Internal Audit Flashcards
Mandatory Guidance consists of what three parts?
- The Definition of Internal Auditing;
- Code of Ethics; and
- Standards (aka International Standards for the Professional Practice of Internal Auditing)
What does the Attributes Standards govern?
Responsibilities, attitudes, and actions of the organization’s internal audit activity and the people who serve as internal auditors (IA).
What does Performance Standards govern?
The nature of internal auditing and provide quality criteria for evaluating the internal audit function’s performance.
What are the three strongly recommended elements of the IPPF?
- Position Papers;
- Practice Advisories; and
- Practice Guides
What is provided by the IIA to clarify terms and concepts referred to in Attribute or Performance Standards?
Interpretations
What is the Definition of Internal Auditing?
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
What are the three relevant federal laws an internal auditor should be aware of?
- RICO (Racketeer Influenced and Corrupt Organizations Act of 1970);
- FCPA (The Foreign Corrupt Practices Act of 1977)
- SOX (Sarbanes-Oxley Act of 2002)
What are the 5 internal control frameworks - developed in different nations - tested on the CIA exam?
- COSO
- CoCo
- The Turnbull Report
- COBIT
- eSAC
What are the components of a Code of Ethical Conduct? Also known as Core Principles.
- Integrity
- Objectivity
- Confidentiality
- Competency
What is the primary purpose of a code of ethical conduct for a professional organization?
To promote an ethical culture among professional who serve others. Three additional functions: 1. It communicates acceptable values to all members.
2. Establishes objective standards against which individuals can measure their own performance. 3. Communicating the organization’s values to outsiders.
What is a refusal to compromise professional values for personal gain?
Integrity
What is a commitment to providing stakeholders with unbiased information?
Objectivity
What is a refusal to use organizational information for private gain?
Confidentiality
What is a commitment to acquiring and maintaining an appropriate level of knowledge and skills?
Competency
What is Control Objectives for Information and Related Technology best-known framework specifically for IT controls?
COBIT