Policy and Position Papers

Policies and Position Papers - IIA-Australia

As the peak body for internal audit and assurance, the IIA-Australia aims to influence stakeholders as well as the legislative and regulatory environment to ensure the profession can make a significant contribution in the Australian corporate, public and not-for-profit sectors. 


To achieve this, the IIA-Australia contributes to public policy through policy development, position papers and written submissions while actively engaging with policy-makers. It also makes available guidance and other policy documents from IIA affiliates to assist in informing practitioners and others of good practice. 

Recent papers

Effective Internal Audit in the Financial Services Sector (PDF, 178 KB)
01 Jul 2013 | Guidance | IIA UK & Ireland | Access: Public
The Chartered Institute of Internal Auditors, (The IIA’s United Kingdom and Ireland affiliate), has issued guidance on the tasks internal audit should conduct and on the function’s optimal positioning in the governance structure at banks and other financial services organisations. The guidance represents the final recommendations of the Committee on Internal Audit Guidance for Financial Services.  

The Chartered Institute of Internal Auditors has accepted the recommendations in full and now commends the guidance to the Boards and Internal Audit practitioners of all organisations operating in the UK financial services sector.  The Guidance has also been endorsed by the UK PRA and FCA. This guidance gives internal audit the potential to play a much more significant role in supporting better management of risk in financial services organisations.

The importance of this role is recognised by the Banking Standards Commission and others, including the financial services regulators, who see the need to strengthen internal audit's independence, role, and scope.

The Audit Committee and the CAE: Sustaining a Strategic Partnership
(PDF, 216 KB)
01 Mar 2013 | IIARF White Paper | IIA Global | Access: Public
In partnership with The IIA’s Audit Executive Center, the National Association of Corporate Directors, and Price Waterhouse Coopers LLP, The IIA Research Foundation released The Audit Committee and the CAE: Sustaining a Strategic Partnership, a white paper resulting from the roundtable held at The IIA’s 2012 International Conference in Boston.

The Three Lines of Defense in Effective Risk Management and Control (PDF, 220 KB)
25 Jan 2013 | IIA Global Position Paper | IIA Global | Access: Public
This position paper addresses an escalating challenge in the realm of risk management and control: providing a systematic approach to effectively enhancing communications on risk management and control by clarifying essential roles and duties. The Three Layers of Defense Model outlined in the paper is designed for organizations of any size and any level of complexity. It provides a straightforward approach to coordinating duties to cover gaps and avoid duplication of effort related to risk management initiatives.

Internal Audit Documents and FOI (PDF, 151 KB)
18 Jan 2012 | Policy Paper |  IIA-Australia | Access: Public
Many internal auditors work in government departments and agencies. The documents produced by internal auditors such as audit reports, interview transcripts, emails and other materials are subject to freedom of information legislation. If an applicant seeks access to audit documents, the documents must be disclosed unless an exemption applies under the relevant freedom of information legislation. Commonwealth Government agencies are subject to the Freedom of Information Act 1982 (Cth) ('Act'). Corresponding legislation exists in each Australian jurisdiction, with differing degrees of variation. This document has been prepared to assist internal auditors in understanding how the disclosure exemptions may operate under the Act.

Internal Audit Documents and GIPAA (PDF, 181 KB)
18 Jan 2012 | Position Paper |  IIA-Australia | Access: Public
Many internal auditors work in government departments and agencies. In NSW, the documents produced by internal auditors such as audit reports, interview transcripts, emails and other materials are subject to public access legislation. If an applicant seeks access to audit documents, there is a presumption in favour of the disclosure unless there is an overriding public interest against disclosure. NSW agencies are subject to the Government Information (Public Access) Act 2009 (‘GIPAA’). Corresponding legislation exists in each Australian jurisdiction, with differing degrees of variation. This document has been prepared to assist internal auditors in understanding how the public interest considerations may operate under GIPAA.

IIA-Australia Policy Agenda (PDF, 186 KB)
22 Feb 2010 | Position Paper |  IIA-Australia | Access: Public
Adoption of the IIA's policies allows for more effective self-regulation by all sectors and reduces the need for reactive or overly prescriptive legislation in the future. In turn, it also provides for stronger performance and effective risk management in all organisations and sectors. The IIA-Australia Policy Agenda sets out its five policy principles which are applicable to all organisations, irrespective of sector: 1) Internal audit is fundamental to good organisational governance; 2) Public entities should have a stronger and effective audit committee; 3) Reporting lines for the head of internal audit should be appropriate; 4) Organisations need clear accountability for risk management and internal control; 5) Internal audit should operate at a consistently high standard.