I am talking about the Chartered Institute of Internal Auditors’ (CIIA) Internal Audit Code of Practice.
It was released today, and I strongly encourage everybody to read and consider it, not only in the UK, but around the world.
You can read the Press Release here when it is posted later today or tomorrow.
Is it perfect? No. As usual I can see areas for improvement. But they are relatively small and the Code is a serious and very significant upgrade (sorry IIA) to GIAS. In fact, I think it transcends GIAS. For example, the Code’s principle #1 says that “The primary purpose of internal audit should be to help the board and senior management to protect the assets, reputation and sustainability of the organisation.”
The error is that internal audit should not only help protect but also to create and increase the assets, etc. of the organization.
This is one area where the CIIA should have adopted the Purpose included in GIAS:
Internal auditing strengthens the organization’s ability to create, protect, and sustain value by providing the board and management with independent, risk-based, and objective assurance, advice, insight, and foresight.
Will the Code upgrade practices? I think that it stands an excellent chance if internal audit leaders, with the full support and strong encouragement of the…