Audit Principles

Auditing relies upon a set of principles to help make an audit an effective and reliable tool in support of management policies and controls. Audits provide information for organizations to act on to improve their business performance.

According to ISO 19011:2011, audits should be based on these six principles:

1. Integrity: foundation of professionalism.
2. Fair presentation: obligation to report truthfully and accurately.
3. Due professional care: application of diligence and judgment in auditing.
4. Confidentiality: security of information.
5. Independence: basis for impartiality of audit and objectivity of audit conclusions.
6. Evidence-based approach: rational method for reaching reliable and reproducible audit conclusions in a systematic audit process.

Adhere to these principles for relevant and sufficient audit conclusions, as well as, to enable auditors, working independently from one another, to reach similar conclusions in similar circumstances.

1. Integrity

  • Perform audits with honesty, diligence, and responsibility
  • Observe and comply with applicable legal requirements
  • Demonstrate your competence while performing audits
  • Perform audits in an impartial manner
  • Remain fair and unbiased in all your dealings
  • Be sensitive to any influences exerted on your judgment during an audit

2. Fair Presentation

  • Ensure audit findings, conclusions, and reports truthfully and accurately reflect the audit activities
  • Report any significant obstacles encountered in the audit
  • Report any unresolved diverging opinions between the auditee and audit team
  • Ensure communication is truthful, accurate, objective, timely, clear, and complete

3. Due Professional Care

  • Exercise due care based on importance of task and confidence placed in you by audit client
  • Make reasoned judgments in all audit situations

4. Confidentiality

  • Exercise discretion in use and protection of information acquired during your audit duties
  • Do not use audit information for personal gain or in detrimental way to legitimate interests of auditee
  • Properly handle sensitive or confidential information

5. Independence

  • Remain independent of the activity being audited (see Note 1).
  • Be free from bias and conflict of interest (See Note 2)
  • Maintain objectivity throughout the audit process
  • Ensure findings and conclusions are based only on evidence

Note 1: For small organizations, it may not be possible for internal auditors to be fully independent, but make every effort to remove bias and encourage objectivity.

Note 2: Internal auditors should be independent from the operating managers of the function being audited.

6. Evidence-Based Approach

  • Collect audit evidence that is verifiable
  • Base the evidence on samples of available information
  • Use samples since audit is conducted during a finite period of time and with finite resources
  • Sample appropriately to contribute to confidence that can be placed on audit conclusions

These six audit principles are from ISO 19011:2011, clause 4.a through clause 4.f.