TIAPS Module 1 Audit and Assurance workbook
B. Mandate, Independence, and Objectivity Learning Outcomes On completion of this section, students will be better able to: • Define minimum requirements for the internal audit mandate. • Describe the purpose of the internal audit mandate. • Evaluate audit independence and auditor objectivity. • Identify appropriate means to safeguard independence and objectivity. B.1 Importance of Independence and Objectivity IIA Internal Audit Competency Framework Organizational Independence: General Awareness: Describe the importance of organizational independence of the internal audit activity; identify the elements that affect independence. Applied Knowledge: Detect any potential impairments to internal audit independence and the impact. Expert: Address any potential impairments to internal audit independence to achieve conformance with the Standards; communicate the impact of any remaining impairments. 19 Individual Objectivity: General Awareness: Describe the importance of internal audit objectivity; identify factors that may impair, or appear to impair, objectivity. Applied Knowledge: Detect and manage any real or perceived impairments to an individual internal auditor’s objectivity; assess and maintain internal audit objectivity. Expert: Develop and maintain policies that govern objectivity; recommend strategies to promote objectivity. 20 The IPPF provides the most widely recognized definition of internal auditing. Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. 21 19 Internal Audit Competency Framework, The IIA, 2022. 20 Internal Audit Competency Framework, The IIA, 2022. 21 The International Professional Practice Framework, The Institute of Internal Auditors, 2016 26
Although they are related, the principles of independence and objectivity as defined by The IIA are distinct. They also differ in detail from the definitions used by the International Ethics Standards Board for Accountants (IESBA) and others. In the IPPF, Standard 1100 – Independence and Objectivity makes clear an important distinction: The internal audit activity must be independent, and internal auditors must be objective in performing their work. 22 Independence is a feature of the internal audit function (referred to as the “internal audit activity” in the IPPF). Objectivity, on the other hand, is a facet of auditors. Standard 1100 provides the following interpretations: Independence is the freedom from conditions that threaten the ability of the internal audit activity to carry out internal audit responsibilities in an unbiased manner. To achieve the degree of independence necessary to effectively carry out the responsibilities of the internal audit activity, the chief audit executive has direct and unrestricted access to senior management and the board. This can be achieved through a dual-reporting relationship. Threats to independence must be managed at the individual auditor, engagement, functional, and organizational levels. Objectivity is an unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they believe in their work product and that no quality compromises are made. Objectivity requires that internal auditors do not subordinate their judgment on audit matters to others. Threats to objectivity must be managed at the individual auditor, engagement, functional, and organizational levels. 23 To establish organizational independence, the head of the internal audit function (the chief audit executive) “must report to a level within the organization that allows the internal audit activity to fulfil its responsibilities.” The structures of public entities, including reporting lines for the head of the internal audit function, may be defined by legislation or policy. Reference to a “dual-reporting relationship” in the Standards alludes to a desirable state in which the head of internal audit reports functionally to (i.e., is accountable to and overseen by) the governing body, either directly or via an audit committee. Functional reporting involves a substantive relationship in which the governing body is the de facto line manager of the head of internal audit with responsibility for appraising performance as well as hiring and firing. The governing body should approve the internal audit charter, the audit plan, and budget, and receive and consider reports from the head of internal audit. This is in addition to the head of internal audit’s administrative reporting relationship with a member of senior management, ideally the CEO, for routine matters. The head of internal audit should provide reports to both senior management and the governing body regarding significant findings and insights on governance, risk management, and internal control. 22 The International Professional Practice Framework, The Institute of Internal Auditors, 2016 23 The International Professional Practice Framework, The Institute of Internal Auditors, 2016 27
- Page 1 and 2: Module 1: Audit and Assurance TIAPS
- Page 3 and 4: Table of Contents Module 1: Audit a
- Page 5 and 6: Relevant Standards Reference is mad
- Page 7 and 8: • Close scrutiny. The activities
- Page 9 and 10: A.2 Public Sector Governance IIA In
- Page 11 and 12: The need for governance arises for
- Page 13 and 14: Although developed for government a
- Page 15 and 16: A.3 Governance Models When evaluati
- Page 17 and 18: defensive aspects to minimize negat
- Page 19 and 20: A.3.3 CIPFA International Framework
- Page 21 and 22: 8. Ensure that its arrangements for
- Page 23 and 24: • Consideration of overlapping in
- Page 25: A.3: Reflection Which model or mod
- Page 29 and 30: B.1.1 Independence, Objectivity, an
- Page 31 and 32: B.1: Reflection Is it possible to
- Page 33 and 34: According to The IIA Position Paper
- Page 35 and 36: B.2: Reflection When was the last t
- Page 37 and 38: When independence or objectivity ar
- Page 39 and 40: B.4 Safeguards for Independence and
- Page 41 and 42: In other cases, there is no audit c
- Page 43 and 44: C. Assurance and Advisory Engagemen
- Page 45 and 46: It is common to build an allowance
- Page 47 and 48: The following list is taken from Sa
- Page 49 and 50: helping managers developing control
- Page 51 and 52: C.1.5 Internal Audit Opinions Audit
- Page 53 and 54: Leadership and Communication Intern
- Page 55 and 56: C.2 Auditing Governance The IIA Sup
- Page 57 and 58: C.2: Reflection How does your inter
- Page 59 and 60: Fraud may be perpetrated via measur
- Page 61 and 62: circumstances (unethical and often
- Page 63 and 64: Management Issues • Lack of area
- Page 65 and 66: Risk management techniques can be a
- Page 67 and 68: IT controls may be manual, automate
- Page 69 and 70: The IIA’s Cybersecurity Toolkit d
- Page 71 and 72: C.3: Reflection Fraud: How are susp
- Page 73 and 74: Global Perspectives and Insights -
- Page 75: CIPFA: 77 Mansell Street, London E1
B. M<strong>and</strong>ate, Independence, <strong>and</strong> Objectivity<br />
Learning Outcomes<br />
On completion of this section, students will be better able to:<br />
• Define minimum requirements for the internal audit m<strong>and</strong>ate.<br />
• Describe the purpose of the internal audit m<strong>and</strong>ate.<br />
• Evaluate audit independence <strong>and</strong> auditor objectivity.<br />
• Identify appropriate means to safeguard independence <strong>and</strong> objectivity.<br />
B.1 Importance of Independence <strong>and</strong> Objectivity<br />
IIA Internal <strong>Audit</strong> Competency Framework<br />
Organizational Independence:<br />
General Awareness: Describe the importance of organizational independence of the internal<br />
audit activity; identify the elements that affect independence.<br />
Applied Knowledge: Detect any potential impairments to internal audit independence <strong>and</strong> the<br />
impact.<br />
Expert: Address any potential impairments to internal audit independence to achieve<br />
conformance with the St<strong>and</strong>ards; communicate the impact of any remaining impairments. 19<br />
Individual Objectivity:<br />
General Awareness: Describe the importance of internal audit objectivity; identify factors that<br />
may impair, or appear to impair, objectivity.<br />
Applied Knowledge: Detect <strong>and</strong> manage any real or perceived impairments to an individual<br />
internal auditor’s objectivity; assess <strong>and</strong> maintain internal audit objectivity.<br />
Expert: Develop <strong>and</strong> maintain policies that govern objectivity; recommend strategies to<br />
promote objectivity. 20<br />
The IPPF provides the most widely recognized definition of internal auditing.<br />
Internal auditing is an independent, objective assurance <strong>and</strong> consulting activity designed<br />
to add value <strong>and</strong> improve an organization’s operations. It helps an organization<br />
accomplish its objectives by bringing a systematic, disciplined approach to evaluate <strong>and</strong><br />
improve the effectiveness of risk management, control, <strong>and</strong> governance processes. 21<br />
19<br />
Internal <strong>Audit</strong> Competency Framework, The IIA, 2022.<br />
20<br />
Internal <strong>Audit</strong> Competency Framework, The IIA, 2022.<br />
21<br />
The International Professional Practice Framework, The Institute of Internal <strong>Audit</strong>ors, 2016<br />
26