Professional attributes and performance requirements for internal auditing are clearly set out in the IIA’s International Standards for Professional Practice of Internal Auditing. These Standards and their supporting guidelines have been continuously developed internationally since the 1970s. They represent “best practice” internal auditing and will continue to be revised by international teams to reflect both the needs of internal auditors and the organizations in which they provide their services. All internal auditing charters should require the internal audit role to comply with these standards: not all do! Yet every board would expect its external auditors to comply with developed international standards for external auditing. Why should internal auditing be different?
The Standards set out requirements and guidance for internal auditing attributes and performance of work. All are based on defined principles of Integrity, Objectivity, Confidentiality, and Competency in its International Code of Ethics, first published in 1968 and since revised to meet current and future internal auditing needs for all its members and those who have achieved the status of its qualification Certified Internal Auditor.7
All operations in an organization have a past, a present, and a future. This must be recognized in the planning of all internal auditing services and in each of its engagements. What has happened before and what is happening today will influence what will happen in the future. What happens in the future will also be influenced by more change, not only in the organization but also externally, by many of its stakeholders and events beyond its control. Every test and observation in an internal audit engagement needs to be considered in this scenario of past, present, and future change. Future change is change that can be forecast during the engagement, and change that might be hinted at by events leading to “beyond the horizon.” Beyond the horizon is not always an easy prediction to make, but it should be attempted by the internal auditor studying events and issues surrounding the operations being reviewed, and in discussion with board members and management at all levels.
- Page 4 of 7
- Previous section Knowledge and Experience of Risk Management, Control, and Governance Processes
- Next section Quality of Performance