committee
The Audit and Compliance Committee shall be composed of at least three (3) members of the Board of Trustees who meet the following membership requirements established in the Bylaws of the Board of Trustees:
All members of the Audit and Compliance Committee shall be financially literate, meaning they shall be able to read and understand fundamental financial statements, including a balance sheet, income statement, and cash flow statement. At least one member of the committee shall have extensive accounting, auditing, or financial management expertise.
Each member shall be free of any relationship that would interfere with his or her exercise of independent judgment or give the appearance of a conflict of interests. The Chair of the Board shall be an ex officio, voting member of the Committee. The Committee may include one voting member who is not a member of the Board of Trustees but who satisfies the membership requirements in the Bylaws, including the requirement of extensive accounting, auditing, or financial management expertise. An external member may not serve as Chair of the Audit and Compliance Committee.
Committee members and the Committee Chair shall be appointed by the Board of Trustees on the recommendation of the Chair of the Board. The term of appointment is two years. The Committee Chair may not serve more than three (3) consecutive two-year terms as chair except upon an affirmative roll-call vote of a majority of the total voting membership of the Board.
The President shall not serve as a member but shall attend meetings if requested by the Committee Chair.
The University’s senior management and the Chief Audit and Compliance Officer are responsible for providing the Committee with educational resources related to accounting principles, internal controls, applicable policies, regulations, compliance risks, risk management, and other information that may be requested by the Committee to maintain appropriate financial, risk management, and compliance literacy.
Required Number, Call, and Location
The Committee shall meet as often as necessary to carry out its responsibilities but at least once annually. A meeting of the Committee may be called by the Chair of the Board, the President, the Committee Chair, or by the Secretary upon the written request of two members of the Committee. In accordance with Tennessee Code Annotated § 4-35-104, the Committee shall meet upon the request of the State Comptroller of the Treasury. Committee meetings may be held at any location in the State of Tennessee.
The Committee may invite members of management, auditors, or others to attend and provide pertinent information. In carrying out Committee responsibilities, members may find it necessary from time to time to meet individually with management and internal and external auditors.
Written notice of Committee meetings, including the purpose of the meeting, shall be given to all Committee members. At least five (5) days’ notice shall be given when feasible, but less notice may be given when there is a need for urgent action. Notice may be delivered by postal mail, courier, electronic mail, or facsimile transmission. If written notice is not feasible, by reason of urgency or other exigent circumstance, notice may be given by telephone. As required by Tennessee Code Annotated § 8-44-103(a) and (b), adequate public notice shall be given of all Committee meetings.
Except when meeting in nonpublic executive session as authorized by law, all meetings of the Committee shall be open to the public unless otherwise provided by the Tennessee Open Meetings Act or a judicially recognized exception to the Act.
An agenda shall accompany the notice of every meeting of the Committee when feasible but, when not feasible, the notice shall state the purpose(s) for which the meeting is called.
Development of the Committee agenda shall be the responsibility of the Committee Chair, in consultation with the Chief Audit and Compliance Officer. The agenda shall list in outline form each item to be considered at the meeting. Items not set forth on the agenda or in the notice may be considered only upon an affirmative roll-call vote of a majority of the total voting membership of the Committee.
The Committee may use a consent agenda in the manner provided by the Bylaws of the Board of Trustees.
A quorum shall be a majority (more than one-half) of the voting members of the Committee. The Chair of the Board, who is an ex officio, voting member of the Committee, shall be counted for quorum purposes only when present. In the absence of a quorum, those attending may adjourn the meeting until a quorum is present.
Action of the Committee
The action of a majority of the quorum of voting Committee members present at any meeting shall be the action of the Committee, except as otherwise provided in the Bylaws of the Board of Trustees, Board policy, or statute.
Motions and Resolutions
Each motion or resolution (except informal or parliamentary motions) shall be presented in writing at the time the motion or resolution is made, except that the Committee Chair may grant a member the privilege of reducing a motion to writing and presenting it to the Secretary before the adjournment of the meeting.
Manner of Voting
All votes in a Committee meeting shall be by voice vote or public ballot, provided that a roll-call vote shall be taken on any motion if a voting Committee member present at the meeting requests a roll-call vote before a voice vote is taken or demands a roll-call vote before the Committee Chair announces the result of a voice vote.
The Chief Audit and Compliance Officer shall cause minutes of all Committee meetings to be prepared, review the minutes with the Committee Chair, and provide the minutes to all Committee members and the Secretary of the Board before the next Committee meeting.
- Provide oversight for the integrity of the University’s annual financial statements through review of the scope and results of the state auditor’s examination of the University’s annual financial statements and any other matters related to the conduct of the audit, which should be communicated to the Committee.
- Review with management and the General Counsel any legal matters (including pending litigation) that may have a material impact on the University’s financial statements and any material reports or inquiries from regulatory or governmental agencies.
- Resolve any differences between management and the state auditors regarding financial reporting.
- Provide oversight of the University’s internal control structure and management practices by considering the effectiveness of the University’s internal control system, including information technology security and control.
- Understand the scope of internal and external auditors’ review of internal controls over financial reporting.
- Review management’s risk assessment and the University’s Code of Conduct.
- Ensure that procedures exist for the receipt, retention, and treatment of complaints regarding fraud, waste, and abuse, including procedures for anonymous complaints.
- Ensure that the Code of Conduct is easy to access, widely communicated, easy to understand, includes an anonymous reporting mechanism, and is enforced.
- Ensure that the University’s conflict of interests policy is comprehensive, clearly defines the term “conflict of interests,” and contains procedures for adequately resolving and documenting potential conflicts.
- Review the University’s process for monitoring compliance with laws and regulations
Office of Audit and Compliance
- Ensure that the Office of Audit and Compliance has direct and unrestricted access to the Chair and other Committee members.
- Review the Chief Audit and Compliance Officer’s administrative reporting relationship to assure not only that independence is fostered, but adequate resources in terms of staff and budget are provided to enable the Office of Audit and Compliance to perform its responsibilities effectively.
- Recommend to the Board the appointment, initial compensation, and other terms of employment of the Chief Audit and Compliance Officer.
- Review and approve the annual evaluation and compensation of the Chief Audit and Compliance Officer.
- Recommend to the Board reassignment, demotion, or dismissal of the Chief Audit and Compliance Officer.
- Review budget, structure, and staffing for the Office of Audit and Compliance.
- Review compliance with professional standards.
- Review and approve the charter for the internal audit function.
- Review and approve the comprehensive annual audit plan.
- Review the results of the year’s work with the Chief Audit and Compliance Officer. Changes to the plan, including management requests for unplanned assignments, should also be reviewed.
- Receive and review reports and other work prepared by the internal audit team.
- Review any difficulties encountered in the course of performing audits, including restrictions on the scope of work and access to required information.
- Review the results of external and periodic internal assessments of the quality assurance and improvement program.
- Review of the University’s process for monitoring compliance with laws, regulations, and University policies.
- Review and approve the annual institutional compliance work plan.
- Review the results of the University’s compliance risk assessment process.
- Review the results of compliance work on a regular basis.
- Receive and review reports and other work prepared in conjunction with the institutional compliance efforts.
- Present the external auditors’ conclusions to the full Board.
- Meet regularly with the external auditors to discuss any matters that the Committee or auditors deem appropriate.
Communications and Reporting
- Provide an open avenue of communication among the state auditors, the Office of Audit and Compliance, senior management, and the Board.
- Report regularly to the Board about Committee activities and issues that arise with such recommendations, as the Committee deems appropriate.
- Review and assess the adequacy of the Committee’s charter annually, recommending approval of proposed changes to the Board.