“Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” 1
The members of the organization assisted by the work of the internal auditor include all levels of management, staff, and the Board of Trustees. The internal auditor discharges his/her responsibility by providing management and the Board of Trustees with an independent evaluation of compliance with management policies and an objective assessment of the effectiveness of these policies in meeting organizational goals. The internal auditor also reviews and evaluates the adequacy and effectiveness of the organization’s structure of internal control and the quality of program performance. 2
Internal auditing is an integral part of the organization and functions under the policies established by senior management and the Board of Trustees. The statement of purpose, authority, and responsibility (the charter) for the internal audit activity, approved by senior management and adopted by the Board of Trustees, is most effective when consistent with the Institute of Internal Auditor’s (IIA) International Standards for the professional Practice of Internal Auditing.
The scope of internal auditing within an organization is broad and may involve internal control topics such as the efficacy of operations, the reliability of financial reporting, deterring and investigating fraud, safeguarding assets, and compliance with laws and regulations. Internal auditing frequently involves measuring compliance with the entity's policies and procedures.