THE IIA’s CIA LEARNING SYSTEM® Essentials of Internal Auditing 2 The Institute of Internal Auditors¥ Griclly ne atersion due +0 iv rnited copies ‘The nti of eral Anion, Sing LIBRARY RULES Reservations 1. Youmnyborow or msere « masimunof tooks 21 Reseration must be mee tncugh he Secret in aban ele sbecton omowing Psi 1 The brroving pid 1 week 2 You must ito tke Sertarit bie the due te sak you seque an exeosion of the borowne pod Ifthe mo ‘eevation tage fr ibe Rook by annie meter, exeson for ‘aher wed willbe pied The member ei amas “exes oly. 5, Books mast be see on di de et am etn i grace, Tate of wc penny charge of $10 fe tft wen ad $5 pet day there for he daraton of te overae pei wl be ved ‘Noremiade wil etd. 44 he peat hares ests forte ae rts of the books, ‘bemeber willbe bared fom making te lh Libary 5. Cayo ust be execnd nthe bani of he Rooks dikes and (CDs intoing the arent All sehen tbe reenad ‘ntact Tn eave of mispced, lost or damage books, the coe of he book pls 20% aéministaton charge willbe levied. Tn cass whe ‘heathens we ost or damage, he tet wl Bef pay for the fll co af te Bock whch comme wie de aachanen The Pyment er st sens does at acta poly hae tt eve ferlsercums {6 Allcharpe levied ste std i fal upon the ret ofthe oo, 7. Ther wile wo finds cose yes ade i he lo em 6 fend ne By Order ofthe BoardiA ‘The Institute of internal Auators Congratulations on taking the next step toward pursuing The N's premier professional designation, the Certified Internal Audtor® (CIA). By achieving this Important professional milestone, you wll ‘make a bold statement about yourself: You will communicate to your colleagues, your Current and future emeloyers, and your family that you tke the internal uit profession seriously and that You intend to be one ofthe bes inthe fee ‘You have also made a smart decision to prepare for the CIA exam with The A's CIA Learning System? The materials cover the tentite global CIA exam sylabus, and allow you to create a customized Smartstudy™ plan that addresses your individual strengths and weaknesses. Our system aso features mobile-optimized study tools that let you study anywhere you want, at atime that's convenient for you Congratulations on making two important decisions — to pursue your CA credential and to prepare forthe exams with The II's CIA Learning System. look forward to seeing you at an upcoming IA event with the ‘CI designation behind your name. Allthe best with your studies, GALS? hehe Richard F. Chambers, CIR, QIAL, CGAP, CCSA, CRMA President and Chie! ecutive OferTH C ---po- ~~ ISS. IA Be sure to access critical CIA study tools LEARNING SYSTEM" at www.LeamCIA.com Get started today! ‘The hey ops the iA eu 1 suo he CIA am slabs pics ad understand how to apa hae lope to a stustion. The IM I Ling St cin dy tl wl eens tat yo te preted tapas. As tese ‘ste! ey oy folowing tase ipl ep, 1. Geant tinned in your etn ares ition eal. you ded ales an natin ena contact usr stv at +1 877 442-2428 f o-651-905 2670 LeonciAatnesaa) Set our lg are a svar Capit loin su. {Login at wcLercihcam to aczess the e-book ein ofthe recing msi, cite» Satu lan complete he nln fests and quzas, eve te Pasha and wok your rege wh persnlasd pests. Sethe Nest page {6 Waticonipetlcneiacpeertaten spr the CA seen sng te one Catan Condit essen ‘sem OS.Part 1: Essentials of Internal Auditing ‘Wolo o Part 1 of The IA’S CTA Learing Sytem. “The sly text forte lamin sytem inches the coment addessd in The A's CIA syllabus (¥ou en download the syabus rom donne Resource Center o ora The IAs ‘vehste) However in vine eases, the content hasbeen reorgaizod wo faite instruction in understanding, Refer tothe Table of Contents for an ulin ofthe comet “To gx the moet ou ofthe course materials, complete the course inthis nde: 1. Begin by scessing the couse at ww learei.com, 2. Reedthe overview and return t the manu. Selact Par | from the men. 53. Compt the protest and vow the report o hep focus your sty eons. “4 Read cach section and follow the Nex Steps dizetions included atthe enc af he section s ‘Coaplete Pat 1a otined in the online overview. [Note that Pat 1 ofthe CIA exam wil consi of 125 mtiple-choice questionsané test takers se given 150 minutes to complete this potion ofthe exam, You can go to hts! a thein og erifiaton CLA-Corifction/PagestC1A-Cenificaion aspx to exists forthe cram separa. ‘study Support ‘Tha 8 CA Learning Sytem Inu anne tals to suppoe you" stuiy. These tol may be asoessea forthe manu a ary tne, + Glaseay.—Rotr oth glossary fr daintions of ts used in all ‘tees par of The I's Ci sylabus + ReportsRefer tothe reports 0 rviw your most rent tas cores land peegree bough te oaring eyom ‘+ Resourse GenierRefor ta the Resbutce Cane oscoess Infomaton about The Is Iteratonal Professional Preticas Framework, updos, testiakng tips, printable asherds, ated “nk nd raferosco mate! and prove feedback to The MA regarding te loaning system emi co ‘Altos esr.The IIA’s CIA Learning System® ‘The A's CLA Leaming Sytem is based on the Cried Internal Auitoe® (CIA®) syllabus developed by ‘The IA, However, program developers donot have coe 10 the extn questions. Therefore, while the \caming system is good too or sty reading tbe text doesnot guarante a passing score onthe CIA exam, Ever efforthas been made to ensure thatall information is current correct However laws and seglsions hangs nd these materials ere not intended to offer legal or professional services or advice. This mates consistent with the revised Sundar of he otrnationa Professional Practices Framework (PPF) Jntoduced in uly 2015, fete in 2017 Copyright ‘Tse materials are copyrighted itis unlawful to copy al or eny poston Sharing your materials wth someone se wil iit the programs usefnes, The IA invests sigifeat resources to rete quality profession ‘opporumites fois members. Please do not violate the eapyrigh. Acknowledgments ‘The/TA would ike to thank the following dedicated subjet mate experts who shared hes time capeiene, ‘snd insights during the development and subsequent updete of The II's CIA Learning System, Pat Adu, COA ‘Ai Marella, PHD, CTSA, CCSA ‘Tey Bingham, C1A, CISA, CCSA Macks Mayes, CIA Raven Clin, CIA, CPA, CFSA Vie A. Melnyre, CIA, CSA, CRMA, CPA Patick Copland CIA, CRMA,CISA,CPA Gary Miten, CIA, CCSA, Don Espen, CIA {Ly Mey C14, CGA Michal 1 Fill, CLA. QUAL, CRMA,CGAR, Lyon Remi, C1A cre James Roth, PRD, CIA, CCSA James, Hallinan, CtA, CPA, CFSA, CBA. Baad Schwager, CPA, DBA ‘Lary Hubbard, CIA, CCSA, CPA, CISA ‘Doug Zigsniss, PAD, CIA, CCSA, CPA, CMA, Sim Key, 1A, (CFE, CISA, CGEM, CREA, CIT David Mancina, Ci, CPA ‘e708 Arig eer Ey“Topic D: Corporate Social Reponsitiy (Level B) - “opie E: Risk Management Fundamentals (Level). “Topic F: Globally Accopad Rsk Management Frameworks (Level 8). “Tope G: The Efectiveness of Risk Managemest (Level P) : “Topic H: The lateral Aust Actviy's Role inte Risk Management Process (Level ‘Tpie Types of Controls and Management Control Teehniges (Level P) “Topic J: Itemal Control Frameworks (Lev P). “Tope K The Eiectiveess and Efiieney of Internal Coatols (Level P) . Section VI: Fraud Risks Section Invoduton Oo ~ 1-200 ‘Topic A: Fraud Risks and Types of Fraud (Love P) 1201 Topic B: Poona for Fraud Oveurence (Level 1210 ‘opie C: Contos to PrevenuDetect Fraud and Education to Improve Fran Awareness (Leve P). 1-228 ‘opie Ds Forensic Auditing (Level), 1239 Bibliography — a 1246 Index... - Lass Seaniarmened, =Part 1: Essentials of Internal Auditing Table of Contents Part 1 Overview a so 1 Section |: Foundations of Internal Auditing, se “4 Section Inrodution. 4 ‘Topic A: The LAs Intemationsl Profesional Practices anew Pues, ‘Autor and Respeasiility ofthe Itemal Audit Activity (Level P). 1s ‘Topi B: Requirements ofthe Intsmal Audit Carter (Level B). : 119 ‘Topic C: Assurance and Consling Services (Level). 132 “Topi D: Tae LA's Code of Eis (Love P). : 13s ‘Section I: Independence and Objectivity. ee 40 Sexton Introduction —_ ve 40 ‘Topic A: Organizational Independence ofthe Ineral Audit Activity (Level B). ne I “Topi B: Impairment to independence (Level B). — 6 ‘Tope C: Anitor Objectivity (Level P). enn ~ ~ rs BST ‘TopieD: Promoting Objectivity (Level). — 69 ‘Section Ill: Proficiency and Due Professional Care. Section Introduction ve Topic A: Required Knosledge, Skil and Competencies forthe Interal Audit Activity (Level B). 1 “Topic B: Requireé Knowledge, Skil, and Compotnces forte Ineral Autor (Level) ‘Topic C: Due Professional Care (Level. opie D: Consiuing Professional Development (Level P). ‘Section IV: Quality Assurance and Improvement Program Section fnraduton, ~ son ‘opie A: Key Elements of a QAIP (Level B) ssn a ‘Topic B: QAIP Reporting Requirements (Level B). : : ‘opie C: Confermance‘Nonconformance (Level B). 182 Section V: Governance, Risk Management, and Control... 13s Section Inredtin eenn 186 “Topi A: Organizational Governnce(Leve! B). 188 ‘Topic B: The Impact of Organizasiona!Culuze onthe Overall Congo Envianment nd nvidia "Engagement Risks an Controls (Level B) ——— 197 ‘Topi C: Ethics an Compliance Issues and Vieltions (Level B). ne OL ‘ight esePart 1 ‘Nghe ered Overview Internal auditing disepline hat works on beal of management, the bos of directors, ‘nd other stakeoldes of public and pivte ents to improve and ad valucto governance, risk managoment, ad contol proedres. This in contrast to external audting, which serves thd partes who require elible ancl information baked on relate supporting cords Instead, internal auditors typically have broader focus (based en ei approved Jnteral audit stivry chan) hat requires thm to examine a appraise conta, Fnac performance, compliance with laws and regulations, an operational performance for their ceecsivencs. Rather tan primal oeasng on historical evens extemal autrs do, imeral auditors also help the board and management make cute as wel asfuture-rieted Provide anindepandant abjecive assurance and consul acy + Suppor organizational cjectves by bringing a systemic, dscilined approach to evaluate and improve the effectiveness cf governanca, isk management and ont! processes + Deteanine organizational governance, risk management, ane conta procosco= ae in Dace ana tncioningoropety. ‘Communicatoany opportunities orimprovementor isk exposes othe appropriate ‘management ove! (and the Dordt comeniize as appropri) ‘Add vate and improve an organization's operations. ea0i8ia 18 veo ‘Aires eservespny |» Erato aie ed ‘Section I: Foundations of ternal Ausiting Purpose, Authority, and Responsibility Characteristic for Internal Audit Actvity rove apromtate Uatered access records, porennl, ond phcal propertin. + Hainan fl anc open acces with he aut commit, boar fareors, or other appropriate covering author + Secure nocaseary inom and extemal resources te accompish aud acy bjcties as planet. engagement as well as themethodology es + Enare that teal aust atv sat have aunt knowledge ils, expedence, || sat eeetna crete uh ongagaest hare «+ Commit th rete of te intra ust ety ore mates the CAE ‘detemines necessary 0 serier management, the aut conmitize to board, o- | _ ner goerg boa othe organzaton «+ Conse the ceoranation of reral and extemal aust work reas acon, ‘ieney, and efetvenes ote ver ua pocese + Donat perorm management acts, Supporting Endeavors Topic Inter autors peri ongoing internal quality assessments ofthe function's activities and re required to undergo independent external quality assessment to validate zonformance 0 the Standards, These processes answer the question *Who aise auton?” The answer cannot be hat robody does Individls may ak receive suitor cetiatons. There are many reasons obain an ‘official 1A cerfiction designation such athe Cerio Internal Avditor® (CIA) certian, Obtaining acetication soc as this is profesionalsm defined The A's CIA, ‘Leaming Sytem, whith you are now reading san exsmple ofA cetiicaion preparation raters. Used in combinational ofthese profesional endeavors bel “organizations they serve to succeed together. B: Requirements of the Internal Audit Charter (Level B) ‘An intemal ausiting eiviy will be ofthe highest valve when cies view engagements postvly and ate open to accepting results. An organization's aut commatee, chet ‘xecitive officer, and senor evel management team ned to establish "tone a the op” Ut oppo the rei ofthe internal ant aneton, Without his erica op dowen spot, tho internal uit activity becomes vulnerable o client biases, defensiveness, an oer Inuman shortening. A primary way to do this o formally document andsecure approval bythe boat an aeceptace by management fran internal aut charter, The charter and several her docamens shoud be in place to spor the purpose authority, and responsiblity ofthe intemal audit department and internal adit activites. +8 veo ‘igh seredPas 1: ESSENTHLS OF WTErWA ACTING Related Standards and Implementation Guides ‘The Standards and Implementation Guides elated to the intel ait chars oe in efnng the purpose authority, and responsibilty of te ineral au etvity are listed in Exhibit tii Intemal Aut Charter Standards and Releted Guidance a Standort Related Guidance ‘trite Standard 1000, "Purpose, Author, and | Floneraton Gu Responsioye 1000, Pupse Tre purse, autanty, ond responsibly fe inter aut | Aut ana activity must be formally defined in an internal audit charter, | Respcnsibiiy” consistent wth the Mission of eternal Aut ard the ‘mandatory elements ofthe Ineratonal Proessonal Practices Framework (he Cor Prinplesfor he Professions Practceofnimai Aung, the Code of Etna, be Standards, and be Defniten ef nial Audting), Te chit ‘ust exoesive must peodcally review the neal aie ‘charter and preset ft senor management and the boss for appova, Implementation Standard 1000,A1 (Assurance Engagement) ‘The nate of assurance services provided othe organzaton ‘must be datinodin the intsmal aud cna Wassurances ae ‘obo provided o paris ouside the organization, th nature ‘ofthese assurances mus! also be cefnadin te nema at eran Implementation Standard 1000.61 (Consulting Engagements) ‘The nature of consulting servcas must be defn in tho tntemal aust char "Performance Standard 2060, “Reporting to Senior Management and te Board “Tho chie aut oxecutve must report parody osonior ‘management and he board on he intemal aud actviy's ‘uote, athory responsibly, aed performance flav © {span and on ts conformance wih the Cade of Eties and the Standards, Reporting must seo nude signiican tak {and corto sues, including fraud risks, govemanca lass, and ther mates ha requ the atonton of sort Imanagamect andor he Board. Sma ‘legs eceved Implementation Guide 2080, "Reporing to ‘Senor Management ans the Board”Seaton: Foundations of tena Ausiing The Internal Audit Charter ema According tthe Standard Glossary, the intra audit charter is A Form dacument st defines the nema ait sctiviy’s purpose, aut. and responsi, Te internal ait charter ealishes the nual uo tv's oaton within th organiaon; storize accesso records, prsoapel, nd physical Sroerictlevant othe perfrmance of eagagenents and defines the scope of nema su eves ‘Tho internal audit charter provides a road map forthe internal ait activity and provides the vehicle forte mera audit atvity to cary ou its mission. It defines ha the boa and senior management can expect fom the intemal nuit activity nd diets te efforts of intra audit staff. Ke slso defines the nature of ser es for sssurance snd consiling engagemens. A writen charter may be distbuted other Stakeholders, sich as process ners and outside partes (supers adjoint venture partes), ta make others wae ofthe kinds of work internal andor re performing. ‘To crate the interal adit charter, the CAE most understand the Mision Inter Ait andthe mandatory clement ofthe IPP. Implementation Guide 100, "Purpose, ‘Authority, and Responsibility” states: ‘This undentanding provides the foundation fora discussion among the CAE, see ‘managements the bard toma agree up: Tetra aut djetves and respons bisies “The expctations forthe ntaral audit avi. ‘The CAE fonctonl and administrative rearing lines ‘The leve of authority including accesso revord, physical popety. ad personne) required for tbe eral ait acy to econ engngemeats abd fail ts ‘eed pon bjetives and esponibiie. ‘Tre carer mast be consistent wit he Standards Implementation Guide 1000 telsus that providing formal, writen interalaut charter {sot managing the itera aut activity. The intemal aut charer provides 3 ‘eonized statement for review and acceptance by management and for aprovel 35 documented in the mites, bythe board. It alo fiat periodic assesment of the adoqoacy ofthe itera ui acivity's purpose, authority, and responsibilty, which sublists the rol ofthe intemal audit activity. [fa question should aie the intemal sud charter provides forms, writen agreement with management and the board about ‘he organization's internal adit activity argh reseed.Pale 4: ESSE OF rE ALTING Elements ofthe Intomal Audit Chartor Although internal ait haters may vary by organization, they typically include the {allowing sections, some of which may include aspects of ti PPE: ‘+ Introduction. Tis section explains the overall oe and professionalism of the inter aut activity. Relevant clement ofthe IPPF are of itd in he introduction, * Authority. This section tims the internal ui ctiviys fll acces to the records, sical popety, and personel requited perform engagements and declares internal auditors accountbility foe safeguarding assets and conde, + Organization and reporting structure. This pt ofthe charerdocumsntsthe reporting struture forthe CAE position, The CAE should repo fusesonlly tothe board snd _adminsatvely ta level in th organization that allows the internal suit activity © {is esponsibiites. This section may delve ict specific fanctonl responsible, such 8 approving the charter and internal aut plan and iting, compensating, an terminang the CAE, It may also desrite administrative responsibil, suchas ‘ipporting infomation Now in the organization or approving the internal ait acivig’s ‘human resource administration and budge. *+ Independence ad objectivity. This secon describes the portance of ntral wait ‘dgfendence and objectivity and how thet wil be ronnie, such a prohibiting ‘atemal auditors from having operational esponsibility or authority overseas audited. ‘+ Responsible, This sttion ays out major areas of ongoing esponsibility, suchas {atning the sope of assessments, conducting an organiztin-widerskasessment at least annually, writing an iteraa! audit pan, submiting the plan to the board for pproval, performing engagements, communicating resls of engagements, and ‘monitoring coretive actions taken by management. + Quatty assurance and improvement. This part ofthecharter describe the expectations {or developing, msnaining, evaluating, and communicating theres ofa quality assurance and improvement program that covers ll aspects of the itera audit activity. + Signatures. The signatures document sgreement between the CA, a designated board epreseatatve (or example the aut commie char), and he invidaal 0 whom the (CAE reports. This etion includes the ate, aes, and les of signatories. [Asample internal ait chaste is shown below, Kes in mind that no sample is alhencompassng for evry intemal audit organization Likewise, allies shown in this supe carer may not be relevant to every cugagement A charter must be llr 0 each mera audit setivity and the governing rules ofthe organization e20i01m a we args sores,Section Foundations of Interna Austin Eun 65: Sample itera Aust Chater Supplemental Guidance Model Internal Audit Activity Charter ‘The Ms neal Aust Actty Crate is signed to musta conmmon practices tpeahy sot uti an itorral sus ety charter. The gover nature of hs dais intondod © ecourage customization The docurent may not retect al egal or regulatory requterents tet existin the avery urstion,Adeionay, takeheloerexperations may iivence the ncusion oF delaion of ‘conan pacts. In erating an toma act activity char, the chit aut executive shoul exon cae to tustomae the char, including replacing bracketed, bus txt wth anguage that accuatly rofl the usar’ station eam = eo ‘Aah sere.Pan 1: ESSENTIALS OF WER AUTING {i suopiementat Guidance Model Intel Aux Actity Chanter Purpose and mission “The purpose of [name of agerccatonye tema aud ceparm=netviy) sto provide independent, cbjecive assurance and consuling saris designed to ada vale an mprove| [rare of cfgarzston?'sopertans. The mision of eral sud isto enhance ad protect organizational vate by proving rskased and objective assurance, aves, and insight. The intemal auc (ceparnetcivy helps rans of organoaton acemplish ts abjecives by bringing ssystmat, disciplined eppreacht evaluate and improve the efeciveness of ‘governance, ek management, and conta procosses. ‘Standards for the Professional Practice of Internal Auditing ‘The intemal auc eeparener/c wll gover Be by acherence to the mancaory ‘tmenis of The iste omens Asc Inematonal Proessanal Pactoes Parbework, Incuting the Core Principles forthe Professional Practce of neal Aung, the Code Ethics, te intematonal Standares forte Profesional Pract of tama Aut, and the Defistion of intemal Auding. The chs uct execuve wil poet pera fo senior ‘management end the faust carmitaelsupenyso'y conmtee] garding the eral uct depsimen acl)" conformance to the Code of Ethie and the Standards Athoty ‘The cic auct executive wil report unctnal to the ®o2%0st comme superainy comnts! and administratively (day 10-day operations) the =e! executive ose) To establish, marta, and assure that are corganzaicr intel aug Soparmetictvy has suficint author ofall ts cutis, he facut commie supervaary sitet) wie ‘Approve the intemal aut f2snnenaciv'¢ chart. ‘pprove the cak-based intern au lan, Approve the intat aud (cop2rt/cys budget ar esource pla, Recelve commuricatons fem te chi aut exetve on th tera! aut [cspsren/aciuy/s perfomance relative fs plan and tne mates. Approve decision regarding the appointnert and removal of he chi aust execu, + Anprove,ngremuneraton of the cht aut execute, ‘+ Make agproorate inquiries of management andthe chet aust executive to determine ‘sheter there is inappropiate scope or resource Lmiaons exam va Alig ese, eoSection Foundation of nternal Auating 1% uppiementat Gudance Medel itera Aust Actvy Chater ‘The chic aucit execute will have unvestcied access to and communicate an intra recy win he oar sonensinesupenieay connie, udg i prvate maetings without management preset “Te boar commitesiupervisoy co ioparimendacy) 6] authorizes the itera aud + Have fl, re, anc unrest accats oa functions, records, property, ant peteonnel parinent to caryig cut any engegoment subject to asountably ker ‘onfderalty and salequacing ol racrds ad intrmaton + Mocate resources, st requencies, select subjecs, determine scopes of work, aly ‘echiquesrequred to accomplish at abjoctves, and issue repos. ‘+ Obiain assistance rom the necessary personne! of nan of omrcaton), 2 well 3s ter spocalized serves fom win or ouside [rare of organ zaten), moet compat he engagement Independence and Objectivity ‘The chet aut executve wl ensure thatthe oma aud anmenvachyremals free ‘fom all condos that teaten the abit of ntrnalaudtors to cary out ter resporsbities Fan usbiases manner, inchsing matere of aust selection, scope, procedures, equine. ‘ing, an ropat conten If he ci aut exeeuve determines tat ndopendence < cbjectty ray be impared in actor appearance, the deals of impairment willbe disosea to Soproprate patos Internal autre wil main an unbiased mental atte that allows them to partorm tngagementsobjectalyandin auch a manoar that they bala in thar work product that na {ually commpromses are mad, and that they donot sborcinale ther judgmant on aut ‘atrs to thee ‘rtemal auditors will have no drt eperatonal responsbity or authority over any of ho setes autos. According, feral suators wil not msementnieral conto, develop ‘procedures, instal systems, propare eco, or engage i ary her avy hat may npae {hak judgment incng” 1+ Assossing specific operations for wich they had responstiiy win the preveus you. + Pertorming any operational dts foram! onsen ort afte 1 nating o approving ansactorsextmal othe moral aud [ity eran ‘ltt osrvedPART 3: ESSENTULS OF TERWA, AUDITING {ik suppimental Gutance Model ntmal Aust Actiay Charter + Detng the atv of any v9 employee nat employs bythe Intomal aust sc"= e's, excap tothe entent hat sich employees have been appropratly assigned to adn toms oto cherie esi intemal Ste, Were the chief uct executive has of expected i have ols ad esponsbites ha fa ‘use of intemal audng, safeguarés wll estabiched tlt patents to Independence or object. Into! sustore wil: + Disctose any impairment of independence er cect, infer appearance, sppropriate partes. + Exhibit professional obctity in gathering, evaluating, end communicating intrmation about the atvty or process beng examines. 4+ Make Balances assossmentsof al avaleble ard elvan facts and crounstances. ‘Take nocessar pecauon o avoid Beng unduly influenced by tar wn ineeste oF by otersn forme judgements “Te chief act executive wil conf ote tens rnualy, me egenizaonal ndependence of iniemal aud 2 “Te che aust exscitve wil loss tothe. * ny erterenceandrelted implications in dterining th scope fintemal using, erring werk, alec eommurieating esuts ‘Scope ot Internal Aut Activites ‘The scope of intemal aud sctites encompasses bute not Inited 10, cbjectve exarinatons oF evcence forte pupose of proving pendent asserts oe omit "ss, management ard ouside pares on he acequacy and sean govranc, sk management a contol processes fer "= "Ines! aut sssessments ince evaluat wher + Risks relating tothe achievement of [one ~cigansshon' statapeobpetives are sppropitelyertied anc managed 1 The acdons of rare of ra-ncsio flees, directors, employees, and cenrators ‘vin compliance wih 92 fos son's poles. procedure, and apeeable laws, regulatons, and goverance standards + The ests of operons or programs ae consistent wih estalshod goes and obectves Sz016m me ‘mtg reseed‘Seton | Foundations of nema! Avctig 1 Supplemental Gudance Wael otal Aud Atty Chane + Operations or programs are being cared out eflectvely and econ. {Emblaned procestes and systems enable compisnoa win he polices, procetures, laws, an regltions that could sgrifeanty mpact "rf raza + Inermaton and the means used io identity, measure, analyze, classi, and report Such formation are rlisbie ans have egy + Resoureas and assets ave acquzed economically, used eflenty, nd protected ‘equity “Te cio ust executive wl repr periodically o senior management and the 09 rroctpordaary curmles opardgr 4 The nema aut spoit oe a purpose thoy, and responsbiy, {The tema ava coo ior "5 plan and perermance reve open {The intmal aust crores eankomance wth The IAs Code of cs tnd Standard and acon plans to address any sgnifeant conformance fesuee + Sinan rik expoaues and contol sues, ncluing aud ike, governance eaves, land ther mates requires the atlonon of or requasted by the = 1+ Results f aust engagements or oer activites 1 Resource requirement. {Any responae fo ik by management that may be unacoaptabe to (oem = ‘The chet aust executive also coorinats actives, where posible, and considers coving ‘pon he work of thar intemal and excemal surance and consulting sevice rowces a Needed The stem ust veos==s= may perform aavieoy and elated cet ‘orice acts, the nalue and scope of wah wil be apo wih the cent, provide the Intmal aust op") dee not assume management respons Opposites orimprovng the efcieny of goverance sk management and conte processes may be dented curing engegements. Thess opporunis wil be communicated {0 the appropriate tvel of management. Responsititty The chet aut execute has the responsibilty to ‘+ Som atast annua, o senior management andthe 25-02 Eputsuneniens) or! te,arigbased femal aud plan for roview and soo