Skip Ribbon Commands
Skip to main content
Sign In

​Implementation Guidance/Practice Advisories
Recommended Guidance

Implementation Guidance will be more comprehensive than Practice Advisories in guiding practitioners toward conformance to the International Standards for the Professional Practice of Internal Auditing (Standards).

Implementation Guides and Practice Advisories assist internal auditors in applying the Standards. They collectively address internal auditing's approach, methodologies, and consideration, but do not detail processes or procedures.

Implementation Guides/Practice Advisories are free to IIA members.

Non-members may obtain Implementation Guides/Practice Advisories by purchasing them in full from The IIA Research Foundation Bookstore.

NEW! Implementation Guides (July 2015)
I​G1000 – Purpose Authority and Responsibility
IG2110 – Governance​

NEW! Quality Practice Advisories: Sustaining an Effective QAIP Program
A Quality Assurance and Improvement Program (QAIP) monitors and attests to whether the internal audit function is operating as it should. Access the nine new and updated Practice Advisories: 1300–1322 on how to successfully sustain a comprehensive QAIP below.

 

Downloads and Links

Practice Advisories (in full)
Arabic​ - 2011​ Japanese - 2011​
Bosnian​ - 2009 Macedonian​ - 2010
Chinese (Traditional) - 2009 Montenegrin​ - 2011
Croatian​ - 2009​ Polish​ - 2009​
Czech​ - 2013 Portuguese - 2009​​
English​ - 2015 Russian - 2014
Estonian​ - 2013 Serbian - 2014
French​ - 2015 Slovenian​ - 2013
German​ - 2013 Spanish - 2013
Greek Ukrainian​ - 2013

NOTE: Over the next 12–18 months, Implementation Guides will be developed to replace the existing Practice Advisories. 
 
​Ref # Implementation Guide/Practice Advisory​ ​Date
​IG1000 ​​NEW! IG1000: Purpose, Authority, and Responsibility
(Supersedes: PA1000-1 Internal Audit Charter)
July 2015​
1110-1​ Organizational Independence​ January 2009​​
1111-1​ Board Interaction​​ January 2009​​
1120-1​ Individual Objectivity​ January 2009​​
1130-1​ Impairment to Independence or Objectivity January 2009​​
1130.A1-1​ Assessing Operations for Which Internal Auditors Were Previously Responsible​ January 2009​​
1130.A2-1​ Internal Audit’s Responsibility for Other (Non-audit) Functions​ January 2009​​
1200-1​ Proficiency and Due Professional Care​ January 2009​​
1210-1​ Proficiency​ January 2009​​
1210.A1-1​ Obtaining External Service Providers to Support or Complement the Internal Audit Activity​ January 2009​​
1220-1​ Due Professional Care​ January 2009​​
1230-1​ Continuing Professional Development​ January 2009​​
1300-1​ NEW! Quality Assurance and Improvement Program​ May 2015​​
1311-1​ NEW! Internal Assessments May 2015​​
1312-1​ NEW! External Assessments​ May 2015​​
1312-2​ NEW! External Assessments: Self Assessment with Independent Validation​ May 2015​​
1312-3​ NEW! Independence of External Assessment Team in the Private Sector​ May 2015​​
1312-4​ NEW! Independence of the External Assessment Team in the Public Sector​ May 2015​​
​1320-1 NEW! Reporting Results of the Quality Assurance and Improvement Program May 2015​
1321-1​ NEW! Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” May 2015​​
​1322-1 NEW! Disclosure of Nonconformance with the International Standards for the Professional Practice of Internal Auditing (Standards) May 2015​
2010-1​ Linking the Audit Plan to Risk and Exposures​ January 2009​​
2010-2 Using the Risk Management Process in Internal Audit Planning​ July 2009​
2020-1​ Communication and Approval​ January 2009​​
2030-1​ Resource Management​ January 2009​​
2040-1​ Policies and Procedures​ January 2009​​
2050-1​ Coordination​ January 2009​​
2050-2​ Assurance Maps​ July 2009​
2050-3​ Relying on the Work of Other Assurance Providers​ October 2010​
2060-1​ Reporting to Senior Management and the Board May 2010​
IG2110 NEW! IG2110: Governance​
Supersedes:
PA2110-1 Governance: Definition
PA2110-2 Governance: Relationship with Risk and Control
PA2110-3 Governance: Assessments
July 2015
2120-1​ Assessing the Adequacy of Risk Management Processes​ January 2009​​
2120-2​ Managing the Risk of the Internal Audit Activity​ April 2009​​
​2120-3 Internal Audit Coverage of Risks to Achieving Strategic Objectives ​June 2013
2130-1​ Assessing the Adequacy of Control Processes​ January 2009
2130.A1-1​ Information Reliability and Integrity​ January 2009​​
2130.A1-2​ Evaluating an Organization’s Privacy Framework January 2009​​
2200-1​ Engagement Planning​ January 2009​​
2200-2​ Using a Top-down, Risk-based Approach to Identify the Controls to be Assessed in an Internal Audit Engagement​ April 2010​​
2210-1​ Engagement Objectives​ January 2009​​
2210.A1-1​ Risk Assessment in Engagement Planning​ January 2009​​
2230-1​ Engagement Resource Allocation​ January 2009​​
2240-1​ Engagement Work Program​ January 2009​​
2300-1​ Use of Personal Information in Conducting Engagements​ May 2010​
2320-1​ Analytical Procedures​ May 2010
2320-2​ Root Cause Analysis​ ​December 2011
​2320-3 Audit Sampling May 2013​
​2320-4 Continuous Assurance June 2013​
2330-1​ Documenting Information​ January 2009​​
2330.A1-1​ Control of Engagement Records​ January 2009​​
2330.A1-2​ Granting Access to Engagement Records​ May 2010​
2330.A2-1​ Retention of Records​ January 2009​​
2340-1​ Engagement Supervision​ January 2009​​
2400-1​ Legal Considerations in Communicating Results ​ May 2010​
2410-1​ Communication Criteria ​ January 2009​​
2420-1​ Quality of Communications​ January 2009​​
2440.A2-1​ Communications Outside the Organization​ May 2010​
2440-1​ Disseminating Results​ January 2009​​
2440-2​ Communicating Sensitive Information Within and Outside the Chain of Command​ May 2010​
2500-1​ Monitoring Progress ​ January 2009​​
2500.A1-1​ Follow-up Process ​ January 2009

Webinar
The New IPPF: What to Expect

August 11, 2015
1:00–2:00 p.m. ET
Register now.

IPPF
The 2013 Edition of the IPPF is still a binding and useful tool. Stay tuned to additional online tools from the Bookstore as the more guidance comes available. Visit the frequently asked questions.