Primary navigation:

QFINANCE Quick Links
QFINANCE Topics
QFINANCE Reference
Add the QFINANCE search widget to your website

Home > Auditing Best Practice > What Is the Range of the Internal Auditor’s Work?

Auditing Best Practice

What Is the Range of the Internal Auditor’s Work?

by Andrew Cox

What Do the Standards Say?

The internal auditing standards we will consider here are those issued by the Institute of Internal Auditors (IIA, 2007). The internationally accepted definition of internal auditing issued by the IIA is:

“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.”

This was a step up from the previous definition, which concentrated on assurance. This definition expanded the role of internal audit to encompass consulting services. To understand the difference between assurance services and consulting services, we need a couple of definitions:

Assurance: An objective examination of the evidence for the purpose of providing an independent assessment of risk management, control, or governance processes for an organization. Examples may include financial, performance, compliance, system security, and due diligence engagements.

Consulting: Advisery and related client service activities, the nature and scope of which are agreed with the client, and which are intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility. Examples include counsel, advice, facilitation, and training.

It should be noted that the definitions of internal auditing and the standards focus on risk management, control, and governance:

Risk management: Internal audit should assist the organization by identifying and evaluating significant exposures to risk and contributing to the improvement of risk management and control systems.

Control: Internal audit should assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.

Governance: Internal audit should assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:

  • Promoting appropriate ethics and values within the organization.

  • Ensuring effective organizational performance management and accountability.

  • Effectively communicating risk and control information to appropriate areas of the organization.

  • Effectively coordinating the activities and communicating information among the board, external and internal auditors, and management.

Back to Table of contents

Further reading

Books:

  • Australian National Audit Office. Public Sector Audit Committees: Having the Right People is the Key. Canberra: Australian National Audit Office, 2005.
  • Australian National Audit Office. Public Sector Internal Audit—An Investment in Assurance and Business Improvement. Canberra: Australian National Audit Office, 2007.
  • Picket, K. H. Spencer. Audit Planning: A Risk-Based Approach. Hoboken, NJ: Wiley, 2006.
  • Reding, Kurt F., Paul J. Sobel, Unton L. Anderson, Michael J. Head, Sridhar Ramamoorti, and Mark Salamasick. Internal Auditing: Assurance and Consulting Services. Altamonte Springs, FL: IIA Research Foundation, 2007.
  • Sawyer, Lawrence B., Mortimer A. Dittenhofer, and James H. Scheiner. Sawyer’s Internal Auditing: The Practice of Modern Internal Auditing. 5th ed. Altamonte Springs, FL: IIA Research Foundation, 2003.

Standards:

Website:

Back to top

Article Author

  • Andrew CoxAndrew Cox
    Independent Consultant, Australia and the United Arab Emirates

Share this page

  • Facebook
  • Twitter
  • LinkedIn
  • Bookmark and Share

Related

Most Viewed

Recommended

Latest

 
QFINANCE www.qfinance.com