What are the 2 essential components of IIAs code of ethics explain each briefly?

According to The IIA Code of Ethics, which of the following are four principles relevant to the professional care that internal auditors should apply in their practice of internal auditing?

A. Trust, communication, value, and performance.

B. Reliance, evaluation, information, and service.

C. Integrity, objectivity, confidentiality, and competency.

D. Judgment, interest, authority, and experience.

During an examination of grants awarded by a not-for-profit organization, an internal auditor discovered a number of grants made without the approval of the grant authorization committee (which includes outside representatives), as required by the organization's charter. All the grants, however, were approved and documented by the president. The chair of the grant authorization committee, who is also a member of the board of directors, proposes that the committee meet and retroactively approve all the grants before the engagement communication is issued, thereby overriding controls. If the committee meets and approves the grants before such issuance, the internal auditor should

A. Discuss the matter with the chair of the grant committee to determine the rationale for not approving the grants earlier. If the grants are routine, discussion of the grant committee's inaction should be omitted from the engagement communication.

B. Report the override of control to the board.

C. Not report the grants in question because they were approved before the issuance of the engagement communication.

D. Include the items in the communication as an override of the organization's controls. Details about each grant should be reported, and the internal auditor should investigate further for fraud.

1. The process owner (i.e., the person or group directly involved with the entity, operation, function, process, system, or other subject matter),

2. The internal auditor (i.e., the person or group making the assessment), and

3. The user (i.e., the person or group using the assessment).

A. Sufficient, reliable, relevant, and useful information lends credibility to the opinion.

Explanation:
Engagements must be performed with proficiency and due professional care (Attr. Std. 1200), and the engagement results must be communicated (Perf. Std. 2400). Engagement results include observations, conclusions, opinions, recommendations, and action plans. If internal auditors expressed opinions or otherwise communicated engagement results without substantive investigation and compliance with the Standards, such communications would be meaningless. The Standards are therefore incorporated by reference into The IIA's Code of Ethics by Rule of Conduct 4.2. Thus, internal auditors must identify sufficient, reliable, relevant, and useful information to achieve the engagement's objectives (Perf. Std. 2310).

Fact Pattern: The chief audit executive (CAE) of a mid-sized internal audit activity was concerned that management might outsource the internal auditing function. Thus, the CAE adopted a very aggressive program to promote the internal audit activity within the organization. The CAE planned to present the results to senior management and the board and recommend modification of the internal audit activity's charter after using the new program. The following lists six actions the CAE took to promote a positive image within the organization:

1. Engagement assignments concentrated on efficiency. The engagements focused solely on cost savings, and each engagement communication highlighted potential costs to be saved. Negative observations were omitted. The focus on efficiency was new, but the engagement clients seemed very happy.

2. Drafts of all engagement communications were carefully reviewed with the engagement clients to get their input. Their comments were carefully considered when developing the final engagement communication.

3. The information technology internal auditor participated as part of a development team to review the control procedures to be incorporated into a major computer application under development.

4. Given limited resources, the engagement manager performed a risk assessment to establish engagement work schedule priorities. This was a marked departure from the previous approach of ensuring that all operations are evaluated on at least a 3-year interval.

5. To save time, the CAE no longer required that a standard internal control questionnaire be completed for each engagement.

6. When the internal auditors found that the engagement client had not developed specific criteria or data to evaluate operations, the internal auditors were instructed to perform research, develop specific criteria, review the criteria with the engagement client, and, if acceptable, use them to evaluate the engagement client's operations. If the engagement client disagreed with the criteria, a negotiation took place until acceptable criteria could be agreed upon. The engagement communication commented on the engagement client's operations in conjunction with the agreed-upon criteria.

Which of the following elements of Action 1 taken by the CAE would be considered inappropriate?
The type of engagements was changed before modifying the internal audit activity's charter and going to the audit committee.
Negative observations were omitted from the engagement communications.
Cost savings and recommendations were highlighted in the engagement communication.
A. 1 and 2.
B. 1 and 3.
C. 1 only.
D. 2 and 3.

What is the IIA code of ethics?

What are the four 4 principles of the code of ethics of the Institute of Internal Auditors?

What is the purpose of the IIA's standards?

When applying IIA code of ethics internal auditors are expected?