⚖️ Standard 1.3: Legal and Ethical Behavior
Standard 1.3 declares that internal auditors must strictly adhere to legal and ethical standards, avoiding any illegal or discreditable activities that could harm their organization or profession. 🛡️ They are required to understand relevant laws and regulations and must report any identified violations to the appropriate authorities or entities.
Standard 1.1 (Honesty and Professional Courage) and Standard 1.3 are in very close connection—they often overlap from my perspective! 🤝 They express similar issues from different aspects:
Standard 1.1 🦸♂️ (Honesty & Professional Courage): Focuses on the integrity of the individual.
Standard 1.3 📜 (Legal & Ethical Behavior): Focuses on the compliance aspect.
Knowing these nuances is essential because many CIA MCQs can be solved by understanding these standards. It is tested in CIA Part 1 (Internal Audit Fundamentals) under Section B: Ethics and Professionalism.
📝 Let’s turn to Mr. Zain’s Question Bank again
MCQ 992 (Page 5658)
An engagement at a foreign subsidiary disclosed payments by the sales department to local government officials in return for orders. What action does The IIA’s Standards of Ethics and Professionalism suggest for an internal auditor in such a case? 💸
A. Refrain from any action that might be detrimental to the organization.
B. Report the incident to appropriate regulatory authorities.
C. Inform appropriate organizational officials. ✅
D. Report the practice to the board of The Institute of Internal Auditors.
Correct Answer: C 🎯
Such payments may be illegal. Standard 1.3 states: "Internal auditors must not engage in or be a party to any activity that is illegal or discreditable to the organization or the profession... or that may harm the organization". Additionally, Standard 1.1 requires auditors to disclose all material facts that could affect the organization’s ability to make well-informed decisions. 🏗️
🚩 Avoiding the "CIA Trap"
This specific question is a "classic" trap. Many candidates are tempted to choose B (Regulatory Authorities) because bribery is illegal. Keep in mind:
Internal First 🏢: The Global Internal Audit Standards emphasize that the auditor's primary duty is to the organization's governance structure (the Board and Senior Management).
Reporting "Up," Not "Out" ⬆️: Unless specifically required by law (like certain anti-money laundering statutes), the auditor reports to internal authorities who have the power to fix the issue. 🤐
💡 Explanation of Incorrect Options:Choice A: Informing organizational officials is not detrimental to the organization; it is necessary for its health!Choice B: The Standards do not generally require that the incident be reported to regulatory authorities first.Choice D: The Standards of Ethics and Professionalism do not require reporting these types of activities to The IIA.
