IV.A.1. Terminology

Audit, Audit findings, Audit plan, Audit programme, Audit recommendations, Upper management: see in GVP Annex I.

Auditee: [entity] being audited (ISO 19011 (3.7) 2 ).

Compliance: Conformity and adherence to policies, plans, procedures, laws, regulations, contracts, or other requirements (IIA International Standards for the Professional Practice of Internal Auditing(2)).

Control(s): Any action taken by management and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organises, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved (IIA International Standards for the Professional Practice of Internal Auditing(2)).

Evaluation (of audit activities): Professional auditing bodies promote compliance with standards, including in quality assurance of their own activities, and codes of conduct, which can be used to address adequate fulfilment of the organisation’s basic expectations of Internal Audit activity and its conformity to internationally accepted auditing standards.

Finding(s): see Audit findings

Head of the organisation: see Upper management

Auditors’ independence: The freedom from conditions that threaten objectivity or the appearance of objectivity. Such threats to objectivity must be managed at the individual auditor, engagement, functional and organisational levels (IIA International Standards for the Professional Practice of Internal Auditing(2)).

Internal Control: Internal control is an integral process that is effected by an entity’s management and personnel and is designed to address risk and provide reasonable assurance that in pursuit of the entity’s mission, the following general objectives are being achieved: executing orderly, ethical, economical, efficient and effective operations, fulfilling accountability obligations, complying with applicable laws and regulations and safeguarding resources against loss, misuse and damage (for further information refer to COSO standards).

International Auditing Standards: issued by International Auditing Standardisation Organisations.

International Auditing Standardisation Organisations: More details can be found at: regarding The Institute of Internal Auditors (IIA) Standards at https://www.theiia.org/guidance/standards-andguidance/ippf/standards/full-standards; the International Organisation for Standardisation (ISO) standard 19011 Guidelines for Quality and/or Environmental Management Systems Auditing at https://www.iso.org/iso/home.html; Information Systems Audit and Control Association (ISACA) Standards at https://www.isaca.org/Standards; The International Auditing and Assurance Standards Board (IAASB) Standards at https://www.ifac.org/auditing-assurance/clarity-center/clarified-standards; The International Organisation of Supreme Audit Institutions (INTOSAI) Standards at https://www.issai.org/composite-347.htm.

Auditors’ objectivity: An unbiased mental attitude that allows internal auditors to perform engagements in such a manner that they have an honest belief in their work product and that no significant quality compromises are made. Objectivity requires internal auditors not to subordinate their judgment on audit matters to that of others (IIA International Standards for the Professional Practice of Internal Auditing(2) ).