Internal Audit Documents
On this page: Stanford
Ethics | Internal
Auditors | External
Auditors | Policy
Exceptions | Use
of Stanford's Name | Other
All members of the Stanford University community, all faculty, staff, students, members of the Board of Trustees, University Officers and affiliates are responsible for sustaining the high ethical standards of this institution, and of the broader community in which we function. The University values integrity, honesty and fairness, and strives to integrate these values into its teaching, research and business practices. (PowerPoint) (pdf)
Audit Liasons - August 2007
- Audit Survival Guide - February 2007
- Information Security Standards and IT Audit - May 2007
Audit Standard Operating Procedures
- Audit Program for Operating Unit Compliance Audits - March 2006
It is imperative that all
faculty, staff and students comply with
all University policies, procedures, standards and guidelines. Stanford
is committed to its policy to fully comply with its obligations to
external agencies in connection with their audit and inspection rights.
Stanford will provide external auditors and inspectors access to all
documents and data to which they are entitled on a reasonably timely
basis, except those deemed by the University to be legally privileged
or protected. However, this process requires preparation and
cooperation by the external auditors and inspectors.
- Guidance for External Auditors - August 2007
- Supplying Information to Government & External Auditors - February 2008
External Auditors requesting access to Stanford's network for Internet or access to University systems should follow this procedure for requesting access.
Stanford Policy Exemption and Risk AssumptionIt is imperative that Stanford University Faculty, Staff and Students comply with all University policies, procedures, standards and guidelines. However, there are circumstances that fall outside the ability to comply with and/or conform to a University policy, procedure, standard or guideline. In such instances, an exception must be formally documented and approved by appropriate University management.
Please follow this link for additional information regarding the University’s Policy Exception and Risk Assumption Process.
Many of our commercial partners and vendors would like to use Stanford's name in their literature and on their web sites. Administrative Guide Memo 15.5, Ownership and Use of Stanford Name and Trademark, states that such permission must be expressly granted by authorized University Management. However, express permission is not required for use of Stanford's name as long as use meets the following guidelines:
- Stanford's name is included
within a list of other customers
(Stanford cannot be the sole customer listed)
- There is no implied endorsement by Stanford (i.e. "Here is a list of satisfied clients.")
- Stanford is not highlighted in any manner (e.g. bigger font, red letters, first on the list, etc.)
- Stanford's logos and emblems are not used (e.g. Block S, Stanford Tree, Stanford Seal, etc.)
Plan for Institutional Compliance Program
Control Factors - July 1996