When the chief audit executive Is responsible for risk management in an organization, which of the following parties is responsible for overseeing the internal audit activity's assurance over risk management?
When the chief audit executive (CAE) is responsible for risk management, it is essential to maintain the independence and objectivity of the internal audit activity. Therefore, the oversight of the internal audit activity's assurance over risk management should be assigned to a party outside of the internal audit activity. This ensures that there is no conflict of interest and that the internal audit function can provide unbiased assurance on risk management processes.
The IIA’s Standards, particularly Standard 1112 on Chief Audit Executive Roles Beyond Internal Auditing.
The IIA’s Practice Guide on Independence and Objectivity.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit