About NDU | Offices | Offices | Office of the President | Office of Internal Audit | What do we do? | NDU

What do we do?

Cornerstone of Internal Audit (Standards)

Internal Audit abides by the Standards promulgated in The International Professional Practices Framework (IPPF) issued by The Institute of Internal Auditors (IIA), Florida, USA.

Code of Ethics

The purpose of The IIA’s Code of Ethics is to promote an ethical culture in the profession of internal auditing. It applies to both entities and individuals that perform internal audit services.

Internal Auditors are expected to apply and uphold the following principles:
1. Integrity
2. Objectivity
3. Confidentiality
4. Competency

Mission of Internal Audit

Our mission is “to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight.” (The IIA).

Definition of Internal Audit

“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” (The IIA).

Scope of Internal Audit

The scope of Internal Audit includes Governance, Risk, and Control, commonly referred to as GRC.

Role in Internal Control

Standard 2130 on Control reads:
“The internal audit activity must assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement.”

Role in Risk Management

Standard 2120 on Risk Management reads:
“The internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes.”

Role in Corporate Governance

Standard 2110 on Governance reads:
“The internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objective.”

Risk-based Internal Audit Plan

Standard 2010 on Planning reads:
“The chief audit executive must establish a risk-based plan to determine the priorities of the internal audit activity, consistent with the organization’s goals.”

Types of Assurance Services

1. Financial
2. Operational
3. Compliance
4. Process
5. Information Technology (IT)
6. Legal
7. Investigative
8. Environmental
9. Control-Self Assessment (CSA)
10. ISO

Examples of Consulting Services

1. ERP System
2. Committees / Task Forces
3. Policies and Procedures / Manuals / Charters
4. Authority Matrices
5. Risk Register
6. Budget Process
7. Bidding Process
8. Procurement
9. Human Resources
You have been successfully subscribed to our mailing list