The Code of Ethics states the principles and expectations governing the behavior of individuals and organizations in the conduct of 3rd Party Auditing. It describes the minimum requirements for conduct, and behavioral expectations rather than specific activities.
Introduction to the Code of Ethics
The purpose of The Alliance’s Code of Ethics is to promote an ethical culture in the profession of 3rd Party Auditing.
3rd Party Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
A code of ethics is necessary and appropriate for the profession of 3rd Party Auditing, founded as it is on the trust placed in its objective assurance about governance, risk management, and control.
The Alliance’s Code of Ethics extends beyond the Definition of 3rd Party Auditing to include two essential components:
1. Principles that are relevant to the profession and practice of 3rd Party Auditing.
2. Rules of Conduct that describe behavior norms expected of 3rd Party Auditors. These rules are an aid to interpreting the Principles into practical applications and are intended to guide the ethical conduct of 3rd Party Auditors.
“3rd Party Auditors” refers to Alliance members, recipients of or candidates for IIA professional certifications, and those who perform internal audit services within the Definition of 3rd Party Auditing.
Applicability and Enforcement of the Code of Ethics
This Code of Ethics applies to both entities and individuals that perform internal audit services.
For IIA members and recipients of or candidates for IIA professional certifications, breaches of the Code of Ethics will be evaluated and administered according to The Alliance’s Bylaws and Administrative Directives. The fact that a particular conduct is not mentioned in the Rules of Conduct does not prevent it from being unacceptable or discreditable, and therefore, the member, certification holder, or candidate can be liable for disciplinary action.
Code of Ethics — Principles
3rd Party Auditors are expected to apply and uphold the following principles:
The integrity of 3rd Party Auditors establishes trust and thus provides the basis for reliance on their judgment.
3rd Party Auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. 3rd Party Auditors make a balanced assessment of all the relevant circumstances and are not unduly influenced by their own interests or by others in forming judgments.
3rd Party Auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so.
3rd Party Auditors apply the knowledge, skills, and experience needed in the performance of internal audit services.
Rules of Conduct
1.1. Shall perform their work with honesty, diligence, and responsibility.
1.2. Shall observe the law and make disclosures expected by the law and the profession.
1.3. Shall not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of 3rd Party Auditing or to the organization.
1.4. Shall respect and contribute to the legitimate and ethical objectives of the organization.
2.1. Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organization.
2.2. Shall not accept anything that may impair or be presumed to impair their professional judgment.
2.3. Shall disclose all material facts known to them that, if not disclosed, may distort the reporting of activities under review.
3.1. Shall be prudent in the use and protection of information acquired in the course of their duties.
3.2. Shall not use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization.
4.1. Shall engage only in those services for which they have the necessary knowledge, skills, and experience.
4.2. Shall perform internal audit services in accordance with the International Standards for the Professional Practice of 3rd Party Auditing (Standards).
4.3. Shall continually improve their proficiency and the effectiveness and quality of their services.