Skip to Search Skip to Global Navigation Skip to Local Navigation Skip to Content

Quality Assurance Reviews

A Quality Assurance Review (QAR) evaluates the procedures a department has in place to mitigate the risk of fraud.

In addition, QAR's verify the accuracy of the Department Manager's responses to the Fiscal Management Sub Certifications and Management Certifications (Certification) and is in accordance with UT System financial accountability mandates. The Certifications are used to assess a department’s system of internal controls in relation to the criteria in UTSA’s Management Assessment Tool. Each department manager will provide an opinion as to whether their department’s system of internal control is adequately designed, properly executed, effective, there are no misstatements or omissions in the financial information provided, and all frauds known to them have been reported and appropriately addressed.

QAR - Frequently Asked Questions


Why and how were we chosen to be reviewed?
Approximately 20% of active Department Managers are selected annually for a QAR using a risk assessment based on several variables, e.g., funding levels, complexity of transactions, Certification responses, etc. All Department Managers identified as “high risk” based on the risk assessment are selected for a QAR that year, with a goal of every Department Manager receiving a QAR at least once every five years.

 

How are we notified if we have been selected for a QAR?
You will receive an email and/or a call from the Compliance Management Analyst in the Office of Institutional Compliance and Risk Services stating that you have been selected for a QAR and a request to schedule a time for the meeting to be performed.

 

How does our department prepare for a QAR?
Department Managers should review the policies and suggestions found in the Management Assessment Tool. In addition, approximately one week prior to the QAR you will be provided with a questionnaire that will include the areas that will be reviewed. The reviews are based primarily from the answers on the annual Certification. To access a sample questionnaire, please click here

 

How long will the review last?
We do our best to ensure minimal disruption of the day to day activities of the department. The interview with the Department Managers will take approximately one hour.

 

What kind of report will I receive?
Each Department Manager (and their immediate supervisor) will receive a report that assigns a code to the various areas reviewed. The code is as follows:

  • Red dot - significant departure from university policy, procedures and/or best practices;
  • Yellow dot - moderate departure from university policy, procedures and/or best practices;
  • Green dot - compliant with or non-significant departure from university policy, procedures and/or best practices.

The report is then quantified into an overall ranking of the risk of fraud in that department (i.e. significant risk, moderate risk or low risk). Click here for a sample report.

 

How is this different from an audit?
This is not an audit, nor does it substitute for an audit. The purpose of this review is to provide, in a consultative manner, an objective evaluation of internal controls in the area and to alert the Department Manager to potential risks.  A QAR is a “proactive” approach to monitoring internal controls so that Department Managers are aware of risks and can ensure they are adequately mitigated before weaknesses are identified in an audit.