Implementation Guide 1210

Standard 1210 Proficiency

Internal auditors must possess the knowledge, skills, and other competencies needed to
perform their individual responsibilities. The internal audit activity collectively must
possess or obtain the knowledge, skills, and other competencies needed to perform its
responsibilities.

Interpretation:

Proficiency is a collective term that refers to the knowledge, skills, and other
competencies required of internal auditors to effectively carry out their professional
responsibilities. It encompasses consideration of current activities, trends, and emerging
issues, to enable relevant advice and recommendations. Internal auditors are
encouraged to demonstrate their proficiency by obtaining appropriate professional
certifications and qualifications, such as the Certified Internal Auditor designation and
other designations offered by The Institute of Internal Auditors and other appropriate
professional organizations.

Revised Standards Effective 1 January 2017

Getting Started
To achieve this standard, it is essential that internal auditors understand and apply the
Mandatory Guidance of The IIAs International Professional Practices Framework (IPPF) and
have certain knowledge, skills, and competencies. Ensuring the collective proficiency of the

1
 Implementation Guide 1210 / Proficiency

internal audit activity is the overall responsibility of the chief audit executive (CAE), who must
effectively manage the internal audit activity and its resources to accomplish the internal audit
plan and add value to the organization. (The 2000 series of standards addresses the details of
managing the internal audit activity and internal audit resources.)

The IIAs Global Internal Audit Competency Framework defines the core competencies needed
to fulfill IPPF requirements for all occupational levels of the internal audit profession, including
staff, management, and executive. To conform with Standard 1210, the CAE and internal
auditors may want to review, understand, and reflect on the competencies that comprise the
Competency Framework.

Considerations for Implementation

To build and maintain the proficiency of the internal audit activity, the CAE may develop a
competency assessment tool or skills assessment based on the Competency Framework or
another benchmark (e.g., a mature internal audit activity). Then, the CAE could incorporate the
basic criteria of internal audit competency into job descriptions and recruitment material to help
attract and hire internal auditors with the appropriate educational background and experience.
The CAE may also use the competency assessment tool to complete a periodic skills
assessment of the internal audit activity to identify gaps. When doing so, the CAE should
consider risks related to fraud and IT, as well as available technology-based audit techniques,
as required by standards 1210.A2 and 1210.A3.

The CAE has additional obligations related to ensuring the collective proficiency of the internal
audit activity. These include managing the internal audit activity in conformance with the
Mandatory Guidance of the IPPF (Standard 2000 Managing the Internal Audit Activity) and
ensuring that the internal audit activity has the appropriate mix of knowledge, skills, and other
competencies to fulfill the internal audit plan (Standard 2030 Resource Management). If the
internal audit activity does not have appropriate and sufficient resources on staff, the CAE is
expected to obtain competent advice or assistance to fill any gaps. The CAE can use the
criteria defined in the Competency Framework to identify gaps in the internal audit activitys
collective proficiency and to develop plans for filling coverage gaps through hiring, training,

2
 Implementation Guide 1210 / Proficiency

outsourcing, and other methods. (Standard 2050 and its respective implementation guide
address the details of coordinating activities with other internal and external providers of
assurance and consulting services.)

To enhance proficiency of the internal audit activity, the CAE would encourage professional
development of internal auditors, whether that occurs through on-the-job training, attendance
at professional conferences and seminars, or encouraging the pursuit of professional
certifications. By regularly reviewing the performance of internal auditors, the CAE may gain
insight into training needs and provide feedback to help develop individuals.

This standard also requires individual internal auditors to possess the knowledge, skills, and
competencies needed to carry out their responsibilities effectively. Individuals may use the
Competency Framework as a basis for self-assessment. Moreover, the standard encourages
internal auditors to obtain appropriate certifications and qualifications to further support
professional growth and increased proficiency for both the individual and the internal audit
activity as a whole. Likewise, Standard 1230 Continuing Professional Development requires
internal auditors to enhance their competencies through continuing professional development.
Internal auditors should keep themselves informed about the continuing education that may be
required to maintain any professional certifications they hold.

Because Standard 1210 requires proficiency that encompasses consideration of current

activities, trends, and emerging issues, continuing education could include opportunities to
learn about changes in the industry that may affect the organization or the internal audit
profession. The CAE may help ensure the internal audit activitys overall proficiency in this
regard. For example, the CAE could subscribe to industry news services or emailed
newsletters, which are likely to include information about recently published studies and white
papers. The CAE may also attend or recommend to the audit staff online or in-person
seminars. Periodically, the CAE may schedule internal staff training events to introduce new
technology or changes in internal audit practices.

At the level of the individual engagement, the CAE assumes overall responsibility for
supervising the engagement to ensure quality, achievement of objectives, and staff

3
 Implementation Guide 1210 / Proficiency

development (Standard 2340 Engagement Supervision). The proficiency and experience of

internal auditors help determine the extent of supervision required. To stay informed, the CAE
may periodically reassess the skills of individual internal auditors. Also, as an engagement is
completed, the CAE or an engagement supervisor may survey and/or interview the
engagement client (formally or informally) to solicit feedback about the internal auditors
proficiency in performing the engagement.

The individual responsibilities of internal auditors at the level of engagement planning include
considering the appropriateness and sufficiency of resources to achieve engagement
objectives (Standard 2230 Engagement Resource Allocation). Internal auditors usually
review the objectives and scope of audit engagements and then discuss with the CAE any
limitations in their competencies that might prevent them from achieving those engagement
objectives.

Considerations for Demonstrating Conformance

Individual internal auditors may evidence their proficiency through their resumes or curriculum
vitae and by maintaining records of certifications and continuing professional development
(e.g., courses for continuing education credits; participation in conferences, workshops, and
seminars; performance reviews).

The CAEs effort to establish and maintain a proficient internal audit activity may be
demonstrated through the use of a competency assessment tool and the development of
internal audit policies, procedures, and training materials. Efforts to recruit and hire proficient
internal auditors may be reflected in job descriptions and other recruitment materials.

The CAE or an audit engagement supervisor may retain records of their evaluation of
individual internal auditors and the internal audit activity as a whole. Such evaluations may
include individual performance reviews and post-engagement discussions, memos, and
meeting minutes. Documented feedback from post-engagement client surveys and interviews
may also evidence the proficiency of the internal audit activity, individual internal auditors, or
both.

4
 Implementation Guide 1210 / Proficiency

Any of the following documents could evidence the conformance of the internal audit activity as
a whole:

The internal audit plan that includes an analysis of resource requirements.

An inventory of available audit staff skills or individual profiles listing qualifications.
An assurance map with a list of qualifications of service providers on which the
internal audit activity relies.
Documented results of internal assessments.

5
 Implementation Guide 1210 / Proficiency

About The IIA

The Institute of Internal Auditors (The IIA) is the internal audit professions most widely recognized advocate, educator,
and provider of standards, guidance, and certifications. Established in 1941, The IIA today serves more than 180,000
members from more than 170 countries and territories. The associations global headquarters are in Lake Mary, Fla.
For more information, visit www.globaliia.org or www.theiia.org.

About Implementation Guidance

Implementation Guidance, as part of The IIAs International Professional Practices Framework (IPPF), provides
recommended (non-mandatory) guidance for the internal audit profession. It is designed to assist both internal auditors
and internal audit activities to enhance their ability to achieve conformance with the International Standards for the
Professional Practice of Internal Auditing (Standards).

Implementation Guides assist internal auditors in applying the Standards. They collectively address internal audit's
approach, methodologies, and consideration, but do not detail processes or procedures.

For other authoritative guidance materials provided by The IIA, please visit our website at
www.globaliia.org/standards-guidance or www.theiia.org/guidance.

Disclaimer
The IIA publishes this document for informational and educational purposes. This guidance material is not intended to
provide definitive answers to specific individual circumstances and, as such, is only intended to be used as a guide.
The IIA recommends that you always seek independent expert advice relating directly to any specific situation. The IIA
accepts no responsibility for anyone placing sole reliance on this guidance.

Copyright
Copyright 2016 The Institute of Internal Auditors. For permission to reproduce, please contact [email protected].