When the IPPF exposure draft was released during 2014, I wrote a
post “IPPF
Proposed Changes: A Real Change or A Cosmetic One?” wondering if the changes will add real value. Now,
that we have seen the changes, it is time to voice your opinion!
For those of you who have
not had the chance to read the changes, here are the newly introduced topics:
Mission
Statement:
“To enhance
and protect organizational value by providing risk-based and objective
assurance, advice, and insight.”
Core Principles
·
Demonstrates
integrity.
·
Demonstrates
competence and due professional care.
·
Is objective and free
from undue influence (independent).
·
Aligns with the
strategies, objectives, and risks of the organization.
·
Is appropriately
positioned and adequately resourced.
·
Demonstrates quality
and continuous improvement.
·
Communicates
effectively.
·
Provides risk-based
assurance.
·
Is insightful,
proactive, and future-focused.
·
Promotes
organizational improvement.
I really have no problem with any of the above; I think it added
more clarity to the standards! I am only concerned that there was no explicit
mention of courage anywhere in the changes, unless I have missed it somehow!
It is my opinion that courage is the cornerstone of any effective and efficient
internal audit activity. Without courage, the spirit of the mission statement
and the core principles will not be achieved. I would have imagined that may be
the outcome of recent and old corporate failures and scandals would be different,
had there been courageous internal auditors reporting things as they are!
It is unproductive to ask internal auditors to be courageous
without providing them with some sort of protection. I have wrote about this
last April “CAE:
Does Courage Lead to A Career Suicide?” I just wish that the IIA offers guidance on
how to protect courageous internal auditors!