P3 IA assurance and consultancy services

  • Created by: mumuna
  • Created on: 21-05-13 11:51

P3 IA assurance and consultancy services


  • Authority - Charter
  • Scope -  Wide
  • Nature - Independent Opinion
  • Report - Senior managment or audit committee
  • E.g. Finance, IT, Compliance, Security


  • Authority - Term of Reference
  • Scope - Limited
  • Nature - workable solution
  • Report - Client but also SM/Board if key risks
  • E.g.counsel, advisory, facilitation & training

Overall comparison

The similarities is that both can be done by audit as long included in chare and clear management remains responsible to risk managements and particularly regarding consultancy that there are safeguards to avoid doubt around IA independence.  Thus standard 1130 state IA must refrain from reviewing activities for which they had previous responsibilities - which is impaired if responsibilite was held in previous year as per IIA, ensure awareness of IIA standard regarding code of ethics on objectivity, for secondments from biz avoiding placing individual on audit of area they are going to return to.  


No comments have yet been made