Standards of Practice
Internal Audit operates within The Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing (“Standards” or “Red Book”) including the IIA’s Definition of Internal Auditing, Code of Ethics, Rules of Conduct and Quality Assurance Improvement Program. Internal Audit utilizes the Committee of Sponsoring Organizations of the Treadway Commission (COSO) control framework(s), Internal Audit’s procedure manual, and when required and not otherwise in conflict with the Standards, the Generally Accepted Government Auditing Standards (“Yellow Book”). The IIA’s Practice Advisories, Practice Guides, and Position Papers will guide operations as applicable. Internal Audit will adhere to Southern Oregon University’s relevant policies and procedures, but in the event of conflicting direction, the Standards shall prevail.
Definition of Internal Auditing
“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” – The Institute of Internal Auditors’
Quality Assurance and Improvement Program
IIA Standards require the creation and maintenance of a Quality Assurance and Improvement Program. The Standards currently require an assessment by a qualified independent reviewer or review team from outside the organization at least every five years. Until the first successful assessment it is not appropriate for Internal Audit to state “in conformance with the Standards,” or “in conformity to the Standards” in its reports.
Code of Ethics
Internal Auditors are expected to apply and uphold the following principles as defined in the IIA Code of Ethics:
Integrity – The integrity of Internal Auditors establishes trust and thus provides the basis for reliance on their judgment.
Objectivity – Internal Auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. Internal Auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments.
Confidentiality – Internal Auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so.
Competency – Internal Auditors apply the knowledge, skills, and experience needed in the performance of internal auditing services.