In January 2024, the Institute of Internal Auditors (IIA) released its latest initiative to support the continuous advancement of the profession and help organisations navigate today's complex risk environment. The new Global Internal Audit Standards™ (GIAS) are designed to provide comprehensive guidance for the global practice of Internal Auditing, serving as a benchmark for assessing and enhancing the quality of Internal Audit functions worldwide.
Replacing the 2017 International Standards for the Professional Practice of Internal Auditing, the GIAS stands as the cornerstone of the 2024 International Professional Practices Framework (IPPF). Alongside the GIAS, the recently published IPPF encompasses additional resources including Topical Requirements and Global Guidance, aiming to equip Internal Auditors with the necessary tools and insights to meet the evolving demands of their roles effectively.
The GIAS structure has five main domains:
Fifteen principles support the domains mentioned above. Each principle is supported by Standards, which totals fifty-two Standards. These Standards include requirements, considerations for implementation and examples of evidence of adherence, which help guide the professional practice of Internal Auditing across the world.
The 2024 IPPF also includes Topical Requirements and Global Guidance. Topical Requirements, similar to GIAS, are mandatory. It ensures that all audit functions apply a consistent methodology when assessing the effectiveness of governance, risk management, and controls. The topics include cybersecurity, information technology governance, privacy risk management, sustainability and environmental, social, and governance (ESG), and third-party management. On the other hand, Global Guidance provides supplemental information to support the Standard and is not mandatory.
Within these updated Standards, significant revisions have been introduced, promising improved practices, heightened value for stakeholders and enriching the framework for Internal Audit excellence.
The updated Standards represent a significant opportunity for Internal Audit functions to incorporate the latest developments in good practice. They also have implications beyond Internal Audit - they resonate throughout the entire organisation. Consequently, the Board and every department must collaborate effectively in seizing the opportunities presented by these new Standards. This collaboration involves:
While embracing change can sometimes be intimidating, it's important to recognise that within the key focal points of the GIAS, many benefits are waiting to be realised through the implementation of these updates.
Firstly, fostering closer collaboration between the Board, Senior Management, and Chief Audit Executives fortifies the governance structure of the organisation's Internal Audit function. Moreover, a well-defined strategy and plan empowers organisations to anticipate and navigate forthcoming challenges, fostering resilience amidst a dynamic landscape.
Analysing engagement findings allows for a deeper understanding of root causes, which in turn enables us to proactively adapt to identified risks and their potential impacts. This proactive approach enhances organisational readiness and agility in addressing evolving challenges.
The year 2024 will be a period of transition for all the Internal Audit functions. The updated Standards will be effective from 9 January 2025, but Internal Auditors are encouraged to adopt the GIAS right away. For now, the 2017 Standards may still be followed before the effective date of the new Standards.
As Internal Auditors, we play a pivotal role in facilitating the implementation of these beneficial changes for our clients. By actively engaging with the Board, Senior Management, and Chief Audit Executives, we can foster collaboration and alignment, ensuring a robust governance framework for the Internal Audit function.
Additionally, we can leverage our expertise to contribute to the development of well-defined strategies and plans, equipping the organisation to proactively address emerging risks and challenges.
By championing these initiatives, we can contribute significantly to enhancing organisational resilience and agility in the face of evolving business landscapes.
For a more detailed, step-by-step guide on how we can help, refer to this publication from PwC Global: PwC - Implementing the IIA’s new Global Internal Audit Standards.
