Described as a “joint research report by the Internal Audit Foundation and Kroll” (Kroll is a major investigation firm), Internal Audit’s Role in Fraud Risk Management has some truly excellent content.
It lays out extremely well the IIA’s position and guidance on this important topic. However, Kroll pretty much ignores that and continues with a report that pushes what I assume is its own opinion.
Here are some key points with my comments, but I strongly recommend a careful read with special attention to the IIA’s position laid out in the first three bullets below:
- While the role of internal audit teams varies significantly across different industries, jurisdictions, and organizations, the predominant role of internal audit is, according to The Institute of Internal Auditors (IIA), “to provide independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.” This includes assessing the design and effectiveness of controls in an organization, including controls involving fraud risk management, and providing assurance to management and the board that controls are designed appropriately and function effectively.
- The IIA set out the following key points in relation to the role of internal audit in fraud risk management:
- Organizations should…