Statutes, codes, and regulations
Oregon Administrative Code
Chapter 125 - DEPARTMENT OF ADMINISTRATIVE SERVICES
Division 700 - INTERNAL AUDITING
Section 125-700-0015 - Definitions

Or. Admin. Code § 125-700-0015

Download
PDF
Current through Register Vol. 63, No. 12, December 1, 2024
Section 125-700-0015 - Definitions
(1) Agency: "State Agency" means any elected or appointed officer, board, commission, department, institution, branch, or other unit of the state government.
(2) Assurance Audit Services: An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization. Examples may include financial, performance, compliance, system security, and due diligence engagements.
(3) Consultation Audit Services: Advisory and related client services activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization's governance, risk management, and control processes without the internal auditor assuming management responsibility. Examples include counsel, advice, facilitation, and training.
(4) Audit Committee: A committee that provides oversight of internal auditing for the agency. The purpose of the audit committee is to enhance the quality and independence of the internal audit function, thereby helping to ensure the integrity of the internal audit process.
(5) Chief Audit Executive: Top position within the organization responsible for internal audit activities. Normally, this would be the internal audit director. In the case where internal audit activities are obtained from outside service providers, the chief audit executive is the person responsible for overseeing the service contract and the overall quality assurance of these activities, reporting to senior management and the board regarding internal audit activities, and follow-up of engagement results.
(6) Internal Audit Function: A program within an agency that provides independent, objective assurance and consulting services designed to add value and improve an organization's operations and facilitate oversight, accountability, and transparency.
(7) Internal Audit Services: Specific activities provided by auditors within the internal audit function. Examples include risk assessments, assurance audit services, and internal audit plans.
(8) Internal Auditing: An independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
(9) Professional Auditing Standards: Principles established to ensure the competence and independence of the audit function and the quality of audit work. The Code of Ethics and International Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors, and Generally Accepted Government Auditing Standards, promulgated by the Government Accountability Office, are the two major sets of standards that govern both the conduct of audit work and the audit function.
(10) Risk: The possibility of an event occurring that will have an impact on the achievement of objectives. Risk is measured in terms of impact (the effect) and likelihood (the probability the event will occur).
(11) Risk Assessment: A process of identifying, analyzing, and prioritizing risks to the achievement of an agency's mission, goals, or objectives.
(12) Risk Management: A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization's objectives.
(13) Cash Equivalents: Cash equivalents are the total value of cash on hand that includes items that are similar to cash; low-risk securities include U.S. government T-bills, bank CD's, bankers' acceptance, corporate commercial paper, and other money market instruments. For the purpose of this rule the amount reflected in Oregon Accounting Manual GL3100 will be used.
(14) Audit Plan (Risk Based): A Plan to determine the priorities of the internal audit function, consistent with the agency's goals.
(15) Quality Assurance and Improvement Plan (QAIP): An evaluation of whether the internal audit activity is in conformance with professional standards.
(16) External Assessment: An assessment by a qualified, independent assessor or assessment team from outside the organization in the form of a full external assessment or an internal assessment with external validation.
(17) Independence: Freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner.
(18) Objectivity: An impartial, unbiased attitude and avoidance of conflicts of interest.
(19) Cash Revenue: Any and all cash income realized as a result of operating activities calculated in accordance with generally accepted accounting principles.

Or. Admin. Code § 125-700-0015

DAS 1-2006, f. & cert. ef. 1-30-06; DAS 1-2010(Temp), f. & cert. ef 6-29-10 thru 12-26-10; Reverted to DAS 1-2006, f. & cert. ef. 1-30-06; DAS 1-2011, f. 6-23-11, cert. ef. 6-30-11; DAS 2-2014, f. 4-30-14, cert. ef. 5-1-14; DAS 3-2022, amend filed 04/27/2022, effective 5/1/2022

Statutory/Other Authority: ORS 184.360

Statutes/Other Implemented: ORS 184.360(3)