IIA Part 1 – Unit 1: IPPF, Standards, Code of Ethics & Audit Charter

Unit 1 Weight, Purpose & Study Approach

• Coverage in CIA Part 1 exam
  • Worth $15\%$ of the whole syllabus ⇒ ≈ $19$ MCQs out of $125$ ( $19/125 \approx 15\%$ )
  • Mastery of this unit provides an immediate boost to total score and forms the knowledge base for every other unit and for everyday internal-audit practice.
• Teaching resources used in the video
  • Gliem (publisher) materials preferred for being concise, precise, and well-aligned with accounting/finance backgrounds.
  • Supplementary recommendation: YouTube channel “Audit Strategy” by Tauseef Mustaq for deep dives into individual standards.

International Professional Practices Framework (IPPF)

• Definition: The overarching framework issued by The Institute of Internal Auditors (IIA) that tells internal auditors what to do and how to behave.
• Graphic representation (concentric circles)
  • Outer ring: Mission Statement
  • Middle ring split into
  • Darker portion = Mandatory Guidance (must comply)
  • Lighter portion = Recommended Guidance (apply when additional clarity needed)
• Mandatory Guidance → 4 components
  1. Core Principles
  2. Definition of Internal Auditing
  3. Standards
  4. Code of Ethics
• Recommended Guidance → 2 components
  1. Implementation Guidance (IG) — elaborates on specific standards
  2. Supplemental / Practice Guidance (SG) — step-by-step procedures and detailed application tips
• Decision hierarchy when stuck
  1. Read the relevant Standard
  2. If still unclear → consult Implementation Guidance
  3. If procedural detail required → consult Supplemental Guidance

Mission Statement & Definition of Internal Auditing

• Mission statement (and definition) share nearly identical wording; the definition is derived from the mission.
• Exact wording highlighted in the video: “Internal auditing enhances and protects organizational value by providing risk-based and objective assurance, advice, and insight.”
  • Key embedded ideas
  • Enhance and protect value (two-fold role)
  • Employ a risk-based approach (scarce resources → focus on high risk)
  • Deliver both Objective Assurance (independent evaluation) and Consulting/Advisory services (advice & insight)
• For exam MCQs: learn to recognize authentic wording and spot distractors.

Core Principles for the Professional Practice of Internal Auditing

1. Demonstrates Integrity (honesty in all actions)
2. Demonstrates Competence & Due Professional Care (appropriate knowledge, skills, and diligence)
3. Is Objective & Free from Undue Influence
4. Aligns with organizational Strategies, Objectives & Risks
5. Is Appropriately Positioned & Adequately Resourced
   • Functional reporting line → Board/Audit Committee
   • Administrative reporting line → CEO/Management
6. Demonstrates Quality & Continuous Improvement
7. Communicates Effectively
8. Provides Risk-Based Assurance
9. Is Insightful, Proactive & Future-Focused
10. Promotes Organizational Improvement through recommendations

IIA Standards – Structure & Examples

• Two broad categories
  1. Attribute Standards (1000 series) → what the IA activity must be/possess
  2. Performance Standards (2000 series) → how the IA activity must do its work

Attribute Standards (1000 Series)

• $1000$ – Purpose, Authority & Responsibility (basis of the charter)
• $1100$ – Independence & Objectivity
• $1200$ – Proficiency & Due Professional Care
• $1300$ – Quality Assurance & Improvement Program (QAIP)
  • Internal assessments (ongoing & periodic) + external independent assessment

Performance Standards (2000 Series)

• $2000$ – Managing the IA Activity
• $2100$ – Nature of Work (Assurance vs Consulting)
• $2200$ – Engagement Planning
• $2300$ – Performing the Engagement
• $2400$ – Communicating Results
• $2500$ – Monitoring Progress
• $2600$ – Communicating & Accepting Risk
  • Together they map end-to-end audit workflow: plan → execute → report → follow-up.

Code of Ethics

• Governs personal behavior of internal auditors; two layers
  1. Principles (broad values)
  • Integrity
  • Objectivity
  • Confidentiality
  • Competence
  1. Rules of Conduct (specific interpretations & expectations under each principle)
• Illustrative meaning
  • Integrity → honesty, trustworthiness
  • Objectivity → unbiased opinions, resist pressure
  • Confidentiality → protect information accessed during work
  • Competence → maintain knowledge, skills, other professional qualities necessary

Recommended Guidance

• Implementation Guidance (IG)
  • Bridges Standards → real-life application tips
  • Used when additional clarification of “what” & “why” is needed.
• Supplemental / Practice Guidance
  • Detailed procedural “how-to” documents, often industry or topic specific.
  • Former name: Practice Guides.

The Internal Audit Charter

• NOT the same as an Audit Committee Charter (board-level document).
• Approval pathway
  • Normally approved by the Audit Committee; if no committee exists, by the full Board.
• Standard $1000$ defines charter requirements:
  “A formal document that defines the internal audit activity’s purpose, authority, and responsibility.”
• Key elements to include
  • Objectives & Responsibilities of Internal Audit
  • Nature of Work
    • Assurance services
    • Consulting services
  • Reporting Lines
    • Functional → Board/Audit Committee
    • Administrative → CEO (or equivalent)
  • Authority
    • Unrestricted access to records, property, and personnel
    • Accompanied by responsibility to maintain confidentiality and ethical conduct
• Practical value
  • Communicates IA’s role across the organization
  • Safeguards independence (reference point when management tries to restrict scope/information)

Exam Tips & Practical Implications

• Know percentages (e.g., $15\%$ weight) and series numbering (1xxx vs 2xxx) for quick recognition.
• Do not memorize full verbatim standards, but know core intent and be able to spot altered wording.
• In real practice, routinely refer to IPPF when facing ethical dilemmas, scope questions, or resource constraints.
• Continuous professional development (CPD) is mandatory under both Core Principles and Code of Ethics.

Ethical, Philosophical & Real-World Connections

• Independence vs Organizational Value
  • Auditors must challenge management despite being employees; structural reporting lines (functional vs administrative) are philosophical safeguards.
• Risk-Based Assurance acknowledges scarcity of resources — an economic principle.
• Continuous Improvement aligns IA with lean management & quality philosophies (Kaizen).
• Confidentiality intersects with legal/privacy regulations (GDPR, HIPAA, etc.).

Numerical & Statistical References (LaTeX)

• Unit exam weight: $15\%$
• Question count: $19$ out of $125$ questions
  $\tfrac{19}{125} = 0.152 = 15.2\%$
• Standards series: Attribute $1000$–$1300$; Performance $2000$–$2600$.

Quick Reference (Cheat-Sheet Style)

• IPPF = Mission + Mandatory + Recommended Guidance
• Mandatory Guidance = Core Principles + Definition + Standards + Code of Ethics
• Standards split: Attribute (1xxx) | Performance (2xxx)
• Charter = IA purpose/authority/responsibility; approved by Audit Committee/Board.
• Core mission = “Enhance and protect value through risk-based objective assurance, advice, insight.”
• Core Principles mnemonic: I-C-O-A-P-Q-C-R-I-P
  (Integrity, Competence, Objectivity, Alignment, Positioning, Quality, Communication, Risk-based, Insightful, Promotion)