Doc. T03-030, as amended
Passed by the Board of Trustees on May 7, 2003
Latest revision: December 11, 2023

Purpose

The primary function of the Committee is to assist the Board of Trustees in fulfilling its oversight responsibilities relating to: the integrity of the University’s financial statements, the systems of internal control and risk management, the qualifications, independence and performance of the Independent External Auditor and internal audit function, and the University’s compliance with legal, regulatory and policy requirements. In so doing, it is the responsibility of the Committee to maintain free and open communication among the Committee, Independent External Auditors, the University Internal Audit and management of the University. The Committee shall take all appropriate actions to set the University’s overall tone for quality financial reporting, effective internal controls, sound business risk and compliance practices, continuous improvement and ethical behavior.

Composition & Independence

Members, to the extent permissible under Massachusetts General Law, must be independent of University management (“Management”) and the University (including its component units and related organizations), and be free of any financial or personal relationship that would impair such independence. Any perceived or actual impairment must be disclosed to the Committee Chair or Chair of the Board of Trustees.

A majority of members shall be financially literate and the Chair of the Committee shall be a financial expert. Financial literacy is defined as being able to read and understand fundamental financial statements. Financial expert is defined as a person who understands audit and risk committee functions and one or more of the following: an understanding of generally accepted accounting principles and financial statements; experience preparing, analyzing or auditing financial statements; or an understanding of internal controls and procedures for financial reporting.

Duties and Responsibilities

It is not the Committee’s duty to plan or conduct audits, determine whether the University’s financial statements are complete, accurate and are in accordance with generally accepted accounting principles or to conduct other types of auditing or accounting reviews or procedures. Management is responsible for the preparation, presentation, and integrity of the University’s financial statements and for the appropriateness of the accounting principles and reporting policies used by the University. The University’s Independent External Auditor’s responsibility is to audit the University’s financial statements in accordance with professional standards.

The following shall be the principal duties and responsibilities of the Committee. These are set forth as a guide that the Committee may modify or supplement as appropriate.

Independent External Auditor

  • The Committee is directly responsible for the appointment, compensation, retention and discharge of the University’s Independent External Auditor (“IEA”), an independent public accounting firm. The IEA shall report directly to the Committee.
  • Annually, discuss the IEA’s compliance with independence requirements and results of internal quality control assessments, peer reviews, the IEA’s responsibilities under generally accepted auditing standards, and any inquiry or investigation by governmental or professional authorities.
  • The Committee or the Chair shall pre-approve all audit and non-audit services that are outside the annual financial statement audit services provided by the IEA that are contracted for $50,000 or more and are not specifically prohibited in this Charter. The Chair shall notify the Committee at the next Committee meeting when he/she approves IEA services.
  • The IEA is specifically prohibited from performing services according to Government Auditing Standards independence framework, for example:
    • Bookkeeping or other services related to the accounting records or financial statements
    • Financial information systems design, implementation or operation
    • Appraisal or valuation services
    • Actuarial services
    • Internal audit outsourcing services
    • Management functions or human resources services
    • Broker-dealer, investment advisor or investment banking services
    • Legal services and expert services unrelated to the audit
    • Any service entailing a commission or contingent fee
  • Ensure proper rotation of the lead audit partner on the University’s engagement considering best practices and the needs of the University.
  • Provide sufficient opportunity for the IEA to meet privately with the Committee Chair.

University Financial Statements

  • Meet with Management and the IEA to review its annual audit plan related to the University’s financial statements and compliance with Office of Management and Budget Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (“Uniform Guidance”) and Massachusetts Office of Student Financial Assistance (“MOSFA”) regulations.
  • Meet with Management to discuss the University’s financial results.
  • Meet with the IEA to review results and recommendations from its audit of the University’s annual financial statements.
    • Confirm with the IEA whether they are satisfied with the disclosures, content and quality of the financial statements, including among other things the nature and extent of any significant changes in accounting principles and practices or complex or unusual transactions.
    • Make inquiries of Management, University Internal Audit (“UIA”) and the IEA concerning significant financial reporting risks, the effectiveness of the University’s system of internal controls related to financial reporting, and control deficiencies reported.
    • Review any significant difficulties encountered during the audit. Make recommendations to resolve disagreements among Management and IEA in connection with financial reporting.
  • Review the results and recommendations from the IEA’s Uniform Guidance and MOSFA audits.
  • Review and approve the University’s annual financial statements.

University Internal Audit

  • Participate in recruiting for the Chief Audit Executive (“CAE”) and changes to the position.
  • Review UIA resources, structure, independence and conformance with the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing.
  • Review, provide input and approve UIA’s annual risk-based audit plan.
  • Receive periodic reports from the CAE regarding internal audit activity, internal controls, risk management, governance and compliance processes, engagements performed by the IEA and other material audit activity at the University.
  • Provide sufficient opportunity for the CAE to meet privately with the Committee Chair.
  • Annually review and if revisions are necessary approve the Internal Audit Charter (Doc. T06- 061). When revisions are made, vote to recommend the Board of Trustees approve the Internal Audit Charter.

Risk Management

  • Receive annual reports from Management regarding the University’s risk management policies and procedures, key risks, mitigation and monitoring procedures, and emerging risks. It is the responsibility of Management to determine the level of risk the University will take on in pursuit of its objectives.

Other Matters

  • Annually review and if necessary revise and approve the Audit and Risk Committee Charter as conditions dictate. This Audit and Risk Committee Charter is exempt from the process required for issuing and revising University Board Policies outlined in the Policy for Creating and Establishing Board Policy and Standards (Doc. T13-093). Any amendments to this Audit and Risk Committee Charter must be reviewed by the Office of General Counsel.
  • Committee Chair and Vice Chair receive briefings on any financial reporting fraud, misappropriation of assets or corruption committed or credible whistleblower complaints from the CAE or Management. The Chair shall provide a briefing to the full Committee on material financial fraud committed or credible whistleblower complaints.
  • Periodically review with Management the University’s processes to ensure compliance with laws, regulations and policies. It is the responsibility of Management to ensure compliance with laws, regulations and policies.
  • After consultation with the Chair of the Board, CAE and Management, retain outside independent accountants, counsel or other experts as required to conduct the business of the Committee. Any retention or hiring of lawyers or law firms external to the University, and any legal advice or services needed by the Committee, must be directed to and coordinated with the University’s Office of General Counsel. The Office of General Counsel has the ultimate authority to oversee and approve all agreements and contracts with lawyers and law firms and for legal services entered into on behalf of the University.
  • Perform any other activities consistent with the Audit and Risk Committee Charter and University By-laws that are customarily addressed by an audit and risk committee.

 

Doc. T03-030, as amended | Audit and Risk Committee Charter
Passed by the Board of Trustees on May 7, 2003
Revised:
August 24, 2005
February 24, 2010
June 10, 2021
December 11, 2023