Internal Audit and the Second Line of Defense
Global Guidance | Global Practice Guide (GPG) | Historical Reference | January 13, 2016
Copyright Notice All content is protected by international copyright laws. You may reference or quote small portions of this document with proper attribution to The IIA, but unauthorized reproduction, distribution, or use beyond that, other than for your own personal use, is strictly prohibited and may constitute a violation of copyright law, resulting in civil and criminal penalties. Contact copyright@theiia.org for permission to use our materials.
As governance and monitoring functions collaborate more closely to avoid duplication of effort, internal audit may be asked to take on responsibilities for risk management, compliance, regulatory oversight, and other governance activities.
This practice guide helps internal auditors ensure that independence and objectivity are not compromised in situations where internal audit may be responsible for second line functions.
This guidance is not applicable where country and/or industry-specific standards may prohibit internal audit from performing second line of defense activities.