Internal audit leadership
Leadership of the internal audit function requires courage, innovation and resilience. All internal auditors have a responsibility to support leaders by applying the IPPF, championing new ideas and promoting the profession.
The guidance and resources on this page should be considered as a start point to your learning journey.
IPPF links | Guidance | Additional resources | Relevant position papers
Audit charter | Audit strategy | Benchmarking |Coordination and integrated assurance | Establishing a function | Innovation
QAIP and performance management | Reporting | Resourcing | Risk-based audit planning | Small functions
Main IPPF links
Core principles1. Demonstrates integrity. |
Core principles (2019) |
| 1000 Purpose, Authority and Responsibility | Implementation guidance |
| 1010 Recognising mandatory guidance in the internal audit charter | Implementation guidance |
| 1300 Quality Assurance and Improvement Programme (QAIP) | Implementation guidance (2015) |
| 2000 series Managing the internal audit activity | Implementation guidance |
Guidance
Audit Charter (1000, 1010)
| Chartered IIA | ||
| Model audit committee charter (2017) | Internal audit charter (2017) | Operational responsibilities (2014) |
| How internal audit works with the audit committee | ||
| IIA Global | ||
| Appoint, perform and evaluate (2010) | Model internal audit activity charter (2017) | Independence and objectivity (2019) |
Audit strategy (best practice)
| Chartered IIA | |
| Preparing an internal audit strategy (2012) | Writing an internal audit strategy (2021) |
| Internal audit manual (2014) | Internal audit document retention (2014) | Internal audit risk register (2019) |
| Whistleblowing - a role for IA (2023) | ||
| IIA Global | ||
| Demonstrating the core principles (2019) | The role of IA in ERM (2009) | Roles in organisational governance (2009) |
Benchmarking
| Chartered IIA Benchmarking ( 2022) | Global IIA North American Benchmarking (2023) |
Coordination and integrated assurance (2050)
| Chartered IIA | ||
| Mapping assurance (2012) | AAP - role of internal audit (2009) | How to facilitate creation of AAP |
| Coordination of assurance services (2016) | Risk management and IA (2017) | Working with stakeholders |
| IA's relationship with regulators (2021) | Dealing with regulators (2021) |
| IIA Global | ||
| Developing an assurance map (2012) | Risk management and assurance (2012) | IA and the second line of defense (2016) |
| IA and other assurance providers (2011) | Internal Audit and Risk Management (IIA Australia) | |
Establishing a function
| Chartered IIA | ||
| When to establish IA activity? | How to set up a new IA activity (2019) | Models of effective internal audit (2015) |
| Global audit portfolio (2020) | ||
Innovation and developing a function
| Chartered IIA | ||
| Agile internal audit (2009) | Whistleblowing - a role for IA (2023) | |
| Raising the profile of internal audit (2017) | Using IA software (2015) | Future proofing internal audit (2018) |
| Impact of digitisation on IA (2017) | Lean auditing (2015) | Continuous auditing (2019) |
| IA in the digital age part 1 (Deloitte/IAF) (2019) | IA in the digital age part 2 (Deloitte/IAF) (2020) | IA in the digital age part 3 (Deloitte/IAF) (2020) |
| IIA Global | ||
| Agility and innovation (2009) | Agile internal audit (2009) | Integrating a data-driven approach (2009) |
| Internal audit in the age of disruption (2009) | Audit team transformation (2009) | Approaches to IA upskilling (2009) |
| Remote auditing | ||
QAIP and performance management (1300)
| Chartered IIA | ||
| Quality and improvement (2015) | IA performance management (2017) | Quality and international standards |
| CAE performance appraisal | CAE independence assessment | Tips for measuring internal audit (2019) |
| Quality and internal audit (2015) | Conduct culture of an IA function (2021) | External quality assessments (2016) |
| Improving audit efficiency (2019) | Why audits take longer (2015) | IAs accepting gifts and hospitality |
| Audit methodology (2020) | Supervising an audit engagement (2016) | File review (2019) |
| IIA Global | ||
| Defining the value of internal audit (2020) | ||
Reporting (2060)
Resourcing internal audit (2030)
| Chartered IIA | ||
| Developing audit competencies (2009) | Managing a dispersed team (2010) | Secondments (2014) |
| Training and development | ||
| IIA Global | ||
| IPPF for professional services (2016) | The role of IA in resourcing (2009) | Optimising talent management (2009) |
Risk-based audit planning (2010)
| Chartered IIA | ||
| Annual IA coverage plans (2013) | Production of the audit plan (2013) | Risk maturity assessment (2019) |
| Audit universe (2020) | IT audit universe (2015) | Risk and prioritisation of IA work |
| Effective risk based internal audit (2015) | Risk based internal auditing (2013) | Benefits and drawbacks of RBIA (2013) |
| Glossary of RBIA terminology | ||
| IIA Global | ||
| Developing a risk based IA audit plan (2013) | Internal audit's role in ESG reporting |
Small internal audit functions
| Chartered IIA | |
| Assisting small internal audit activities (2019) | Ensuring quality in the smallest IA activities (2019) |
| Whistleblowing - a role for IA (2023) | |
| IIA Global and other | |
| Assisting small internal audit activities (2013) | Analytics: good practices for (smaller) internal audit functions (IIA nl) (2009) |
Additional resources
Codes of practice | Sector specific and applicable in the UK
Harnessing the power of internal audit | Demonstrating the value of internal audit to an organisation
Board briefings | Coverage of broad topics designed for audit committees and internal auditors
Need help to find what you are looking for? ask the resources team
Chartered IIA Position Papers
The functional relationship between audit committee chairs and chief audit executives (2009)
Risk management and internal audit | A combined function
Internal audit’s relationship with external audit
Internal audit and whistleblowing
The rotation of heads of audit (2017)
