Back to Top
Business and Financial Policies and Procedures

9.3 Report Activity from Audits, Reviews, Consulting Engagements, and Attestation Services Provided by External Parties

Policy Statement

Units may hire external business and consulting professionals to provide, audit, review, consulting, attestation, and related services. Any resulting draft or final work product received from the external provider must be submitted to system offices staff annually.

Reason for the Policy

Units of the University of Illinois System may need external financial and business services, such as audit, review, consulting and attestation services. External providers frequently possess specialized skills, knowledge, credentials and independence that may not be readily available among System faculty and staff. Resulting draft or final reports received from these engagements could reveal risks to the overall University of Illinois System, beyond the individual units that seek these services.

Applicability of the Policy

Draft or final work product received from external business and consulting professionals with issues related to:

  • Financial information
  • Business processes and potential improved efficiencies
  • Fiscal, administrative, and internal controls
  • Compliance with laws and regulatory requirements

Examples of audits, reviews, and consulting recommendations which do not need to be submitted include issues related to:

  • Sponsored projects and grant funding agencies. These reports should continue to be provided to your university’s Grants and Contracts, Post Award Office for review.
  • Academic programs and accreditation with only incidental references to financial information
  • Building design or potential construction projects or site inspections of existing structures
  • Commercialization of intellectual property


To submit all draft and final audit, review, consulting, and attestation service engagement reports received from external providers:

  1. Identify any draft or final audit, review, consulting, and attestation service reports received from external providers during the twelve-month period ending on June 30th.
  2. With the exception of reports or recommendations made pursuant to the attorney-client privilege as indicated below, submit all draft and final reports prepared by these external providers to by August 15 of each year. Units are encouraged to submit these reports throughout the fiscal year if they are available sooner.

    If your unit has such reports or recommendations that were performed or received pursuant to the attorney-client privilege, please contact the Office of University Counsel for guidance as to whether or not such reports or recommendations are subject to this policy; they are not necessarily exempt from this requirement.

  3. Prepare to answer any questions related to the report(s) that may come from the review process, which evaluates the potential risk and other considerations related to the System’s financial statement reporting process.

  4. Disclose adverse results from these engagements and any related reports during the annual Fiscal Control and Annual Auditing Act (FCIAA) certification process. 

Questions can be sent to

Last Updated: May 21, 2020 | Approved: Senior Associate Vice President for Business and Finance | Effective: July 18, 2018

Give us feedback about this page Submit Feedback