Internal auditors and integrity, objectivity and independence
Internal auditors are also required to demonstrate honesty, objectivity and diligence. Whilst their relationship to the ‘client’ is different from that of the external auditor, some of the same principles apply. Internal auditors should be seen to be objective and independent and avoid any activity that may be seen to compromise this.
Independence itself has become a debating point for internal auditors. This arises from the changing nature of internal audit and in particular, the move to a more consulting style and involvement in activities that could be said to compromise independence. However in the latest definition of internal auditing published by the ⅡA, independence remains an important tenet. It is achieved through two key factors:
l The organizational status of internal audit-to ensure that they do not have their independence compromised by reporting to an area that they will provide audit reports on. The standard requires the chief audit executive to report to a level within the organization that allows the internal audit activity to fulfil its responsibilities and that internal audit activity should be free from interference in determining scope, performing work and communicating results.
l The objectivity and professionalism of the internal auditor-internal auditors should have an impartial, unbiased attitude and avoid conflicts of interest to ensure that the appropriate independence of mind is maintained. The internal audit department would usually have guidelines/rules in place to ensure that conflicts of interest within the organization are prevented. For example if an employee has worked in another department in the organization such as financial accounting, and then transfers to work in the Internal Audit Department he would usually be precluded from auditing that department for a perlod of say one year.
A further requirement is that an assurance engagement for functions over which the chief audit executive has responsibility should be overseen by a party outside the internal audit activity, which means that if the department includes risk, compliance or other operational areas, there should be an independent oversight to protect the integrity and objectivity of the service.
To meet the requirements of honesty and integrity, internal auditors must comply with other areas of the code, for example avoiding conflicts of interest and not accepting anything that may impair professional judgement.
Independence itself has become a debating point for internal auditors. This arises from the changing nature of internal audit and in particular, the move to a more consulting style and involvement in activities that could be said to compromise independence. However in the latest definition of internal auditing published by the ⅡA, independence remains an important tenet. It is achieved through two key factors:
l The organizational status of internal audit-to ensure that they do not have their independence compromised by reporting to an area that they will provide audit reports on. The standard requires the chief audit executive to report to a level within the organization that allows the internal audit activity to fulfil its responsibilities and that internal audit activity should be free from interference in determining scope, performing work and communicating results.
l The objectivity and professionalism of the internal auditor-internal auditors should have an impartial, unbiased attitude and avoid conflicts of interest to ensure that the appropriate independence of mind is maintained. The internal audit department would usually have guidelines/rules in place to ensure that conflicts of interest within the organization are prevented. For example if an employee has worked in another department in the organization such as financial accounting, and then transfers to work in the Internal Audit Department he would usually be precluded from auditing that department for a perlod of say one year.
A further requirement is that an assurance engagement for functions over which the chief audit executive has responsibility should be overseen by a party outside the internal audit activity, which means that if the department includes risk, compliance or other operational areas, there should be an independent oversight to protect the integrity and objectivity of the service.
To meet the requirements of honesty and integrity, internal auditors must comply with other areas of the code, for example avoiding conflicts of interest and not accepting anything that may impair professional judgement.