The internal audit profession, through The Institute of Internal Auditors (IIA), has continued to redefine itself as business risk and organizational complexity have evolved. So, what is internal auditing? Prior to June 1999, The IIA defined internal auditing as follows:
Internal auditing is an independent appraisal function established within an organization examine and evaluate its activities as a service to the organization. The objective of internal auditing is to assist members of the organization in the effective discharge of their responsibilities. To this end, internal auditing furnishes them with analysis, appraisals, recommendations, counsel and information concerning the activities reviewed. The audit objective includes promoting effective control at reasonable cost.
Today, The IIA uses the following definition:
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improves an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
The internal audit professional presently is not regulated by the Securities and Exchange Commission (SEC), Public Accounting Oversight Board (PCAOB) or any U.S. government agency. The IIA is the self-governing professional body that includes the International Accounting Standards Board (IASB), which is charged with evaluating and developing practice standards that are issued in draft form and subject to a public comment period, much like other professional standards and accounting pronouncements. The IIA Standards includes a code of ethics that members must follow or face disciplinary action, including expulsion.To learn more, Protiviti’s Guide to Internal Audit is designed to be a resource for internal audit professionals can refer to regularly in their jobs. The publication offers detailed insights into everything from building an internal audit function to managing and improving the function as the organization evolves.