Show
The purpose of the Standards for the Professional Practice of Internal Auditing (the Standards) is to provide auditors with specific professional guidance relating to the responsibilities of internal auditing. These standards have been summarized below. For a complete codification of the standards, please see the authoritative source at the website for the Institute of Internal Auditors Summary of General and Specific Standards for the Professional Practice of Interal Auditing100 Independence -- Internal Auditors should be independent of the activities they audit200 Professional Proficiency -- Internal Audits should be performed with proficiency and due professional care.The Internal Auditing Department The Internal Auditor 300 Scope Of Work -- The scope of internal auditing should encompass the examination and evaluation of the adequacy and effectiveness of the organization's system of internal control and the quality of performance in carrying out assigned responsibilities.400 Performance Of Audit Work -- Audit work should include planning the audit examination and evaluating information, communicating results and following up.500 Management Of The Internal Auditing Department -- The director of Internal Auditing should properly manage the Internal Auditing Department.Definition of Internal Auditing: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Introduction to the Standards Internal auditing is conducted in diverse legal and cultural environments; for organizations that vary in purpose, size, complexity, and structure; and by persons within or outside the organization. The purpose of the Standards is to: 1. Guide adherence with the mandatory elements of the International Professional Practices Framework. 2. Provide a framework for performing and promoting a broad range of value-added internal auditing services 3. Establish the basis for the evaluation of internal audit performance. 4. Foster improved organizational processes and operations. The Standards are a set of principles-based, mandatory requirements consisting of: - Statements of core requirements for the professional practice of internal auditing and for evaluating the effectiveness of performance that are internationally applicable at organizational and individual levels. - Interpretations clarifying terms or concepts within the Standards. The Standards comprise two main categories: Attribute and Performance Standards. Attribute Standards address the attributes of organizations and individuals performing internal auditing. Performance Standards describe the nature of internal auditing and provide quality criteria against which the performance of these services can be measured. Attribute and Performance Standards apply to all internal audit services. Attribute Standards: 1000 – Purpose, Authority, and Responsibility: The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent with the Mission of Internal Audit and the mandatory elements of the International Professional Practices Framework 1100 – Independence and Objectivity: The internal audit activity must be independent, and internal auditors must be objective in performing their work. 1200 – Proficiency and Due Professional Care: Engagements must be performed with proficiency and due professional care. 1300 – Quality Assurance and Improvement Program: The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. Performance Standards: 2000 – Managing the Internal Audit Activity: The chief audit executive must effectively manage the internal audit activity to ensure it adds value to the organization. 2100 – Nature of Work: The internal audit activity must evaluate and contribute to the improvement of the organization’s governance, risk management, and control processes using a systematic, disciplined, and risk-based approach. Internal audit credibility and value are enhanced when auditors are proactive and their evaluations offer new insights and consider future impact. 2200 – Engagement Planning: Internal auditors must develop and document a plan for each engagement, including the engagement’s objectives, scope, timing, and resource allocations. The plan must consider the organization’s strategies, objectives, and risks relevant to the engagement. 2300 – Performing the Engagement: Internal auditors must identify, analyze, evaluate, and document sufficient information to achieve the engagement’s objectives. 2400 – Communicating Results: Internal auditors must communicate the results of engagements. 2500 – Monitoring Progress: The chief audit executive must establish and maintain a system to monitor the disposition of results communicated to management. 2600 – Communicating the Acceptance of Risks: When the chief audit executive concludes that management has accepted a level of risk that may be unacceptable to the organization, the chief audit executive must discuss the matter with senior management. If the chief audit executive determines that the matter has not been resolved, the chief audit executive must communicate the matter to the board. Reference: https://na.theiia.org/standards-guidance www.globaliia.org |