Skip Ribbon Commands
Skip to main content

Implementation Guidance/Practice Advisories
Recommended Guidance

Implementation Guidance will be more comprehensive than Practice Advisories in guiding practitioners toward conformance to the International Standards for the Professional Practice of Internal Auditing (Standards).

Implementation Guides and Practice Advisories assist internal auditors in applying the Standards. They collectively address internal auditing's approach, methodologies, and consideration, but do not detail processes or procedures.

Implementation Guides/Practice Advisories are free to IIA members.

Downloads and Links

NOTE: Implementation Guides will be developed to replace the existing Practice Advisories by December 31, 2016.

​Ref # Implementation Guide/Practice Advisory​ ​Date
​IG1000 ​​Purpose, Authority, and Responsibility
(Supersedes: PA1000-1 Internal Audit Charter)
July 2015​
​IG1010 Recognition of the Definition of Internal Auditing, the Code of Ethics, and the Standards in the Internal Audit Charter July 2016​
​IG1100 UPDATED! ​Independence and Objectivity November 2016​
IG1110 UPDATED! Organizational Independence​ November 2016
IG1111 UPDATED! Direct Interaction with the Board​​ November 2016
IG1120 UPDATED! Individual Objectivity​ November 2016
IG1130 UPDATED! Impairment to Independence or Objectivity November 2016
1130.A1-1​ Assessing Operations for Which Internal Auditors Were Previously Responsible​ January 2009​​
1130.A2-1​ Internal Audit’s Responsibility for Other (Non-audit) Functions​ January 2009​​
IG1200 NEW! Proficiency and Due Professional Care​
(Supersedes PA1200-1 – Proficiency and Due Professional Care)
November 2016
IG1210 NEW! Proficiency​
(Supersedes PA1210-1 – Proficiency)
November 2016
1210.A1-1​ Obtaining External Service Providers to Support or Complement the Internal Audit Activity​ January 2009​​
IG1220 NEW! Due Professional Care​
(Supersedes PA1220-1 – Due Professional Care)
November 2016
IG1230 NEW! Continuing Professional Development​
(Supersedes PA1230-1 – Continuing Professional Development)
November 2016
1300-1​ Quality Assurance and Improvement Program​ May 2015​​
1311-1​ Internal Assessments May 2015​​
1312-1​ External Assessments​ May 2015​​
1312-2​ External Assessments: Self Assessment with Independent Validation​ May 2015​​
1312-3​ Independence of External Assessment Team in the Private Sector​ May 2015​​
1312-4​ Independence of the External Assessment Team in the Public Sector​ May 2015​​
​1320-1 Reporting Results of the Quality Assurance and Improvement Program May 2015​
1321-1​ Use of “Conforms with the International Standards for the Professional Practice of Internal Auditing” May 2015​​
​1322-1 Disclosure of Nonconformance with the International Standards for the Professional Practice of Internal Auditing (Standards) May 2015​
IG2000 NEW! Managing the Internal Audit Activity October 2016
IG2010 NEW! Planning
(Supersedes:
PA2010-1 – Linking the Audit Plan to Risk and Exposures
PA2010-2 – Using the Risk Management Process in Internal Audit Planning)
October 2016
IG2020 NEW! Communication and Approval
(Supersedes: PA2020-1 – Communication and Approval)
October 2016
IG2030 NEW! Resource Management
(Supersedes: PA2030-1 Resource Management)
October 2016
IG2040 NEW! Policies and Procedures
(Supersedes: PA2040-1 Policies and Procedures)
October 2016
IG2050 NEW! Coordination and Reliance
(Supersedes:
PA2050-1  - Coordination
PA2050-2 - Assurance Maps
PA2050-3 – Relying on the Work of Other Assurance Providers)
October 2016
IG2060 NEW! Reporting to Senior Management and the Board
(Supersedes: PA2060-1 - Reporting to Senior Management and the Board)
October 2016
IG2110 Governance​ July 2015
2120-1​ Assessing the Adequacy of Risk Management Processes​ January 2009​​
2120-2​ Managing the Risk of the Internal Audit Activity​ April 2009​​
​2120-3 Internal Audit Coverage of Risks to Achieving Strategic Objectives ​June 2013
2130-1​ Assessing the Adequacy of Control Processes​ January 2009
2130.A1-1​ Information Reliability and Integrity​ January 2009​​
2130.A1-2​ Evaluating an Organization’s Privacy Framework January 2009​​
2200-1​ Engagement Planning​ January 2009​​
2200-2​ Using a Top-down, Risk-based Approach to Identify the Controls to be Assessed in an Internal Audit Engagement​ April 2010​​
2210-1​ Engagement Objectives​ January 2009​​
2210.A1-1​ Risk Assessment in Engagement Planning​ January 2009​​
2230-1​ Engagement Resource Allocation​ January 2009​​
2240-1​ Engagement Work Program​ January 2009​​
2300-1​ Use of Personal Information in Conducting Engagements​ May 2010​
2320-1​ Analytical Procedures​ May 2010
2320-2​ Root Cause Analysis​ ​December 2011
​2320-3 Audit Sampling May 2013​
​2320-4 Continuous Assurance June 2013​
2330-1​ Documenting Information​ January 2009​​
2330.A1-1​ Control of Engagement Records​ January 2009​​
2330.A1-2​ Granting Access to Engagement Records​ May 2010​
2330.A2-1​ Retention of Records​ January 2009​​
2340-1​ Engagement Supervision​ January 2009​​
2400-1​ Legal Considerations in Communicating Results ​ May 2010​
2410-1​ Communication Criteria ​ January 2009​​
2420-1​ Quality of Communications​ January 2009​​
2440.A2-1​ Communications Outside the Organization​ May 2010​
2440-1​ Disseminating Results​ January 2009​​
2440-2​ Communicating Sensitive Information Within and Outside the Chain of Command​ May 2010​
​IG2500 UPDATED! Monitoring Progress November 2016​
2500.A1-1​ Follow-up Process ​ January 2009
​IG2600 UPDATED! Communicating the Acceptance of Risks November 2016​

Implementation Guides/Practice Advisories (in full)
French - 2015
Germany, Austria, Switzerland Joint Translation - 2015
Russian - 2015
Serbian - 2015
Slovenian - 2015
​Turkish - 2015

Practice Advisories (in full)
Arabic - 2011 Macedonian - 2010
Bosnian - 2009 Montenegrin - 2011
Chinese (Traditional) - 2009 Polish - 2009
Croatian - 2009 Portuguese - 2009
Czech - 2013 Spanish - 2013
English - 2015 Ukrainian - 2013
Estonian - 2013
Greek - 2012
Japanese - 2011

New IPPF Resources
Educate staff, colleagues, and stakeholders on these changes by utilizing these tools:

IPPF
The 2013 Red Book is still a useful and binding reference source as a majority of the content has not changed and remains valid. The IIA Bookstore is exploring an online tool with searchable, on-demand access to all IPPF content. Learn more in the FAQs.