Skip Ribbon Commands
Skip to main content
Sign In

​Practice Advisories
Strongly Recommended Guidance

Practice advisories assist internal auditors in applying the Definition of Internal Auditing, the Code of Ethics, and the Standards, and promoting best practices. Practice Advisories address internal auditing's approach, methodologies, and consideration, but do not detail processes or procedures. They include practices relating to international, country, or industry-specific issues, specific types of engagements, and legal or regulatory issues.

Practice Advisories are free to IIA members.  

Non-members may obtain Practice Advisories by purchasing them in full from The IIA Research Foundation Bookstore.

Downloads and Links

Practice Advisories (in full)
Arabic​ - 2011​ Japanese - 2011​
Bosnian​ - 2009 Macedonian​ - 2010
Chinese (Unsimplified) - 2009 Montenegrin​ - 2011
Croatian​ - 2009​ Polish​ - 2009​
Czech​ - 2013 Portuguese - 2009​​
English​ - 2013 Russian - 2011​
Estonian​ - 2013 Serbian - 2013
French​ - 2013 Slovenian​ - 2013
German​ - 2013 Spanish - 2013
Greek Ukrainian​ - 2013
 
​PA # Practice Advisory​ ​Date
1000-1​ Internal Audit Charter​ January 2009​
1110-1​ Organizational Independence​ January 2009​​
1111-1​ Board Interaction​​ January 2009​​
1120-1​ Individual Objectivity​ January 2009​​
1130-1​ Impairment to Independence or Objectivity January 2009​​
1130.A1-1​ Assessing Operations for Which Internal Auditors Were Previously Responsible​ January 2009​​
1130.A2-1​ Internal Audit’s Responsibility for Other (Non-audit) Functions​ January 2009​​
1200-1​ Proficiency and Due Professional Care​ January 2009​​
1210-1​ Proficiency​ January 2009​​
1210.A1-1​ Obtaining External Service Providers to Support or Complement the Internal Audit Activity​ January 2009​​
1220-1​ Due Professional Care​ January 2009​​
1230-1​ Continuing Professional Development​ January 2009​​
1300-1​ Quality Assurance and Improvement Program​ January 2009​​
1310-1​ Requirements of the Quality Assurance and Improvement Program​ January 2009
1311-1​ Internal Assessments January 2009​​
1312-1​ External Assessments​ January 2009​​
1312-2​ External Assessments: Self Assessment with Independent Validation​ January 2009​​
1312-3​ Independence of External Assessment Team in the Private Sector​ June 2011
1312-4​ Independence of the External Assessment Team in the Public Sector​ June 2011
1321-1​ Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” January 2009​​
2010-1​ Linking the Audit Plan to Risk and Exposures​ January 2009​​
2010-2 Using the Risk Management Process in Internal Audit Planning​ July 2009​
2020-1​ Communication and Approval​ January 2009​​
2030-1​ Resource Management​ January 2009​​
2040-1​ Policies and Procedures​ January 2009​​
2050-1​ Coordination​ January 2009​​
2050-2​ Assurance Maps​ July 2009​
2050-3​ Relying on the Work of Other Assurance Providers​ October 2010​
2060-1​ Reporting to Senior Management and the Board May 2010​
2110-1​ Governance: Definition​ April 2010
2110-2​ Governance: Relationship With Risk and Control ​ April 2010​​
2110-3​ Governance: Assessments​ April 2010
2120-1​ Assessing the Adequacy of Risk Management Processes​ January 2009​​
2120-2​ Managing the Risk of the Internal Audit Activity​ April 2009​​
​2120-3 Internal Audit Coverage of Risks to Achieving Strategic Objectives ​June 2013
2130-1​ Assessing the Adequacy of Control Processes​ January 2009
2130.A1-1​ Information Reliability and Integrity​ January 2009​​
2130.A1-2​ Evaluating an Organization’s Privacy Framework January 2009​​
2200-1​ Engagement Planning​ January 2009​​
2200-2​ Using a Top-down, Risk-based Approach to Identify the Controls to be Assessed in an Internal Audit Engagement​ April 2010​​
2210-1​ Engagement Objectives​ January 2009​​
2210.A1-1​ Risk Assessment in Engagement Planning​ January 2009​​
2230-1​ Engagement Resource Allocation​ January 2009​​
2240-1​ Engagement Work Program​ January 2009​​
2300-1​ Use of Personal Information in Conducting Engagements​ May 2010​
2320-1​ Analytical Procedures​ May 2010
2320-2​ Root Cause Analysis​ ​December 2011
​2320-3 Audit Sampling May 2013​
​2320-4 Continuous Assurance June 2013​
2330-1​ Documenting Information​ January 2009​​
2330.A1-1​ Control of Engagement Records​ January 2009​​
2330.A1-2​ Granting Access to Engagement Records​ May 2010​
2330.A2-1​ Retention of Records​ January 2009​​
2340-1​ Engagement Supervision​ January 2009​​
2400-1​ Legal Considerations in Communicating Results ​ May 2010​
2410-1​ Communication Criteria ​ January 2009​​
2420-1​ Quality of Communications​ January 2009​​
2440.A2-1​ Communications Outside the Organization​ May 2010​
2440-1​ Disseminating Results​ January 2009​​
2440-2​ Communicating Sensitive Information Within and Outside the Chain of Command​ May 2010​
2500-1​ Monitoring Progress ​ January 2009​​
2500.A1-1​ Follow-up Process ​ January 2009
IPPF
Now Available! IPPF 2013 Edition
Order the 2013 Edition.