OAR 125-700-0015
Definitions
(1)
Agency: “State Agency” means any elected or appointed officer, board, commission, department, institution, branch or other unit of the state government.(2)
Audit: An objective examination of evidence for the purpose of providing an independent assessment on risk management, control, or governance processes for the organization. Examples include financial, performance, compliance, systems security and due diligence assurance engagements.(3)
Audit Committee: A committee that provides oversight of internal auditing for the agency. The purpose of the audit committee is to enhance the quality and independence of the internal audit function, thereby helping to ensure the integrity of the internal audit process.(4)
Chief Audit Executive: Top position within the organization responsible for internal audit activities. Normally, this would be the internal audit director. In the case where internal audit activities are obtained from outside service providers, the chief audit executive is the person responsible for overseeing the service contract and the overall quality assurance of these activities, reporting to senior management and the board regarding internal audit activities, and follow-up of engagement results.(5)
Internal Audit Function: A program within an agency that provides independent, objective assurance and consulting services designed to add value and improve an organization’s operations and facilitate oversight, accountability, and transparency.(6)
Internal Auditing: An independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.(7)
Professional Auditing Standards: Principles established to ensure the competence and independence of the audit function and the quality of audit work. The Code of Ethics and International Standards for the Professional Practice of Internal Auditing promulgated by the Institute of Internal Auditors, and Generally Accepted Government Auditing Standards, promulgated by the Government Accountability Office, are the two major sets of standards that govern both the conduct of audit work and the audit function.(8)
Risk: The possibility of an event occurring that will have an impact on the achievement of objectives. Risk is measured in terms of impact (the effect) and likelihood (the probability the event will occur).(9)
Risk Assessment: A process of identifying, analyzing and prioritizing risks to the achievement of an agency’s mission, goals, or objectives.(10)
Risk Management: A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives.
Source:
Rule 125-700-0015 — Definitions, https://secure.sos.state.or.us/oard/view.action?ruleNumber=125-700-0015
.