World Library  
Flag as Inappropriate
Email this Article

Chief audit executive

Article Id: WHEBN0026920427
Reproduction Date:

Title: Chief audit executive  
Author: World Heritage Encyclopedia
Language: English
Subject: Lead auditor, Chief executive officer, Director of Audit, Chief research officer, Corporate titles
Collection: Auditing, Corporate Executives, Corporate Governance
Publisher: World Heritage Encyclopedia

Chief audit executive

The Chief Audit Executive (CAE), Director of Audit, Director of Internal Audit, Auditor General, or Controller General is a high level independent corporate executive with overall responsibility for the Internal audit.

Publicly traded corporations typically have an internal audit[1] department, led by a Chief Audit Executive ("CAE") who generally reports to the Audit Committee of the Board of Directors, with administrative reporting to the Chief Executive Officer.

The profession is unregulated, though there are a number of international standard setting bodies, an example of which is the Institute of Internal Auditors ("IIA"). The IIA has established Standards for the Professional Practice of Internal Auditing[2] and has over 150,000 members representing 165 countries, including approximately 65,000 Certified Internal Auditors.[3]

The CAE is intrinsically an independent function; otherwise it may become dysfunctional and of low quality (but there are many degrees in the level of independence and efficiency). The CAE function exists only to constitute a third-level of control in the organisation, which must be independent from the first-level control (the first-level layer belongs to the management of an organisation, who is responsible in the first instance for acting in compliance with the organisation’s rules) and consecutively second-level (which are the supporting units i.e. Legal, HR, Risk function, Financial Control etc.). An effective independence is the result of both an attitude of CAE, and of prerogatives/guarantees conceded by the organisation or given by the organisation’s principals (e.g., the Board of Directors or Audit Committee).


  • Independent attitude 1
  • Organizational independence 2
    • Independent function: no conflict of interest allowed 2.1
    • Hierarchical independence (from the authority of the controlled Organisation; i.e. independent reporting line) 2.2
    • Independent status (guarantees against retaliations) 2.3
    • Independent communication right 2.4
    • Independent budgeting 2.5
    • Access to information 2.6
  • Typical duties 3
    • Status, strategy and organisation of the internal audit department 3.1
    • Management, supervision of the internal audit activity 3.2
    • Quality management 3.3
    • Reporting of critical findings 3.4
  • Survey results 4
  • See also 5
  • References 6
  • External links 7

Independent attitude

The CAE should be independent in the performance of his duties, so that he can carry out his work freely without admitting interference, and as objectively as possible. Independence permits him to render impartial and unbiased judgements, which are essential to the proper evaluation of management and controls. It also allows him to view the financial actions, procedures and decisions in a detached way. This may become of an importance when providing objective assurance about the internal control framework.

Organizational independence

To perform their role effectively, CAEs require management, to enable unrestricted evaluation of management activities and personnel. This can be analysed in the different points below:

  • (for a different analysis of Independence, see organizational independence analysed by the IIA)

All the elements below should be granted to the CAE in the basic rules of the Organisation, or stated in the IIA Standard 1110 Organizational Independence, and standard 1000C1).

Independent function: no conflict of interest allowed

Even though the CAE may be formally part of the Chief Executives”), he does not participate in any management decision process or accept any responsibility in the execution of company activities. CAEs may advise management (must, when it is about compliance, risk management, internal controls...) and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. But he remains independent of the activities he controls.

Hierarchical independence (from the authority of the controlled Organisation; i.e. independent reporting line)

The primary customer of internal audit activity is the entity charged with oversight of management's activities. This is typically the Audit Committee, a sub-committee of the Board of Directors. To provide hierarchical independence, most Chief Audit Executives report to the Chairperson of the Audit Committee as to the performance of his duties.

The definition (and regular revision) of the scope of the function should be agreed between the CAE and the Audit Committee. The Internal Audit’s annual work plan, which for practical reasons must be discussed with the auditees, is subject to the approbation of the sole Audit Committee, board of directors, or other appropriate governing authority (IIA Standard 1110 Organizational Independence).

The internal rules and practices of the Directorate Internal Audit (audit manual) are of the responsibility of the CAE.

Independent status (guarantees against retaliations)

The independence of the CAE in the performance of his duties should be guaranteed in the Staff Rules. The Audit Committee should have sole competence for the final decision on appointment and dismissal of the CAE”, and for his remuneration, activity appraisal and career advancement. The CAE is liable to disciplinary action but only with the concurrence of the Audit Committee. This could happen if he is negligent in the performance of his duties.

Independent communication right

The CAE reports directly to the Audit Committee and the Board. There should be a report from the CAE to each ordinary Audit Committee meeting and if deemed necessary to the Board. Such reports should be addressed directly to the Chairman of the Audit Committee with parallel copy to the Director-General. However, the CAE in the performance of his daily work communicates and liaises with the Director-General and the staff of the Organisation.

Independent budgeting

Although CAEs and Director of HR and of the DG is a source of potential interference or friendly pressure to self-limit the CAE’s critic exercise of an independent viewpoint. An appeal to the Board, even expressly foreseen as part of the communication right of the CAE, is often ineffective on short-term imposed constraints, given the time constraints of the budget process. The best practice is that the Audit Committee's opinion is required on the CAE’s draft budget, well in advance of the normal budgeting process of the organisation.

Access to information

Information is of key importance to organize, prepare and perform internal audits. Independent auditors are generally granted full access to any and all information they require to discharge their responsibilities. Reasonable restrictions would be limited to things such as personal information in personnel records such as health information. Unduly restricted access to information is a major impediment to an independent auditor and indicates that an organization is not truly supportive of the auditor's mandate and its commitment to sound governance should be questioned.

Typical duties

Status, strategy and organisation of the internal audit department

  • Ensure that the status (e.g. stipulated in an governance policy.
  • Establish appropriate policies and procedures to guide the internal audit function, and ensure the quality of the assurance services delivered.

Management, supervision of the internal audit activity

  • Obtain (or manage the production of) a risk analysis;
    • Ensure that the risk assessment is done at least annually;
    • Establish organizational objectives.

- Considers the input of senior management, senior departmental management, of the audit committee; - the internal audit plan usually address financial reporting and other fundamental controls, to be coordinated with the audit plan of the statutory auditor

  • Coordinate internal auditing activities and plans with other internal and external providers of assurance and consulting activities to ensure proper coverage and minimize duplication of effort.
  • Communicate plan of engagements and resource requirements for the internal audit function, including significant interim changes to the audit committee. This communication shall include the impact of resource limitations.
  • Ensure that internal audit resources are appropriate, sufficient and effectively deployed to achieve the internal audit plan approved by the Audit Committee or the Board.

Ensure that internal auditors have appropriate professional qualifications and skills, and opportunities for sufficient training and development to maintain and develop their internal auditing competence and to obtain Certified Internal Auditor certification.

  • Ensure the timely completion of internal auditing engagements.
  • Ensure that reports on internal auditing engagements are provided to the audit committee with a minimum of delay.
  • Provide an annual holistic opinion on the effectiveness and adequacy of risk management, control, and governance processes.

Quality management

The CAE is responsible for assuring that appropriate engagement supervision is provided. Supervision is a process begins with planning and continues throughout the examination, evaluation, communication, and follow-up phases of the engagement.

  • Develop and maintain a quality assurance and improvement program that covers all aspects of the internal audit function, and continuously monitor its effectiveness.
  • In collaboration with the audit committee, ensure that a practice inspection or other external review of the internal audit function is conducted at least every 3 years, by a qualified, independent external review team, and that the results of this external assessment are communicated to the audit committee.
  • Ensure that professional internal auditing standards are followed (e.g. IIA standards or local standards).

NB: Generally accepted auditing standards and International Standards on Auditing are external audit standards.

  • Report at least annually to the audit committee on the internal audit function's conformance with professional internal auditing standards.

Reporting of critical findings

Inform the Audit Committee without delay of any issue of risk, consulting and public accounting firms perform research on audit committees, to provide benchmarking data.[4] [5] Some results are identified below:

  • 54% of committee members surveyed felt the audit committee was "very effective," while 38% indicated "somewhat effective."
  • Risk management, internal control, and accounting estimates and judgments were the top priority areas for 2007.
  • 41% were "very satisfied" with the internal audit function, while 52% were "somewhat satisfied."
  • Two-thirds felt the Chief Internal Audit position was for a professional internal auditor, rather than as a "stepping stone" to other roles.

See also

External audit


  1. ^
  2. ^ [1]
  3. ^ IIA Website
  4. ^ WWW.KPMG.COM KPMG AC Survey 2007
  5. ^ KPMG AC Study 2008

External links

  • the Institute of Internal Auditors
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from World eBook Library are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.