Audits

Quality Assurance and Review Process Procedure

Policy Code: CG1248

Purpose

This procedure describes the operational aspects of University’s Quality Framework. The University is committed to ensuring effective internal governance and quality assurance practices across the University.

Quality assurance processes at the University are continually monitored to determine whether the policies, procedures and operational practice which form the foundation of the Quality Framework are effectively implemented and maintained. These processes also provide opportunities to review practices and identify potential areas for improvement.

Scope

This procedure applies across all areas of the University responsible for ensuring sound quality assurance processes within the faculty or operational area.  This procedure details how internal quality assurance and internal and external governance reviews are conducted.

The University’s multiple levels of audits complement each other and are designed to ensure an overarching, consistent and independent audit approach. 

Legislative Context

  • Federation University Australia Act 2010
  • Education Services for Overseas Students Act 2000 (ESOS)

The statutory requirements of the following regulatory bodies are adhered to:

  • Australia Skills Quality Authority (ASQA)
  • Victorian Registration Qualifications Authority (VRQA)
  • Tertiary Education Quality and Standards Agency (TEQSA)
  • Department of Education; VET Funding Contract

Definitions

Term Definition
Advisory reviews Advisory reviews are intended to provide the Audit and Risk Committee with an independent progress assessment of the existing control effectiveness and procedural compliance levels of core operational processes and systems that are being implemented across the university.
Compliance Compliance can be demonstrated by clear adherence to the required Regulatory Requirements and University Policy and Procedure.  A compliant Result demonstrates general compliance with the specified standard/s policy or procedure as nominated within the audit.
ESOS Act Education Services for Overseas Students Act (2000)

Internal audit

 

Independent financial and operational reviews that assess the control effectiveness of the University’s business processes, evaluate the adequacy of risk controls and to examine the level of operational compliance with University policies, procedures and key regulatory obligations. Internal audits highlight process gaps and opportunities for improvement through recommendations to senior management to improve the University’s internal controls, operational compliance and risk management processes
Non-Compliant An observation from evidence available that practices do not comply with the requirements of the quality management system.

Non Compliance – Rectification (NCR)

Request

A request that action is required to determine, the root cause and corrective actions for a non-compliance.

Partial Compliance

 

Partial Compliance may be recognised when the intent to achieve compliance can be clearly demonstrated through evidence to support adherence to the required regulatory requirements and University Policy and Procedure, achieving most of the major objectives – but not all.
Quality Audit 

An independent, systematic, and documented assessment of practice to ensure the control processes established by the University are achieving the ongoing compliance against the Quality Framework

Quality audits also provide an independent review of the operational practice reviews.

University Governance and Management Committees Relevant committees that support the academic, operational and quality governance of the University's programs and operations. These include, but not limited to: Council and Committees of Council, Academic Board, Curriculum Committee, Learning and Teaching Committee and VET Curriculum Quality Committee or their future equivalents.

Actions

A -Internal Quality Audits

Plan, conduct & report on audits

  Activity Responsibility Steps
1. Plan Internal Quality audit Quality Services

The Internal Quality Audit schedule is developed in consultation with relevant stakeholders taking into account:

  1. Previous internal audit and external audit results
  2. Internal and external risk ratings
  3. Preparation required for forthcoming regulatory audits (ASQA, TEQSA, HESG and VRQA);
  4. Operational and procedural changes specifically required by, ASQA,TEQSA, VRQA (VCAL), HESG Standards or other standards as required;
  5. The Internal Quality Services Audit Schedule is forwarded to the University Governance and Management Committees for noting then distributed to relevant University management
2. Conduct Audits. Quality Services
  1. Confirm commencement of audit with relevant stakeholder, as per the Internal Quality Audit schedule, a week prior to commencement of audit.
  2. Utilise approved internal checklists/templates for a consistent approach when conducting the audit.
  3. Finalise and document the audit by summarising the findings and any non-compliances on the NCR template. Discuss audit findings with key stakeholders prior to finalising the audit report, identifying non-compliances, partial compliances, compliances and recommendations.
3.

Report on

Quality Audits

Quality Services/

Auditee

  1. Issue audit report and NCR summary form to nominated stakeholders.
  2. Log identified NCRs onto the Quality NCR Database. 
  3. Nominated stakeholder to populate the template with proposed actions/rectifications and returned within the timeframe requested unless otherwise negotiated.
  4. NCR Summary Forms that are not forwarded to Quality Services within the requested timeframe followed up and if necessary may be escalated to management / University Governance and Management Committees for action.
4.

Review non-compliances and

proposed rectifications

Quality Services
  1. NCRs will be monitored for progress and completion in the proposed timeframe.
  2. Closing NCRs - When NCR Requests have successfully been rectified and evidence of this provided, the NCR will be closed.
  3. Open/incomplete NCRs - If rectifications are not progressing as outlined in the provided NCR Request after follow up, the audit status may be escalated and reported to the University Governance and Management Committees.
  4. Where compliance has not been rectified, a follow up audit may be scheduled based on risk level.
5 Committee and Operational Area Quality Audits

Operational Areas

University Governance and Management Committees

  1. Operational Areas are responsible for conducting internal quality audits to monitor compliance with quality assurance practices and processes. 
  2. University Governance and Management Committees can conduct quality assurance audits to monitor the compliance of the committee and operational areas in achieving quality assurance requirements.

Audits are conducted and reported in line with the internal business process of the operational area or committee conducting the audit.

B - Centre for University Partnerships - Compliance Audits

Conducting On / Off Shore Partner ESOS and Higher Education Standards Framework (HES) Compliance Audits and On-campus ESOS Audits

The purpose of ESOS and HES audits is to ensure that the University is compliant with the ESOS Act, the National Code 2007 and the Higher Education Standards Framework. On and off shore partners who deliver University programs to international students will be audited for ESOS and/or HES compliance

  Activity Responsibility Steps
1. Plan Partner Provider ESOS and HES Audit (On & Off Shore) and on-campus ESOS audits. Manager, Compliance/ International Compliance Officer
  1. At the commencement of each year auditing and compliance activities required for the forthcoming 12 month period are reviewed and an audit schedule is developed.
    1. Using an analysis based on risk, the University decides when, where and who will be involved in each audit, considering of the sources of risk, their consequences and the likelihood that those consequences may occur.
    2. The Audit Schedule is developed in consultation with the appropriate stakeholders, which includes the Pro Vice Chancellor (International & Partnerships).
  2. The Audit Schedule will list the format of the audit to be undertaken. Audits may be a self-assessment/desktop/onsite audit or a combination of two or more formats. While audits are scheduled as annual audits, high risk areas may be audited more frequently than low risk areas.
  3. Notification: request the name and details of a contact for the audit.
  4. If an onsite audit is planned, the day can be negotiated to suit both auditor and partner or faculty/section. One month’s notice should be the minimum advance notice.
  5. Confirmation: date and time of audit is to be recorded on the Audit Schedule.
  6. Preliminary preparation: request access to relevant documents, databases etc.
2. Conduct Audit Manager, Compliance / International Compliance Officer

When conducting an ESOS / HES audit, use the relevant audit template for guidance for areas of required compliance to be audited.

The audit templates are:

  1. ESOS Compliance Self-assessment template (on-campus)
  2. Offshore International Partner Provider Annual Audit
  3. TAFE Partner Provider Annual Audit Template
  4. Onshore International Partner Provider Annual Audit Template

Provide the template to the partner and / or Faculties / Sections to assist with their preparation.

 For the desktop audits meet with University staff, review student management systems, review partner websites and request materials electronically from the partner.

Where necessary due to responses in the self-assessment and / or result of a desktop audit a follow-up onsite audit will be conducted even if not listed in the audit schedule.

The lead auditor is responsible for an Onsite Audit – Opening Meeting. Meet with the senior partner and / or faculty / section staff involved in the audit to ensure that they are clear about the processes and activities to be undertaken by the auditing team.

The following should be discussed at the meeting:

  1. Introduction of the team members
  2. Audit objectives and scope
  3. Activities and timetable
  4. Confirmation for the working area / office accommodation
  5. Confirmation that access to facilities and records within the scope of the audit are available
  6. Explanation of the details, timing and purpose of the Feedback Meeting
  7. Invite any questions about the audit
3. Report on CUP Compliance Audits: Manager, Compliance / International Compliance Officer

Recording Information:

  1. Notes must be taken when conducting an audit.
  2. Where an area is found to be non-compliant a corrective action will be issued.
  3. Improvement opportunities (IO) are recorded where they may lead to non-compliance or partial non-compliance and may also require a corrective action.
  4. Evaluation of Audit Findings: after performing the audit, the auditor will provide feedback.  The auditor should allow time at the end of the meeting to look at the findings and analyse the audit outcomes to draw conclusions and provided as part of the feedback. Feedback only needs to be provided orally and as a summary of the findings, but must be consistent with what is going to be recorded in the official report.

Audit Report Structure

Upon completion of an audit, a report documenting the findings of the audit must be completed. For partner audits clearly itemise under each area audited and at the end of each report in the section titled “Summary of Audit Findings” the

non-compliant (NC) and improvement opportunities (IO)

For on-campus ESOS audits attach a Non-compliance Rectification request (NCR) to the report.

  • A draft report is sent to the audited party contact so feedback can be provided.

If the audited partner and / or faculty / section advise that they have rectified the non-compliances listed in the report, do not remove from report.  The report reflects what was found on the actual day of the audit, but an additional note can be added to advise that the non-compliance no longer exists.  Evidence must be provided.

  1. The Summary of Audit finding or NCR will indicate the timeframe in which a response on corrective actions is required
  2. The status and effectiveness of corrective actions taken to remedy non-compliances or in response to improvement opportunities will be monitored.
  3. A combined Summary of Audit Findings and their current status will be tabled at meetings of the International & Partnership Committee.
4. Review CUP Compliance Audits: Manager, Compliance
  1. Follow up audits should be undertaken if there are a number of non-compliances found. The follow-up audit only needs to be performed in those areas that non-compliances were raised.
  2. This audit may be conducted as a desktop audit.
  3. The follow-up audit is planned at time mutually agreed to by all participating parties, once evidence has been provided that rectification of the non-compliance has been implemented.

C - Internal Audits and reporting to Audit and Risk Committee

Internal Audit is an essential part of the University's governance structure. The function provides independent, objective assurance and advisory services to senior management to assist the University in evaluating and monitoring the effectiveness of all internal controls established within the University.

The Internal Audit function provides the Audit and Risk Committee and senior management of the University with:

  • Independent assurance reviews of the University’s operations in the areas of risk management, compliance and internal controls;
  • Advice on actions to improve the control effectiveness of the University’s processes;
  • Monitoring of remedial actions to improve the University’s control environment and
  • Special reviews and consultancy work as directed by the Audit and Risk Committee and senior management.
 

Activity

 

Responsibility Steps
1 Plan: : Develop 3 year Strategic Internal Audit Plan and Annual Internal Audit Work Plan

Director, Corporate Governance

Audit and Risk Committee

  1. A high-level risk-based 3 year Strategic Internal Audit Plan is created/reaffirmed each year and is developed in consultation with the Chair of Audit and Risk, Vice-Chancellor’s Senior Team and other key stakeholders prior to seeking formal endorsement from Audit and Risk Committee.
  2. The Audit and Risk Committee reviews and approves the risk-based internal audit 3 year Strategic Internal Audit Plan prior to audits commencing (this normally occurs at the November meeting in the year proceeding commencement).
  3. Once endorsed the 3 year Strategic Internal Audit Plan is used to a guide a more detailed annual work plan for the upcoming period. A confirmation of the plan is tabled periodically at a meeting of audit and risk to confirm the focus of the next period under consideration.
  4. Audit and Risk Committee reviews and approves the risk-based internal audit work plan for the upcoming period.
2 Conduct: Determine Internal audit scope and conduct audit

Director, Corporate Governance

Audit and Risk Committee

  1. Director, Corporate Governance scopes the audit to be conducted in consultation with the Vice Chancellor’s Senior Team
  2. Audit and Risk Committee reviews and approves the scope of internal audit work to be performed prior to the commencement of audit work.
  3. Director, Corporate Governance recommends a suitable auditor to perform the audit work for approval by the Chair of Audit and Risk Committee.
  4. The appointed auditor works with key stakeholders to gather required information and conducts the audit
3 Report: Draft Internal audit reports and submit for approval

Director, Corporate Governance

Audit and Risk Committee

  1. The Vice-Chancellor’s Senior Team reviews and endorses all internal audit reports and advisory review reports before submission to the Audit and Risk Committee for discussion and approval.
  2. Audit and Risk Committee reviews and approves the internal audit reports and advisory review reports before submission to the University Council. The reviews include discussion on the audit/review findings and recommendations. 
4 Review: Audit actions and regulatory compliance status briefings Director, Corporate Governance and Vice-Chancellor
  1. At each Audit and Risk Committee meeting, the Director, Corporate Governance briefs the on the progress of remedial actions to address audit findings, the status of the open internal audit actions.
  2. The Vice-Chancellor is responsible, on behalf of Academic Board and the Vice-Chancellor’s Senior Team to update the Audit and Risk Committee on the university’s internal governance standing in relation to key regulatory obligations (ie. TEQSA, HESG, ASQA, VRQA, ESOS and VAGO). The Director, Corporate Governance may also be asked to provide additional perspective and commentary from time to time in relation to specific compliance risk matters.

D - Governance Reviews of University Committees

Review Process for Council and Standing Committees

Council is required to review its operation and performance in accordance with the standing Council resolution CM5/05/08, Procedure for Assessment of Council Members Performance and Universities Australia ‘Voluntary Code of Best Practice for the Governance of Australian Universities’.

In accordance with the standing resolution, Council will undertake a formal assessment of the performance of Council and its Standing Committees on an annual basis and a comprehensive external review at least every five years.

1. Standing Committees of Council
  Activity Responsibility Steps
1. Plan to conduct a review of Standing Committees of Council Executive Officer – Council and Committees of Council

Evaluation form for Assessment of Committee Performance is normally distributed annually in October to each Standing Committee.

A complete listing of the Standing Committees of Council can be found on the Council web site http://federation.edu.au/staff/

governance/feduni-council/council-committees.

The criteria for the evaluation must align with each Committee’s Terms of Reference and responsibilities.

2. Standing Committee conduct review Executive Officer – Council and Committees of Council  Once the Standing Committee has conducted its review, responses are collated, de-identified and summarised into a document which is then reviewed by the Committee.
3. Review tabled at Council Executive and Council for consideration   Executive Officer – Council and Committees of Council The summarised review document from the Standing Committee is normally sent to the November meeting of Council Executive Committee and then forwarded as soon as practicable thereafter to Council.
4. Results from the Standing Committee reviews are considered by the Council Chancellor

Results from the Standing Committee reviews are considered by the Council Executive Committee when conducting the annual Terms of Reference review for each standing committee.

The Council Executive Committee conducts annual reviews normally in February of the Terms of Reference of all Council standing committees to ensure currency and relevance.

2. Council - Annual Review
  Activity Responsibility Steps
1.  Self-evaluation process is issued and completed to assess the committee’s performance.

Executive Officer – Council and Committees of Council

Council Executive Committee

An annual on-line self-evaluation form is made available around the end of November, to all members of Council for the assessment of the committee’s performance.

The Council Executive Committee reviews the content of the survey normally each September, and forwards to Council at its October meeting for approval prior to the survey going ‘live’ around November.

2.  Development of a report detailing the results of the surveys Council Secretary

Once all members of Council have completed the evaluation, a comprehensive report detailing the results of the individual surveys will be developed.

This confidential report is provided only to the Chancellor for consideration.

3. Chancellor reviews and discusses feedback. Chancellor  The Chancellor will meet with each Council member individually to discuss their feedback.
4. Responses are collated and tabled at Council for review and discussion Executive Officer – Council and Committees of Council  The collated and de-identified responses are summarised into a document which is then provided to Council normally at its first meeting of the following year, for review and discussion.
5. Development of an Action Plan to address findings. Chancellor  An Action Plan addressing the issues identified is developed and monitored by Council to ensure the implementation of relevant modifications.
3. External Review of Council
  Activity Responsibility Steps
1. A tender is issued  to conduct a review of the University’s Council. Deputy Vice-Chancellor - Engagement

In the early part of the year in which an external review is to be conducted, a tender is to be issued inviting submissions from external consultants to conduct a review of the University’s Council.

Council is required to review its operation and performance in accordance with the standing Council resolution CM5/05/8, Procedure for Assessment of Council Members Performance and Universities Australia ‘Voluntary Code of Best Practice for the Governance of Australian Universities’.

2. A consultant is appointed to conduct the review Deputy Vice-Chancellor – Engagement / Chancellor A consultant should be appointed normally by the end of February.
3. In consultation, an appropriate evaluation will be developed to cater for the needs and circumstance of Council. Chancellor

A finalised format for the evaluation should be available as soon as practicable so that the review can commence normally in May.

The evaluation will be designed to meet the current and future requirements for the governance of the University.  This includes identifying any needed skills and expertise which would contribute to effective governing.

4. Development of a report detailing the results of the surveys Chancellor

Once all members of Council have completed the evaluation, a comprehensive report detailing the results of the individual surveys will be developed.

As the full evaluation may take place over several weeks Council will be provided with regular updates on the status of the review.

5. Report is provided for consideration at Council Chancellor

A final report including an Executive Summary and Recommendations to be provided for the consideration of the Council Executive Committee normally at its July meeting.

This will normally be forwarded to the September meeting of Council for review and discussion.

       
6. An Action Plan is to be developed, implemented and monitored by Council Chancellor

An Action Plan addressing the issues identified is developed, implemented and monitored by Council to ensure the achievement of the recommendations.  This Plan should include timelines for the completion of all actions.

The Action Plan should be approved at the final meeting of Council for the year.

Actions should be incorporated into the Council Schedule of Business to ensure relevant actions are implemented.

E - Review Process for Academic Board and Standing Committees

Academic Board is required to review its operation and performance in accordance with the standing Council resolution CM7/08/8, Procedure for Assessment of Council Members Performance and Universities Australia ‘Voluntary Code of Best Practice for the Governance of Australian Universities’.

In accordance with the standing resolution, Academic Board adopted a systemic and regular reviewing of its own and that of its Standing Committees performance. Academic Board will undertake self- assessments on an annual basis and a formal review with external and internal representation every three years.

1. Academic Board - Annual Internal Review

  Activity Responsibility Steps
1. Development of a self-evaluation which is distributed all members of Academic Board and its Standing Committees

Academic Board Executive

Executive Officer – Academic Secretariat

A brief concise self-evaluation is developed by Academic Board Executive each year to be distributed electronically / hard copy to all members of Academic Board and its Standing Committees.

This self-evaluation is distributed following the second last meeting for Academic Board and each of its Standing Committees annually.

Academic Secretariat will send reminders to Board and Committee members to ensure that all self-assessments are returned.

A complete listing of the Standing Committees of Academic Board can be found on the Academic Board web site http://federation.edu.au/staff/governance/academic-board/standing-committees.

2. Members complete self-evaluation Executive Officer – Academic Secretariat  Once all members of Academic Board and its Standing Committees have completed the self-evaluation, a brief report detailing the results of the assessment will be developed.
3. Academic Board Annual Report is developed Executive Officer – Academic Secretariat

 The collated and de-identified responses are summarised into a document which becomes part of the Academic Board Annual Report.

The results are also provided to Council at its first meeting of the following year for consideration.

4. Action Plan is developed and monitored by Academic Board Executive Officer – Academic Secretariat  An Action Plan addressing any issues identified is developed and monitored by Academic Board to ensure the implementation of relevant modifications.

2. Academic Board - Periodic External Review

  Activity Responsibility Steps
1. Academic Board Executive to develop Terms of Reference for the conducting of the formal review of Academic Board. Academic Board Executive

These Terms of Reference must be submitted to Council for approval at the June Meeting so that the external review can commence in July.

Academic Board is required to review its operation and performance in accordance with the standing Council resolution CM7/08/8, Procedure for Assessment of Council Members Performance and Universities Australia ‘Voluntary Code of Best Practice for the Governance of Australian Universities’.

2. The selection of the Review Panel will take place by Academic Board Executive, Academic Board Executive

Refer to the approved Terms of Reference for the Review Panel membership.  Sample of generic Terms of Reference – appendix II.

One member is appointed as Chair to ensure the smooth running of the Panel.

3. Panel will conduct a comprehensive review of Academic Board and its Standing Committees. Review Panel

In accordance with the Terms of Reference, the Panel will conduct a comprehensive review of Academic Board and its Standing Committees.

This Review will include the interviewing of members of the Board and its Standing Committees, a range of University members including the Chancellor, senior executives, academic and teaching staff and students.

The Review will normally be conducted during July to enable the Review Report to be submitted to Council for endorsement at the August meeting.

4. Review Report is been endorsed by Council. Executive Officer – Academic Secretariat Once the Review Report has been endorsed by Council it will be forwarded to Academic Board for consideration.
5. Review and implementation of any recommendations from the Review Report and development an Action Plan. Consultation Group

A consultation process to be initiated with the Chancellor, the Chair of Academic Board and Deputy Vice-Chancellors to plan the implementation of any recommendations from the Review Report and develop an Action Plan.

The Action Plan is to be endorsed at the December Academic Board meeting.

This Plan should include timelines for the completion of all actions.

6. The Action Plan addressing any issues identified is forwarded to Council for consideration. Chancellor

The implementation of the Action Plan is to be managed by Academic Board and monitored by Council to ensure to ensure the achievement of the recommendations. 

The Action Plan will be endorsed at a meeting of Council in the following year.

Supporting Documents

  • ISO 19011:2002(E) Guidelines for quality and/or environmental management systems auditing
  • VET Learning and Teaching Staff Induction and Compliance Manual
  • Higher Education Staff Induction and Compliance Manual

Responsibility

  • (Approval Authority TBC) is responsible for monitoring the implementation, outcomes and scheduled review of this procedure.
  • (Policy Sponsor TBC) is responsible for maintaining the content of this procedure as delegated by the DVC Learning and Quality

Promulgation

The Quality Assurance and Review Procedure will be implemented throughout the University via:

  1. an Announcement Notice under 'FedNews' on the ‘the University Homepage’ website and through the University Policy - ‘Recently Approved Documents’ webpage to alert the University-wide community of the approved Procedure; and
  2. inclusion on the University Policy Central website

Implementation

The Quality Assurance and Review Procedure will be implemented throughout the University via:

  1. an Announcement Notice under 'FedNews' on the ‘the University Homepage’ website and through the University Policy - ‘Recently Approved Documents’ webpage to alert the University-wide community of the approved Procedure; and
  2. inclusion on the University Policy Central website

Records Management

Title Location Responsible Officer Minimum Retention Period
Quality Audit Reports University Registrar Directorate Quality Services  Destroy 7 years after action completed
NCR database University Registrar Directorate Quality Services  Destroy 2 years after action completed
Partner Audit Reports Centre for University Partnerships Manager, Compliance, CUP  Destroy 7 years after action completed