Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Non-manda<strong>to</strong>ry but recommended guidance (Implementation Guidance and Supplemental<br />
Guidance) is also useful where relevant. 14 While ISSAI standards and guidance are<br />
designed for SAIs, such content is often of great value <strong>to</strong> internal audi<strong>to</strong>rs as well.<br />
The IIA Competency Framework is organized in four knowledge areas:<br />
Professionalism.<br />
<strong>Performance</strong>.<br />
Environment.<br />
Leadership and Communication. 15<br />
All elements are relevant for performance auditing. Competencies taken from the<br />
performance knowledge area of particular interest for planning, performing, and reporting are<br />
included in Appendix 1.<br />
<strong>Performance</strong> <strong>Audit</strong>ing Consistent with Mandate/Charter<br />
The types of audit engagements <strong>to</strong> be provided should be made clear by the legislation or<br />
charter defining the mandate of the internal or external audit provider. For example, the<br />
internal audit law of Albania includes direct reference <strong>to</strong> performance audits, as follows:<br />
Types of Internal <strong>Audit</strong> services<br />
Internal audit activity includes assurance and counselling services as follows:<br />
1. An audit engagement in assurance services includes a thorough assessment of<br />
the governance, risk management and control processes in a public sec<strong>to</strong>r unit<br />
through compliance audit, performance audit, financial audit, information<br />
technology audit and other types of auditing.<br />
2. An audit engagement in counselling services includes providing counselling and<br />
opinions aiming at adding value and improving risk management and control<br />
processes on which internal audit has no managerial responsibilities. An audit<br />
engagement in counselling services is initiated by the head of public entity. 16<br />
For the Supreme State Control of Albania, “audit” is defined <strong>to</strong> include “compliance auditing,<br />
financial auditing, performance audit, IT audit, as well as their combined audit” and has<br />
authority <strong>to</strong> conduct performance audits in any activity considered necessary. 17<br />
Internal and External <strong>Performance</strong> <strong>Audit</strong>ing<br />
Internal audi<strong>to</strong>rs and external audi<strong>to</strong>rs have different mandates. However, both undertake<br />
performance audits. While standards may differ, they are comparable and compatible. In the<br />
absence of specific performance standards for internal auditing and detailed guidance, those<br />
designed for external audi<strong>to</strong>rs provide plenty of value for internal audi<strong>to</strong>rs.<br />
14<br />
For a list of IIA public sec<strong>to</strong>r guidance visit https://www.theiia.org/en/standards/what-arethe-standards/recommended-guidance/supplemental-guidance/.<br />
15<br />
The IIA’s Internal <strong>Audit</strong> Competency Framework, The IIA, 2022.<br />
16<br />
Law No. 114/2015 on Internal <strong>Audit</strong> in the Public Sec<strong>to</strong>r, Republic of Albania Assembly,<br />
2015.<br />
17<br />
Law No. 154/2014 for the Organization and Functioning of the State High Control,<br />
Republic of Albania, 2014.<br />
11