Академический Документы
Профессиональный Документы
Культура Документы
InternationalInternalAuditStandardsBoard
(IIASB)
October2012
www.globaliia.org
Session Overview
Q&A
www.globaliia.org
2
2
www.globaliia.org
3
3
Mandatory
IPPF =
www.globaliia.org
Non mandatory
Strongly
recommended
4
4
Performance Standards:
www.globaliia.org
5
5
www.globaliia.org
6
6
Standards-Setting
Due Process
www.globaliia.org
7
7
www.globaliia.org
Development
Public
Exposure
Initiation
Standards Setting
www.globaliia.org
9
10
www.globaliia.org
Issuance
Review &
Approval
Standards Setting
www.globaliia.org
11
11
Why Change?
The Standards must remain current, relevant, and timely
for the profession
The IPPF process requires that the Standards be reviewed
at least once every three years
Ongoing changes are a key component of the continued
development of the IPPF
www.globaliia.org
12
12
www.globaliia.org
13
14
14
Organizational Independence
1110 - Organizational Independence
The chief audit executive must report to a level within the organization that allows the
internal audit activity to fulfill its responsibilities. The chief audit executive must confirm to
the board, at least annually, the organizational independence of the internal audit activity.
Interpretation:
Organizational independence is effectively achieved when the chief audit executive reports
functionally to the board. Examples of functional reporting to the board involve the board:
Approving the internal audit charter;
Approving the risk based internal audit plan;
Approving the internal audit budget and resource plan;
Receiving communications from the chief audit executive on the internal audit activitys
performance relative to its plan and other matters;
Approving decisions regarding the appointment and removal of the chief audit executive;
Approving the remuneration of the chief audit executive; and
Making appropriate inquiries of management and the chief audit executive to determine
whether there are inappropriate scope or resource limitations.
15
15
www.globaliia.org
16
The need for more frequent form and frequency of external assessments; and
The qualifications and independence of the external reviewer assessor or review assessment
team, including any potential conflict of interest.
Interpretation:
External assessments can be in the form of a full external assessment, or a selfassessment with independent external validation.
17
17
www.globaliia.org
18
19
19
www.globaliia.org
20
The internal audit activity must evaluate risk exposures relating to the
organizations governance, operations, and information systems
regarding the:
21
21
22
22
www.globaliia.org
23
Disseminating Results
2440 Disseminating Results
The chief audit executive must communicate results to the appropriate
parties.
Interpretation:
The chief audit executive or designee reviews is responsible for
reviewing and approves approving the final engagement
communication before issuance and decides for deciding to whom and
how it will be disseminated. When the chief audit executive delegates
these duties, he or she retains overall responsibility.
24
24
www.globaliia.org
25
Acceptance of Risk
2600 Resolution of Senior Management's Communicating the
Acceptance of Risks
When the chief audit executive believes concludes that senior management
has accepted a level of residual risk that may be unacceptable to the
organization, the chief audit executive must discuss the matter with senior
management. If the decision regarding residual risk is chief audit executive
determines that the matter has not been resolved, the chief audit executive
must report communicate the matter to the board for resolution.
Interpretation:
The identification of risk accepted by management may be observed through
an assurance or consulting engagement, monitoring progress on actions
taken by management as a result of prior engagements, or other means. It is
not the responsibility of the chief audit executive to resolve the risk.
Exposure Results: Yes: 89%, No: 7%, No Opinion: 4%
www.globaliia.org
26
26
www.globaliia.org
27
28
28
29
29
30
30
Other Changes
2210.A3
Control Processes
www.globaliia.org
31
31
www.globaliia.org/standards-guidance
www.globaliia.org
32
www.globaliia.org
33
33
QUESTIONS
Guidance@theiia.org
www.globaliia.org/standards-guidance
www.globaliia.org
34
34