FOUNDATION OF INTERNAL AUDIT
- The IIA’s Mission of Internal Audit, Definition of Internal Auditing, and Core Principles for the Professional Practice of Internal Auditing, and the purpose, authority, and responsibility of the internal audit activity
- The requirements of an internal audit charter (required components, board approval, communication of the charter, etc.)
- The difference between assurance and consulting services provided by the internal audit activity.
- Conformance with the IIA Code of Ethics.
INDEPENDENCE AND OBJECTIVITY
- Organizational independence of the internal audit activity (importance of independence, functional reporting, etc.)
- Identify whether the internal audit activity has any impairments to its independence.
- Assess and maintain an individual internal auditor’s objectivity, including determining whether an individual internal auditor has any impairments to his/her objectivity.
- Analyze policies that promote objectivity.
PROFICIENCY AND DUE PROFESSIONAL CARE
- Recognize the knowledge, skills, and competencies required (whether developed or procured) to fulfill the responsibilities of the internal audit activity.
- Demonstrate the knowledge and competencies that an internal auditor needs to possess to perform his/her individual responsibilities, including technical skills and soft skills (communication skills, critical thinking, persuasion/negotiation, and collaboration skills, etc.)
- Demonstrate due professional care.
- Demonstrate an individual internal auditor’s competency through continuing professional development.
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM
- Describe the required elements of the quality assurance and improvement program (internal assessments, external assessments, etc.)
- Describe the requirement of reporting the results of the quality assurance and improvement program to the board or other governing body.
- Identify appropriate disclosure of conformance vs. nonconformance with The IIA’s International Standards for the Professional Practice of Internal Auditing
GOVERNANCE, RISK MANAGEMENT, AND INTERNAL CONTROL
- Describe the concept of organizational governance.
- The impact of organizational culture on the overall control environment and individual engagement risks and controls
- The organization’s ethics and compliance-related issues, alleged violations, and dispositions.
- Corporate social responsibility.
- Fundamental concepts of risk and the risk management process
- Globally accepted risk management frameworks appropriate to the organization (COSO – ERM, ISO 31000, etc.
GOVERNANCE, RISK MANAGEMENT, AND INTERNAL CONTROL (Continued)
- The effectiveness of risk management within processes and functions
- The internal audit activity’s role in the organization’s risk management process
- Internal control concepts and types of controls
- Globally accepted internal control frameworks appropriate to the organization.
- The effectiveness and efficiency of internal controls.
FRAUD RISKS
- Fraud risks and types of frauds and determine whether fraud risks require special consideration when conducting an engagement.
- Evaluate the potential for occurrence of fraud (red flags, etc.) and how the organization detects and manages fraud risks.
- Controls to prevent and detect fraud and education to improve the organization’s fraud awareness.
- Techniques and internal audit roles related to forensic auditing (interview, investigation, testing, etc.)