Governance is the combination of processes and structures that the board puts in place to inform, direct, manage and monitor the activities of an organisation to achievement its objectives.

The guidance and resources on this page should be considered as a start point to your learning journey.

IPPF links | GuidanceAdditional resources | Relevant position papers

Audit committees | Board effectiveness | Culture | Fraud | Governance | Reporting | Three lines model

Main IPPF links

Core Principles 

4. Aligns with the strategies, objectives, and risks of the organization.
8. Provides risk-based assurance.
9. Is insightful, proactive, and future-focused.
10. Promotes organisational improvement.

 Core principles

2110 Governance   Implementation guidance


Audit Committees 

Chartered IIA
What every director should know UK model audit committee charter Audit committee effectiveness
When to establish IA activity? Models of effective internal audit Building effective internal audit
Internal audit effectiveness 10 ways to get more from IA How IA works with the committee
AAP - role of internal audit How to facilitate creation of AAP Application of the Three Lines Model
CAE performance appraisal Independence, objectivity and tenure of a CAE 
IIA Global  
Assessment for audit committees US model audit committee charter Appoint, perform and evaluate

Board briefings | Access briefings on a range of topics.

Board briefings are designed for internal auditors to share with their audit committee, board and senior executives. 

Board effectiveness

Chartered IIA
Board evaluation  
Presenting info on strategy Non-executive director recruitment  Board diversity


Chartered IIA
Culture and the role of IA Culture and evolving approaches Models and tools
Organisational culture Whistleblowing
IIA Global  
Diversity and inclusion


Chartered IIA
Fraud Engagement planning: fraud risks Anti-money laundering
Fraud risk assessment  
IIA Global  
Internal auditing and fraud   Assessing fraud risk Managing the business risk of fraud
GTAG auditing insider threats GTAG13 Fraud prevention  


Chartered IIA
Corporate governance UK Corporate Governance Code Good corporate governance?
Financial viability Remuneration and bonuses Whistleblowing 

Reporting - public information such as annual reports 

Chartered IIA
Integrated reporting IA in non-financial and reporting Enhanced integrated reporting
AAP - role of internal audit How to facilitate creation of AAP Viability statements

Three lines model - please note: the word 'defence' is no longer used. We are updating guidance 

Chartered IIA
Three Lines Model Assurance services
Risk management and IA IA's relationship with regulators Working with stakeholders
Mapping assurance AAP - role of internal audit How to facilitate creation of AAP
IIA Global 
Developing an assurance map Risk management and assurance IA and the second line of defence
Reliance by internal audit on other assurance providers  

Additional resources 

Codes of practice | Financial services, private and third sector

Harnessing the power of internal audit | A good corporate governance guide for audit committees and directors

Need help to find what you are looking for? ask the resources team

Chartered IIA Position Papers

The rotation of heads of audit

Relationship between audit committee chairs and chief audit executives

Internal audit's relationship with external audit

Internal audit and whistleblowing

The three lines of defence

Internal audit and corrupt practices

The role of internal audit in enterprise-wide risk management 

Content reviewed: 16 February 2022