internal audit competency framework
Post on 03-Jun-2018
253 Views
Preview:
TRANSCRIPT
-
8/12/2019 Internal Audit Competency Framework
1/31
Internal Auditor
Competency Framework
Ju l y 2 0 1 0
-
8/12/2019 Internal Audit Competency Framework
2/31
Internal Auditor Competency Framework published July 2010
Page 1
COPYRIGHT
The Institute of Internal Auditors Australia 2010All rights are reserved. No part of this work may be reproduced or copied in any form or by any means,
electronic or mechanical, including photocopying, without the written permission of the publisher.
Published by The Institute of Internal Auditors Australia
-
8/12/2019 Internal Audit Competency Framework
3/31
Internal Auditor Competency Framework published July 2010
Page 2
About the framework
The competency framework was developed to answer a need in Australia for well trained internal auditors who
understand the particular needs of organisations operating within the context of the Australian business
environment and the Australian regulatory and legal framework, and to enable the internal audit activity to meet
the demands of the future as expectations on the profession grow as part of best practice corporate governance.
It has been adapted from existing competency frameworks developed by IIA Global and IIA UK and Ireland and
modified with feedback from Australian stakeholders. The completed framework will form the first stage in the
development of this complete professional development solution for the Internal Audit profession in Australia. The
competencies outline the critical behaviours required for effective performance as an internal auditor and provide
the basis for a broad range of practices including recruitment and selection, reviewing performance, training and
development, talent management and succession planning.
The competency framework is organised around four key focus areas:
Standards Technical Skills Interpersonal Skills Knowledge Areas
The International
Professional Practice
Framework (IPPF)
Research and investigation
Business process and project
management
Risk and control
Data collection and analysis
Problem solving tools and
techniques
Computer aided auditing
techniques (CAATS)
Influence and
communication
Leadership and teamwork
Change management
Conflict resolution
Financial and Management
Accounting
Regulatory, Legal and
Economics
Quality and control
Ethics and fraud
Information technology
Governance, Risk and
Control
In the following pages, each competency area above is described in terms of the behaviours required to perform
effectively across four different job levels. These levels are:
New Internal Auditor Practising Internal Auditor Internal Audit Manager Chief Audit Executive
These job level titles are indicative only and should be interpreted to align with those used within your
organisation.
-
8/12/2019 Internal Audit Competency Framework
4/31
Internal Auditor Competency Framework published July 2010
Page 3
Using the Competency Framework for
Internal Audit Capability Development
Capability development is an ongoing and iterative process. Development methods vary and it is valuable to
incorporate a blend of development activities into a career/capability development plan. A range of development
options could include:
Challenging job-based experiences including inclusion in special projects or taskforces Formal training program Exposure to strategic agenda and senior staff within the organisation Use of senior mentors or coaches Self-development strategies such as personal reading, practice and reflectionNo single development option will cover all dimensions of an internal audit career and it is very important that
assessment of current competencies, skill gaps and strategies to develop performance are openly discussed and
agreed between the manager and the internal auditor.
Preparation for a Review
Set up a meeting between the internal auditor being reviewed and their manager or the reviewer. Plan well inadvance to enable thorough preparation by both parties and be prepared to answer questions or clarify
expectations as required.
Ensure you set aside ample time to discuss your individual ratings, agree on ratings and develop strategies for
development together. It is better to set aside two hours and engage in valuable discussion than to rush through
the review in a shorter time frame. If necessary it is better to split the meeting into a two, the first focused on
assessment agreement and the second on development strategies that to push through to conclusion in a shorter
meeting.
These conversations can be critical to the internal auditors career. As such, you need to make every effort to
keep the appointment as scheduled in order to demonstrate your commitment to the process and your level of
investment in developing internal audit capabilities.
Internal Auditor Self-Assessment Prepare for this discussion by using the competency assessment worksheet at the back of this
document to complete a self assessment read the behaviours that describe how each attribute
should be demonstrated in the workplace at each level. Record the level that best demonstrates your
behaviours in the box marked Self Assessment (see example)
You may want to note specific examples where you have demonstrated the behaviours to supportyour self assessment
Start thinking about the skill gaps that you have identified and jot down some development strategiesthat you feel will help you move along the continuum to the next level
Share this with your manager/reviewer prior to the conversation or you may choose to simply take italong with you
Manager/Reviewer Manager Assessment Prepare for this discussion by using the competency assessment worksheet at the back of this
document to assess the competencies of the internal auditor being reviewed. Use the behavioursdescribed under each level to identify which level the internal auditor is operating at for each
attribute. Record the level that best matches the described behaviours in the box marked Manager
Assessment (see example)
You may want to note specific examples of observed behaviours to support your assessment Start thinking about the skill gaps that you have identified and jot down some development strategies
that you feel will help move the internal auditor along the continuum to the next level
Take your worksheet with you to the planned meeting
-
8/12/2019 Internal Audit Competency Framework
5/31
Internal Auditor Competency Framework published July 2010
Page 4
The Review Meeting The purpose of the review meeting is to align expectations and to work together to build a career
development plan
During the review meeting, the manager/reviewer leads a discussion with the internal auditor on boththe self assessment and the manager assessment.
Broad discrepancies need to be explored with both parties bringing demonstrated or observedbehaviours to the table and an agreed assessment is negotiated (see example)
Once an agreed assessment is recorded, skill gaps need to be identified and strategies identified forcareer development (see example)
The need for a follow-up meetings is identified and set as appropriate
Worked Example
Using the competency framework, the behaviours that describe how each attribute should be
demonstrated in the workplace at each level. Record the level that best matches the behavioursdemonstrated in the appropriate box.
Internal Auditor:____________________________________________________________________
Position: ________________________________________________________________________
Manager/Reviewer: _________________________________________________________________
Self Assessment Date: __________________________________
Manager Assessment Date:_______________________________
Review Meeting Date: ___________________________________
Planned Follow Up Date:_________________________________
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
1. The International Professional Practices Framework
Key Competency Area A . T h e s t a n d a r d s
Attribute i. Applies the relevant portions of the International Professional Practices Framework to internal audit work
Self Assessment: 3 Manager Assessment: Agreed Assessment:Strategies for improvement:
IIA Course on IPPF to be completed by planned follow up date
Joe Bloggs
Internal Audit Manager
Mary Thompson
7 Aug 10
9 Aug 10
Joes self-
assessment of hisdemonstrated
competency for
this attribute
Marys assessment ofJoes demonstrated
competency for this
attribute
After discussion, the
mutually agreed
assessment of Joescompetency for this
attributeAgreed strategy to bring Joescompetency in this attribute up
to that required for his position
level
18 Dec 10
13 Au 10
-
8/12/2019 Internal Audit Competency Framework
6/31
Internal Auditor Competency Framework published July 2010
Page 5
-
8/12/2019 Internal Audit Competency Framework
7/31
Internal Auditor Competency Framework published July 2010
Page 6
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1. The International Professional Practices Framework
Key Competency Area A . T h e s t a n d a r d s
Attribute i. Applies the relevant portions of the International Professional Practices Framework to internal audit work
Is aware of the IPPF and itsimplications in conducting an
internal audit
Under supervision, can follow arisk based approach covering
planning, fieldwork, reportingand follow up
Is aware that the auditdepartment is independentthrough its reporting line
Understands the need for auditassignments to be conductedwith due professional care
Can follow direction to conformwith the IPPF to ensure that
audit methodology follows a riskbased approach covering
planning, fieldwork, reportingand follow up
Demonstrates objectivity Demonstrates due professional
care in conducting auditassignments
Conforms with and upholds theuse of the IPPF standards to
ensure that audit assignmentsare quality controlled; audit
methodology follows a riskbased approach covering
planning, fieldwork, reportingand follow up
Ensures internal audit hasaccess to all systems, processesand people
Exemplifies and monitors dueprofessional care whenconducting audit assignments
Ensures that scope of work isappropriate
Assumes responsibility forupholding the use of the IPPF
standards to ensure that auditassignments are quality
controlled; audit methodologyfollows a risk based approach
covering planning, fieldwork,reporting and follow up
Upholds or lobbies for theindependence of the auditdepartment through itsreporting line
Ensures internal audit hasaccess to all systems, processes
and people
Exemplifies and monitors dueprofessional care and selectsappropriate staff when
conducting audit assignments
Ensures that scope of work isappropriate
-
8/12/2019 Internal Audit Competency Framework
8/31
Internal Auditor Competency Framework published July 2010
Page 7
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
2. Technical Skills
Key Competency Area A . R e se a r c h a n d i n v e s t i g a t i o n
Attribute i. Selects and applies a range of appropriate operational and management tools and techniques
n/a Employs operational researchmodelling techniques to
tackle problems
Can identify when to applyoptimisation techniques tobusiness issues
Selects and uses appropriateoperational research
modelling techniques totackle problems
Employs, or knows when toemploy optimisation
techniques to business issues
Can appraise or design anoperational process
Compares, evaluates andselects appropriate
operational researchmodelling techniques to
tackle problems
Can apply, or knows when touse optimisation techniques
to business problems
Can appraise or design anoperational process
Attribute ii. Applies methods for predicting and forecasting to support managerial decision-making about future actions
n/a n/a Employs the relevantforecasting tools and appliesthem correctly within a specific
engagement
Identifies a need for a specificexpert in the forecasting field
Comprehends and interpretsan experts conclusions andvalidate their work
Evaluates and employs therelevant forecasting toolswithin a specific engagement
Evaluates the need for aspecific expert in theoperational research field
Selects and employs theappropriate expert
Comprehends and interpretsan experts conclusions and
validate their workKey Competency Area B . B u s i n e s s p r o c e s s a n d p r o j e c t m a n a g em e n t
Attribute i. Manages projects within the internal audit activity or organisation effectively
n/a With support from others canmanage any project within theinternal audit activity
With support from others canmanage any audit projectwithin the organisation
Prepares and manages anyproject within the internalaudit activity
Prepares and manages anyaudit project within theorganisation
Proposes and evaluates anyproject within the internalaudit activity
Can manage and evaluate anyaudit project within theorganisation
-
8/12/2019 Internal Audit Competency Framework
9/31
Internal Auditor Competency Framework published July 2010
Page 8
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Attribute ii. Selects and applies a range of appropriate business process analysis tools and techniques
Demonstrates a capacity tolearn and apply new methodsand skills
Identifies business processesand depicts and presents themusing flowcharting techniques
Identifies tactics that canimmediately apply to improve
the business processes
Employs process analysis toolsand reviews the workcompleted in them
Identifies and employsanalysis techniques that
quickly identify process gaps
Analyses the efficiency andeffectiveness of businessprocesses
Identifies and prioritisesbusiness processes anddepicts and presents them
using flowcharting techniques
Proposes tactics that can beimmediately applied toimprove the businessprocesses
Evaluates and employsprocess analysis tools and
reviews the work completed inthem
Evaluates and employsanalysis techniques that
quickly identify process gaps
Measures the efficiency andeffectiveness of businessprocesses
Assembles and leads a team inmapping, analysis and
business processimprovement
Identifies and analysesinternal and external cross-functional process interfaces
n/a
Attribute iii. Uses performance management techniques to monitor and evaluate operational and strategic performance
n/a n/a Measures whether theorganisations activities are
meeting its mission, vision andstrategic objectives
Applies performancemanagement techniques toevaluate and report on the
performance of the auditfunction
Evaluates whether theorganisations activities are
meeting its vision, mission andstrategic objectives
Selects and appliesperformance managementtechniques to evaluate and
report on the performance ofthe audit function
Key Competency Area C. R i s k a n d c o n t r o l
Attribute i. Explains and applies risk theory and management, control design and control testing techniques. Applies risk
management to internal audit activities. Assists the organisations risk management activities, as appropriate
Explains the need to apply theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit
activities
Understands the relationshipbetween risks, controls andgovernance and how to applythese in internal audit
activities
Employs the ISO/ANZstandard or COSO ERMframework on riskmanagement to internal audit
activities
Explains risk managementissues to managers andpersonnel
Employs and monitors theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit
activities
Ensures internal auditactivities are aligned with andenhance the organisationsenterprise risk management,
as appropriate
Effectively explains riskmanagement issues to
managers and personnel
Employs and monitors theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit
activities
Ensures internal auditactivities are aligned with andenhance the organisationsenterprise risk management,
as appropriate
Effectively explains riskmanagement issues to
managers and personnel
-
8/12/2019 Internal Audit Competency Framework
10/31
Internal Auditor Competency Framework published July 2010
Page 9
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Attribute ii. Applies an internationally accepted control framework to internal audit activities as appropriate
Applies an internationallyaccepted control framework(eg. COSO or CoCo) to all
auditing and consulting
activities
Applies, manages andmonitors the application of aninternationally accepted
control framework (eg. COSO
or CoCo) to all auditing andconsulting activities
Applies, manages andmonitors the application of aninternationally accepted
control framework (eg. COSO
and CoCo) to all auditing andconsulting activities
Applies, manages andmonitors the application of aninternationally accepted
control framework (eg. COSO
and CoCo) to all auditing andconsulting activities
Key Competency Area D . D a t a c o l l e c t i o n a n d a n a l y s i s
Attribute i. Applies appropriate data sampling and analysis technique
Applies data sampling andanalysis techniques to auditing
activities
Employs Excel, queries,organisations systems, or
third party providers data
extraction software
Applies data sampling andanalysis techniques to auditingactivities, including where
appropriate, statistical
methodologies
Uses benchmarking dataadequately
Selects and employs Excel,queries, organisation systems
or third party providers data
extraction software
Applies data sampling andanalysis techniques to auditingactivities, including where
appropriate statistical
methodologies
Uses benchmarking dataeffectively
Identifies the need for aspecific expert in the data
mining/analysis field andeffectively manage the expert
Samples and analyses datafor internal audit activities
and manages these activities
Draws organisationaloperational and strategicimplications out of analysisresults
Conversant with, and able tochallenge the use of, datacollection and analysis
methods employed
Attribute ii. Can prepare for an interview, set the environment, and conduct the interview
Prepares for an interview, setsthe environment and conductsthe interview with support
from others
Displays active listening skills Practices a range of
questioning techniques
Produces accurate writtenmeeting notes
Independently prepares for aninterview, set the environmentand conducts the interview
Displays active listening skills Asks relevant, pertinent and
probing questions
Produces accurate writtenmeeting notes
Use questionnaires andsurveys as part of an audit
engagement
Chairs a meeting with a rangeof organisational personnel(from operations through to
executive), determining theagenda and issues to be
discussed
Asks relevant, pertinent andprobing questions, andaccurately writes up the
contents of the meeting
Designs and employs the use aquestionnaire or survey aspart of an audit engagement
Chairs a meeting with a rangeof organisational personnel(from operations through to
director level), determiningthe agenda and issues to be
discussed
Asks relevant, pertinent andprobing questions, andaccurately writes up the
contents of the meeting
Key Competency Area E . P r o b l e m s o l v i n g t o o l s a n d t e c h n i q u e s
Attribute i. Selects and applies a range of problem solving techniques
n/a Independently, for routinesituations, can apply
appropriate problem-solvingtechniques
Independently selects theappropriate problem solvingtechniques
Independently, and in uniqueand complex situations, can
apply appropriate problem-solving techniques
Evaluates and selects theappropriate problem solvingtechniques
Identifies the need for aspecific expert / facilitator inthe problem solving field
Independently, and in uniqueand complex situations, can
apply appropriate problem-solving techniques
Can independently select theappropriate problem solvingtechniques
Evaluates the need for aspecific expert / facilitator inthe problem solving field
Selects and appoints anexpert/facilitator in theproblem solving field
-
8/12/2019 Internal Audit Competency Framework
11/31
Internal Auditor Competency Framework published July 2010
Page 10
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Key Competency Area F . Com p u t e r A i d e d A u d i t T e c h n i q u e s ( C AA T s )
Attribute i. Can recognise the need for CAATs and make the appropriate selection
Effectively uses Microsoftoffice suite or equivalent (wordprocessing, spreadsheet,
presentation)
Practices the use of CAATs inthe audit process
Has a basic level ofcompetence in the use ofautomated working papersoftware, where appropriate
Employs CAATs in the auditprocess
Effectively uses dataextraction software
Effectively uses automatedworking paper software
Effectively uses statisticalpackages where appropriate
Formulates CAATs to supportefficient delivery of internalaudit projects
Effectively uses dataextraction software
Effectively uses automatedworking paper software
Effectively uses statisticalpackages where appropriate
Evaluates and employs anappropriate overall automationstrategy to make the IA
activity as effective and
efficient as possible
Effectively uses automatedworking paper software
Effectively uses statisticalpackages where appropriate
-
8/12/2019 Internal Audit Competency Framework
12/31
-
8/12/2019 Internal Audit Competency Framework
13/31
Internal Auditor Competency Framework published July 2010
Page 12
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Attribute ii. Communicates effectively, sending clear and convincing messages and listening actively
Listens actively Seeks mutual understanding,
and welcomes sharing ofinformation fully
Fosters open communicationand stays receptive to bad
news as well as good
Communicates effectively andprofessionally in writtencommunication including
proper use of grammar and
punctuation
Deals with difficult issues in astraightforward manner
Listens actively Seeks mutual understanding,
and welcomes sharing of
information fully
Fosters open communicationand stays receptive to bad
news as well as good
Utilises strong listening skillsto formulate direct, responsive
answers to questions
Communicates effectively andprofessionally in written
communication including
proper use of grammar andpunctuation
Communicates clearly withsenior executives and board-level individuals independently
in routine situations
Conveys clear, articulatemessages to an audience
Deals with difficult issues in astraightforward manner
Listens actively Seeks mutual understanding,
and welcomes sharing of
information fully
Fosters open communicationand stays receptive to bad
news as well as good
Tailors communication to thelevel of experience of the
audience
Communicates at theopportune time
Provides all facts for accuratedecision making
Utilises strong listening skillsto formulate direct, responsive
answers to questions
In oral communication,organises and expresses ideasclearly
Communicates effectively andprofessionally in written
communication includingproper use of grammar andpunctuation
Communicates clearly withsenior executives and board-level individuals
Makes complex presentationsand adapts to the audience to
ensure full understanding
Conveys clear, articulatemessages to an audience withconfidence
Deals with difficult issues in astraightforward manner
Listens actively Seeks mutual understanding,
and welcomes sharing of
information fully
Fosters open communicationand stays receptive to bad
news as well as good
Tailors communication to thelevel of experience of the
audience
Use analogies, visuals, andother techniques to effectively
communicate complex ideas
Communicates at theopportune time
Provides all facts for accuratedecision making
Paraphrases dissentingopinions accurately
Utilises strong listening skillsto formulate direct, responsive
answers to questions
In oral communication,organises and expresses ideas
clearly
Communicates effectively andprofessionally in written
communication includingproper use of grammar andpunctuation
-
8/12/2019 Internal Audit Competency Framework
14/31
-
8/12/2019 Internal Audit Competency Framework
15/31
Internal Auditor Competency Framework published July 2010
Page 14
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Attribute iii. Effectively plans, sets priorities and manages the performance of others
Responds well to feedback andseeks to improve performancewhere required
Works to full capacity on tasksdelegated by the team leader
Demonstrates efficiency andpersistence manages owntime and ensures thatdeadlines, actions and
objectives are fully achieved
even when faced withproblems, challenges andpressure
Responds well to feedback andseeks to improve performancewhere required
Works to full capacity on tasksdelegated by the team leader
Demonstrates efficiency andpersistence manages owntime and ensures thatdeadlines, actions and
objectives are fully achieved
even when faced withproblems, challenges andpressure
Clearly defines, communicatesand reviews the roles andperformance expectations of
the team and manages an
individuals performanceagainst established goals,
delegates appropriately andprovides open, direct andhonest feedback, gives praise
and encouragement,
recognises and rewardsindividual and teamperformance
Acts as a role model modelshigh performance for teamand individuals
Coaches others to enhancetheir strengths, addressimprovement areas, and
achieve their desired careerpath, encourages self
development within the teamand provides opportunities
where possible for developingcapabilities
Demonstrates efficiency andpersistence manages own
time and ensures that
deadlines, actions andobjectives are fully achieved
even when faced withproblems, challenges and
pressure
Takes personal accountabilityfor results delivered in area ofresponsibility, drives own and
team results, always strivesfor excellence and encourages
others to do the same
Sets clear performancestandards, delegates decisionmaking and other
responsibilities accordingly,
and provides constructive,timely and honest
performance related feedbackto help others achieve theirgoals
Clearly articulates the businessgoals, direction and objectives
and links these toorganisational strategy, anddemonstrates personal
commitment to these
Acts as a role model modelshigh performance for teamand individuals
Demonstrates efficiency andpersistence manages own
time and ensures thatdeadlines, actions and
objectives are fully achievedeven when faced with
problems, challenges andpressure
Takes personal accountabilityfor results delivered in area ofresponsibility, drives own and
team results, always strivesfor excellence and encouragesothers to do the same
Attribute iv. Inspires and guides to build commitment to the team and the organisation
Actively participates as a teammember and works with others
to foster team spirit
Actively participates as a teammember and works with others
to foster team spirit
Displays personal leadership acts as a role model
Acts as a role model inspiresand motivates others and
adapts leadership style,responding to the needs of
others
Leads the team, encouragespeople to work together,
fosters team spirit and buildsthe commitment of those
involved in the team/project toachieve results
Projects a strong sense ofcredibility and presence,
makes an impact on othersand gains their attention and
respect, leads throughinfluence, personal conviction
and sensitivity rather than
position
-
8/12/2019 Internal Audit Competency Framework
16/31
-
8/12/2019 Internal Audit Competency Framework
17/31
Internal Auditor Competency Framework published July 2010
Page 16
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Attribute vii. Creates group synergy in pursuing collective goals
Fulfils commitment to otherteam members
Participates in maintaining agood spirit within the team
Cooperates with other teammembers
Shares ideas
Fulfils commitment to otherteam members
Participates in maintaining agood spirit within the team
Cooperates with other teammembers
Works to removeorganisational barriers and
identifies resources to assistthe team
Shares ideas
Models team qualities ofrespect, helpfulness andcooperation
Draws all team members intoactive and enthusiastic
participation
Encourages others to work asa team and provides otherswith feedback to help them be
better team members
Champions the team withinthe organisation
Works to removeorganisational barriers andidentifies resources to assist
the team
Shares ideas
Models team qualities ofrespect, helpfulness andcooperation
Draws all team members intoactive and enthusiastic
participation
Champions the team withinthe organisation
Provides guidance when theteam is off track on an
assignment
Works to removeorganisational barriers and
identifies resources to assistthe team
Shares ideas
Key Competency Area C. C h a n g e m a n a g em e n t
Attribute i. Embraces change and innovation
Understands own reactions tochange and demonstratesempathy and support towards
others
Views change positively and isopen to and accepting ofchange
Maintains performance andpersonal effectiveness in
changing and ambiguous
environments
Demonstrates flexibility andadaptability of approach todifferent situations
Accommodates new prioritiesand readily implementsdirected changes in area of
work
Understands own reactions tochange and demonstratesempathy and support towards
others
Views change positively and isopen to and accepting ofchange
Maintains performance andpersonal effectiveness in
changing and ambiguous
environments
Demonstrates flexibility andadaptability of approach todifferent situations
Accommodates new prioritiesand readily implementsdirected changes in area of
work
Actively looks for ways toimprove current processes orsystems and contributes ideas
for change and process
improvement
Recognises and understandsdifferent reactions to changeand is able to adapt own style
to support others
Effectively implementsdirected changes across theteam
Readily adjusts team prioritiesto new and changing priorities
Actively looks for ways toimprove processes andsystems across areas of
responsibility andsubstantiates improvement
suggestions with logicalargument
Champions change and enlistsothers in its pursuit
Can develop a change strategyincluding timeline andmilestones
Models the change expected ofothers
Accurately assesses thepotential barriers and
resources for changeinitiatives
Provides resources, removebarriers, and acts as an
advocate for those initiatingchange
Maintains work efficiency andresponds positively to achanging environment
Monitors the efficacy of thestrategy/tactics and makesadjustments where required
Provides direction and focusduring the change process
Supports new ideas, systemsand procedures
Responds quickly to changingsituations by coming up with
creative ideas
Supports the need for change Takes steps to understand the
reasons for change in
environment and tasks
Can operate in ambiguousenvironments
Capable of managing stresseffectively
-
8/12/2019 Internal Audit Competency Framework
18/31
Internal Auditor Competency Framework published July 2010
Page 17
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Key Competency Area D . C o n f l ic t r e s o l u t i o n
Attribute i. Effectively manages conflict by negotiating and resolving disagreements
Paraphrases dissentingopinions accurately
Listens well Can address disagreement,
conflicts, or upsets in waysthat build relationships
Paraphrases dissentingopinions accurately
Listens well
Displays clear leadership in acrisis
Spots potential conflict andbrings disagreements into the
open
Orchestrates win-winsolutions, finds common
ground and minimisesdisruption
Handles difficult people withtact and diplomacy
Addresses disagreements,conflict and upsets in ways
that build relationships
Encourages debate and opendiscussion
Listens well
Displays clear leadership in acrisis
Spots potential conflict andbrings disagreements into the
open
Orchestrates win-winsolutions, finds common
ground and minimisesdisruption
Handles difficult people withtact and diplomacy
Addresses disagreements,conflict and upsets in ways
that build relationships
Encourages debate and opendiscussion
Listens well
-
8/12/2019 Internal Audit Competency Framework
19/31
-
8/12/2019 Internal Audit Competency Framework
20/31
Internal Auditor Competency Framework published July 2010
Page 19
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Key Competency Area B . R eg u l a t o r y , l e g a l a n d e c o n om i c s
Attribute i. Applies an understanding of the regulatory and legal framework within which their own or clients
organisation operates
Demonstrates anunderstanding of the natureand laws of legal evidence
Demonstrates anunderstanding of the impactof legislation and regulation,
including trade legislation andregulations, labour laws,
copyright, privacy and cyberlaws, civil and penal laws,
taxation schemes, contractlaw, and the nature and laws
of legal evidence whereappropriate
Independently, and in routinesituations, takes into accountthe impact of legislation and
regulation, including tradelegislation and regulations,
labour laws, copyright, privacyand cyber laws, civil and penal
laws, taxation schemes,contract law, and the nature
and laws of legal evidence
Independently, and in complexand unique situations, takesinto account the impact of
legislation and regulation,including trade legislation and
regulations, labour laws,copyright, privacy and cyber
laws, civil and penal laws,taxation schemes, contract
law, and the nature and lawsof legal evidence
Attribute ii. Applies an understanding of macro and microeconomics appropriate to the organisation when
communicating with others
n/a Is aware of the impact of basicmacro and microeconomicfactors and their impact on the
organisation
Is aware of and takes intoaccount the impact ofmacroeconomic factors
including:
- the state of the economy- the economic environment
within which business andfinancial decisions are made
- financial markets- government policies- national income,
employment, investment,interest rates, the supply of
money, inflation, exchangerates
- the formulation and operationof stabilisation polices
Is aware of and takes intoaccount the impact of
microeconomic factorsincluding:
- market mechanisms thatestablish relative pricesamong goods and services
- allocation of limited resourcesamong many alternative uses
- market failure- elasticity of products within
the market system
Is aware of and takes intoaccount the impact ofmacroeconomic factors
including:
- the state of the economy- the economic environment
within which business andfinancial decisions are made,
- financial markets- government policies- national income, employment
, investment, interest rates,the supply of money,
inflation, exchange rates- the formulation and operation
of stabilisation polices
Is aware of and takes intoaccount the impact ofmicroeconomic factors
including:
- market mechanisms thatestablish relative prices
among goods and services
- allocation of limited resourcesamong many alternative uses
- market failure- elasticity of products within
the market system
-
8/12/2019 Internal Audit Competency Framework
21/31
Internal Auditor Competency Framework published July 2010
Page 20
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Key Competency Area C. Q u a l i t y a n d c o n t r o l
Attribute i. Applies a range of appropriate quality models and frameworks
n/a Demonstrates a basicknowledge of qualityframeworks including relevant
ISO Standards, Six Sigma and
TQM
Demonstrates sound workingknowledge of qualityframeworks including relevant
ISO Standards, Six Sigma and
TQM as appropriate
Demonstrates sound workingknowledge of qualityframeworks including relevant
ISO Standards, Six Sigma and
TQM as appropriate and canapply the concepts to the areabeing reviewed
Key Competency Area D . Et h i c s a n d f r a u d
Attribute i. Demonstrates an understanding of the principles and ethics of integrity
Demonstrates the IIAs codeof ethics is applied in everyaudit assignment so that
information is keptconfidential, audit work is onlyundertaken where the auditor
is competent to do so, conflicts
of interest are disclosed, andthe auditor acts objectively inall situations
Demonstrates that whenethical conflicts do occur they
are discussed with the ChiefAudit Executive
Applies ethical principles andvalues to the activities being
audited within the organisation
Acts with due sensitivity whereethical principles are being
abused
Upholds the IIAs code ofethics in every auditassignment so that
information is keptconfidential, audit work is onlyundertaken where the auditor
is competent to do so, conflicts
of interest are disclosed, andthe auditor acts objectively inall situations
Demonstrates that whereethical conflicts do occur they
are discussed with the ChiefAudit Executive
Applies ethical principles andvalues to the activities being
audited within the organisation
Acts with due sensitivity whereethical principles are being
abused
Upholds the IIAs code ofethics in every auditassignment so that
information is keptconfidential, audit work is onlyundertaken where the auditor
is competent to do so, conflicts
of interest are disclosed, andthe auditor acts objectively inall situations
Demonstrates that whereethical conflicts do occur they
are discussed with the ChiefAudit Executive
Applies ethical principles andvalues to the activities being
audited within the organisation
Acts with due sensitivity whereethical principles are being
abused
Upholds and monitors the useof the IIAs code of ethics inevery audit assignment so that
information is keptconfidential, audit work is onlyundertaken where the auditor
is competent to do so, conflicts
of interest are disclosed, andthe auditor acts objectively inall situations
Exemplifies and ensures thatwhere ethical conflicts do
occur they are discussed withthe Audit Committee Chair orthe Chief Executive Officer as
appropriate
Exemplifies the use of ethicalprinciples and values to theactivities being audited withinthe organisation
Acts with due sensitivity whereethical principles are beingabused
Attribute ii. Identifies the risk of fraud occurring and the appropriate means for detection, investigation and prevention
n/a Can explain the definition andapplication of fraud concepts
Can explain detection methodssuch as red flags and the fraudtriangle
Is familiar with the AustralianStandards- AS 8001 Fraud and
Corruption
Under supervision, candevelop an effective fraudprevention strategy based on
AS 8001
Understands the definition andapplication of fraud conceptsand applies them to business
systems such as procurement,sales, accounting, payroll,
fixed assets and organisational
knowledge
Apply detection methodsincluding red flags and thefraud triangle
Complies with the AustralianStandards- AS 8001 Fraud andCorruption
Can develop and apply aneffective fraud prevention
strategy based on AS 8001
Understands the definition andapplication of fraud conceptsand applies them to the
organisation as a whole
Ensures detection methodsincluding red flags and thefraud triangle are included inthe audit program
Complies with and upholdsthe Australian Standards- AS
8001 Fraud and Corruption
Can develop and apply aneffective fraud education andprevention strategy based onAS 8001
-
8/12/2019 Internal Audit Competency Framework
22/31
Internal Auditor Competency Framework published July 2010
Page 21
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
Key Competency Area E. I n f o r m a t i o n T e ch n o l o g y
Attribute i. Applies an understanding of IT risk, control and security appropriate to own or clients organisation when
communicating with others
n/a Understands how IT facilitatesthe delivery of organisationalobjectives
Understands the concepts andstrategies underpinning ITgovernance
Understands the boundariesimposed on informationtechnology by law
Understands the key risksinvolved in the arrangementsfor and support of IT servicesand how these can be
managed
Understands the majorsecurity-related risks thatoccur in the delivery of ITservices and how these can be
reduced
Understands how IT affectseach area under review
Understands the InformationSystems (IS) roles andresponsibilities
Understands the ISenvironment andorganisational controls
Understands the nature of ISservice delivery and servicemanagement
Understands the nature of ISproject management
Understands the conceptsbehind database management
systems, networking andtelecommunications systems,
and business continuityplanning
Keeps abreast of newtechnologies and emerging
issues
Assesses the need to sourceexpertise and brings it in when
appropriate
Understands how IT facilitatesthe delivery of organisationalobjectives
Understands the concepts andstrategies underpinning ITgovernance
Understands the boundariesimposed on informationtechnology by law
Understands the key risksinvolved in the arrangementsfor and support of IT servicesand how these can be
managed
Understands the majorsecurity-related risks thatoccur in the delivery of ITservices and how these can be
reduced
Assesses the need to sourceexpertise and brings it in whenappropriate
Key Competency Area F . Go v e r n a n c e , r i s k a n d c o n t r o l
Attribute i. Applies an understanding of risk management, control and governance through the delivery of assurance
n/a Demonstrates a basiccompetence in undertaking an
assurance audit and cancontribute to an audit opinionon the risk exposures
highlighted
Undertakes an assurance auditand provides an audit opinion
on the risk exposureshighlighted
Discusses levels of assurancewith senior management and
confirms the level of assurance
that particular audit workattracts
Provides input to the annualassurance statement or
statement on internal control
signed by senior management
Undertakes an assurance auditand provide an audit opinion
on the risk exposureshighlighted
Provides input to the annualassurance statement or
statement on internal control
signed by senior management
-
8/12/2019 Internal Audit Competency Framework
23/31
Internal Auditor Competency Framework published July 2010
Page 22
Competency Assessment Worksheet
Internal Auditor:____________________________________________________________________
Position: ________________________________________________________________________
Manager/Reviewer: _________________________________________________________________
Self Assessment Date: __________________________________
Manager Assessment Date:_______________________________
Review Meeting Date: ___________________________________
Planned Follow Up Date:_________________________________
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
1. The International Professional Practices Framework
Key Competency Area A . T h e s t a n d a r d s
Attribute i. Applies the relevant portions of the International Professional Practices Framework to internal audit work
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
24/31
Internal Auditor Competency Framework published July 2010
Page 23
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
2. Technical Skills
Key Competency Area A . R e se a r c h a n d i n v e s t i g a t i o n
Attribute i. Selects and applies a range of appropriate operational and management tools and techniques
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Applies methods for predicting and forecasting to support managerial decision-making about future actions
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area B . B u s i n e s s p r o c e s s a n d p r o j e c t m a n a g em e n t
Attribute i. Manages projects within the internal audit activity or organisation effectively
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Selects and applies a range of appropriate business process analysis tools and techniques
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute iii. Uses performance management techniques to monitor and evaluate operational and strategic performance
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
25/31
Internal Auditor Competency Framework published July 2010
Page 24
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
Key Competency Area C. R i s k a n d c o n t r o l
Attribute i. Explains and applies risk theory and management, control design and control testing techniques. Applies riskmanagement to internal audit activities. Assists the organisations risk management activities, as appropriate
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Applies an internationally accepted control framework to internal audit activities as appropriate
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area D . D a t a c o l l e c t i o n a n d a n a l y s i s
Attribute i. Applies appropriate data sampling and analysis technique
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Can prepare for an interview, set the environment, and conduct the interview
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
26/31
Internal Auditor Competency Framework published July 2010
Page 25
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
Key Competency Area E . P r o b l e m s o l v i n g t o o l s a n d t e c h n i q u e s
Attribute i. Selects and applies a range of problem solving techniques
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area F . Com p u t e r A i d e d A u d i t T e c h n i q u e s ( C AA T s )
Attribute i. Can recognise the need for CAATs and make the appropriate selection
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
27/31
Internal Auditor Competency Framework published July 2010
Page 26
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
3. Interpersonal Skills
Key Competency Area A . I n f l u e n c e a n d c o mm u n i c at i o n
Attribute i. Develops and wields influence effectively
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Communicates effectively, sending clear and convincing messages and listening actively
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area B . Le a d e r sh i p a n d t e a m w o r k
Attribute i. Implements organisational policies and procedures effectively
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Uses effective recruitment, selection and staff retention policies
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute iii. Effectively plans, sets priorities and manages the performance of others
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute iv. Inspires and guides to build commitment to the team and the organisation
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute v. Builds relationships and works with others towards shared goals
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute vi. Operates effectively through proactive collaboration
Self Assessment: Manager Assessment: Agreed Assessment:
-
8/12/2019 Internal Audit Competency Framework
28/31
Internal Auditor Competency Framework published July 2010
Page 27
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
Attribute vii. Creates group synergy in pursuing collective goals
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area C. C h a n g e m a n a g em e n t
Attribute i. Embraces change and innovation
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area D . C o n f l ic t r e s o l u t i o n
Attribute i. Effectively manages conflict by negotiating and resolving disagreements
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
29/31
Internal Auditor Competency Framework published July 2010
Page 28
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
4. Knowledge
Key Competency Area A . F i n a n c i al a n d m a n a g em e n t a c c o u n t i n g
Attribute i. Applies an understanding of the technical aspects of finance and accounting appropriate to their own or
clients organisation when communicating with others
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Applies an understanding of management accounting appropriate to their own or clients organisation whencommunicating with others
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area B . R eg u l a t o r y , l e g a l a n d e c o n om i c s
Attribute i. Applies an understanding of the regulatory and legal framework within which their own or clientsorganisation operates
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Applies an understanding of macro and microeconomics appropriate to the organisation whencommunicating with others
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
30/31
Internal Auditor Competency Framework published July 2010
Page 29
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
Key Competency Area C. Q u a l i t y a n d c o n t r o l
Attribute i. Applies a range of appropriate quality models and frameworks
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area D . Et h i c s a n d f r a u d
Attribute i. Demonstrates an understanding of the principles and ethics of integrity
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Identifies the risk of fraud occurring and the appropriate means for detection, investigation and prevention
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
Key Competency Area E. I n f o r m a t i o n T e ch n o l o g y
Attribute i. Applies an understanding of IT risk, control and security appropriate to own or clients organisation whencommunicating with others
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
-
8/12/2019 Internal Audit Competency Framework
31/31
Assessment Key:
New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE
1 2 3 4
Key Competency Area F . Go v e r n a n c e , r i s k a n d c o n t r o l
Attribute i. Applies an understanding of risk management, control and governance through the delivery of assurance
Self Assessment: Manager Assessment: Agreed Assessment:
Attribute ii. Maintains effective working relationships with other assurance providers
Self Assessment: Manager Assessment: Agreed Assessment:
Strategies for improvement:
top related