On a yearly basis, Internal Audit and Advisory Services will perform a risk assessment of the campus auditable areas. Auditable areas consist of academic and administrative departments, business operations, auxiliary components, and any other unit which has a piece in fulfilling the mission of Savannah State University. In each audit area, factors are used to determine the level of risk that area may pose to the University. Some of the factors that are used to assess risk within each audit area include:
- Regulatory compliance and public scrutiny,
- Reliance on information technology,
- Dollar volume and liquidity,
- Organizational change and economic transition, and
- Audit history.
In addition to using the factors above to assess risk, management knowledge and auditor's judgment are also considered.Upon completion of the risk assessment, the areas which have a higher risk are presented to the president who makes a selection of audits to be performed for the upcoming fiscal year. This is developed into the audit plan. The audit plan is submitted each fiscal year to the Chief Audit Officer of the Board of Regents who grants final approval. The audit process is then followed for each planned area.