Advocacy is defined by The Institute of Internal Auditors (IIA) as instilling pride in the internal audit profession, encouraging change, and building relationships with organizations and stakeholders that impact the profession globally.
Join the global advocacy effort and access the following tools to help you promote and support the internal audit profession.
A Global Public Policy Message
The IIA proudly supports our 115 affiliates around the world as they engage with their countries’ public policymakers, regulators, corporate governance leaders, and other profession stakeholders.
Together, we promote a common #OneIIA message about the profession and our macro policy goals while also understanding that various regions and individual countries may have unique political, economic, or cultural solutions to arrive at the same policy outcome.
Corporate Governance Engagement
We actively collaborate with global, regional, and national stakeholders to promote best practices, standards, research, and thought leadership that centers internal audit in all corporate governance policies.
Some of the most important decisions impacting internal auditors are not decided solely by lawmakers and regulators, but rather through the collective decisions of corporate governing bodies (e.g., boards of directors, audit committees), C-suite leaders, NGOs, and other professional associations.
Global Public Policy Position Paper
A legal, regulatory, and policy framework for the internal audit profession, this paper offers a comprehensive framework for national institutes to advocate for internal audit within their countries’ legal and regulatory systems.
Three Lines Model
The IIA has developed the Three Lines Model to help organizations identify structures and processes that best assist in the achievement of an organization's objectives and facilitate strong governance and risk management.
Profession Issues
Support the Internal Audit Profession and Its Legal & Regulatory Framework
- Protect the public interest by providing independent, competent, and objective assurance.
- Preserve self-regulation of the internal audit profession.
- Promote professional competence through The IIA’s professional designations, Standards, and high ethical standards.
Data Privacy and Security
- Support the passage of strong national and multinational data privacy laws – and corresponding regulations – to minimize the risk of organizational non-compliance with inconsistent local requirements.
- Provide assurance that organizations have robust security architectures mitigating the operational and financial risks of data breaches and other technology-based threats
Cryptocurrencies
Require all cryptocurrency exchanges to:
- Establish and maintain an independent internal audit function.
- Have their senior management annually certify that their exchanges’ internal controls are adequate, based on an internal audit assessment.
Cybersecurity
- Advance laws and policies that ensure cybersecurity frameworks are robust, maintain appropriate internal controls and independent objective assurance over those controls, and minimize the organizational and operational risks of various threats, including:
- Denial-of-service
- Social engineering
- Ransomware
- Corporate software vulnerabilities
Environmental, Social, and Governance (ESG)
- Ensure a central role for internal audit in the provision of ESG disclosure - whether voluntary or required by law.
- Guarantee consistency and cross-comparability of ESG frameworks (e.g., climate and sustainability disclosures) so that information is useful to investors and other stakeholders.
- Support the alignment and/or uniformity of ESG standards when feasible.
IIA Public Comment Letters
The IIA regularly provides comments and recommendations on various proposal, regulations, and legislation locally and globally.