CIA Exam Flashcards
Pass CIA Exam
Add Value
The internal audit activity adds value to the organization (and its stakeholders) when it provides objectives and relevant assurance, and contributes to the effectiveness and efficiency of governance, risk management, and control processes.
Adequate Control
Present if management has planned and organized (designed) in a manner that provides reasonable assurance that the organization’s risk have been managed effectively and that the organization’s goals and objectives will be achieved efficiently and economically.
Assurance Services
An objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, risk management, and control processes for the organization. Examples may include financial, performance, compliance, system security, and due diligence engagements.
Board
The highest level governing body (e.g., aboard of directors, a supervisory board, or a board of governors or trustees) charges with the responsibility to direct and/or oversee the organization’s activities and hold senior management accountable. Although governance arrangements vary among jurisdictions and sectors, typically the board includes members who are not part of the management. If a bard does not exist, the word “board” includes in the Standards refers to a group of person charged with governance of the organization. Furthermore “board” in the Standards may refer to a committ or another body to which the foverning body has delegated certain functions (e.g., an audit committee).
Charter
The internal audit charter is a formal document that defines the internal audit activity’s purpose, authority, and responsibility. The internal audit charter establishes the internal audit activity’s position within the organization; authorizes access to records, personnel, and physical properties relevant to the performance of engagement; and defines the scope of internal audit activities.
Chief Audit Executive
Chief audit executive describes the role of a person in a senior position responsible for effectively managing the internal audit activity in accordance with the internal audit charter and the mandatory elements of the International Professional Practice Framework. The chief audit executive or others reporting to the chief audit executive will have appropriate professional certifications and qualifications The specific job title and/or responsibilities of the chief audit executive may vary across organizations.
Code of Ethics
The Code of Ethics of the Institute of Internal Auditors (IIA) are principles relevant to the profession and practice of internal auditing, and Rules of Conduct that describe behavior expected of internal auditors. The Code of Ethics applies to both parties and entities that provide internal audit services. The purpose of the Code of Ethics is to promote an ethical culture in the global profession of internal auditing.
Compliance
Adherence to policies, plans, procedures, laws, regulations, contracts, or other requirements.
Conflict of Interest
Any relationship that is, or appears to be, not in the best interest of the organization. A conflict of interest would prejudice an individual’s ability to perform his or her duties and responsibilities objectively.
Consulting Services
Advisory and related client service activities, the nature and scope of which are agreed with the client, are intended to add value and improve an organization’s governance, risk management, and control processes without the internal auditor assuming management responsibility. Examples include counsel, advice, facilitation, and training.
Controls
Any action taken by management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Managment plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved.
Control Environment
The attitude and actions of the board and management regarding the importance of control within the organization. The control environment provides the discipline and structure for the achievement of the primary objectives of the system of internal control.
Control environment includes:
Integrity and ethical values.
Managment’s philosophy and operating style.
Organizational structure.
Assignment of authority and responsibility
Human resource policies and practices
Competence of personnel
Control Process
The policies, procedures (both manual and automated), and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organization is willing to accept.
Core Principles for the Professional Practice of Internal Auditing
The Core Principles for the Professional Practice of Internal Auditing are the foundation for the International Professional Practices Framework and support internal audit effectiveness.
