The IIA defines internal auditing as "an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes."
Each operational component of the OIG follows the Principles and Standards for Offices of Inspector General, as published by the Association of Inspectors General. Internal Audit conducts assurance and consulting projects in accordance with International Standards for the Professional Practice of Internal Auditing (Standards) as published by the IIA and also follows Governmental Auditing Standards published by the U.S. General Accounting Office.
The Standards are a set of principles-based, mandatory requirements consisting of:
The purpose of the Standards is to:
In accordance with auditing standards and pursuant to Section 20.055(6)(i), Florida Statutes , Internal Audit develops annual audit plans based on its annual risk assessment. Through the risk assessment process, auditors consider qualitative information from Department managers and review quantitative data to assign risk scores to the Department’s auditable entities. Qualitative factors may include program complexity, newness, susceptibility to fraud, prior audit findings, and other risk-related factors. Quantitative factors may include time since the last audit, program budget, and number of staff assigned to the activity.
Auditors develop audit findings to communicate the audit results. Audit findings consist of five primary elements: