IIA Position Paper: The Three Lines of Defense in Effective Risk Management and Control (Spanish)
The IIA's position paper, The Three Lines of Defense in Effective Risk Management and Control, addresses how organizations can holistically mitigate risks in a business environment that is continuously growing in complexity. (Spanish)
The IIA's International Standards for the Professional Practice of Internal Auditing - Mark-up Version (Spanish)
This document includes the 2013 vs. 2011 mark-ups/track changes to the International Standards for the Professional Practice of Internal Auditing. (Spanish)
IIA Position Paper: The Role of Internal Auditing in Resourcing the Internal Audit Activity (Spanish) / Declaración de Posición del IIA Sobre Alternativas de Obtención de Recursos para la Función de Auditoría Interna
This position paper provides guidance and clarification of the roles of the board, management, and the chief audit executive (CAE) on resourcing the internal audit activity and the various issues involved. (Spanish)
IIA Position Paper: The Role of Internal Auditing in Enterprise-wide Risk Management (Spanish) / El Rol de la Auditoría Interna en Relación con la Gestión de Riesgos para Toda la Empresa
This position paper provides The IIA's perspective on the role of internal auditing as it relates to enterprise risk management. (Spanish)
IIA Position Paper: The Role of Internal Auditing in Enterprise-wide Risk Management (Spanish) / El Rol de la Auditoría Interna en Relación con la Gestión de Riesgos para Toda la Empresa
This position paper provides The IIA's perspective on the role of internal auditing as it relates to enterprise risk management. (Spanish)
IIA Position Paper: The Role of Internal Auditing in Resourcing the Internal Audit Activity (Spanish) / Declaración de Posición del IIA Sobre Alternativas de Obtención de Recursos para la Función de Auditoría Interna
This position paper provides The IIA's opinion on outsourcing internal audit resources and includes considerations that should be taken into account when evaluating outsourcing options. (Spanish)
IPPF Code of Ethics / Código de Ética
The Code of Ethics states the principles and expectations governing behavior of individuals and organizations in the conduct of internal auditing. (Spanish)
Practice Advisory 2320-1: Analysis and Evaluation (Spanish)
This Practice Advisory (PA) discusses using analytical procedures for analysis and evaluation, covers when to use them, different types of analytical procedures, and considerations for practitioners to take into account when performing them. (Spanish)
GTAG 1: Information Technology Controls (Spanish) / Controles de Tecnología de la Información
This Practice Guide (PG) describes the knowledge needed to address technology control issues and their impact on business and provides information on available frameworks. (Spanish)
GTAG 2: Change and Patch Management Controls: Critical for Organizational Success (Spanish) / Controles de Gestión de Parches y Cambios: Cruciales para el Éxito de la Organización
This Practice Guide (PG) tackles why IT change and patch management are important; how IT change and patch management helps control IT risks and costs; what works and what doesn't; and what internal auditing should do. (Spanish
GTAG 3: Continous Auditing: Implications for Assurance, Monitoring, and Risk Assessment (Spanish) / Auditoría Continua: Implicancias para el Aseguramiento, la Supervisión y la Evaluación de Riesgos
This Practice Guide (PG) covers the role of continuous auditing in today’s internal audit environment and the relationship of continuous auditing, continuous monitoring, and continuous assurance. (Spanish)
GTAG 7: Information Technology Outsourcing (Spanish) / Tercerización de Tecnología de la Información
This Practice Guide (PG) discusses how to choose the right information technology outsourcing vendor and key outsourcing control considerations from the client’s and service provider’s operation. (Spanish)
GTAG 8: Auditing Application Controls (Spanish) / Auditar Controles de Aplicación
This Practice Guide (PG) provides chief audit executives (CAEs) with information on what application controls are and their benefits; the role of internal auditors; how to perform a risk assessment; and application control review scoping. (Spanish)
GTAG 9: Identity and Access Management (Spanish) / Gestión de Identidades y Accesos
This Practice Guide (PG) covers key concepts surrounding identity and access management (IAM), risks associated with IAM process, detailed guidance on how to audit IAM processes, and a sample checklist for auditors. (Spanish)
Practice Advisories in full (Spanish) / Consejo para la Práctica
This zip file includes individual PDFs of all of the practice advisories included in the International Professional Practices Framework translated into Spanish.
IPPF Practice Guide: Internal Auditing and Fraud/Auditoría Interna y Fraude
A Question of Ethics (Spanish) / Una Cuestion de Etica
In organizations where the honesty and the integrity are a rule, it is easy for the employees to resist the multiple temptations that today the world of the business offers. (Spanish)