Implementation Guidance/Practice Advisories
Recommended Guidance

Implementation Guidance will be more comprehensive than Practice Advisories in guiding practitioners toward conformance to the International Standards for the Professional Practice of Internal Auditing (Standards).

Implementation Guides and Practice Advisories assist internal auditors in applying the Standards. They collectively address internal auditing's approach, methodologies, and consideration, but do not detail processes or procedures.

Implementation Guides/Practice Advisories are free to IIA members.

Non-members may obtain Implementation Guides/Practice Advisories by purchasing them in full from the IIA Bookstore.

Downloads and Links

NOTE: Over the next 12–18 months, Implementation Guides will be developed to replace the existing Practice Advisories.

Ref #	Implementation Guide/Practice Advisory	Date
IG1000	Purpose, Authority, and Responsibility (Supersedes: PA1000-1 Internal Audit Charter)	July 2015
IG1010	NEW! Recognition of the Definition of Internal Auditing, the Code of Ethics, and the Standards in the Internal Audit Charter	July 2016
IG1100	NEW! Independence and Objectivity	August 2016
IG1110	NEW! Organizational Independence (Supersedes: PA1110-1 – Organizational Independence)	August 2016
IG1111	NEW! Direct Interaction with the Board (Supersedes: PA1111-1 – Board Interaction)	August 2016
IG1120	NEW! Individual Objectivity (Supersedes: PA1120-1 – Individual Objectivity)	August 2016
IG1130	NEW! Impairment to Independence or Objectivity (Supersedes: PA1130-1 – Independence or Objectivity)	August 2016
1130.A1-1	Assessing Operations for Which Internal Auditors Were Previously Responsible	January 2009
1130.A2-1	Internal Audit’s Responsibility for Other (Non-audit) Functions	January 2009
1200-1	Proficiency and Due Professional Care	January 2009
1210-1	Proficiency	January 2009
1210.A1-1	Obtaining External Service Providers to Support or Complement the Internal Audit Activity	January 2009
1220-1	Due Professional Care	January 2009
1230-1	Continuing Professional Development	January 2009
1300-1	Quality Assurance and Improvement Program	May 2015
1311-1	Internal Assessments	May 2015
1312-1	External Assessments	May 2015
1312-2	External Assessments: Self Assessment with Independent Validation	May 2015
1312-3	Independence of External Assessment Team in the Private Sector	May 2015
1312-4	Independence of the External Assessment Team in the Public Sector	May 2015
1320-1	Reporting Results of the Quality Assurance and Improvement Program	May 2015
1321-1	Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing”	May 2015
1322-1	Disclosure of Nonconformance with the International Standards for the Professional Practice of Internal Auditing (Standards)	May 2015
2010-1	Linking the Audit Plan to Risk and Exposures	January 2009
2010-2	Using the Risk Management Process in Internal Audit Planning	July 2009
2020-1	Communication and Approval	January 2009
2030-1	Resource Management	January 2009
2040-1	Policies and Procedures	January 2009
2050-1	Coordination	January 2009
2050-2	Assurance Maps	July 2009
2050-3	Relying on the Work of Other Assurance Providers	October 2010
2060-1	Reporting to Senior Management and the Board	May 2010
IG2110	Governance Supersedes: PA2110-1 Governance: Definition PA2110-2 Governance: Relationship with Risk and Control PA2110-3 Governance: Assessments	July 2015
2120-1	Assessing the Adequacy of Risk Management Processes	January 2009
2120-2	Managing the Risk of the Internal Audit Activity	April 2009
2120-3	Internal Audit Coverage of Risks to Achieving Strategic Objectives	June 2013
2130-1	Assessing the Adequacy of Control Processes	January 2009
2130.A1-1	Information Reliability and Integrity	January 2009
2130.A1-2	Evaluating an Organization’s Privacy Framework	January 2009
2200-1	Engagement Planning	January 2009
2200-2	Using a Top-down, Risk-based Approach to Identify the Controls to be Assessed in an Internal Audit Engagement	April 2010
2210-1	Engagement Objectives	January 2009
2210.A1-1	Risk Assessment in Engagement Planning	January 2009
2230-1	Engagement Resource Allocation	January 2009
2240-1	Engagement Work Program	January 2009
2300-1	Use of Personal Information in Conducting Engagements	May 2010
2320-1	Analytical Procedures	May 2010
2320-2	Root Cause Analysis	December 2011
2320-3	Audit Sampling	May 2013
2320-4	Continuous Assurance	June 2013
2330-1	Documenting Information	January 2009
2330.A1-1	Control of Engagement Records	January 2009
2330.A1-2	Granting Access to Engagement Records	May 2010
2330.A2-1	Retention of Records	January 2009
2340-1	Engagement Supervision	January 2009
2400-1	Legal Considerations in Communicating Results	May 2010
2410-1	Communication Criteria	January 2009
2420-1	Quality of Communications	January 2009
2440.A2-1	Communications Outside the Organization	May 2010
2440-1	Disseminating Results	January 2009
2440-2	Communicating Sensitive Information Within and Outside the Chain of Command	May 2010
IG2500	NEW! Monitoring Progress (Supersedes: PA2500-Monitoring Progress)	July 2016
2500.A1-1	Follow-up Process	January 2009
IG2600	NEW! Communicating the Acceptance of Risks	July 2016

Implementation Guides/Practice Advisories (in full)
French - 2015
Germany, Austria, Switzerland Joint Translation - 2015
Russian - 2015
Serbian - 2015
Slovenian - 2015
Turkish - 2015

Practice Advisories (in full)
Arabic - 2011	Macedonian - 2010
Bosnian - 2009	Montenegrin - 2011
Chinese (Traditional) - 2009	Polish - 2009
Croatian - 2009	Portuguese - 2009
Czech - 2013	Spanish - 2013
English - 2015	Ukrainian - 2013
Estonian - 2013
Greek - 2012
Japanese - 2011

New Guidance

Due Process

COSO Resources

Regulator Responses

New IPPF Resources
Educate staff, colleagues, and stakeholders on these changes by utilizing these tools:

The 2013 Red Book is still a useful and binding reference source as a majority of the content has not changed and remains valid. The IIA Bookstore (powered by the Internal Audit Foundation) is exploring an online tool with searchable, on-demand access to all IPPF content. Learn more in the FAQs.