Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
31 Cards in this Set
- Front
- Back
|
Internal Auditing |
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. |
|
|
Rules of Conduct Integrity |
1.1. Shall perform their work with honesty, diligence, and responsibility. 1.2. Shall observe the law and make disclosures expected by the law and the profession. 1.3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization. 1.4. Shall respect and contribute to the legitimate and ethical objectives of the organization. |
|
|
Rules of Conduct Objectivity |
2.1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization. 2.2. Shall not accept anything that may impair or be presumed to impair their professional judgment. 2.3. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review. |
|
|
Rules of Conduct Confidentiality |
3.1. Shall be prudent in the use and protection of information acquired in the course of their duties. 3.2. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization. |
|
|
Rules of Conduct Competency |
4.1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience. 4.2. Shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing (Standards). 4.3. Shall continually improve their proficiency and the effectiveness and quality of their services. |
|
|
Attribute Standards Purpose, authority, and responsibility |
The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent with the Definition of Internal Auditing, the Code of Ethics, and the Standards. The chief audit executive must periodically review the internal audit charter and present it to senior management and the board for approval. |
|
|
Attribute Standards Recognition of the Definition of Internal Auditing |
The mandatory nature of the Definition of Internal Auditing, the Code of Ethics, and the Standards must be recognized in the internal audit charter. The chief audit executive should discuss the Definition of Internal Auditing, the Code of Ethics, and the Standards with senior management and the board. |
|
|
Attribute Standards Independence and Objectivity |
The internal audit activity must be independent, and internal auditors must be objective in performing their work. |
|
|
Attribute Standards Organizational Independence |
The chief audit executive must report to a level within the organization that allows the internal audit activity to fulfill its responsibilities. The chief audit executive must confirm to the board, at least annually, the organizational independence of the internal audit activity. |
|
|
Attribute Standards Direct Interaction with the Board |
The chief audit executive must communicate and interact directly with the board. |
|
|
Attribute Standards Individual Objectivity |
Internal auditors must have an impartial, unbiased attitude and avoid any conflict of interest. |
|
|
Attribute Standards Impairment to Independence or Objectivity |
If independence or objectivity is impaired in fact or appearance, the details of the impairment must be disclosed to appropriate parties. The nature of the disclosure will depend upon the impairment. |
|
|
Attribute Standards Proficiency and Due Professional Care |
Engagements must be performed with proficiency and due professional care. |
|
|
Attribute Standards Proficiency |
Internal auditors must possess the knowledge, skills, and other competencies needed to perform their individual responsibilities. The internal audit activity collectively must possess or obtain the knowledge, skills, and other competencies needed to perform its responsibilities. |
|
|
Attribute Standards Due Professional Care |
Internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor. Due professional care does not imply infallibility. |
|
|
Attribute Standards Continuing Professional Development |
Internal auditors must enhance their knowledge, skills, and other competencies through continuing professional development. |
|
|
Attribute Standards Quality Assurance and Improvement Program |
The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. |
|
|
Attribute Standards Requirements of the Quality Assurance and Improvement Program |
The quality assurance and improvement program must include both internal and external assessments. |
|
|
Attribute Standards Internal Assessments |
Internal assessments must include: Ongoing monitoring of the performance of the internal audit activity; and Periodic self-assessments or assessments by other persons within the organization with sufficient knowledge of internal audit practices. |
|
|
Attribute Standards External Assessments |
External assessments must be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization. The chief audit executive must discuss with the board: The form and frequency of external assessments; and The qualifications and independence of the external assessor or assessment team, including any potential conflict of interest |
|
|
Attribute Standards Reporting on the Quality Assurance and Improvement Programs |
The chief audit executive must communicate the results of the quality assurance and improvement program to senior management and the board. |
|
|
Attribute Standards Use of "Conforms with the International Standards for the Professional Practice of Internal Auditing" |
The chief audit executive may state that the internal audit activity conforms with the International Standards for the Professional Practice of Internal Auditing only if the results of the quality assurance and improvement program support this statement. |
|
|
Attribute Standards Disclosure of Nonconformance |
When nonconformance with the Definition of Internal Auditing, the Code of Ethics, or the Standards impacts the overall scope or operation of the internal audit activity, the chief audit executive must disclose the nonconformance and the impact to senior management and the board. |
|
|
IPPF Mandatory Guidance |
The three mandatory elements of the IPPF are: Definition of Internal Auditing Code of Ethics International Standards for the Professional Practice of Internal Auditing (Standards) Conformance with the principles set forth in mandatory guidance is required and essential for the professional practice of internal auditing. Mandatory guidance is developed following an established due diligence process, which includes a period of public exposure for stakeholder input. |
|
|
International Standards for the Professional Practice of Internal Auditing Mandatory Guidance |
Standards are principle-focused and provide a framework for performing and promoting internal auditing. The Standards are mandatory requirements consisting of:Statements of basic requirements for the professional practice of internal auditing and for evaluating the effectiveness of its performance. The requirements are internationally applicable at organizational and individual levels.Interpretations, which clarify terms or concepts within the statements.Glossary terms.It is necessary to consider both the statements and their interpretations to understand and apply the Standards correctly. |
|
|
Code of Ethics Mandatory Guidance |
The Code of Ethics states the principles and expectations governing the behavior of individuals and organizations in the conduct of internal auditing. It describes the minimum requirements for conduct, and behavioral expectations rather than specific activities. |
|
|
IPPF Strongly Recommended Guidance |
The three strongly recommended elements of the IPPF are: Position Papers Practice Advisories Practice Guides Strongly recommended guidance is endorsed by The IIA through a formal approval process. It describes practices for effective implementation of The IIA's Definition of Internal Auditing, Code of Ethics, and Standards. |
|
|
Position Papers Strongly Recommended Guidance |
Position Papers assist a wide range of interested parties, including those not in the internal audit profession, in understanding significant governance, risk, or control issues, and delineating the related roles and responsibilities of internal auditing. |
|
|
Practice Advisories Strongly Recommended Guidance |
Practice advisories assist internal auditors in applying the Definition of Internal Auditing, the Code of Ethics, and the Standards, and promoting best practices. Practice Advisories address internal auditing's approach, methodologies, and consideration, but do not detail processes or procedures. They include practices relating to international, country, or industry-specific issues, specific types of engagements, and legal or regulatory issues. |
|
|
Practice Guides Strongly Recommended Guidance |
Practice Guides provide detailed guidance for conducting internal audit activities. They include processes and procedures, tools and techniques, programs, and step-by-step approaches, as well as examples of deliverables. |
|
|
IIA Standards numbering system |
FirstDigit – Type of Standard 1-Attribute; 2-Performance SecondDigit – Standard Section Thirdand Fourth Digits – Standard Subsection FirstDigit After Period – Type of Service A-Assurance; C-Consulting SecondDigit After Period – Service Number |
