The internal auditor have a duty to gather, analyze, and document relevant, reliable, and sufficient information to support their assertions, opinions, and recommendations to the Board and Management. It is critical the internal auditor has full and unrestricted access to all company records, property, and personnel to prevent the opportunity for a company employee to falsify, manipulate, or distort information. This level of unrestricted authority should be granted by a formal internal audit charter, approved and communicated by the Board and Management of the company at least annually. As trusted custodians of company information internal auditors must hold themselves accountable to a strict Code of Ethics. If the internal auditor is a Certified Internal Auditor, then they must apply and uphold the 4 following principles as defined by the Institute of Internal Auditors:
1. Integrity - The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment.
2. Objectivity - Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments.
3. Confidentiality - Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so.
4. Competency - Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services.
Showing posts with label IIA Code of Ethics. Show all posts
Showing posts with label IIA Code of Ethics. Show all posts
Wednesday, April 21, 2010
Tuesday, April 13, 2010
Internal Audit's Role in Corporate Governance
The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal Auditors. The IPPF guidance includes mandatory guidance, which includes the Definition of Internal Auditing, the Code of Ethics, and the Standards.
With respect to Governance Standard 2110, "the internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:
With respect to Governance Standard 2110, "the internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives:
- Promoting appropriate ethics and values within the organization;
- Ensuring effective organizational performance management and accountability;
- Communicating risk and control information to appropriate areas of the organization; and
- Coordinating the activities of and communicating information among the board, external and internal auditors, and management."
Thursday, March 25, 2010
Governance & Internal Audit Evolution: Rules or Principles?
My view is that the voluntary adoption, disclosure, and enforcement of self-guided principles are the solution to restoring good governance and internal audit activities within our U.S. Free Enterprise System. Rule-based systems, while often well-intended, are generally designed to be negative reinforcement systems, often are prone to “loop-holes,” exploitation, and have bad consequence (i.e. punishment or penalization) As internal auditors, we know that recognizing “deficiencies,” and in some case “failure” are often what create the opportunities for organizational betterment. Principle-based systems are generally designed to be positive reinforcement systems, are less prone to exploitation because it encourages transparency and reasoning for actions, and have good consequence (i.e. commendation, recognition, and reward.) Public trust and confidence can be restored when organizations can publicly declare “Here is what we do, here is why we do it, here are the reasons we believe it is the right thing to do, and here is how we are going to show it to you” – this is the essence of good principle-based systems. To say we are “compliant” with a rule-based system does not always meet the “intent” of the rule.
As an example, consider this – A father, Jack, tells his daughter, Jane, to be home at 10pm because she has school tomorrow. Jane goes home for her 10pm curfew, then she sneaks back-out until 2:30 AM. In the morning, while having breakfast with her parents Jane declares “I was home a few minutes before 10pm last night,” in response to her father’s question “What time did you get home last night?” By all counts Jane followed the rule – didn’t she? Is it human nature to find the “loop-hole” in the rules? How do you think the scenario outcome would change if that evening Jack told Jane “Be home to make sure you’re well rested for school tomorrow,” and then in the morning asked her “How much rest did you get last night Jane?” While a simple example, hopefully this shares my thought process on the potential and power of the “principle” and the inherent weakness of the “rule.”
We must also ask ourselves where the role of Ethics and Integrity plays in the rule-based and principle-based systems. An industry colleague, Dan Smith, brought up a great point that principle-based systems "Overtime, without proper safeguards or directives at a social and moral level can collapse in corruption." My view is that as we evolve, for the better, we will see the emergence of ethics committees in organizations that will become the "transparent" and most "trusted" voice to the community and public stakeholders. While the U.S. has its own recognized design flaws and operational deficiencies. However, the design and operation of the 9-member Supreme Court system has continually exemplified integrity, diversity, and thoughtful governance to our Democratic, Capitalist, and Free Society.
With respects to the emergent ethics committee, organizational stakeholders should look to the U.S. Supreme court as a framework for the conceptual design of internal adjudication processes that will serve as the necessary "social and moral" safeguard in which Dan has so diligently observed as necessary to prevent the erosion of integrity that results in corruption.
As an example, consider this – A father, Jack, tells his daughter, Jane, to be home at 10pm because she has school tomorrow. Jane goes home for her 10pm curfew, then she sneaks back-out until 2:30 AM. In the morning, while having breakfast with her parents Jane declares “I was home a few minutes before 10pm last night,” in response to her father’s question “What time did you get home last night?” By all counts Jane followed the rule – didn’t she? Is it human nature to find the “loop-hole” in the rules? How do you think the scenario outcome would change if that evening Jack told Jane “Be home to make sure you’re well rested for school tomorrow,” and then in the morning asked her “How much rest did you get last night Jane?” While a simple example, hopefully this shares my thought process on the potential and power of the “principle” and the inherent weakness of the “rule.”
We must also ask ourselves where the role of Ethics and Integrity plays in the rule-based and principle-based systems. An industry colleague, Dan Smith, brought up a great point that principle-based systems "Overtime, without proper safeguards or directives at a social and moral level can collapse in corruption." My view is that as we evolve, for the better, we will see the emergence of ethics committees in organizations that will become the "transparent" and most "trusted" voice to the community and public stakeholders. While the U.S. has its own recognized design flaws and operational deficiencies. However, the design and operation of the 9-member Supreme Court system has continually exemplified integrity, diversity, and thoughtful governance to our Democratic, Capitalist, and Free Society.
With respects to the emergent ethics committee, organizational stakeholders should look to the U.S. Supreme court as a framework for the conceptual design of internal adjudication processes that will serve as the necessary "social and moral" safeguard in which Dan has so diligently observed as necessary to prevent the erosion of integrity that results in corruption.
Subscribe to:
Posts (Atom)
Posts
