The code has been produced by an independent committee established by the IIA, with representation and observers from leading banks, insurers, the FCA, the PRA and the Bank of England.
It was finalised after an extensive consultation programme. The sections explain the more significant issues raised by respondents to the consultation paper, and contain a rationale for the Committee recommendations included in the final guidance:
-
Role and mandate of internal audit
-
Scope and priorities of internal audit
-
Reporting results
-
Interaction with risk management, compliance and finance
-
Independence and authority of internal audit
-
Resources
-
Quality assessment
-
Relationships with regulators
-
Wider considerations.
The Institute of Internal Auditors' definition of Internal Auditing is "an independent, objective assurance and consulting activity designed to add value and improve an organisation's operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes".
The Committee supports this definition, and emphasises the primary role of Internal Audit is to protect the organisation. At the discretion of the Audit Committee, Internal Audit can perform other roles and activities within the organisation, but not at the expense of helping the Board and Executive Management to protect the assets, reputation and sustainability of the organisation.
In response to consultation feedback, this section was amended to emphasise that the responsibility for the protection of the organisation lies with the Board and Executive Management. Internal Audit should support the Board and Executive Management in discharging this responsibility. The final guidance also brings to the fore the importance of "tone at the top" supporting Internal Audit in delivering this mandate.
Some consultation responses also questioned the Committee's recommendation that the Internal Audit Charter should be made publicly available. The rationale for this recommendation is to provide clarity and transparency to customers and investors around the role and mandate of Internal Audit. This is aligned to the expectation that the Terms of Reference of the Committees of the Board be made publicly available.
Financial services code
Basis for conclusions
© CIIA - Chartered Institute of Internal Auditors
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article