Answer (A) is correct . The purpose, authority, and responsibility of the internal audit activity should be formally defined in a charter, consistent with the Standards , and approved by the board (Standard 1000). The charter should establish the internal audit activity’s position within the organization; authorize access to records, personnel, and physical properties relevant to the performance of engagements; and define the scope of internal audit activities (PA 1000-1). Approval of the charter by the board protects the internal audit activity from management actions that could weaken its status.
Answer (B) is incorrect because Adoption of policies for the functioning of the internal audit activity does not protect its status.
Answer (C) is incorrect because The establishment of an audit committee does not ensure the status of the internal audit activity without its involvement in matters such as acceptance of the charter.
Answer (D) is incorrect because Written policies and procedures serve to guide the internal auditing staff but have little effect on management.
|
