Jump to content

Institute of Internal Auditors

Coordinates: 28°44′53.4228″N 81°21′44.586″W / 28.748173000°N 81.36238500°W / 28.748173000; -81.36238500
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Kazuha1029 (talk | contribs) at 02:31, 28 November 2022 (updated to 2021.). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Institute of Internal Auditors
AbbreviationIIA
Formation1941
TypeNGO
HeadquartersLake Mary, Florida, United States
Coordinates28°44′53.4228″N 81°21′44.586″W / 28.748173000°N 81.36238500°W / 28.748173000; -81.36238500
Region served
Global
Membership
218,000+ (2021)
Official language
English
Anthony J. Pugliese
Benito Ybarra (2022 - 2023)
Revenue
Increase USD $59.78 million (2021)
ExpensesIncrease USD $52.89 million (2021)
Websitewww.theiia.org
[1][2]

The Institute of Internal Auditors (IIA) is an organization which advocates, provides educational conferences, and develops standards, guidance, and certifications for the internal audit profession.[3]

History

Established in 1941,[4] the IIA today serves more than 200,000 members [5] from more than 170 countries and territories. IIA's global headquarters are in Lake Mary, FL, United States. Anthony Pugliese is the President and CEO.[6][7] Pugliese succeeded Richard Chambers, in 2021. Previously, Pugliese was President and CEO of CalCPA.

Professional certification

The Certified Internal Auditor (CIA) is the primary professional designation offered by The IIA. The CIA designation is a globally recognized certification for internal auditors and is a standard by which individuals may demonstrate their competency and professionalism in the internal audit field. In order to become a certified internal auditor, candidates must possess a four-year degree from an accredited institution as well as pass all three parts of the CIA exam.[8]

Earning the CIA certification is intended to demonstrate a professional knowledge of the internal audit profession. CIAs are required to take continuing education courses.

Internal Auditors who take and pass the CIA Part One exam can earn the designation of Internal Audit Practitioner.[9] In 2019, the IIA announced it would be changing the Internal Audit Practitioner program.[9] The program changes include a new exam and waiving of the educational requirement for active Internal Audit Practitioner designation holders applying for the CIA program.[9] The changes go into effect in 2020.[9]

Other certifications

In 2019, the IIA announced plans to change its Certification in Risk Management Assurance (CRMA) program.[9] The CRMA changes go into effect in October 2020, and will include a new exam and updated prerequisites and experience requirements.[9]

  • Certification in Risk Management Assurance (CRMA)
  • Qualification in Internal Audit Leadership (QIAL)
  • Internal Audit Practitioner (IAP)
  • Certification in Control Self Assessment (CCSA)
  • Certified Government Auditing Professional (CGAP), for Government performance auditing and Government Auditors
  • Certified Financial Services Auditor (CFSA)

As of December 31, 2018, the CCSA, CFSA, and CGAP are no longer accepting new applications, and the three designations will be re-positioned into assessment-based certifications in the future.[10]

Below demonstrates the Number of CIA Holders by Region as of December 31, 2021.[11]

IIA Region CIA
Africa 4,300
Asia Pacific 85,605
Central & South America 1,797
Europe 19,637
Middle East 4,469
North America 57,482
No Country 5,033
Total 178,512

Professional standards

The IIA has two levels of professional guidance: (1) Mandatory Guidance (including the Standards) and (2) Strongly Recommended Guidance. The two levels of guidance constitute the IIA's International Professional Practices Framework (IPPF).

Mandatory guidance

The definition of internal auditing and the code of ethics[12] and the Standards[13] are mandatory for IIA members and internal audit organizations claiming to complete audits to IIA technical standards around the world. The guidelines and recommendations are recorded in what is referred to as the "Red Book."

  • The definition: Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
  • The four principles of the IIA's Code of Ethics are integrity, objectivity, confidentiality and competency.
  • The international standards for the professional practice of internal auditing:
Attribute standards Performance standards
1000 – Purpose, Authority, and Responsibility 2000 – Managing the Internal Audit Activity
1010 – Recognition of the Definition of Internal Auditing, the Code of Ethics, and the Standards in the Internal Audit Charter 2010 – Planning
1100 – Independence and Objectivity 2020 – Communication and Approval
1110 – Organizational Independence 2030 – Resource Management
1111 – Direct Interaction with the Board 2040 – Policies and Procedures
1120 – Individual Objectivity 2050 – Coordination
1130 – Impairments to Independence or Objectivity 2060 – Reporting to Senior Management and the Board
1200 – Proficiency and Due Professional Care 2070 - External Service Provider and Organizational Responsibility for Internal Auditing
1210 – Proficiency 2100 – Nature of Work
1220 – Due Professional Care 2110 – Governance
1230 – Continuing Professional Development 2120 – Risk Management
1300 – Quality Assurance and Improvement Program 2130 – Control
1310 – Requirements of the Quality Assurance and Improvement Program 2200 – Engagement Planning
1311 – Internal Assessments 2201 – Planning Considerations
1312 – External Assessments 2210 – Engagement Objectives
1320 – Reporting on the Quality Assurance and Improvement Program 2220 – Engagement Scope
1321 – Use of "Conforms with the International Standards for the Professional Practice of Internal Auditing" 2230 – Engagement Resource Allocation
1322 – Disclosure of Nonconformance 2240 – Engagement Work Program
1112 – Chief Audit Executive Roles Beyond Internal Auditing 2300 – Performing the Engagement
IIA Glossary 2310 – Identifying Information
2320 – Analysis and Evaluation
2330 – Documenting Information
2340 – Engagement Supervision
2400 – Communicating Results
2410 – Criteria for Communicating
2420 – Quality of Communications
2421 – Errors and Omissions
2430 – Use of "Conducted in Conformance with the International Standards for the Professional Practice of Internal Auditing"
2431 - Engagement Disclosure of Nonconformance
2440 – Disseminating Results
2450 – Overall Opinions
2500 – Monitoring Progress
2600 – Resolution of Senior Management's Acceptance of Risks

Position papers, practice advisories, and practice guides are Strongly Recommended Guidance that help define and explain the IIA standards.

Additional sources of guidance include a variety of materials that are developed and/or endorsed by the IIA, including research studies, books, seminars, conferences, and other products and services related to the professional practice of internal auditing.

Practice guides

As practice guides, 8 PGs, 15 GTAG (Global Technology Audit Guide), and 3 GAITs (Guide to the Assessment of IT Risk) have been issued in 2009 and 2010. GTAGs are written in straightforward business language to address a timely issue related to information technology (IT) management, control, and security. To date, the IIA has released GTAGs on the following topics:

  • GTAG 1: Information Technology Controls
  • GTAG 2: Change and Patch Management Controls: Critical for Organizational Success
  • GTAG 3: Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment
  • GTAG 4: Management of IT Auditing
  • GTAG 5: Managing and Auditing Privacy Risks
  • GTAG 6: Managing and Auditing IT Vulnerabilities
  • GTAG 7: Information Technology Outsourcing
  • GTAG 8: Auditing Application Controls
  • GTAG 9: Identity and Access Management
  • GTAG 10: Business Continuity Management (BCM)
  • GTAG-11: Developing the IT Audit Plan
  • GTAG-12: Auditing IT Projects (Mar. 2009)
  • GTAG-13: Fraud Prevention and Detection in an Automated World (December 2009)
  • GTAG-14: Auditing User-developed Applications (June 2010)
  • GTAG-15: Information Security Governance (June 2010)
  • GTAG-16: Data Analysis Technology (August 2011)
  • GTAG-17: Auditing IT Governance (July 2012)
  • Auditing Smart Devices: An Internal Auditor’s Guide to Understanding and Auditing Smart Devices (August 2016)
  • Assessing Cybersecurity Risk: Roles of the Three Lines of Defense (September 2016)
  • Understanding and Auditing Big Data (May 2017)
  • Auditing Insider Threat Programs (August 2018)

The IIA offers 31 General practice guides, 4 Financial Services guides, 4 Public Sector guides, 18 Global Technology Audit Guides (GTAG), 3 Guides to the Assessment of IT Risk (GAIT), and 2 guides for supplemental guidance.[14]

Other initiatives

Internal Audit Foundation

The Internal Audit Foundation[15] is a not-for profit organization that promotes and advances the value of the internal audit profession globally. It supports research, grants and awards, and promotes internal auditing study at post-secondary institutions worldwide. The 2020 Annual Report of the Foundation included white papers on auditing during the COVID pandemic.[16]

American corporate governance index

In December 2019, the IIA announced the results from its inaugural American Corporate Governance Index (ACGI).[17] The ACGI is a joint project of the IIA and the Neel Corporate Governance Center at the University of Tennessee, and grades companies on eight Guiding Principles of Corporate Governance.[18] The principles were compiled from guidance and principles from organizations like the Business Roundtable, National Association of Corporate Directors, and New York Stock Exchange. Scores were based on the survey responses of 128 chief audit executives.[17][19] The criteria included: board performance, external disclosures, companywide communication, corporate culture, and long-term strategies.[20] The first report graded U.S. publicly listed companies overall with a C+.[17][18]

See also

References

  1. ^ "Annual Reports". About the Profession. Institute of Internal Auditors. Retrieved 9 July 2021.
  2. ^ "About The IIA". About the Profession. Institute of Internal Auditors. Retrieved 21 July 2020.
  3. ^ "Membership". na.theiia.org.
  4. ^ Parker, S., & Johnson, L. A. (2017). The Development of Internal Auditing as a Profession in the U.S. During the Twentieth Century. Accounting Historians Journal, 44(2), 47–67.
  5. ^ Cohn, M. (2019). IIA sees membership exceed 200,000. Accountingtoday.Com
  6. ^ "What We Need Our Auditors to Do". www.governing.com. Retrieved 2020-04-16.
  7. ^ "Internal Auditors global chief cautions about emerging risks". www.zawya.com. Retrieved 2020-04-16.
  8. ^ https://www.hockinternational.com/what-is-certified-internal-auditor/ [dead link]
  9. ^ a b c d e f "IIA plans changes to certifications and exams for internal auditors next year". Accounting Today. 2019-11-20. Retrieved 2020-01-21.
  10. ^ "CFSA, CGAP, CCSA Transition FAQs" (PDF). CCSA, CFSA, CGAP Transition. Institute of Internal Auditors. Retrieved 27 July 2020.
  11. ^ "Annual Report 2021" (PDF). The Institute of Internal Auditors. Retrieved 28 November 2022.
  12. ^ "IIA Code of Ethics". IIA. Archived from the original on 4 May 2011. Retrieved 30 March 2011.
  13. ^ "IIA standards". IIA. Retrieved 30 March 2011.
  14. ^ "Supplemental guidance". IIA. Retrieved 6 March 2020.
  15. ^ "Pages - Internal Audit Foundation".
  16. ^ Internal Audit Foundation. 2020 Year in Review Internal Audit Foundation. 2020 Year in Review. Internal Audit Foundation: Lake Mary, FL, 2021.
  17. ^ a b c "Corporate governance rated only C+ by auditors". Accounting Today. 2019-12-12. Retrieved 2020-04-20.
  18. ^ a b Heller, Matthew (2019-12-12). "Governance Survey Grades Companies With C+". CFO. Retrieved 2020-04-20.
  19. ^ "Corporate Governance Gets a C+ Grade from Institute of Internal Auditors". www.nysscpa.org. Retrieved 2020-04-23.
  20. ^ "The Morning Ledger: Fed Decision Keeps Rates Steady, Sees Long Pause". cfo.cmail20.com. Retrieved 2020-04-23.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Institute_of_Internal_Auditors&oldid=1124260702"