Standard

Coordinating Risk Management and Assurance

La gestione del rischio è fondamentale per il controllo organizzativo ed è finalizzato alla creazione e alla regolazione di un sano governo societario.La realizzazione di un efficace sistema di gestione del rischio è una responsabilità chiave del management e del board. Questi ultimi sono responsabili dell’adozione di un approccio olistico per l’identificazione dei rischi organizzativi, la creazione di controlli per mitigare tali rischi, il monitoraggio e la revisione dei rischi individuati. Essi dovrebbero garantire l'integrazione della gestione del rischio nell’organizzazione, sia a livello strategico che operativo.Standard 2050: Coordination states, "The chief audit executive [CAE] should share information and coordinate activities with other internal and external providers of assurance and consulting services to ensure proper coverage and minimize duplication of efforts.” Questa responsabilità richiede l’inclusione del CAE e la sua partecipazione nel controllo dei processi dell’organizzazione. Il quadro di riferimento può essere costituito dall’audit interno, dall’audit esterno, dalla governance, dalla gestione del rischio o dalle altre funzioni di controllo. L’inclusione e la partecipazione in questo contesto contribuisce a garantire la consapevolezza del CAE circa i rischi dell’organizzazione e dei controlli, in relazione agli scopi organizzativi e agli altri obiettivi.

Guida Pratica: Independence and Objectivity

The importance of independence and objectivity, which has always been significant for internal auditors, continues to increase among the challenges facing internal audit activities in the constantly changing business environment. An ever-growing number of stakeholders, both inside and outside an organization, continue to demand greater transparency, increased disclosures, expanded internal audit services, increased professionalism, improved coordination among internal and external auditors, greater responsibilities, and more accountability from internal audit professionals. This practice guide was developed to address these changes and increased expectations.

The purpose of this practice guide is to:

• Highlight IIA guidance on independence and objectivity.
• Discuss potentially confusing aspects encompassing independence and objectivity.
• Identify activities that support independence and objectivity.
• Identify various considerations and potential challenges related to independence and objectivity.
• Provide frameworks for managing independence and objectivity.

Assisting Small Internal Audit Activities in Implementing the International Standards for the Professional Practice of Internal Auditing

The International Professional Practices Framework (IPPF) and underlying International Standards for the Professional Practice of Internal Auditing (Standards) provide the Chief Audit Executive (CAE) and internal audit leadership a framework and related guidance to use in evaluating and ensuring the effectiveness of the internal audit activity. The Standards also provide internal auditing’s stakeholders a basis for evaluating the activity’s effectiveness. The Standards are applicable to all internal audit departments regardless of size, level of resources, complexity, or objective and scope.This Practice Guide provides a working definition of the term small internal audit activity. The guide acknowledges the challenges that CAEs and audit leadership in small audit activities may face in implementing the Standards, provides suggestions for meeting those challenges, and discusses the benefits of using the Standards. Many of the challenges discussed in this guide are not unique to small audit activities; larger activities may face many of the same challenges. However, these challenges are more frequently encountered and more difficult to overcome in small audit activities.Although the CAE of a small internal audit activity is responsible for ensuring implementation of all Standards, the degree of challenge for conformance to each standard may vary among small activities. The chart in the Introduction provides a visual summary of the degree of challenge that the CAE may face in conforming to the Standards. The chart is based on informal discussions with small audit groups and also amongst the members of The IIA’s committees. Although conformance with the Standards may pose challenges, it is possible with the development of appropriate strategy and planning. The Standards are principles-based and are meant to be applicable to internal audit activities of all sizes.