The Institute of Internal Auditors released a new Position Paper, “Fraud and Internal Audit: Assurance Over Fraud Controls Fundamental to Success.”
The new paper describes specific internal audit responsibilities regarding fraud prevention and detection. Internal auditors must have sufficient knowledge of fraud to evaluate fraud risk and the manner in which it is managed by the organization. However, the paper also points out that, while some internal auditors may investigate fraud, organizations should not expect an internal auditor to have the expertise of a person whose primary responsibility is fraud investigation.
Operationally, internal audit should have sufficient knowledge of fraud to:
- Identify red flags indicating fraud may have been committed.
- Understand the characteristics of fraud and the techniques used to commit fraud, and the various fraud schemes and scenarios.
- Evaluate the indicators of fraud and decide whether further action is necessary or whether an investigation should be recommended.
- Evaluate the effectiveness of controls to prevent or detect fraud.
Visit IIA Position Paper: Fraud and Internal Audit