Search Results

Discover how the board, C-suite, and CAEs view risk in the third annual report, OnRisk 2022: A Guide to Understanding, Aligning, and Optimizing Risk. OnRisk 2022: A Guide to Understanding,

Recommended

Provides tools and techniques to help internal auditors build a work program and perform engagements involving IT governance. Auditing IT Governance ​This practice guide provides tools and

Recommended

​Discusses an external provider's responsibility for informing the organization of the organization's responsibility for maintaining an effective internal audit activity, including a

Recommended

​Discusses differences between internal and external audit mandates. Explores how the IPPF can assist with executing both mandates. Applying The IIA’s International Professional Practices

Guidance

This practice guide provides guidance on the uses of maturity models, identifies considerations for their selection, and provides instructions on how to build them. Components of existing

Describes the elements of the internal audit charter, and the CAE's review of the charter with the board. 1000 – Purpose, Authority, and Responsibility ​Descirbes the elements of the internal

Discusses the minimum criteria the CAE must fulfill in managing the internal audit activity. 2000 – Managing the Internal Audit Activity ​Discusses the minimum critieria the CAE must fulfill in

Discusses the CAE's responsibilities for communication and approval of internal audit's plans and resource requirements. 2020 – Communication and Approval ​Discusses the CAE's responsibilities

Discusses the CAE's establishment of policies and procedures. 2040 – Policies and Procedures ​Discusses the CAE's establishment of policies and procedures. Includes guidance on form and content.

Describes the conditions under which organizational independence is effectively achieved. 1110 – Organizational Independence ​Describes the conditions under which organizational independence is

Explores the CAE's responsibility for discussing management's acceptance of risks with management and the board. 2600 – Communicating the Acceptance of Risks ​Explores the CAE's responsibiltiy

Discusses internal audit's work regarding the assessment and continuous improvement of controls. 2130 – Control ​Discusses internal audit's work regarding the assessment and continuous improvement

Discusses the process of developing and documenting work programs. 2240 – Engagement Work Program ​Discusses the process of developing and documenting work programs. Identifies common formats. ​

Sponsored

Examination of COVID-19's impact on internal auditors' work-life balance. Audit Life Balance, Survey: Too much time spent on inefficient systems ​An online survey by Diligent finds internal

Tools

This tool references specific standards from the International Standards for the Professional Practice of Internal Auditing. Execute a Risk Assessment This tool references specific standards from

Executive

An effective way to perform and document an engagement-level risk assessment is to create a risk matrix listing the relevant risks and then expand the matrix to include measures of significance.

​This tool shows ways mapping process flows support identifying risks and controls. Mapping Process Flows ​This tool shows ways mapping process flows support identifying risks and controls.

​This tool supports identifying risk owners to reduce duplication of effort among assurance providers. Determining Risk Owners ​This tool supports identifying risk owners to reduce duplication of

Foundation

​This report looks at how disruptive innovation may change organizations. Future Ready: Upskilling Today for the Profession of Tomorrow ​Includes insights from the World Economic Forum Future of

Foundation

​This report identifies areas in which internal auditors were highly developed and those where gaps existed. Assessing Internal Audit Competency: Minding the Gaps to Maximize Insights This report

Tools

​Suggests areas of concern for a Conduct audit Conduct: Sample Risks ​Supports the risk assessment phase of a Conduct audit. ​​This member-only certified tool supports the risk assessment phase

Tools

After establishing the engagement objectives and scope, internal auditors must determine the availability of appropriate and sufficient resources to achieve the engagement’s objectives, as

Richard Chambers, president and CEO of The Institute of Internal Auditors, speaks with Charlie Wright, chief risk officer at Jack Henry and Associates, on how companies look at risks and

Videos

Harold Silverman, Managing Director of Professional Practices, welcomes Pamela Stroebel Powers, The IIA's new Director of Professional Practices for the Public Sector. Pamela shares some of

Tim Berichon, Director of CAE Services at The IIA, chats with Suri Musiri of Echo Global Logistics on how Internal Audit (even a small audit shop) can "get in the middle". Continuing the