International

Professional Practices
Framework
WEEK 2

International Professional Practices Framework (IPPF)

MANDATORY

NOT
MANDATORY
(ENDORSED
AND
RECOMMENDED
BY IIA)

Code of
Ethics

Practice
Advisori
es

Standar
ds

Practice
Guides

Definiti
on of IA

Position
papers

Code of
Ethics

The Code of Ethics states the principles and

expectations governing behavior of individuals and
organizations in the conduct of internal auditing
It describes the minimum requirements for
conduct, and behavioral expectations rather than
specific activities

Standar
ds

Principle-focused and provide a framework for

performing and promoting internal auditing.
Consist of Statements of basic requirements for the
professional practice of internal auditing and for
evaluating the effectiveness of its performance and
Interpretations applicable of organizations and
individuals.

Definitio
n of IA

Definition of IA states the fundamental purpose,

nature and scope of internal auditing

Position
papers

Assist a wide range of interested parties including

those not in the internal audit profession, in
understanding significant governance, risk or
control issues and delineating related roles and
responsibilities of internal auditing.
Ex. The role of internal Auditing in Enterprise risk
management

Practice
Advisori
es

Assist internal auditors in applying the Definition of

IA, the code of Ethics and the Standards and
promoting good practices.
Address internal auditings approach,
methodologies and considerations.

Practice
Guides

Provide detailed guidance for conducting internal

audit activities
Include detailed processes and procedures such as
tools and techniques, programs and step by step
approaches.

INTERNAL AUDITING

An independent, objective assurance and consulting activity

designed to add value and improve an organizations operations. It helps
an organization accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of
risk management, control, and governance processes.

Audit dalaman ialah suatu aktiviti bebas yang memberi jaminan dan
perundingan secara objektif, bertujuan menambah nilai dan memperbaik
operasi sesuatu organisasi. Ia membantu organisasi itu mencapai
objektifnya melalui pendekatan yang sistematik dan berdisiplin bagi
menilai dan meningkatkan keberkesanan proses pengurusan risiko,
kawalan dan tadbir urus.

Purpose of Standards

Delineate the basic principles underlying the practice of

IA
Provide a framework for a broad range of value-added
internal audit activities
Establish the basis for the evaluation of IA performance
Foster improved organizational processes and
operations

Categories of Standards
ATTRIBUTE

PERFORMANCE

Apply to all
internal audit
services and
internal
auditors,
individually
(organization
s; parties
performing
internal audit
activities)
Provide
guidance for
the quality of
the internal
audit

Apply to all
internal audit
services and
internal
auditors
Describe the
nature of
internal audit
activities
Provide
quality
criteria for
performance
evaluation

IMPLEMENTATIO
N
Expand
Attribute and
Performance
Standards
Apply to
specific
engagements

Attribute Standards

1000 Purpose, Authority, and Responsibility

1010 Recognition of the Definition of
Internal Auditing, the Code of Ethics,
and the Standards in the Internal Audit
Charter
1100 Independence and Objectivity
1110 Organizational Independence
1111 Direct Interaction with the Board
1120 Individual Objectivity
1130 Impairment to Independence or Objectivity

Attribute Standards

1200
1210
1220
1230

Proficiency and Due Professional Care

Proficiency
Due Professional Care
Continuing Professional Development

Attribute Standards

1300 Quality Assurance and Improvement Program

1310 Requirements of the Quality Assurance and
Improvement Program
1311 Internal Assessments
1312 External Assessments
1320 Reporting on the Quality Assurance and
Improvement Program
1321 Use of Conforms with the International
Standards for the Professional Practice of
Internal Auditing
1322 Disclosure of Nonconformance

Performance Standards

2000
2010
2020
2030

Managing the Internal Audit Activity

Planning
Communication and Approval
Resource Management

2600 Resolution of Senior Managements Acceptance

of Risks

During an internal audit, the Standards establish all of the

following EXCEPT :
A.
B.

C.

D.

Basic auditing principles.

Evaluation criteria for audit
performance.
Considerations on how to plan and
perform the engagement.
A framework for a broad range of valueadded internal audit activities.

CODE OF ETHICS

A code of ethics is necessary and appropriate for the

profession of internal auditing, founded as it is on the
trust placed in its objective assurance about governance,
risk management, and control.
Two essential components:
1. Principles that are relevant to the profession and practice
of internal auditing.
2. Rules of Conduct that describe behaviour norms expected
of internal auditors.

PRINCIPLES
1. Integrity - The integrity of internal auditors establishes trust and thus
provides the basis for reliance on their judgment.
2. Objectivity - Internal auditors exhibit the highest level of professional
objectivity in gathering, evaluating, and communicating information about
the activity or process being examined. Internal auditors make a balanced
assessment of all the relevant circumstances and are not unduly influenced
by their own interests or by others in forming judgments
3. Confidentiality - Internal auditors respect the value and ownership of
information they receive and do not disclose information without appropriate
authority unless there is a legal or professional obligation to do so.
4. Competency - Internal auditors apply the knowledge, skills, and
experience needed in the performance of internal audit service

Rules of Conduct
1. Integrity

Internal auditors:
1.1. Shall perform their work with honesty, diligence, and
responsibility.
1.2. Shall observe the law and make disclosures expected by
the law and the profession.
1.3. Shall not knowingly be a party to any illegal activity, or
engage in acts that are discreditable to the profession of
internal auditing or to the organization.
1.4. Shall respect and contribute to the legitimate and
ethical objectives of the organization.

2. Objectivity
Internal auditors:
2.1. Shall not participate in any activity or relationship that
may impair or be presumed to impair their unbiased
assessment. This participation includes those activities or
relationships that may be in conflict with the interests of the
organization.
2.2. Shall not accept anything that may impair or be presumed
to impair their professional judgment.
2.3. Shall disclose all material facts known to them that, if not
disclosed, may distort the reporting of activities under review.

3. Confidentiality
Internal auditors:
3.1. Shall be prudent in the use and protection of
information acquired in the course of their duties.
3.2. Shall not use information for any personal gain or in
any manner that would be contrary
to the law or detrimental to the legitimate and ethical
objectives of the organization.

4. Competency

Internal auditors:
4.1. Shall engage only in those services for which they
have the necessary knowledge, skills, and experience.
4.2. Shall perform internal audit services in
accordance with the International Standards for
the Professional Practice of Internal Auditing.
4.3. Shall continually improve their proficiency and the
effectiveness and quality of their services. *