IIA Diploma in Internal Audit Practice

Saun - Francisn

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

5 pages

English

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

Sujets

ƒ
ƒ
ƒ
ƒ
ƒ
ƒ
IIA Diploma in Internal Audit Practice

Syllabus
2009/2012

Introduction
The syllabus for the IIA Diploma in Internal Audit Practice was reviewed during 2007
and has been updated ready for implementation from 2009 to 2012. The first exams
under the new syllabus will be held in November 2009.

The purpose of this document is to highlight the main changes that have been made
to the syllabus for the benefit of students who are migrating from the previous
version. It will also enable tuition providers and tutors to prepare for delivery of the
updated programme.

Overview of changes
The key changes made to the syllabus may be summarised as follows:
There have not been any major changes to the content of the theory modules.
In general it has been updated and strengthened to reflect current practice
more effectively. The detail of these changes is outlined below.
The content of the previous skills modules has been combined into a single
module and expressed in a formal way as part of the syllabus for the first
time, linked very closely to the content of the new global competency
framework.
The syllabus has been reformatted and re-presented in a style that is more
academic, comprehensive, consistent and informative. All requirements for
completion of the award (both formal and informal) are now included in a
single document.
The modules have been repurposed to confirm the coherence of the award
and to emphasise the fundamental links of all parts to internal audit practice.
The aims and objectives have been rewritten to ensure this focus is made
explicit. In some cases the modules have been renamed for the same
reason, as follows:

Current syllabus New syllabus 2009/2012
P1 Organisation and P1 The Internal Audit Environment
Management – Concepts and
Practices
P2 Accounting and Financial P2 Financial Risks and Controls
Systems
P3 Internal Auditing P3 Internal Audit Practice
P4 Business Information P4 Information Systems Auditing
Systems Auditing
P5 Corporate Governance and P5 Corporate Governance and Risk
Risk Management Management
Effective Delivery of an Audit
P6 Interpersonal Skills for the
Communications and Client- Internal Auditor
Auditor Relations ƒ
ƒ
ƒ

Minor modifications have been made to the examination structure and these
have been set out in detail for the first time. The changes are aimed at
standardising the structure and distribution of marks where appropriate. In
particular, multiple choice questions have been withdrawn from P3 and have
been reduced in P2.
The logbook has been renamed the professional experience journal and is
more prescriptive and demanding with explicit requirements to demonstrate
elements of all six modules in practice. The importance of the interpersonal
skills has been strengthened through the development of a set of specific
performance criteria and a move to assess the candidate’s ability to
demonstrate those skills. The new and more demanding requirements of the
professional experience journal will ensure that the expected level of each
skill has been attained. In acknowledgement of their importance, recognition
will be given for a number of different routes for developing and attaining
interpersonal skills to the required standard. IIA skills workshops will continue
to be one of these routes but candidates, together with their managers, will be
able to identify other means by which these skills can be acquired, or
establish that they are already held.
Students must remain alert to any changes to standards, relevant legislation
and contemporary issues in the lead up to the examinations, and can expect
to be examined on them if they are appropriate to the syllabus content.

These changes serve to enhance the focus and effectiveness of the IIA Diploma in
developing the competencies required for professional practitioners of internal
auditing.

Academic level
The IIA has received external confirmation from the Open University of the academic
standing of the qualification. It has been recognised at PG1 or level 7, meaning
postgraduate or Masters level. Although this does not represent a change, the
language has been reviewed with this academic rating in mind. It is important,
therefore, that students are able to demonstrate their knowledge and understanding
of the theories, concepts, methods and practices as outlined in the syllabus. They
will be expected to undertake additional reading and research as part of the learning
process. In the examinations they will be required to relate their knowledge and
understanding to contextualised scenarios and illustrate their answers with suitable
examples. It will be necessary to:
• define key terms and models and apply them correctly
• critically analyse a range of information
• make comparisons and draw relevant conclusions
• produce evaluative judgements
• generate appropriate recommendations

Students will also need to be able to express their answers fully by applying an
effective command of the English language, using technical terminology and
standard formats as required. Due attention must be paid to standard conventions of
grammar, spelling and style. Guidance is given in each of the theory modules of any
particular communication requirements.

Changes to modules

P1 The Internal Audit Environment
This module has been renamed to emphasise the relevance of theory and practice to
internal audit.

In some cases, specific mention of models, theories and examples has been
removed so that students and tutors do not regard these indicative examples as fixed
and exhaustive. For example, in 2.1, reference to ‘economic, protective, associative,
local/governmental’ objectives has been removed to indicate that all types of
objectives, variously analysed, are of interest. Similarly, 4.1 refers to ‘relevant
organisational and management theories’ with no specific mention of ‘organic
systems and contingency theory’ as previously. These would be among the theories
students are expected to be familiar with. The same is true of ‘Porter’s value chain’
in 6.1, which now simply requires ‘reference to relevant theory’. Mention of particular
quality models and benchmarks (TQM, IiP, Chartermark and ISO 9000) has also
been removed.

The important point to emphasise is that students are expected to apply critically a
range of different perspectives appropriate to different situations, reflective of
contemporary practice. Some models move out of vogue (such as TQM) and are
therefore of lesser relevance.

P2 Financial Risks and Controls
This module has been renamed to emphasise that the relevance to an internal
auditor is to learn the international language of business in order to be able to deliver
effective internal audit services. It will be necessary to understand standard
conventions and apply accounting skills in order to interpret information gathered,
discuss it with clients, analyse it, extract appropriate conclusions and generate sound
recommendations.

Section 5.1 has been expanded to include ‘the growing impact of international
accounting standards’ to reflect this important dimension to many organisations.

P3 Internal Audit Practice
This module has changed very little. However, there has been an important
movement of content from P4 to P3. P3 now includes a further extension of content
relating to CAATTs in 6.4. Using computer tools to support the planning and delivery
of an audit is part of the range of tools needed by an internal auditor rather than a
specialist application of internal auditing skills to a technical area.

P4 Information Systems Auditing
The word ‘Business’ has been removed from the title of this module to confirm its
equal relevance to private, public and voluntary sectors. The module has been
updated quite significantly.

Aspects of information systems governance and service provision have been drawn
out into a new single section (1.1) and expanded, emphasising the importance of the
comprehensiveness of IT controls in the context of wider organisational priorities.
This section should be studied carefully for its additional content.

2.1 (previously 1.1) has been extended with the phrase ‘by helping to exploit
opportunities, improve efficiency and manage business risk’.

2.3 (previously 1.5) has been clarified by the addition of the word ‘requisite’.
2.4 is a new statement.

3.1 has the additions of intellectual property and customer information.

3.2 (previously 3.3) has the addition of spyware and keystroke loggers, attacks and
phishing toolkits.

3.3 is a new statement.

3.4 has been extended by the addition of ‘business continuity’.

3.5 has been extended by the addition of ‘authentication’.

3.6 is a new statement.

The list of controls (in the previous version under 3.6) are no longer specifically
mentioned but are still required as typical information security controls.