Internal Audit Competency Framework

8/12/2019 Internal Audit Competency Framework

1/31

Internal Auditor

Competency Framework

Ju l y 2 0 1 0


2/31

Internal Auditor Competency Framework published July 2010

Page 1

COPYRIGHT

The Institute of Internal Auditors Australia 2010All rights are reserved. No part of this work may be reproduced or copied in any form or by any means,

electronic or mechanical, including photocopying, without the written permission of the publisher.

Published by The Institute of Internal Auditors Australia


3/31


Page 2

About the framework

The competency framework was developed to answer a need in Australia for well trained internal auditors who

understand the particular needs of organisations operating within the context of the Australian business

environment and the Australian regulatory and legal framework, and to enable the internal audit activity to meet

the demands of the future as expectations on the profession grow as part of best practice corporate governance.

It has been adapted from existing competency frameworks developed by IIA Global and IIA UK and Ireland and

modified with feedback from Australian stakeholders. The completed framework will form the first stage in the

development of this complete professional development solution for the Internal Audit profession in Australia. The

competencies outline the critical behaviours required for effective performance as an internal auditor and provide

the basis for a broad range of practices including recruitment and selection, reviewing performance, training and

development, talent management and succession planning.

The competency framework is organised around four key focus areas:

Standards Technical Skills Interpersonal Skills Knowledge Areas

The International

Professional Practice

Framework (IPPF)

Research and investigation

Business process and project

management

Risk and control

Data collection and analysis

Problem solving tools and

techniques

Computer aided auditing

techniques (CAATS)

Influence and

communication

Leadership and teamwork

Change management

Conflict resolution

Financial and Management

Accounting

Regulatory, Legal and

Economics

Quality and control

Ethics and fraud

Information technology

Governance, Risk and

Control

In the following pages, each competency area above is described in terms of the behaviours required to perform

effectively across four different job levels. These levels are:

New Internal Auditor Practising Internal Auditor Internal Audit Manager Chief Audit Executive

These job level titles are indicative only and should be interpreted to align with those used within your

organisation.


4/31


Page 3

Using the Competency Framework for

Internal Audit Capability Development

Capability development is an ongoing and iterative process. Development methods vary and it is valuable to

incorporate a blend of development activities into a career/capability development plan. A range of development

options could include:

Challenging job-based experiences including inclusion in special projects or taskforces Formal training program Exposure to strategic agenda and senior staff within the organisation Use of senior mentors or coaches Self-development strategies such as personal reading, practice and reflectionNo single development option will cover all dimensions of an internal audit career and it is very important that

assessment of current competencies, skill gaps and strategies to develop performance are openly discussed and

agreed between the manager and the internal auditor.

Preparation for a Review

Set up a meeting between the internal auditor being reviewed and their manager or the reviewer. Plan well inadvance to enable thorough preparation by both parties and be prepared to answer questions or clarify

expectations as required.

Ensure you set aside ample time to discuss your individual ratings, agree on ratings and develop strategies for

development together. It is better to set aside two hours and engage in valuable discussion than to rush through

the review in a shorter time frame. If necessary it is better to split the meeting into a two, the first focused on

assessment agreement and the second on development strategies that to push through to conclusion in a shorter

meeting.

These conversations can be critical to the internal auditors career. As such, you need to make every effort to

keep the appointment as scheduled in order to demonstrate your commitment to the process and your level of

investment in developing internal audit capabilities.

Internal Auditor Self-Assessment Prepare for this discussion by using the competency assessment worksheet at the back of this

document to complete a self assessment read the behaviours that describe how each attribute

should be demonstrated in the workplace at each level. Record the level that best demonstrates your

behaviours in the box marked Self Assessment (see example)

You may want to note specific examples where you have demonstrated the behaviours to supportyour self assessment

Start thinking about the skill gaps that you have identified and jot down some development strategiesthat you feel will help you move along the continuum to the next level

Share this with your manager/reviewer prior to the conversation or you may choose to simply take italong with you

Manager/Reviewer Manager Assessment Prepare for this discussion by using the competency assessment worksheet at the back of this

document to assess the competencies of the internal auditor being reviewed. Use the behavioursdescribed under each level to identify which level the internal auditor is operating at for each

attribute. Record the level that best matches the described behaviours in the box marked Manager

Assessment (see example)

You may want to note specific examples of observed behaviours to support your assessment Start thinking about the skill gaps that you have identified and jot down some development strategies

that you feel will help move the internal auditor along the continuum to the next level

Take your worksheet with you to the planned meeting


5/31


Page 4

The Review Meeting The purpose of the review meeting is to align expectations and to work together to build a career

development plan

During the review meeting, the manager/reviewer leads a discussion with the internal auditor on boththe self assessment and the manager assessment.

Broad discrepancies need to be explored with both parties bringing demonstrated or observedbehaviours to the table and an agreed assessment is negotiated (see example)

Once an agreed assessment is recorded, skill gaps need to be identified and strategies identified forcareer development (see example)

The need for a follow-up meetings is identified and set as appropriate

Worked Example

Using the competency framework, the behaviours that describe how each attribute should be

demonstrated in the workplace at each level. Record the level that best matches the behavioursdemonstrated in the appropriate box.

Internal Auditor:____________________________________________________________________

Position: ________________________________________________________________________

Manager/Reviewer: _________________________________________________________________

Self Assessment Date: __________________________________

Manager Assessment Date:_______________________________

Review Meeting Date: ___________________________________

Planned Follow Up Date:_________________________________

Assessment Key:

New Internal Auditor Practising Internal Auditor Internal Audit Manager CAE

1 2 3 4

1. The International Professional Practices Framework

Key Competency Area A . T h e s t a n d a r d s

Attribute i. Applies the relevant portions of the International Professional Practices Framework to internal audit work

Self Assessment: 3 Manager Assessment: Agreed Assessment:Strategies for improvement:

IIA Course on IPPF to be completed by planned follow up date

Joe Bloggs

Internal Audit Manager

Mary Thompson

7 Aug 10

9 Aug 10

Joes self-

assessment of hisdemonstrated

competency for

this attribute

Marys assessment ofJoes demonstrated

competency for this

attribute

After discussion, the

mutually agreed

assessment of Joescompetency for this

attributeAgreed strategy to bring Joescompetency in this attribute up

to that required for his position

level

18 Dec 10

13 Au 10


6/31


Page 5


7/31


Page 6





Is aware of the IPPF and itsimplications in conducting an

internal audit

Under supervision, can follow arisk based approach covering

planning, fieldwork, reportingand follow up

Is aware that the auditdepartment is independentthrough its reporting line

Understands the need for auditassignments to be conductedwith due professional care

Can follow direction to conformwith the IPPF to ensure that

audit methodology follows a riskbased approach covering


Demonstrates objectivity Demonstrates due professional

care in conducting auditassignments

Conforms with and upholds theuse of the IPPF standards to

ensure that audit assignmentsare quality controlled; audit

methodology follows a riskbased approach covering


Ensures internal audit hasaccess to all systems, processesand people

Exemplifies and monitors dueprofessional care whenconducting audit assignments

Ensures that scope of work isappropriate

Assumes responsibility forupholding the use of the IPPF

standards to ensure that auditassignments are quality

controlled; audit methodologyfollows a risk based approach

covering planning, fieldwork,reporting and follow up

Upholds or lobbies for theindependence of the auditdepartment through itsreporting line

Ensures internal audit hasaccess to all systems, processes

and people

Exemplifies and monitors dueprofessional care and selectsappropriate staff when

conducting audit assignments

Ensures that scope of work isappropriate


8/31


Page 7


2. Technical Skills

Key Competency Area A . R e se a r c h a n d i n v e s t i g a t i o n

Attribute i. Selects and applies a range of appropriate operational and management tools and techniques

n/a Employs operational researchmodelling techniques to

tackle problems

Can identify when to applyoptimisation techniques tobusiness issues

Selects and uses appropriateoperational research

modelling techniques totackle problems

Employs, or knows when toemploy optimisation

techniques to business issues

Can appraise or design anoperational process

Compares, evaluates andselects appropriate

operational researchmodelling techniques to

tackle problems

Can apply, or knows when touse optimisation techniques

to business problems

Can appraise or design anoperational process

Attribute ii. Applies methods for predicting and forecasting to support managerial decision-making about future actions

n/a n/a Employs the relevantforecasting tools and appliesthem correctly within a specific

engagement

Identifies a need for a specificexpert in the forecasting field

Comprehends and interpretsan experts conclusions andvalidate their work

Evaluates and employs therelevant forecasting toolswithin a specific engagement

Evaluates the need for aspecific expert in theoperational research field

Selects and employs theappropriate expert

Comprehends and interpretsan experts conclusions and

validate their workKey Competency Area B . B u s i n e s s p r o c e s s a n d p r o j e c t m a n a g em e n t

Attribute i. Manages projects within the internal audit activity or organisation effectively

n/a With support from others canmanage any project within theinternal audit activity

With support from others canmanage any audit projectwithin the organisation

Prepares and manages anyproject within the internalaudit activity

Prepares and manages anyaudit project within theorganisation

Proposes and evaluates anyproject within the internalaudit activity

Can manage and evaluate anyaudit project within theorganisation


9/31


Page 8


Attribute ii. Selects and applies a range of appropriate business process analysis tools and techniques

Demonstrates a capacity tolearn and apply new methodsand skills

Identifies business processesand depicts and presents themusing flowcharting techniques

Identifies tactics that canimmediately apply to improve

the business processes

Employs process analysis toolsand reviews the workcompleted in them

Identifies and employsanalysis techniques that

quickly identify process gaps

Analyses the efficiency andeffectiveness of businessprocesses

Identifies and prioritisesbusiness processes anddepicts and presents them

using flowcharting techniques

Proposes tactics that can beimmediately applied toimprove the businessprocesses

Evaluates and employsprocess analysis tools and

reviews the work completed inthem

Evaluates and employsanalysis techniques that

quickly identify process gaps

Measures the efficiency andeffectiveness of businessprocesses

Assembles and leads a team inmapping, analysis and

business processimprovement

Identifies and analysesinternal and external cross-functional process interfaces

n/a

Attribute iii. Uses performance management techniques to monitor and evaluate operational and strategic performance

n/a n/a Measures whether theorganisations activities are

meeting its mission, vision andstrategic objectives

Applies performancemanagement techniques toevaluate and report on the

performance of the auditfunction

Evaluates whether theorganisations activities are

meeting its vision, mission andstrategic objectives

Selects and appliesperformance managementtechniques to evaluate and

report on the performance ofthe audit function

Key Competency Area C. R i s k a n d c o n t r o l

Attribute i. Explains and applies risk theory and management, control design and control testing techniques. Applies risk

management to internal audit activities. Assists the organisations risk management activities, as appropriate

Explains the need to apply theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit

activities

Understands the relationshipbetween risks, controls andgovernance and how to applythese in internal audit

activities

Employs the ISO/ANZstandard or COSO ERMframework on riskmanagement to internal audit

activities

Explains risk managementissues to managers andpersonnel

Employs and monitors theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit

activities

Ensures internal auditactivities are aligned with andenhance the organisationsenterprise risk management,

as appropriate

Effectively explains riskmanagement issues to

managers and personnel

Employs and monitors theISO/ANZ standard or COSOERM framework on riskmanagement to internal audit

activities

Ensures internal auditactivities are aligned with andenhance the organisationsenterprise risk management,

as appropriate

Effectively explains riskmanagement issues to

managers and personnel


10/31


Page 9


Attribute ii. Applies an internationally accepted control framework to internal audit activities as appropriate

Applies an internationallyaccepted control framework(eg. COSO or CoCo) to all

auditing and consulting

activities

Applies, manages andmonitors the application of aninternationally accepted

control framework (eg. COSO

or CoCo) to all auditing andconsulting activities



and CoCo) to all auditing andconsulting activities



and CoCo) to all auditing andconsulting activities

Key Competency Area D . D a t a c o l l e c t i o n a n d a n a l y s i s

Attribute i. Applies appropriate data sampling and analysis technique

Applies data sampling andanalysis techniques to auditing

activities

Employs Excel, queries,organisations systems, or

third party providers data

extraction software

Applies data sampling andanalysis techniques to auditingactivities, including where

appropriate, statistical

methodologies

Uses benchmarking dataadequately

Selects and employs Excel,queries, organisation systems

or third party providers data

extraction software

Applies data sampling andanalysis techniques to auditingactivities, including where

appropriate statistical

methodologies

Uses benchmarking dataeffectively

Identifies the need for aspecific expert in the data

mining/analysis field andeffectively manage the expert

Samples and analyses datafor internal audit activities

and manages these activities

Draws organisationaloperational and strategicimplications out of analysisresults

Conversant with, and able tochallenge the use of, datacollection and analysis

methods employed

Attribute ii. Can prepare for an interview, set the environment, and conduct the interview

Prepares for an interview, setsthe environment and conductsthe interview with support

from others

Displays active listening skills Practices a range of

questioning techniques

Produces accurate writtenmeeting notes

Independently prepares for aninterview, set the environmentand conducts the interview

Displays active listening skills Asks relevant, pertinent and

probing questions

Produces accurate writtenmeeting notes

Use questionnaires andsurveys as part of an audit

engagement

Chairs a meeting with a rangeof organisational personnel(from operations through to

executive), determining theagenda and issues to be

discussed

Asks relevant, pertinent andprobing questions, andaccurately writes up the

contents of the meeting

Designs and employs the use aquestionnaire or survey aspart of an audit engagement

Chairs a meeting with a rangeof organisational personnel(from operations through to

director level), determiningthe agenda and issues to be

discussed

Asks relevant, pertinent andprobing questions, andaccurately writes up the

contents of the meeting

Key Competency Area E . P r o b l e m s o l v i n g t o o l s a n d t e c h n i q u e s

Attribute i. Selects and applies a range of problem solving techniques

n/a Independently, for routinesituations, can apply

appropriate problem-solvingtechniques

Independently selects theappropriate problem solvingtechniques

Independently, and in uniqueand complex situations, can

apply appropriate problem-solving techniques

Evaluates and selects theappropriate problem solvingtechniques

Identifies the need for aspecific expert / facilitator inthe problem solving field

Independently, and in uniqueand complex situations, can

apply appropriate problem-solving techniques

Can independently select theappropriate problem solvingtechniques

Evaluates the need for aspecific expert / facilitator inthe problem solving field

Selects and appoints anexpert/facilitator in theproblem solving field


11/31


Page 10


Key Competency Area F . Com p u t e r A i d e d A u d i t T e c h n i q u e s ( C AA T s )

Attribute i. Can recognise the need for CAATs and make the appropriate selection

Effectively uses Microsoftoffice suite or equivalent (wordprocessing, spreadsheet,

presentation)

Practices the use of CAATs inthe audit process

Has a basic level ofcompetence in the use ofautomated working papersoftware, where appropriate

Employs CAATs in the auditprocess

Effectively uses dataextraction software

Effectively uses automatedworking paper software

Effectively uses statisticalpackages where appropriate

Formulates CAATs to supportefficient delivery of internalaudit projects

Effectively uses dataextraction software



Evaluates and employs anappropriate overall automationstrategy to make the IA

activity as effective and

efficient as possible




12/31


13/31


Page 12


Attribute ii. Communicates effectively, sending clear and convincing messages and listening actively

Listens actively Seeks mutual understanding,

and welcomes sharing ofinformation fully

Fosters open communicationand stays receptive to bad

news as well as good

Communicates effectively andprofessionally in writtencommunication including

proper use of grammar and

punctuation

Deals with difficult issues in astraightforward manner


and welcomes sharing of

information fully



Utilises strong listening skillsto formulate direct, responsive

answers to questions

Communicates effectively andprofessionally in written

communication including

proper use of grammar andpunctuation

Communicates clearly withsenior executives and board-level individuals independently

in routine situations

Conveys clear, articulatemessages to an audience




information fully



Tailors communication to thelevel of experience of the

audience

Communicates at theopportune time

Provides all facts for accuratedecision making



In oral communication,organises and expresses ideasclearly


communication includingproper use of grammar andpunctuation

Communicates clearly withsenior executives and board-level individuals

Makes complex presentationsand adapts to the audience to

ensure full understanding

Conveys clear, articulatemessages to an audience withconfidence




information fully



Tailors communication to thelevel of experience of the

audience

Use analogies, visuals, andother techniques to effectively

communicate complex ideas

Communicates at theopportune time

Provides all facts for accuratedecision making

Paraphrases dissentingopinions accurately



In oral communication,organises and expresses ideas

clearly


communication includingproper use of grammar andpunctuation


14/31


15/31


Page 14


Attribute iii. Effectively plans, sets priorities and manages the performance of others

Responds well to feedback andseeks to improve performancewhere required

Works to full capacity on tasksdelegated by the team leader

Demonstrates efficiency andpersistence manages owntime and ensures thatdeadlines, actions and

objectives are fully achieved

even when faced withproblems, challenges andpressure

Responds well to feedback andseeks to improve performancewhere required

Works to full capacity on tasksdelegated by the team leader

Demonstrates efficiency andpersistence manages owntime and ensures thatdeadlines, actions and

objectives are fully achieved

even when faced withproblems, challenges andpressure

Clearly defines, communicatesand reviews the roles andperformance expectations of

the team and manages an

individuals performanceagainst established goals,

delegates appropriately andprovides open, direct andhonest feedback, gives praise

and encouragement,

recognises and rewardsindividual and teamperformance

Acts as a role model modelshigh performance for teamand individuals

Coaches others to enhancetheir strengths, addressimprovement areas, and

achieve their desired careerpath, encourages self

development within the teamand provides opportunities

where possible for developingcapabilities

Demonstrates efficiency andpersistence manages own

time and ensures that

deadlines, actions andobjectives are fully achieved

even when faced withproblems, challenges and

pressure

Takes personal accountabilityfor results delivered in area ofresponsibility, drives own and

team results, always strivesfor excellence and encourages

others to do the same

Sets clear performancestandards, delegates decisionmaking and other

responsibilities accordingly,

and provides constructive,timely and honest

performance related feedbackto help others achieve theirgoals

Clearly articulates the businessgoals, direction and objectives

and links these toorganisational strategy, anddemonstrates personal

commitment to these

Acts as a role model modelshigh performance for teamand individuals

Demonstrates efficiency andpersistence manages own

time and ensures thatdeadlines, actions and

objectives are fully achievedeven when faced with

problems, challenges andpressure

Takes personal accountabilityfor results delivered in area ofresponsibility, drives own and

team results, always strivesfor excellence and encouragesothers to do the same

Attribute iv. Inspires and guides to build commitment to the team and the organisation

Actively participates as a teammember and works with others

to foster team spirit

Actively participates as a teammember and works with others

to foster team spirit

Displays personal leadership acts as a role model

Acts as a role model inspiresand motivates others and

adapts leadership style,responding to the needs of

others

Leads the team, encouragespeople to work together,

fosters team spirit and buildsthe commitment of those

involved in the team/project toachieve results

Projects a strong sense ofcredibility and presence,

makes an impact on othersand gains their attention and

respect, leads throughinfluence, personal conviction

and sensitivity rather than

position


16/31


17/31


Page 16


Attribute vii. Creates group synergy in pursuing collective goals

Fulfils commitment to otherteam members

Participates in maintaining agood spirit within the team

Cooperates with other teammembers

Shares ideas

Fulfils commitment to otherteam members

Participates in maintaining agood spirit within the team

Cooperates with other teammembers

Works to removeorganisational barriers and

identifies resources to assistthe team

Shares ideas

Models team qualities ofrespect, helpfulness andcooperation

Draws all team members intoactive and enthusiastic

participation

Encourages others to work asa team and provides otherswith feedback to help them be

better team members

Champions the team withinthe organisation

Works to removeorganisational barriers andidentifies resources to assist

the team

Shares ideas

Models team qualities ofrespect, helpfulness andcooperation

Draws all team members intoactive and enthusiastic

participation

Champions the team withinthe organisation

Provides guidance when theteam is off track on an

assignment

Works to removeorganisational barriers and

identifies resources to assistthe team

Shares ideas

Key Competency Area C. C h a n g e m a n a g em e n t

Attribute i. Embraces change and innovation

Understands own reactions tochange and demonstratesempathy and support towards

others

Views change positively and isopen to and accepting ofchange

Maintains performance andpersonal effectiveness in

changing and ambiguous

environments

Demonstrates flexibility andadaptability of approach todifferent situations

Accommodates new prioritiesand readily implementsdirected changes in area of

work

Understands own reactions tochange and demonstratesempathy and support towards

others

Views change positively and isopen to and accepting ofchange

Maintains performance andpersonal effectiveness in

changing and ambiguous

environments

Demonstrates flexibility andadaptability of approach todifferent situations

Accommodates new prioritiesand readily implementsdirected changes in area of

work

Actively looks for ways toimprove current processes orsystems and contributes ideas

for change and process

improvement

Recognises and understandsdifferent reactions to changeand is able to adapt own style

to support others

Effectively implementsdirected changes across theteam

Readily adjusts team prioritiesto new and changing priorities

Actively looks for ways toimprove processes andsystems across areas of

responsibility andsubstantiates improvement

suggestions with logicalargument

Champions change and enlistsothers in its pursuit

Can develop a change strategyincluding timeline andmilestones

Models the change expected ofothers

Accurately assesses thepotential barriers and

resources for changeinitiatives

Provides resources, removebarriers, and acts as an

advocate for those initiatingchange

Maintains work efficiency andresponds positively to achanging environment

Monitors the efficacy of thestrategy/tactics and makesadjustments where required

Provides direction and focusduring the change process

Supports new ideas, systemsand procedures

Responds quickly to changingsituations by coming up with

creative ideas

Supports the need for change Takes steps to understand the

reasons for change in

environment and tasks

Can operate in ambiguousenvironments

Capable of managing stresseffectively


18/31


Page 17


Key Competency Area D . C o n f l ic t r e s o l u t i o n

Attribute i. Effectively manages conflict by negotiating and resolving disagreements


Listens well Can address disagreement,

conflicts, or upsets in waysthat build relationships


Listens well

Displays clear leadership in acrisis

Spots potential conflict andbrings disagreements into the

open

Orchestrates win-winsolutions, finds common

ground and minimisesdisruption

Handles difficult people withtact and diplomacy

Addresses disagreements,conflict and upsets in ways

that build relationships

Encourages debate and opendiscussion

Listens well

Displays clear leadership in acrisis

Spots potential conflict andbrings disagreements into the

open

Orchestrates win-winsolutions, finds common

ground and minimisesdisruption

Handles difficult people withtact and diplomacy

Addresses disagreements,conflict and upsets in ways

that build relationships

Encourages debate and opendiscussion

Listens well


19/31


20/31


Page 19


Key Competency Area B . R eg u l a t o r y , l e g a l a n d e c o n om i c s

Attribute i. Applies an understanding of the regulatory and legal framework within which their own or clients

organisation operates

Demonstrates anunderstanding of the natureand laws of legal evidence

Demonstrates anunderstanding of the impactof legislation and regulation,

including trade legislation andregulations, labour laws,

copyright, privacy and cyberlaws, civil and penal laws,

taxation schemes, contractlaw, and the nature and laws

of legal evidence whereappropriate

Independently, and in routinesituations, takes into accountthe impact of legislation and

regulation, including tradelegislation and regulations,

labour laws, copyright, privacyand cyber laws, civil and penal

laws, taxation schemes,contract law, and the nature

and laws of legal evidence

Independently, and in complexand unique situations, takesinto account the impact of

legislation and regulation,including trade legislation and

regulations, labour laws,copyright, privacy and cyber

laws, civil and penal laws,taxation schemes, contract

law, and the nature and lawsof legal evidence

Attribute ii. Applies an understanding of macro and microeconomics appropriate to the organisation when

communicating with others

n/a Is aware of the impact of basicmacro and microeconomicfactors and their impact on the

organisation

Is aware of and takes intoaccount the impact ofmacroeconomic factors

including:

- the state of the economy- the economic environment

within which business andfinancial decisions are made

- financial markets- government policies- national income,

employment, investment,interest rates, the supply of

money, inflation, exchangerates

- the formulation and operationof stabilisation polices

Is aware of and takes intoaccount the impact of

microeconomic factorsincluding:

- market mechanisms thatestablish relative pricesamong goods and services

- allocation of limited resourcesamong many alternative uses

- market failure- elasticity of products within

the market system

Is aware of and takes intoaccount the impact ofmacroeconomic factors

including:

- the state of the economy- the economic environment

within which business andfinancial decisions are made,

- financial markets- government policies- national income, employment

, investment, interest rates,the supply of money,

inflation, exchange rates- the formulation and operation

of stabilisation polices

Is aware of and takes intoaccount the impact ofmicroeconomic factors

including:

- market mechanisms thatestablish relative prices

among goods and services

- allocation of limited resourcesamong many alternative uses

- market failure- elasticity of products within

the market system


21/31


Page 20


Key Competency Area C. Q u a l i t y a n d c o n t r o l

Attribute i. Applies a range of appropriate quality models and frameworks

n/a Demonstrates a basicknowledge of qualityframeworks including relevant

ISO Standards, Six Sigma and

TQM

Demonstrates sound workingknowledge of qualityframeworks including relevant


TQM as appropriate

Demonstrates sound workingknowledge of qualityframeworks including relevant


TQM as appropriate and canapply the concepts to the areabeing reviewed

Key Competency Area D . Et h i c s a n d f r a u d

Attribute i. Demonstrates an understanding of the principles and ethics of integrity

Demonstrates the IIAs codeof ethics is applied in everyaudit assignment so that

information is keptconfidential, audit work is onlyundertaken where the auditor

is competent to do so, conflicts

of interest are disclosed, andthe auditor acts objectively inall situations

Demonstrates that whenethical conflicts do occur they

are discussed with the ChiefAudit Executive

Applies ethical principles andvalues to the activities being

audited within the organisation

Acts with due sensitivity whereethical principles are being

abused

Upholds the IIAs code ofethics in every auditassignment so that




Demonstrates that whereethical conflicts do occur they





abused

Upholds the IIAs code ofethics in every auditassignment so that




Demonstrates that whereethical conflicts do occur they





abused

Upholds and monitors the useof the IIAs code of ethics inevery audit assignment so that




Exemplifies and ensures thatwhere ethical conflicts do

occur they are discussed withthe Audit Committee Chair orthe Chief Executive Officer as

appropriate

Exemplifies the use of ethicalprinciples and values to theactivities being audited withinthe organisation

Acts with due sensitivity whereethical principles are beingabused

Attribute ii. Identifies the risk of fraud occurring and the appropriate means for detection, investigation and prevention

n/a Can explain the definition andapplication of fraud concepts

Can explain detection methodssuch as red flags and the fraudtriangle

Is familiar with the AustralianStandards- AS 8001 Fraud and

Corruption

Under supervision, candevelop an effective fraudprevention strategy based on

AS 8001

Understands the definition andapplication of fraud conceptsand applies them to business

systems such as procurement,sales, accounting, payroll,

fixed assets and organisational

knowledge

Apply detection methodsincluding red flags and thefraud triangle

Complies with the AustralianStandards- AS 8001 Fraud andCorruption

Can develop and apply aneffective fraud prevention

strategy based on AS 8001

Understands the definition andapplication of fraud conceptsand applies them to the

organisation as a whole

Ensures detection methodsincluding red flags and thefraud triangle are included inthe audit program

Complies with and upholdsthe Australian Standards- AS

8001 Fraud and Corruption

Can develop and apply aneffective fraud education andprevention strategy based onAS 8001


22/31


Page 21


Key Competency Area E. I n f o r m a t i o n T e ch n o l o g y

Attribute i. Applies an understanding of IT risk, control and security appropriate to own or clients organisation when

communicating with others

n/a Understands how IT facilitatesthe delivery of organisationalobjectives

Understands the concepts andstrategies underpinning ITgovernance

Understands the boundariesimposed on informationtechnology by law

Understands the key risksinvolved in the arrangementsfor and support of IT servicesand how these can be

managed

Understands the majorsecurity-related risks thatoccur in the delivery of ITservices and how these can be

reduced

Understands how IT affectseach area under review

Understands the InformationSystems (IS) roles andresponsibilities

Understands the ISenvironment andorganisational controls

Understands the nature of ISservice delivery and servicemanagement

Understands the nature of ISproject management

Understands the conceptsbehind database management

systems, networking andtelecommunications systems,

and business continuityplanning

Keeps abreast of newtechnologies and emerging

issues

Assesses the need to sourceexpertise and brings it in when

appropriate

Understands how IT facilitatesthe delivery of organisationalobjectives

Understands the concepts andstrategies underpinning ITgovernance

Understands the boundariesimposed on informationtechnology by law

Understands the key risksinvolved in the arrangementsfor and support of IT servicesand how these can be

managed

Understands the majorsecurity-related risks thatoccur in the delivery of ITservices and how these can be

reduced

Assesses the need to sourceexpertise and brings it in whenappropriate

Key Competency Area F . Go v e r n a n c e , r i s k a n d c o n t r o l

Attribute i. Applies an understanding of risk management, control and governance through the delivery of assurance

n/a Demonstrates a basiccompetence in undertaking an

assurance audit and cancontribute to an audit opinionon the risk exposures

highlighted

Undertakes an assurance auditand provides an audit opinion

on the risk exposureshighlighted

Discusses levels of assurancewith senior management and

confirms the level of assurance

that particular audit workattracts

Provides input to the annualassurance statement or

statement on internal control

signed by senior management

Undertakes an assurance auditand provide an audit opinion

on the risk exposureshighlighted

Provides input to the annualassurance statement or

statement on internal control

signed by senior management


23/31


Page 22

Competency Assessment Worksheet

Internal Auditor:____________________________________________________________________

Position: ________________________________________________________________________

Manager/Reviewer: _________________________________________________________________

Self Assessment Date: __________________________________

Manager Assessment Date:_______________________________

Review Meeting Date: ___________________________________

Planned Follow Up Date:_________________________________

Assessment Key:


1 2 3 4




Self Assessment: Manager Assessment: Agreed Assessment:

Strategies for improvement:


24/31


Page 23

Assessment Key:


1 2 3 4

2. Technical Skills

Key Competency Area A . R e se a r c h a n d i n v e s t i g a t i o n

Attribute i. Selects and applies a range of appropriate operational and management tools and techniques


Attribute ii. Applies methods for predicting and forecasting to support managerial decision-making about future actions



Key Competency Area B . B u s i n e s s p r o c e s s a n d p r o j e c t m a n a g em e n t

Attribute i. Manages projects within the internal audit activity or organisation effectively


Attribute ii. Selects and applies a range of appropriate business process analysis tools and techniques


Attribute iii. Uses performance management techniques to monitor and evaluate operational and strategic performance




25/31


Page 24

Assessment Key:


1 2 3 4

Key Competency Area C. R i s k a n d c o n t r o l

Attribute i. Explains and applies risk theory and management, control design and control testing techniques. Applies riskmanagement to internal audit activities. Assists the organisations risk management activities, as appropriate


Attribute ii. Applies an internationally accepted control framework to internal audit activities as appropriate



Key Competency Area D . D a t a c o l l e c t i o n a n d a n a l y s i s

Attribute i. Applies appropriate data sampling and analysis technique


Attribute ii. Can prepare for an interview, set the environment, and conduct the interview




26/31


Page 25

Assessment Key:


1 2 3 4

Key Competency Area E . P r o b l e m s o l v i n g t o o l s a n d t e c h n i q u e s

Attribute i. Selects and applies a range of problem solving techniques



Key Competency Area F . Com p u t e r A i d e d A u d i t T e c h n i q u e s ( C AA T s )

Attribute i. Can recognise the need for CAATs and make the appropriate selection




27/31


Page 26

Assessment Key:


1 2 3 4

3. Interpersonal Skills

Key Competency Area A . I n f l u e n c e a n d c o mm u n i c at i o n

Attribute i. Develops and wields influence effectively


Attribute ii. Communicates effectively, sending clear and convincing messages and listening actively



Key Competency Area B . Le a d e r sh i p a n d t e a m w o r k

Attribute i. Implements organisational policies and procedures effectively


Attribute ii. Uses effective recruitment, selection and staff retention policies


Attribute iii. Effectively plans, sets priorities and manages the performance of others


Attribute iv. Inspires and guides to build commitment to the team and the organisation


Attribute v. Builds relationships and works with others towards shared goals


Attribute vi. Operates effectively through proactive collaboration



28/31


Page 27

Assessment Key:


1 2 3 4

Attribute vii. Creates group synergy in pursuing collective goals



Key Competency Area C. C h a n g e m a n a g em e n t

Attribute i. Embraces change and innovation



Key Competency Area D . C o n f l ic t r e s o l u t i o n

Attribute i. Effectively manages conflict by negotiating and resolving disagreements




29/31


Page 28

Assessment Key:


1 2 3 4

4. Knowledge

Key Competency Area A . F i n a n c i al a n d m a n a g em e n t a c c o u n t i n g

Attribute i. Applies an understanding of the technical aspects of finance and accounting appropriate to their own or

clients organisation when communicating with others


Attribute ii. Applies an understanding of management accounting appropriate to their own or clients organisation whencommunicating with others



Key Competency Area B . R eg u l a t o r y , l e g a l a n d e c o n om i c s

Attribute i. Applies an understanding of the regulatory and legal framework within which their own or clientsorganisation operates


Attribute ii. Applies an understanding of macro and microeconomics appropriate to the organisation whencommunicating with others




30/31


Page 29

Assessment Key:


1 2 3 4

Key Competency Area C. Q u a l i t y a n d c o n t r o l

Attribute i. Applies a range of appropriate quality models and frameworks



Key Competency Area D . Et h i c s a n d f r a u d

Attribute i. Demonstrates an understanding of the principles and ethics of integrity


Attribute ii. Identifies the risk of fraud occurring and the appropriate means for detection, investigation and prevention



Key Competency Area E. I n f o r m a t i o n T e ch n o l o g y

Attribute i. Applies an understanding of IT risk, control and security appropriate to own or clients organisation whencommunicating with others




31/31

Assessment Key:


1 2 3 4

Key Competency Area F . Go v e r n a n c e , r i s k a n d c o n t r o l

Attribute i. Applies an understanding of risk management, control and governance through the delivery of assurance


Attribute ii. Maintains effective working relationships with other assurance providers



Documents

Internal Audit Competency Framework