Applicable Guidance Flashcards

1
Q

IIA Mission

A
  1. to enhance and protect organizational value by providing risk-based and objective assurance, advice and insight.
  2. facilitating the achievement of this mission is the IPPF
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IPPF Contains 2 guidance; what are they

A
  1. Mandatory guidance

2. recommended guidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Mandatory Guidance; 4 Elements

A
  1. Core principles (10)
  2. Definition
  3. Standards
  4. Code of Ethics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mandatory Guidance; Core Principles

A
  1. demonstrate integrity
  2. demonstrate competence and due professional care
  3. is objective and free from undue influence (independent)
  4. aligns with the strategies, objectives, and risk of the organization
  5. is appropriately positioned and adequately resourced
  6. demonstrates quality and continuous improvement
  7. communicates effectively
  8. provides risk-based assurance
  9. is insightful, proactive, and future-focused
  10. promotes organizational improvement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Definition of Internal Auditing

A

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approached to evaluate and improve the effectiveness of risk management, control, and governance processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Code of Ethics

A
  1. Integrity, refusal to compromise professional values for personal gain. performance of professional duties in accordance with relevant laws.
  2. Objectivity, commitment to providing stakeholders with unbiased information. commitment to independence from conflicts of economic or professional interest.
  3. Confidentiality, refusal to use organization information for personal gain.
  4. Competency, commitment to acquiring and maintaining an appropriate level of knowledge and skills.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Purpose of the Standards (International Standards for the Professional Practice of Internal Auditing)

A
  1. guide adherence with the mandatory elements of the IPPF
  2. provide a framework for performing and promoting a broad range of value-added internal auditing services
  3. Establish the basis for the evaluation of internal audit performance
  4. foster improved organizational processes and operations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Standards; 4 types of Standards

A
  1. Attribute Standards, govern the responsibilities, attitudes, and actions of the organization’s internal audit activity and the people who serve as internal auditors.
  2. Performance Standards, govern the nature of internal auditing and provide quality criteria for evaluating the internal audit function’s performance.
  3. Interpretations are provided by the IIA to clarify terms and concepts referred to in Attribute or Performance standards.
  4. Implementation standards, expand upon the individual attribute or performance standards by providing requirements applicable to assurance (.A) or consulting (.C).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Core Principles + Definition = Code of Ethics + Standards

A

Conformance of the Code of Ethics and Standards demonstrates conformance with all mandatory elements of the IPPF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Recommended Guidance; 2 elements

A
  1. Implementation Guidance

2. Supplemental Guidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Assurance Services

A
  1. nature and scope determined by the internal auditor
  2. 3 parties involved: process owner, internal auditor, the user of the assessment
  3. assurance services include financial, performance, compliance, system security, and due diligence engagements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Consulting services

A
  1. nature and scope subject to agreement with the engagement client
  2. two parties: internal auditor, engagement client
  3. services include providing counsel, advice, facilitation, and training
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Authority of Internal Audit Activity

A

A formal charter for the internal audit activity that defines the internal audit activity’s purpose, authority, and responsibility must be adopted. Final approval resides with the board.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Responsibility of Internal Audit Activity

A

The internal audit activity’s responsibility is to provide the organization with assurance and consulting services that will add value and improve the organization’s operations. Specifically, must evaluate and improve the effectiveness of the organization’s governance, risk management, and control processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The primary purpose of the Code of Ethics

A

promote an ethical culture among professionals who serve others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Secondary purpose of the Code of Ethics

A
  1. communicating acceptable values to all members
  2. establishing objective standards against which individuals can measure their own performance, and
  3. communicating the organization’s values to outsiders
17
Q

Aspects of Codes of Ethical Conduct

A
  1. The mere existence of a code does not ensure that its principles are followed or that outside organization will believe that it is trustworthy
  2. can help establish a minimum standard of competence, but impossible to require equality of competence by all members.
  3. to enhance its effectiveness, the code should provide for disciplinary action for violators.
18
Q

Integrity

A
  1. establishes trust and thus provides the basis for reliance on their judgment
  2. shall perform work with honesty, diligence, and responsibility
    shall observe the law and make disclosures expected by the law and the profession
  3. shall not knowingly be a party to any illegal or engage in acts that are discreditable to the profession of internal auditing or to the organization
    4.shall respect and contribute to the legitimate and ethical objectives of the organization
19
Q

objectivity

A
  1. exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined
  2. shall not participate in any activity or relationship that may impair or presumed to impair their unbiased assessment, avoid conflict of interest
  3. shall not accept anything that may impair or presumed to impair their professional judgment
  4. shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review
20
Q

Confidentiality

A
  1. respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there are legal or professional obligation to do so
  2. shall be prudent in the use and protection of information acquired in the course of their duties
  3. shall not use the information for any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization
21
Q

Competency

A
  1. apply the knowledge, skills, and experience needed in the performance of the internal audit services
  2. shall engage in those services for which they have the necessary knowledge, skills, and experience
  3. shall perform internal audit services in accordance with the Standards
  4. shall continually improve their proficiency and the effectiveness and quality of their services
22
Q

discreditable behaviors

A
  1. behavior that may be considered bullying, harassing, or discriminatory
  2. failing to accept responsibility for making mistakes
  3. issuing false reports or permitting others to do so
  4. lying
  5. making claims about one’s competency in a manner that is deceptive, false, or misleading
  6. making disparaging comments about the organization, fellow employees, or stakeholders, either in person or via media
  7. noncompliance with the Standards or the IPPF mandatory guidance
  8. overlooking illegal activities that the organization may tolerate or condone
  9. using the CIA designation or other credentials after they have expired or been revoked
23
Q

Conflict of Interest Policy

A

should prohibit the transfer of benefits between an employee and those with whom the organization deals

24
Q

Information Security Policies

A

issue Information security policies to protect the data acquired, use, and produce and to ensure compliance with the laws and regulations that pertain to the industry and jurisdiction within which they operate

25
Q

Internal Audit Charter

A

The purpose, authority, and responsibility of the internal audit activity must be formally defined in the charter, consistent with the mission of internal audit and the mandatory elements of the IPPF, core principles, code of ethics, standards, and definition

26
Q

Internal Audit Charter

A

Chief audit executive (CAE), senior management, and the board mutually agree upon:

  1. internal audit objectives and responsibilities
  2. expectations for the internal audit activity
  3. CAE’s functional and administrative reporting lines
  4. level of authority required of the internal audit activity to perform engagement and fulfill its agreed-upon objectives and responsibilities
27
Q

Engagement Clients

A

must be informed of the internal audit activity’s purpose, authority, and responsibility to prevent misunderstandings about internal audit’s access to records and personnel.

28
Q

Two essential components beyond the code of ethics and Definition of Internal Auditing

A
  1. principles that are relevant to the profession and practice of internal auditing
  2. rules of conduct that described behavior norms expected of internal auditors