News from the IIA

July 21, 2020

The IIA's New Three Lines Model

The Three Lines Model is a fresh look at the familiar Three Lines of Defense, clarifying and strengthening the underpinning principles, broadening the scope, and explaining how key organizational roles work together to facilitate strong governance and risk management.

The model can be applied to all organizations and is optimized by:

  • Adopting a principles-based approach and adapting the model to suit organizational objectives and circumstances.

  • Focusing on the contribution risk management makes to achieving objectives and creating value, as well as to matters of “defense” and protecting value.

  • Clearly understanding the roles and responsibilities represented in the model and the relationships among them.

  • Implementing measures to ensure activities and objectives are aligned with the prioritized interests of stakeholders.

Based on feedback from subject matter experts, globally recognized thought leaders, and over 2,000 individuals and organizations around the world, The IIA’s new Three Lines Model has been fully refreshed and updated to reflect current practices and help guide organizational decisions, behaviors, actions, and outcomes achieve success.

You can download your copy here

June 05, 2020

The IIA Releases New Practice Guide on Auditing Conduct Risk

Organizational culture ― and how an organization comports itself with regard to conduct ― drives how business is done. It also underlies the effectiveness of the control environment, which supports the achievement of an organization’s objectives.​

The issue of conduct is not easily separated from an organization’s culture; rather, it is a distinct segment of culture as a whole. “Auditing Conduct Risk” provides internal auditors with an understanding of methods to evaluate the management of conduct risk.

Topics include:

  • Regulatory environment of conduct.

  • Expectations defined.

  • Measurement and reporting.

  • Consequences of misconduct.

  • Planning and performing the engagement.

IIA Luxembourg members can download the practice guide here


June 18, 2020

The IIA Releases New Global Technology Audit Guide on IT Essentials for Internal Auditors

The IIA’s IT Guidance Committee is pleased to announce its new GTAG that provides a baseline of IT knowledge for internal auditors.

Written for auditors of all experience levels, “IT Essentials for Internal Auditors” discusses foundational IT topics along with potential challenges, risks, and opportunities within this increasingly growing and intensifying area that affects all organizations.

The guide is divided into sections that cover IT:

  • Governance and the IT and business relationship.

  • Networks.

  • Infrastructure.

  • Applications.

  • Emerging topics.

It is designed to enable internal auditors to grasp technical topics so they can continue to provide valuable organizational assistance through risk-based auditing in a variety of areas that require greater understanding and expertise.

IIA members are invited to download this guidance and all guidance as a benefit of membership.

Non members may purchase Supplemental Guidance by visiting the IIA Bookstore.

April 20, 2020

IIA to Offer Remote, Online Testing For CIA, CRMA Certifications

To support the continued professional development of certification candidates around the world and in response to mass Pearson VUE test center closures, The IIA has adopted online testing to enable candidates to take the Certified Internal Auditor® (CIA®), Certification in Risk Management Assurance®️ (CRMA®️), and CIA Challenge exams from home. We are partnering with Pearson VUE to offer this testing option for a period of 3 months starting 29 April 2020.

Online testing allows candidates to take an IIA certification exam using their own computer in their home, their office, or remotely in other acceptable locations.

Online Testing Informational Video

Visit the Pearson VUE online proctoring page for system requirements and additional information. 

June 08, 2020

​Reporting at the Speed of Risk: 4 Strategies for Success

In his blog, IIA President and CEO Richard Chambers, CIA, QIAL, CGAP, CCSA, CRMA, shares his personal reflections and insights on the internal audit profession. Here's an excerpt from his latest post:

News last week of improvement in the U.S. jobless situation brought a glimmer of hope that, perhaps, the very worst may be behind us. At least for now. But disruption continues to engulf our personal and professional lives, as the twin impacts of the coronavirus COVID-19 — health and economic — reach ever deeper into virtually every organization on the planet. Internal auditors are wrestling with risks that continue to emerge at warp speed and myriad challenges from working remotely, exasperated by a lack of crucial face-to-face communications.

However, by all accounts, the profession is demonstrating agility and proving its resilience.

Much has been said and written about how internal auditors are adapting: how we are using technology, how we are auditing remotely, and even how we are providing assurance and advice related to health and safety risks. But one topic has been conspicuously absent in conversations about how internal auditors are innovating: how we are reporting our audit results.

Read to complete blog post here

VAT  LU 26042612

R.C.S Luxembourg F3021

17, rue Aldringen

L-1118 Luxembourg

+352 26 27 09 04

+352 621 810 222