Institute of Internal Auditors

Institute of Internal Auditors

Established in 1941, The Institute of Internal Auditors (IIA) is a guidance-setting body. Serving members in 165 countries, The IIA is the internal audit profession's global voice, chief advocate, recognized authority, and principal educator, with global headquarters in Altamonte Springs, Fla., United States.


IIA Mission

The stated mission of The Institute of Internal Auditors is to provide "dynamic leadership" for the global profession of internal auditing. This includes:

  • Advocating and promoting the value that internal audit professionals add to their organizations;
  • Providing comprehensive professional education and development opportunities; standards and other professional practice guidance; and certification programs;
  • Researching, disseminating, and promoting to practitioners and stakeholders knowledge concerning internal auditing and its appropriate role in control, risk management, and governance;
  • Educating practitioners and other relevant audiences on best practices in internal auditing;
  • Bringing together internal auditors from all countries to share information and experiences.

Certified Internal Auditor (CIA)

The CIA (Certified Internal Auditor) is the primary professional designation offered by The IIA. The CIA designation is a globally recognized[citation needed] certification for internal auditors and is a standard by which individuals may demonstrate their competency and professionalism in the internal audit field.

Earning the CIA qualification is intended to demonstrate a professional knowledge of the internal audit profession. CIAs are required to take continuing education courses.

Many CIAs today are senior internal audit managers, Vice Presidents, Directors and Chief Audit Executives in top global MNC companies driving internal audit functions in their respective companies.

Other certificates offered by the IIA

  • Certification in Control Self-Assessment (CCSA)
  • Certified Financial Services Auditor (CFSA)

Professional Standards: the International Professional Practices Framework

The IIA has two levels of professional guidances: (1) Mandatory Guidance (including the Standards) and (2) Strongly Recommended Guidance. The two levels of guidance constitute the IIA's International Professional Practices Framework (IPPF).

1) Mandatory Guidance: the Definition of Internal Auditing, the Code of ethics[1] and the Standards[2]

These guidelines are mandatory for IIA members and internal audit organizations claiming to complete audits to IIA technical standards around the world. The guidelines and recommendations are recorded in what is referred to as the "Red Book."

  • The Definition: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
  • The four principles of the IIA's Code of Ethics are Integrity, Objectivity, Confidentiality and Competency.
  • The International Standards for the Professionsl Practice of Internal Auditing:
Attribute Standards Performance Standards
1000 – Purpose, Authority, and Responsibility 2000 – Managing the Internal Audit Activity
1010 – Recognition of the Definition of Internal Auditing, the Code of Ethics, and the Standards in the Internal Audit Charter 2010 – Planning
1100 – Independence and Objectivity 2020 – Communication and Approval
1110 – Organizational Independence 2030 – Resource Management
1111 – Direct Interaction with the Board 2040 – Policies and Procedures
1120 – Individual Objectivity 2050 – Coordination
1130 – Impairments to Independence or Objectivity 2060 – Reporting to Senior Management and the Board
1200 – Proficiency and Due Professional Care 2070 - External Service Provider and Organizational Responsibility for Internal Auditing
1210 – Proficiency 2100 – Nature of Work
1220 – Due Professional Care 2110 – Governance
1230 – Continuing Professional Development 2120 – Risk Management
1300 – Quality Assurance and Improvement Program 2130 – Control
1310 – Requirements of the Quality Assurance and Improvement Program 2200 – Engagement Planning
1311 – Internal Assessments 2201 – Planning Considerations
1312 – External Assessments 2210 – Engagement Objectives
1320 – Reporting on the Quality Assurance and Improvement Program 2220 – Engagement Scope
1321 – Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” 2230 – Engagement Resource Allocation
1322 – Disclosure of Nonconformance 2240 – Engagement Work Program
2300 – Performing the Engagement
IIA Glossary 2310 – Identifying Information
2320 – Analysis and Evaluation
2330 – Documenting Information
2340 – Engagement Supervision
2400 – Communicating Results
2410 – Criteria for Communicating
2420 – Quality of Communications
2421 – Errors and Omissions
2430 – Use of "Conducted in Conformance with the International Standards for the Professional Practice of Internal Auditing"
2431 - Engagement Disclosure of Nonconformance
2440 – Disseminating Results
2450 – Overall Opinions
2500 – Monitoring Progress
2600 – Resolution of Senior Management’s Acceptance of Risks
  1. ^ "IIA Code of Ethics". IIA Code of Ethics. IIA. Retrieved 30 March 2011. 
  2. ^ "IIA standards". IIA standards. IIA. Retrieved 30 March 2011. 

2) Strongly Recommended Guidance: Position Papers, Practice Advisories, and Practice Guides

These Strongly Recommended Guidance help define and explain the IIA standards.

Practice guides

As practice guides, 8 PGs, 15 GTAG (Global Technology Audit Guide), and 3 GAITs (Guide to the Assessment of IT Risk) have been issued in 2009 and 2010. GTAGs are written in straightforward business language to address a timely issue related to information technology (IT) management, control, and security. To date, the IIA has released GTAGs on the following topics:

  • GTAG 1: Information Technology Controls
  • GTAG 2: Change and Patch Management Controls: Critical for Organizational Success
  • GTAG 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment
  • GTAG 4: Management of IT Auditing
  • GTAG 5: Managing and Auditing Privacy Risks
  • GTAG 6: Managing and Auditing IT Vulnerabilities
  • GTAG 7: Information Technology Outsourcing
  • GTAG 8: Auditing Application Controls
  • GTAG 9: Identity and Access Management
  • GTAG 10: Business Continuity Management (BCM)
  • GTAG-11: Developing the IT Audit Plan
  • GTAG-12: Auditing IT Projects (Mar. 2009)
  • GTAG-13: Fraud Prevention and Detection in an Automated World (Dec. 2009)
  • GTAG-14: Auditing User-developed Applications (June 2010)
  • GTAG-15: Information Security Governance (June 2010)
  • GTAG-16: Data Analysis Technology (August 2011)

Additional sources of guidance: Development and practice aids

This Includes a variety of materials that are developed and/or endorsed by the IIA, including research studies, books, seminars, conferences, and other products and services related to the professional practice of internal auditing.

See also

External links

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Institute of Internal Auditors — IIA The world’s leading organization for *internal auditing. Established in 1941 and headquartered in Altamonte Springs, FL, the IIA grew impressively in the twentieth century as it simultaneously encouraged and benefited from the growth of… …   Auditor's dictionary

  • Institute of Internal Auditors — UK US noun (abbreviation IIA) ACCOUNTING ► in the UK and Ireland, an organization that trains, tests, and gives support to auditors (= people whose job is to examine the accounts of a business and to produce a report on them) …   Financial and business terms

  • Institute of Internal Auditors — (Pour IIA decision theory, voir Independence of irrelevant alternatives.) (Désambiguation: voir IIA.) Cette page est la traduction de la page Wikipedia anglaise Etabli en 1941, l Institute of Internal Auditors (IIA) ou Institut des Auditeurs… …   Wikipédia en Français

  • Institute of Internal Auditors — An institute founded in 1945 in the USA; it was established in the UK in 1948 as part of the US based international body. Its journal is The Internal Auditor …   Accounting dictionary

  • Institute of Internal Auditors UK and Ireland — The United Kingdom’s national institute of the *Institute of Internal Auditors (IIA). Established in 1948 as the first IIA chapter outside of North America, the IIA UK became a national institute in 1979. The IIA UK is now an influential body for …   Auditor's dictionary

  • Institute Of Internal Auditors - IIA — A leader in certification, education and research for professionals engaged in evaluating an organization s operations and controls. Established in 1941, the Institute of Internal Auditors awards the Certified Internal Auditor (CIA) designation,… …   Investment dictionary

  • Chartered Institute of Internal Auditors — The Chartered Institute of Internal Auditors is the United Kingdom and Republic of Ireland chapter of the Institute of Internal Auditors and is a member of the European Confederation of Institutes of Internal Auditors. It was founded in 1948 and… …   Wikipedia

  • internal audit — A branch of auditing developed in the twentieth century as a means of monitoring an organization’s *risks, *internal controls, procedures, and *management accounting. As *corporations and *public sector organizations became increasingly complex… …   Auditor's dictionary

  • Internal Auditor — A U.S. internal auditing magazine. Founded in 1944, the magazine is published bimonthly by the *Institute of Internal Auditors. Available in both print and online formats, it concentrates on news and developments in internal auditing, *corporate… …   Auditor's dictionary

  • Internal Auditing & Business Risk — A British internal auditing magazine. Published monthly by the *Institute of Internal Auditors UK and Ireland, the magazine is available in print and online formats. It focuses on professional developments and news in internal auditing and… …   Auditor's dictionary

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”