Skip Ribbon Commands
Skip to main content

IIA Position Papers

Position Papers assist a wide range of interested parties, but are primarily designed to inform and educate internal audit stakeholders on issues of importance to The IIA and the profession. Their focus is generally related to significant governance, risk, or control issues, and delineating the associated roles and responsibilities of internal auditing.

New! Fraud and Internal Audit: Assurance Over Fraud Controls Fundamental to Success, April 2019

Fraud is not unique to any organization type and no organization is immune. Since the opportunity to commit fraud exists everywhere, it is important for organizations to effectively leverage various resources to develop strong anti-fraud programs. This position papers outlines when and where internal audit’s skill sets can most effectively be used and at what point other resources should be tapped. It also provides key takeaways regarding internal control procedures, prevention and response planning, risk exposure assessment, and fraud investigation, as well as five questions all organizations should pose to strengthen their program.

English    Croatian    French    Deutsche    Turkish     Bahasa Indonesia

Why Conformance Matters, May 2018

Conformance to the IPPF is essential in meeting the responsibilities of internal auditors and the internal audit activity (IAA). It provides a measure of confidence that the IAA is operating to a strict code of ethics and defined professional standards, and that its staff is trained to specified standards of education and continued professional development.

English     Croatian     French     Korean     Spanish     Turkish

Internal Auditing's Role in Corporate Governance, May 2018

Internal audit’s role in governance is vital. Internal audit provides objective assurance and insight on the effectiveness and efficiency of risk management, internal control, and governance processes.

English     Croatian     French     Korean     Polish     Spanish

Staffing Considerations for Internal Audit Activity, May 2018

Knowledgeable and competent resources within internal audit are needed to ensure assurance and advisory work are performed in alignment with the organization’s expectations and in conformance with widely accepted principles and standards. Careful and thoughtful consideration should be given to partially or fully outsourcing the internal audit activity.

English     Croatian     French     Korean     Spanish

The Three Lines of Defense in Effective Risk Management and Control, January 2013

In twenty-first century businesses, it’s not uncommon to find diverse teams working to manage organizational risks. While each provides unique and invaluable perspectives and skills, managing risks across multiple departments and divisions must be carefully coordinated to assure that risk and control processes operate as intended. The Three Lines of Defense model is a valuable tool to help management and the board understand and coordinate risk management efforts.

English     Spanish     French     Bulgarian
Portuguese     Serbian     Estonian     Turkish

The Role of Internal Auditing in Enterprise-wide Risk Management, January 2009

ERM is a structured, consistent, and continuous process applied across the organization that identifies and assesses risks, as well as decides on responses to and reports on opportunities and threats that affect the achievement of objectives. The principles presented in this paper can be used to guide the involvement of internal auditing in all forms of risk management, but it is primarily intended to address ERM, as this is most likely to improve an organization’s governance processes.

English     Spanish     French     Portuguese     Serbian