The Institute of Internal Auditors (IIA) defines internal audit activity as:

"A department, division, team of consultants, or other practitioner(s) that provides independent, objective assurance and consulting services designed to add value and improve an organization's operations. The internal audit activity helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of governance, risk management and control processes."

This definition allows for a lot of flexibility as to how an internal audit function is established. However, IIA standards are widely recognized as the guiding hand in the United States for effective internal auditing activity. This training session examines key elements, risks and opportunities of internal auditing, including:

• Internal audit process phases

a. Planning
b. Fieldwork
c. Reporting

• Linkage between objectives, risks and controls
• Analysis and evaluation of findings
• Measuring risk

a. Inherent risk
b. Control risk
c. Detection risk

• IIA Standards (Std.) #2400: Communicating Results
• Review and examples of current tools
• Risk-ranking techniques & exercise
• Monitoring progress (IIA Std. #2500)
• Resolution of senior management's acceptance of risks (IIA Std. #2600)
• Audit committee communications