Professional Documents
Culture Documents
Applying The Global Internal Audit Standards - AIS
Applying The Global Internal Audit Standards - AIS
Stakeholder Groups
provide knowledge, feedback, & input
IIA Global HQ
Staff IIA Member Volunteers
(Knowledge Groups)
International Internal Audit coordinate, manage,
Global Guidance Council market, and maintain
Standards Board
develop, direct, and approve Standards
develop, direct, and approve Guidance projects Direct Stakeholders
(IIA members and other in
the internal audit profession)
Indirect Stakeholders
GB Authorization (Public, non-IA Profession)
IPPFOC Independent Oversight
Project Management
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
International Internal Audit Standards Board (IIASB)
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
IPPF Oversight Council
Organizations represented:
Publication:
Framework for Setting Internal Audit
Standards in the Public Interest
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
IPPF Evolution Timeline with Resources
Now Q2-Q4 Q1-Q2
Available 2024 2025
• Global Internal Audit StandardsTM basic PDF. • Tool: for CAE communication with board • New Standards become effective
• Condensed version of the Global Internal Audit Standards. and senior management about Domain III. Jan 9, 2025.
• Report on the Standard-setting and Public Comment • Conformance Assessment Readiness Tool • Updated Internal Audit
Processes for the Global Internal Audit Standards. Practitioner exam: no changes
• Refreshed and New Global Guidance before effective date.
• 2-Way Standards and Glossary Mapping. (Global Practice Guides, Global Technology
• Updated Learning Library (2 new courses). Audit Guides). • CIA® exam and study materials:
• Internal Auditor magazine special issue. no changes before May 2025.
• Topical Requirement on Cybersecurity –
iia.mydigitalpublication.com/february-2024. issued for public comment (Apr), followed • New Topical Requirements –
• Standards Knowledge Center: by release (Q4). issued for public comment,
Tools, courses, events, webinars, podcasts, and articles. • Global Internal Audit Standards (The followed by release.
─ Tool: Model Internal Audit Charter (General and Public Redbook) hardcover book (Q3, June).
Sector).
• New GTAG & Practice Guide.
• Global Internal Audit Standards digitally enhanced e-book.
• Translated Standards (including in Bahasa Indonesia).
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Resources: Available at www.theiia.org
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
New IPPF and
Global Internal Audit Standards –
Structure
The IPPF Evolution
2017 2024
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
The New Structure
5 Domains
15 Principles
• 52 Standards
• Requirements
• Considerations for Implementation
• Examples of Evidence of Conformance
Additional features:
• Fundamentals
• Applying the Standards in the Public Sector
• Glossary
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Global Internal Audit Standards
5 Domains, 15 Principles
Domain I: Purpose of Internal Auditing
III. Governing the Internal Audit IV. Managing the Internal Audit V. Performing Internal Audit
Function Function Services
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Global Internal Audit Standards –
Glossary & Fundamentals
Glossary
Old Term or Concept Updated Term New to the Glossary
consulting services advisory services Assurance engagement Internal audit public sector risk tolerance
supervisor charter
engagement opinion engagement
conclusion
competency finding internal audit residual risk root cause
internal audit activity internal audit manual
function
purpose, authority, responsibility internal audit
mandate condition impact internal audit results of senior
plan internal audit management
policies and procedures (internal methodologies services
audit)
Existing Terms With New Definitions criteria inherent risk likelihood risk and stakeholder
control
board
matrix
control processes
engagement integrity may risk workpapers
fraud planning assessment
internal auditing
risk appetite *Not a comprehensive list.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Board - Definition
Highest-level body charged with governance, such as:
• A board of directors.
• An audit committee.
• A board of governors or trustees.
• A group of elected officials or political appointees.
• Another body that has authority over the relevant governance functions.
In an organization that has more than one governing body, “board” refers to the body or bodies
authorized to provide the internal audit function with the appropriate authority, role, and
responsibilities.
If none of the above exists, “board” should be read as referring to the group or person that acts
as the organization’s highest-level governing body. Examples include the head of the organization
and senior management.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Fundamentals of the Global Internal Audit Standards
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Fundamentals of the Global Internal Audit Standards
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Global Internal Audit Standards:
Domains
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain I: Purpose of Internal Auditing
Purpose Statement:
Internal auditing strengthens the organization’s ability to create, protect, and sustain value by providing
the board and management with independent, risk-based, and objective assurance, advice, insight, and foresight.
Internal auditing enhances the organization’s: Internal auditing is most effective when:
• Successful achievement of its objectives. • It is performed by competent professionals in
conformance with the Global Internal Audit
• Governance, risk management, and control
Standards, which are set in the public interest.
processes.
• The internal audit function is independently
• Decision-making and oversight.
positioned with direct accountability to the
• Reputation and credibility with its stakeholders. board.
• Ability to serve the public interest. • Internal auditors are free from undue influence
and committed to making objective assessments.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain II: Ethics and Professionalism
1. Demonstrate 2. Maintain 3. Demonstrate 4. Exercise Due 5. Maintain
Integrity Objectivity Competency Professional Care Confidentiality
Internal auditors Internal auditors Internal auditors apply Internal auditors apply Internal auditors use
demonstrate integrity in maintain an impartial the knowledge, skills, due professional care in and protect information
their work and behavior. and unbiased attitude and abilities to fulfill planning and performing appropriately.
when performing their roles and internal audit services.
internal audit services responsibilities
and making decisions. successfully.
1.1 Honesty and 4.1 Conformance
2.1 Individual 5.1 Use of
Professional 3.1 Competency with Global Internal
Objectivity Information
Courage Audit Standards
3.2 Continuing
1.2 Organization’s 2.2 Safeguarding 4.2 Due 5.2 Protection of
Professional
Ethical Expectations Objectivity Professional Care Information
Development
2.3 Disclosing
1.3 Legal and 4.3 Professional
Impairments to
Ethical Behavior Skepticism
Objectivity
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain III: Governing the Internal Audit Function
Domain III standards include “essential conditions” for an effective internal audit function.
8.2 Resources
7.2 Chief Audit Executive
6.2 Internal Audit Charter Qualifications
8.3 Quality
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain IV: Managing the Internal Audit Function
9. Plan Strategically 10. Manage Resources 11. Communicate 12. Enhance Quality
The chief audit executive plans The chief audit executive Effectively The chief audit executive is
strategically to position the manages resources to The chief audit executive guides responsible for the internal
internal audit function to fulfill its implement the internal audit the internal audit function to audit function’s conformance
mandate and achieve long-term function’s strategy and achieve communicate effectively with its with the Global Internal Audit
success. its plan and mandate. stakeholders. Standards and continuous
performance improvement.
9.1 Understanding Governance,
Risk Management, and 10.1 Financial Resource 11.1 Building Relationships and
Management Communicating with Stakeholders
Control Processes 12.1 Internal Quality Assessment
9.3 Methodologies 10.3 Technological Resources 11.3 Communicating Results 12.3 Oversee and Improve
Engagement Performance
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain V: Performing Internal Audit Services
13. Plan Engagements Effectively 14. Conduct Engagement Work 15. Communicate Engagement
Internal auditors plan each engagement Internal auditors implement the engagement Conclusions and Monitor Actions
using a systematic, disciplined approach. work program to achieve the engagement Plans
objectives.
Internal auditors communicate the
13.1 Engagement Communication engagement results to the appropriate
14.1 Gathering Information for Analyses parties and monitor management’s
and Evaluation progress toward implementation of
13.2 Engagement Risk Assessment 14.2 Analyses and Potential Engagement recommendations or action plans.
Findings
13.3 Engagement Objectives and Scope 15.1 Final Engagement Communication
14.3 Evaluation of Findings
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Applying the Global Internal Audit
Standards in the Public Sector
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain I. Purpose of Internal Auditing
Purpose Statement:
Internal auditing strengthens the organization’s ability to create, protect, and sustain value by providing
the board and management with independent, risk-based, and objective assurance, advice, insight, and
foresight.
Internal auditing enhances the Internal auditing is most effective when:
organization’s: • It is performed by qualified internal auditors in
• Successful achievement of its objectives. conformance with the Global Internal Audit
Standards, which are set in the public interest.
• Governance, risk management, and control
processes. • The internal audit function is independently
positioned with direct accountability to the
• Decision-making and oversight. board.
• Reputation and credibility with its • Internal auditors are free from undue influence
stakeholders. and committed to making objective
• Ability to serve the public interest. assessments.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain II: Ethics and Professionalism
1. Demonstrate 2. Maintain 3. Demonstrate 4. Exercise Due 5. Maintain
Integrity Objectivity Competency Professional Care Confidentiality
Internal auditors Internal auditors Internal auditors apply Internal auditors apply Internal auditors use
demonstrate integrity in maintain an impartial the knowledge, skills, due professional care in and protect information
their work and behavior. and unbiased attitude and abilities to fulfill planning and performing appropriately.
when performing their roles and internal audit services.
internal audit services responsibilities
and making decisions. successfully.
1.1 Honesty and 4.1 Conformance
2.1 Individual 5.1 Use of
Professional 3.1 Competency with Global Internal
Objectivity Information
Courage Audit Standards
3.2 Continuing
1.2 Organization’s 2.2 Safeguarding 4.2 Due 5.2 Protection of
Professional
Ethical Expectations Objectivity Professional Care Information
Development
2.3 Disclosing
1.3 Legal and 4.3 Professional
Impairments to
Ethical Behavior Skepticism
Objectivity
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain III: Governing the Internal Audit Function
Domain III standards include “essential conditions” for an effective internal audit function.
8.2 Resources
7.2 Chief Audit Executive
6.2 Internal Audit Charter Qualifications
8.3 Quality
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain IV. Managing the Internal Audit Function
9. Plan Strategically 10. Manage Resources 11. Communicate 12. Enhance Quality
The chief audit executive plans The chief audit executive Effectively The chief audit executive is
strategically to position the manages resources to The chief audit executive guides responsible for the internal
internal audit function to fulfill its implement the internal audit the internal audit function to audit function’s conformance
mandate and achieve long-term function’s strategy and achieve communicate effectively with its with the Global Internal Audit
success. its plan and mandate. stakeholders. Standards and continuous
performance improvement.
9.1 Understanding Governance,
Risk Management, and 10.1 Financial Resource 11.1 Building Relationships and
Management Communicating with Stakeholders
Control Processes 12.1 Internal Quality Assessment
9.3 Methodologies 10.3 Technological Resources 11.3 Communicating Results 12.3 Oversee and Improve
Engagement Performance
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Domain V. Performing Internal Audit Services
No distinction between Assurance and Advisory engagements
13. Plan Engagements Effectively 14. Conduct Engagement Work 15. Communicate Engagement
Internal auditors plan each engagement Internal auditors implement the engagement Conclusions and Monitor Actions
using a systematic, disciplined approach. work program to achieve the engagement Plans
objectives.
Internal auditors communicate the
13.1 Engagement Communication 14.1 Gathering Information for Analyses engagement results to the appropriate
and Evaluation parties and monitor management’s
progress toward implementation of
13.2 Engagement Risk Assessment 14.2 Analyses and Potential Engagement recommendations or action plans.
Findings
13.3 Engagement Objectives and Scope 15.1 Final Engagement Communication
14.3 Evaluation of Findings
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Unique Aspects of Auditing in the Public Sector
• Accountability in Public
Funding.
• Nature of Politics.
• Governance.
• Public Good/Public Interest.
• Transparency, Ethics and
Integrity.
• Legal, Regulatory, and Fiscal
Compliance.
• Efficiency, Effectiveness, and
Equity in Public Service
Delivery.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Our Recommendations
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
IIA Indonesia Recommends
Perform an IA Readiness
Create plans to develop Develop Quality
Assessment to identify
Assess Chief Audit coordination and Assurance and
Enforce ethics what needs to change to
qualifications collaboration with the first Improvement Programme
conform with the new
and second line (QAIP)
Standards.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Keys to Successful Implementation of the Global Internal
Audit Standards
1. Align with key stakeholders.
2. Get and develop the right resources.
3. Continue to improve.
4. Deliver value.
5. Manage internal audit strategically.
6. Proactively assess your organization’s risk management and governance
processes.
7. Strive for excellence (performance + conformance).
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
What’s Next
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
What’s Next?
• Implement!
• Topical
Requirements.
• Quality Assessments.
• Certifications.
• Additional Resources.
• To Learn More
www.theiia.org/New
Standards
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
External Quality Assessments
Options for Planning EQAs
Based on the January 2024 issuance of the Global Internal Audit Standards and the effective
date of January 2025.
Exam
• No changes before May 2025. • No changes before effective
date.
Transition period
• Now available. Scan QR code for details.
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Upcoming IIA Happenings
©2024, The Institute of Internal Auditors. All rights reserved. For individual personal use only.
Q&A
COPYRIGHT NOTICE
The Global Internal Audit Standards and related materials are protected by
copyright law and are operated by The Institute of Internal Auditors, Inc.
(“The IIA”). ©2024 The IIA. All rights reserved.