Enhancing Internal Auditing: New Standards and Principles
Stay updated with the latest developments in internal auditing as the new IPPFs introduce revised standards and core principles. Learn about the mission, definitions, and important dates related to internal auditing to enhance organizational value effectively.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Joint Seminar : The Joint Seminar : The IPPFs Pascale Vandenbussche ECIIA Secretary General IPPFs Brussels, May 11 2017 1
Agenda Agenda The new IPPFs The new Standards The new Guidance 2
From the Previous IPPFs To the From the Previous IPPFs To the New IPPFs New IPPFs
Important Dates Important Dates Revised Standards became effective January 1, 2017. Implementation Guides to support updated IPPF have been issued. New 2017 IPPF (Red Book) available. New IIA Quality Assessment Manual available 2Q 2017. Certifications: Changes to exam questions no earlier than July 1, 2017.
The new IPPFs The new IPPFs New IPPFs : Introduced Mission. Introduced 10 Core Principles. Implementation Guides.
Mission and definition of internal audit To enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight. Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
10 10 Core Core Principles Principles Demonstrates integrity. Demonstrates competence and due professional care. Is objective and free from undue influence (independent). Aligns with the strategies, objectives, and risks of the organization. Is appropriately positioned and adequately resourced. Demonstrates quality and continuous improvement. Communicates effectively. Provides risk-based assurance. Is insightful, proactive, and future-focused. Promotes organizational improvement.
Agenda Agenda The new IPPFs The new Standards The new Guidance 8
Overview of Changes to the Overview of Changes to the Standards Standards New standards to address: to address: Chief audit executives taking on roles and responsibilities beyond internal auditing. Potential objectivity-impairing situation of performing assurance role after previous consulting role. New standards Updates to existing standards to clarify requirements: Updates to existing standards to clarify requirements: Relationship between new Core Principles, such as Is insightful, proactive and future- focused, and the Standards. Quality assessment and improvement program. Communications between chief audit executive, the board, and senior management. Scope of external quality assessment: must opine on conformance with the Standards and Code of Ethics.
Overview of Changes to the Overview of Changes to the Standards Standards Updates to the Introduction to the Updates to the Introduction to the Standards: Standards: Clarify that the Standards, together with the Code of Ethics, encompass all Mandatory Guidance elements including Definition and Core Principles; thus conformance with the Code of Ethics and Standards demonstrates conformance with the IPPF s Mandatory Guidance. Modifications to enhance the flow and clarify the Introduction.
Standards 1000 and 1010 Standards 1000 and 1010 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent with the Mission of Internal Audit and the mandatory elements of the International Professional Practices Framework (the Core Principles for the Professional Practice of Internal Auditing, the Code of Ethics, the Standards, and the Definition of Internal Auditing). The chief audit executive must periodically review the internal audit charter and present it to senior management and the board for approval.
New New Standard 1112 Standard 1112 1112 Chief Audit Executive Roles Beyond Internal Auditing Where the chief audit executive has or is expected to have roles and/or responsibilities that fall outside of internal auditing, safeguards must be in place to limit impairments to independence or objectivity.
Standard 1130.A3 Standard 1130.A3 Addition of new implementation standard for assurance under 1130: 1130 Impairment to Independence or Objectivity 1130.A3 The internal audit activity may provide assurance services where it had previously performed consulting services, provided the nature of the consulting did not impair objectivity and provided individual objectivity is managed when assigning resources to the engagement.
Standard 1300 Standard 1300 1300 Quality Assurance and Improvement Program The chief audit executive must develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit activity. Interpretation: A quality assurance and improvement program is designed to enable an evaluation of the internal audit activity s conformance with the Standards and an evaluation of whether internal auditors apply the Code of Ethics. The program also assesses the efficiency and effectiveness of the internal audit activity and identifies opportunities for improvement. The chief audit executive should encourage board oversight in the quality assurance and improvement program.
Standard 1320 Standard 1320 1320 Reporting on the Quality Assurance and Improvement Program The chief audit executive must communicate the results of the quality assurance and improvement program to senior management and the board. Disclosure should include: The scope and frequency of both the internal and external assessments. The qualifications and independence of the assessor(s) or assessment team, including potential conflicts of interest. Conclusions of assessors. Corrective action plans.
Standard 2010 Standard 2010 2010 Planning The chief audit executive must establish a risk-based plan to determine the priorities of the internal audit activity, consistent with the organization s goals. Interpretation: To develop the risk-based plan, the chief audit executive consults with senior management and the board and obtains an understanding of the organization s strategies, key business objectives, associated risks, and risk management processes. The chief audit executive must review and adjust the plan, as necessary, in response to changes in the organization s business, risks, operations, programs, systems, and controls.
Standard 2050 Standard 2050 Standard 2050 Coordination and Reliance The chief audit executive should share information, coordinate activities, and consider relying upon the work of other internal and external assurance and consulting service providers to ensure proper coverage and minimize duplication of efforts.
Standard 2050 Standard 2050 Interpretation: In coordinating activities, the chief audit executive may rely on the work of other assurance and consulting service providers. A consistent process for the basis of reliance should be established, and the chief audit executive should consider the competency, objectivity, and due professional care of the assurance and consulting service providers. The chief audit executive should also have a clear understanding of the scope, objectives, and results of the work performed by other providers of assurance and consulting services. Where reliance is placed on the work of others, the chief audit executive is still accountable and responsible for ensuring adequate support for conclusions and opinions reached by the internal audit activity. 18
Standard 2060 Standard 2060 The chief audit executive s reporting and communication to senior management and the board must include information about: The audit charter. Independence of the internal audit activity. The audit plan and progress against the plan. Resource requirements. Results of audit activities. Conformance with the Code of Ethics and the Standards, and action plans to address any significant conformance issues. Management s response to risk that, in the chief audit executive s judgment, may be unacceptable to the organization.
Additional Changes Additional Changes This presentation covers just a few of the Standards and Glossary terms that have been changed. The rest of the changes can be reviewed on The IIA s website under the Standards section. https://global.theiia.org/standards-guidance/mandatory-guidance/Pages/Standards.aspx
Agenda Agenda The new IPPFs The new Standards The new Guidance 21
Implementation Guidance Implementation Guidance Implementation Guides released throughout 2016 have replaced the Practice Advisories that were part of the 2013 IPPF. Part of Recommended Guidance, IGs assist internal auditors in implementing and achieving conformance with the Standards. Each IG corresponds to one primary (attribute or performance) standard. Members can download IGs from the IIA website. https://global.theiia.org/standards-guidance/recommended-guidance/Pages/ Practice-Advisories.aspx
Recommended Guidance Recommended Guidance In addition to Implementation Guidance, Recommended Guidance includes Supplemental Guidance: Practice Guides. Global Technology Audit Guides (GTAGs). Guides to the Assessment of IT Risks (GAITs). Supplemental Guidance is being updated to be consistent with 2017 IPPF.
