According to IIA guidance, which of the following most appropriately justifies the CEO’s decision that the internal audit activity shall be responsible for risk management and investigation at a multinational organization?
A.
The recommendation of the parent office external auditors.
B.
The provisions of the internal audit charter
C.
The authority of the CEO.
D.
The level of proficiency of the chief audit executive
According to IIA guidance, any additional roles beyond traditional audit functions, such as being responsible for risk management and investigation, must be explicitly defined in the internal audit charter. This document, approved by senior management and the board, delineates the scope and responsibilities of the internal audit function, ensuring clarity and proper governance. Thus, if the internal audit charter stipulates such roles, it justifies the CEO’s decision.
IIA Standard 1000 - Purpose, Authority, and Responsibility
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit