This Is Auburn Office of Audit, Compliance & Privacy
Office of Audit, Compliance & Privacy

Our Mission

The mission of the Office of Audit, Compliance & Privacy is to assist Auburn University, Auburn University at Montgomery, the Alabama Cooperative Extension System, and the Alabama Agricultural Experiment Station (the "University") in fulfilling its vision of being a preeminent comprehensive land-grant university. Our office provides services in three distinct yet related disciplines - audit, compliance, and privacy - in support of Auburn University's three-pronged mission of teaching, research, and service.

The Office of Audit, Compliance & Privacy functions in partnership with University leadership to:

  • improve the internal control system and culture;
  • improve and enhance the management of operational, financial, compliance, strategic and reputational risks;
  • enhance governance processes;
  • ensure strong stewardship and management accountability at all levels of the University.

Case In Point: Lessons for the proactive manager

This month we begin a deeper dive into each specific category from 2020 with a focus on Information Technology. IT risks are vitally important to manage and that became even more evident as we moved to a largely remote world during 2020. Ensuring only authorized individuals are accessing our systems and data is crucial.

The top 3 types of stories in the IT category were:

  1. Data Breaches
  2. Cyberattacks
  3. Privacy Issues

5 Tips That Could Help You Avoid Becoming an IT Headline

  • Practice good password hygiene
    Use strong & different passwords on each site and enable multi-factor authentication.
  • Beware of social engineering tactics
    Learn to recognize common methods used by scammers to obtain your personal information, whether via email, text message, phone calls, or in-person. Be skeptical of requests for your personal information or money.
  • Use only secure WiFi or VPN
    Most public or free WiFi networks are unsecured. Always use a VPN service when connecting to a public WiFi network.
  • Install Updates
    Cyber attackers take advantage of unpatched devices and applications. Regularly look for and install OS and application software updates and hardware firmware.
  • Backup your data
    Something will inevitably go wrong. Your hardware may fail, you may accidentally delete the wrong files, or even lose a device. Backups protect you from accidently losing data and help you recover from ransomware.

Information Technology is an important risk that will not go away for institutions regardless of the model we are operating under, but it is not the only issue in our industry. We invite you to review the stories across higher education from the prior month with a view toward proactively managing them and avoiding the headlines. As always, we welcome your comments and suggestions.

Read this month's issue of Case In Point

Case In Point Archives

Anonymous Reporting Hotline

The University uses the EthicsPoint anonymous Reporting System to enhance communication and empower individuals to promote safety, security, and ethical behavior. Use this anonymous, confidential system to report situations, events or actions by individuals or groups that you believe unethical or otherwise inappropriate. Frivolous or unfounded reports do not help foster a positive workplace. This hotline service does not replace our existing reporting methods for reporting fraud, waste, abuse or other potentially illegal activities. The University continues to encourage stakeholders to report concerns or suspected violations to their supervisor or other campus entities as appropriate.

If you are uncertain if a situation violates University policy, is illegal or constitutes harassment or discrimination, you may use EthicsPoint to obtain clarification. We would much rather have you ask questions than let potential problems go unchecked. However, EthicsPoint should not be used for immediate threats to life or property. If the situation presents an immediate threat to life or property call emergency -- 911

Last Updated: February 02, 2021