Select the text to read:
Course Content
Module 1: Core Principles and Foundations of Internal Audit
0/9
The Role and Purpose of Internal Auditing
Establishing Authority: The Board and CAE Responsibilities
The Internal Audit Charter: Defining Authority and Scope
Understanding Internal Audit Services: Assurance vs. Advisory
Exploring Types of Assurance Engagements
Exploring Types of Advisory Engagements
Maintaining Independence and Objectivity: Avoiding Impairments
Internal Audit’s Role in Organizational Risk Management
Quiz: Core Principles of Internal Audit
Module 2: Ethics and Professional Conduct for Internal Auditors
0/12
The IIA’s Domain II Ethics EN
Upholding Integrity in Internal Audit
Ensuring Objectivity and Identifying Impairments
Organizational Policies Supporting Objectivity
Required Knowledge, Skills, and Competencies of Internal Auditors
Exercising Due Professional Care
Maintaining Confidentiality
Ethics & Professionalism in Internal Auditing video summary – IIA Domain II
The IIAs Domain II Ethics and Professionalism en broadcast
21:25
Ethics and Professionalism en
Lesson Summary: Ethics and Professionalism
Quiz: Ethics and Professional Conduct
Module 3: Understanding Governance, Risk Management, and Internal Control
0/9
Understanding Organizational Governance Principles
The Impact of Organizational Culture on the Control Environment
Addressing Ethical and Compliance Challenges in Governance
Fundamental Concepts of Enterprise Risk
Implementing the Risk Management Process
Key Risk Management Frameworks
Core Concepts of Internal Control
Designing and Assessing the Effectiveness of Internal Controls
Quiz: Governance, Risk Management, and Internal Control
Module 4: Detecting and Managing Fraud Risks
0/7
a c f e -c f e course playlist yazan abogosh
Understanding Fraud: Concepts and Typologies
Assessing Fraud Risks During Engagement Planning
Techniques for Fraud Detection and Management
Implementing Controls to Prevent and Detect Fraud
Roles and Responsibilities in Fraud Investigations
Quiz: Detecting and Managing Fraud Risks
final exam
0/1
Final Exam
New Internal Auditor Onboarding – Part 1: Applying the IIA 2024 Global Internal Audit Standards (Foundations, Professional Practice & Conformance)

The IIA’s Domain II: Ethics and Professionalism.

Central Topic: The IIA’s Global Internal Audit Standards – Domain II: Ethics and Professionalism

  • I. Introduction to Domain II: Ethics and Professionalism
    • Supersedes: The IIA’s former Code of Ethics
    • Purpose: Outlines behavioral expectations for professional internal auditors
      • Applies to: Chief audit executives (CAEs), other individuals, and any entities providing internal audit services
    • Outcomes of Conformance:
      • Instills trust in the profession of internal auditing
      • Creates an ethical culture within the internal audit function
      • Provides the basis for reliance on internal auditors’ work and judgment
    • Mandate for Conformance:
      • All internal auditors are required to conform
      • Conformance is still expected even if auditors are subject to other codes of ethics, behavior, or conduct (e.g., organizational codes)
      • The omission of a particular behavior from these principles and standards does not preclude it from being considered unacceptable or discreditable
    • Responsibilities for Conformance:
      • Individual Internal Auditors: Responsible for their own conformance
      • Chief Audit Executive (CAE):
        • Expected to support and promote conformance with this domain
        • Achieved by providing opportunities for training and guidance
        • May delegate certain responsibilities for managing conformance
        • Retains accountability for the ethics and professionalism of the internal audit function
  • II. Principle 1: Demonstrate Integrity
    • Core Statement: Internal auditors demonstrate integrity in their work and behavior
    • Definition of Integrity: Behavior characterized by adherence to moral and ethical principles
      • Includes demonstrating honesty
      • Includes demonstrating the courage to act based on relevant facts, even when facing pressure to do otherwise
      • Or when doing so might create potential adverse personal or organizational consequences
    • Simplified Expectation: Internal auditors are expected to tell the truth and do the right thing, even when it is uncomfortable or difficult
    • Significance of Integrity:
      • It is the foundation of the other principles of ethics and professionalism (objectivity, competency, due professional care, confidentiality)
      • The integrity of internal auditors is essential to establishing trust and earning respect
    • A. Standard 1.1: Honesty and Professional Courage
      • 1. Requirements:
        • Internal auditors must perform their work with honesty and professional courage
        • Professional Communications:
          • Must be truthful, accurate, clear, open, and respectful in all professional relationships and communications
          • This applies even when expressing skepticism or offering an opposing viewpoint
        • Prohibitions in Communication:
          • Must not make false, misleading, or deceptive statements
          • Must not conceal or omit findings or other pertinent information from communications
        • Disclosure Obligation:
          • Must disclose all material facts known to them that, if not disclosed, could affect the organization’s ability to make well-informed decisions
        • Exhibiting Professional Courage:
          • Must exhibit professional courage by communicating truthfully
          • And by taking appropriate action, even when confronted by dilemmas and difficult situations
        • CAE Responsibility for Work Environment:
          • The chief audit executive must maintain a work environment where internal auditors feel supported when expressing legitimate, evidence-based engagement results, whether favorable or unfavorable
    • B. Standard 1.2: Organization’s Ethical Expectations
      • 1. Requirements:
        • Internal auditors must understand, respect, meet, and contribute to the legitimate and ethical expectations of the organization
        • They must be able to recognize conduct that is contrary to those expectations
        • Promotion of Ethical Culture:
          • Internal auditors must encourage and promote an ethics-based culture in the organization
        • Reporting Unethical Behavior:
          • If internal auditors identify behavior within the organization that is inconsistent with the organization’s ethical expectations, they must report the concern according to applicable policies and procedures
    • C. Standard 1.3: Legal and Ethical Behavior
      • 1. Requirements:
        • Prohibited Activities:
          • Internal auditors must not engage in or be a party to any activity that is illegal
          • Or discreditable to the organization or the profession of internal auditing
          • Or that may harm the organization or its employees
        • Understanding Laws and Regulations:
          • Internal auditors must understand and abide by the laws and/or regulations relevant to the industry and jurisdictions in which the organization operates
          • This includes making disclosures as required by law or regulation
        • Reporting Violations:
          • If internal auditors identify legal or regulatory violations, they must report such incidents to individuals or entities that have the authority to take appropriate action
          • This reporting must be as specified in laws, regulations, and applicable policies and procedures
  • III. Principle 2: Maintain Objectivity
    • Core Statement: Internal auditors maintain an impartial and unbiased attitude when performing internal audit services and making decisions
    • Definition of Objectivity: An unbiased mental attitude that allows internal auditors to make professional judgments, fulfill their responsibilities, and achieve the Purpose of Internal Auditing without compromise
    • Supporting Factor: An independently positioned internal audit function supports internal auditors’ ability to maintain objectivity
    • A. Standard 2.1: Individual Objectivity
      • 1. Requirements:
        • Internal auditors must maintain professional objectivity when performing all aspects of internal audit services
        • Elements of Professional Objectivity:
          • Requires internal auditors to apply an impartial and unbiased mindset
          • Requires making judgments based on balanced assessments of all relevant circumstances
        • Managing Bias:
          • Internal auditors must be aware of and manage potential biases
    • B. Standard 2.2: Safeguarding Objectivity
      • 1. Requirements:
        • Internal auditors must recognize and avoid or mitigate actual, potential, and perceived impairments to objectivity
        • Gifts and Favors:
          • Internal auditors must not accept any tangible or intangible item (e.g., gift, reward, or favor) that may impair or be presumed to impair objectivity
        • Conflicts of Interest and Undue Influence:
          • Internal auditors must avoid conflicts of interest
          • Must not be unduly influenced by their own interests or the interests of others (including senior management, those in authority)
          • Or by the political environment or other aspects of their surroundings
        • Specific Scenarios in Performing Internal Audit Services:
          • Previous Responsibilities: Internal auditors must refrain from assessing specific activities for which they were previously responsible. Objectivity is presumed to be impaired if an internal auditor provides assurance services for an activity for which the internal auditor had responsibility within the previous 12 months.
          • Assurance after Advisory: If the internal audit function is to provide assurance services where it had previously performed advisory services, the CAE must confirm that the nature of the advisory services does not impair objectivity. The CAE must also assign resources such that individual objectivity is managed.
          • Assurance over CAE’s Responsibilities: Assurance engagements for functions over which the chief audit executive has responsibility must be overseen by an independent party outside the internal audit function[cite: 1].
          • Advisory on Previous Responsibilities: If internal auditors are to provide advisory services relating to activities for which they had previous responsibilities, they must disclose potential impairments to the party requesting the services before accepting the engagement[cite: 1].
        • CAE Responsibility for Methodologies:
          • The chief audit executive must establish methodologies to address impairments to objectivity
          • Internal auditors must discuss impairments and take appropriate actions according to relevant methodologies
    • C. Standard 2.3: Disclosing Impairments to Objectivity
      • 1. Requirements:
        • General Disclosure: If objectivity is impaired in fact or appearance, the details of the impairment must be disclosed promptly to the appropriate parties
        • Auditor’s Disclosure: If internal auditors become aware of an impairment that may affect their objectivity, they must disclose the impairment to the CAE or a designated supervisor
        • CAE’s Action on Auditor Impairment: If the CAE determines that an impairment is affecting an internal auditor’s ability to perform duties objectively, the CAE must discuss the impairment with the management of the activity under review, the board, and/or senior management and determine the appropriate actions to resolve the situation
        • Post-Engagement Discovery of Impairment: If an impairment affecting the reliability or perceived reliability of engagement outputs is discovered after completion, the CAE must discuss the concern with management, the board, senior management, and/or other affected stakeholders and determine appropriate actions (See also Standard 11.4 Errors and Omissions)
        • CAE’s Own Impairment: If the objectivity of the CAE is impaired in fact or appearance, the CAE must disclose the impairment to the board (See also Standard 7.1 Organizational Independence)
  • IV. Principle 3: Demonstrate Competency
    • Core Statement: Internal auditors apply the knowledge, skills, and abilities to fulfill their roles and responsibilities successfully
    • Nature of Competency: Requires developing and applying knowledge, skills, and abilities to provide internal audit services
    • Variability: Competencies needed by each internal auditor vary due to the diverse array of services provided
    • Enhancement: In addition to possessing/obtaining competencies, auditors improve service effectiveness and quality by pursuing professional development
    • A. Standard 3.1: Competency
      • 1. Requirements:
        • Internal auditors must possess or obtain the competencies to perform their responsibilities successfully
        • Required competencies include the knowledge, skills, and abilities suitable for one’s job position and responsibilities commensurate with their level of experience
        • Internal auditors must possess or develop knowledge of The IIA’s Global Internal Audit Standards
        • Service Engagement Limitation: Internal auditors must engage only in those services for which they have or can attain the necessary competencies
        • Individual Responsibility: Each internal auditor is responsible for continually developing and applying the competencies necessary to fulfill their professional responsibilities
        • CAE Responsibility (Collective Competency):
          • The CAE must ensure that the internal audit function collectively possesses the competencies to perform services in the internal audit charter
          • Or must obtain the necessary competencies (See also Standards 7.2 Chief Audit Executive Qualifications and 10.2 Human Resources Management)
    • B. Standard 3.2: Continuing Professional Development
      • 1. Requirements:
        • Internal auditors must maintain and continually develop their competencies to improve the effectiveness and quality of internal audit services
        • Internal auditors must pursue continuing professional development including education and training
        • Certified Auditors: Practicing internal auditors who have attained professional internal audit certifications must follow the continuing professional education policies and fulfill the requirements applicable to their certifications
  • V. Principle 4: Exercise Due Professional Care
    • Core Statement: Internal auditors apply due professional care in planning and performing internal audit services
    • Embodied by Standards Requiring:
      • Conformance with the Global Internal Audit Standards
      • Consideration of the nature, circumstances, and requirements of the work to be performed
      • Application of professional skepticism to critically assess and evaluate information
    • Definition of Due Professional Care: Requires planning and performing internal audit services with the diligence, judgment, and skepticism possessed by prudent and competent internal auditors
    • Auditor’s Intent: When exercising due professional care, internal auditors perform in the best interests of those receiving internal audit services
    • Limitation: Auditors are not expected to be infallible
    • A. Standard 4.1: Conformance with the Global Internal Audit Standards
      • 1. Requirements:
        • Internal auditors must plan and perform internal audit services in accordance with the Global Internal Audit Standards
        • Internal Audit Function’s Methodologies:
          • Must be established, documented, and maintained in alignment with the Standards
          • Internal auditors must follow the Standards and the internal audit function’s methodologies when planning and performing services and communicating results
        • Use with Other Requirements: If Standards are used with requirements from other authoritative bodies, communications must also cite the use of other requirements, as appropriate
        • Prohibition by Laws/Regulations: If laws or regulations prohibit conformance with any part of the Standards:
          • Conformance with all other parts of the Standards is required
          • Appropriate disclosures must be made
        • Inability to Conform: When internal auditors are unable to conform with a requirement (not due to legal prohibition):
          • The CAE must document and communicate a description of the circumstance, alternative actions taken, the impact of the actions, and the rationale
          • (Requirements related to disclosing nonconformance are described in Standards 8.3 Quality, 12.1 Internal Quality Assessment, and 15.1 Final Engagement Communication)
    • B. Standard 4.2: Due Professional Care (Specific Assessment Areas)
      • 1. Requirements: Internal auditors must exercise due professional care by assessing the nature, circumstances, and requirements of the services to be provided, including:
        • The organization’s strategy and objectives
        • The interests of those for whom internal audit services are provided and the interests of other stakeholders
        • Adequacy and effectiveness of governance, risk management, and control processes
        • Cost relative to potential benefits of the internal audit services to be performed
        • Extent and timeliness of work needed to achieve the engagement’s objectives
        • Relative complexity, materiality, or significance of risks to the activity under review
        • Probability of significant errors, fraud, noncompliance, and other risks that might affect objectives, operations, or resources
        • Use of appropriate techniques, tools, and technology
    • C. Standard 4.3: Professional Skepticism
      • 1. Requirements:
        • Internal auditors must exercise professional skepticism when planning and performing internal audit services
        • To exercise professional skepticism, internal auditors must:
          • Maintain an attitude that includes inquisitiveness
          • Critically assess the reliability of information
          • Be straightforward and honest when raising concerns and asking questions about inconsistent information
          • Seek additional evidence to make a judgment about information and statements that might be incomplete, inconsistent, false, or misleading
  • VI. Principle 5: Maintain Confidentiality
    • Core Statement: Internal auditors use and protect information appropriately
    • Context: Internal auditors often receive confidential, proprietary, and/or personally identifiable information due to unrestricted access necessary for their mandate (See also Principle 6 Authorized by the Board and its standards)
    • Forms of Information: Includes physical and digital form, as well as information from oral communication (e.g., meeting discussions)
    • Core Expectation: Internal auditors must respect the value and ownership of information received by using it only for professional purposes
    • And by protecting it from unauthorized access or disclosure, internally and externally
    • A. Standard 5.1: Use of Information
      • 1. Requirements:
        • Internal auditors must follow the relevant policies, procedures, laws, and regulations when using information
        • Information must not be used for personal gain
        • Or in any manner contrary or detrimental to the organization’s legitimate and ethical objectives
    • B. Standard 5.2: Protection of Information
      • 1. Requirements:
        • Internal auditors must be aware of their responsibilities for protecting information
        • And demonstrate respect for the confidentiality, privacy, and ownership of information acquired when performing internal audit services or as the result of professional relationships
        • Internal auditors must understand and abide by the laws, regulations, policies, and procedures related to confidentiality, information privacy, and information security that apply to the organization and internal audit function
        • Considerations specifically relevant to the internal audit function include:
          • Custody, retention, and disposal of engagement records
          • Release of engagement records to internal and external parties
          • Handling of, access to, or copies of confidential information when it is no longer needed
        • Internal auditors must not disclose confidential information to unauthorized parties unless there is a legal or professional responsibility to do so
        • Internal auditors must manage the risk of exposing or disclosing information inadvertently
        • CAE Responsibility: The chief audit executive must ensure that the internal audit function and individuals assisting the internal audit function adhere to the same protection requirements
  • VII. Acknowledgement
    • Purpose: A section where internal auditors can sign to affirm they have read and agree to conform with Domain II

 

Previous
Next
0% Complete
easypathuni.com

Learning often happens in classrooms
but it doesn’t have to.

+962 787516922
info@easypath.com