IIA Guidance on Fraud
1220.A1 - Internal auditors must exercise due professional care by considering the:
- Extent of work needed to achieve the engagement's objectives.
- Relative complexity, materiality, or significance of matters to which assurance procedures are applied.
- Adequacy and effectiveness of governance, risk management, and control processes.
- Probability of significant errors, fraud, or noncompliance.
- Cost of assurance in relation to potential benefits.
2210.A2 - Internal auditors must consider the probability of significant errors, fraud, noncompliance, and other exposures when developing the engagement objectives.
Related Guidance on Managing Fraud Risk
The Anti-Fraud Collaboration represents the collaborative efforts of the Center for Audit Quality, Financial Executives International, The Institute of Internal Auditors and the National Association of Corporate Directors, organizations that actively engage in efforts to mitigate the risks of financial reporting fraud. Their goal is to promote the deterrence and detection of financial reporting fraud through the development of tools and other resources targeted to the roles and responsibilities of participants across the financial reporting supply chain.
Please click here to access a variety of free resources produced by the Anti-Fraud Collaboration, including research and discussion reports, case studies, a webcast, and an interactive fraud literacy quiz.
GTAG 13: Fraud Prevention and Detection in an Automated World
Through a step-by-step process for auditing a fraud prevention program, an explanation of the various types of data analysis to use in detecting fraud, and a technology fraud risk assessment template, this GTAG aims to inform and provide guidance to chief audit executives and internal auditors on how to use technology to help prevent, detect, and respond to fraud. The GTAG also supplements The IIA’s Practice Guide, Internal Auditing and Fraud, and informs CAEs and internal auditors on how to use technology to help prevent, detect, and respond to fraud.
Practice Guide: Internal Auditing and Fraud
This guide discusses fraud and provides general guidance to help internal auditors comply with professional standards. Because fraud negatively impacts organizations in many ways — financially, reputational, and through psychological and social implications — it is important for organizations to have a strong fraud program that includes awareness, prevention, and detection programs, as well as a fraud risk assessment process to identify risks within the organization.
Managing the Business Risk of Fraud: A Practical Guide
This guidance outlines five key principles of a fraud risk management process and recommends ways in which boards, senior management, and internal auditors can fight corporate fraud. The report is the result of two years of work from a dedicated task force of more than 20 experts in the field of fraud risk identification, mitigation, and investigation. It was released by The IIA, along with the Association of Certified Fraud Examiners (ACFE) and the American Institute of Certified Public Accountants (AICPA).