What are the internal auditors code of ethics PRINCIPLES
- Integrity
- Objectivity
- Confidentiality
- Competency
What are the internal auditors code of ethics RULES OF CONDUCT for Integrity
Integrity
- perform work w/ honesty
- observe the law and make lawful expected disclosures
- not knowingly be involved w/ illegal activity
- contribute to legitimate & ethical objectives of org
What are the internal auditors code of ethics RULES OF CONDUCT for Objectivity
Objectivity
- not participate in activity that will impair unbiased assessment
- not accept anything that impairs or presumed to impair independence
- shall disclose all fact known to IA
What are the internal auditors code of ethics RULES OF CONDUCT for Confidentiality
Confidentiality
- be prudent in use and protection of information acquired to do duties
- shall not use information for personal gain
What are the internal auditors code of ethics RULES OF CONDUCT for Competency
Competency
- shall engage in services which IA has knowledge, skills, and expertise
- shall perform IA services in accordance w/ International standards for the professional practice of internal auditing
- shall continually improve proficiency
Define Internal auditing
- IA is an independent, objective assurance and
consulting activity designed to add value to an entity - IA help an org accomplish its objectives by bringing a
disciplined approach to evaluate and improve the
effectiveness of risk mngmt, controls and goverence
What are the three components of the IA value proposition set forth by the IIA
- Assurance - to org. goverence, controls, & risk mngmt
- insight - to effectiveness & efficiency of org. business
and data processes - Objectivity - by committing to integrity and acceptability
which provides vale to board and sr. mngmnt - provides
objective source of independent advice
what are the components of the international professional practices framework for IA
(1-3 is Mandatory guidence) 1 IA definition 2 code of ethics principles and rules of conduct 3 int. standards for the professional practice of IA (4-6 is strongly recommended guidance) 4 position papers 5 practice advisories 6 practice guides
Define adequate control
adequate control is present if management plans and organizes controls to allow assurance that risks are managed
Define Charter
- formal document that defines IA activitys purpose, authority, and responsibility
- establishes position in org and gives IA authorizes access to information/records
Define CAE (chief audit executive)
- senior position
- must manage IA activity in accordance with IA charter, code of ethics, IA standards, and def of IA
conflict of interest
relationship that is not in best interest of organization
would impair individuals objectivity
consulting services
advisory & related client service activities
w/out IA assuming mngmnt responsiblity
control
- action taken by BOD & mngmnt to manage risk & ensure objectives and goals are achieved.
control environment
BOD and mngmnt actions and attitudes regarding the importance of control in the org. Examples: - integrity and ethical values - management operating style - HR policies and procedures - competence of personnel
control processes
policies and procedures part of control framework to contain risk with acceptable org. level
engagement work program
- procedures to be followed during engagement to achieve engagement plan
impairment
- impairment to organizational independence and individual objectivity Examples: - conflict of interest - scope limitation -
Objectivity
unbiased mental attitude
Overall Opinion
Rating, conclusion, and/or description of results provided by the chief audit executive addressing, at a broad level, governance, risk management and/or control processes of the org.
Risk appetite
level of risk and organization is willing to accept
Risk management
process to identify, assess, manage, and control potential events or situations to provide assurance regarding achievement or org objectives
standard
professional pronouncement created by the IA standards board that describes the requirements for Internal auditors activities
technology based audit techniques
any automated tool Examples: generalized audit software test data generators computer-assisted audit techniques
