Institute  for Internal Controls

"Promoting an effective internal controls environment"


Article I. Preamble and Applicability of Code

The Institute for Internal Controls (TheIIC) is an association of professionals committed to performing at the highest level of ethical conduct. Members of the Association pledge themselves to act with integrity and to perform their work in a professional manner.

Members have a professional responsibility to their employers, clients, to the public interest and each other; a responsibility that requires subordinating self-interest to the interests of those served.

These standards express basic principles of ethical behavior to guide members in the fulfilling of their duties and obligations. By following these standards, all members of The Institute for Internal Controls shall be expected to demonstrate their commitment to excellence in service and professional conduct.

The Code of Professional Standards shall apply to all members, regardless of type of membership.

Article II. Membership Requirement

            1.  A Member granted certification(s) from TheIIC must maintain membership in TheIIC in order to hold oneself out as a CICA or CCS. All members are required to renew his/her membership annually in the month of the anniversary of the award of           the applicable certification and confirm compliance with TheIIC CPE policy. Invoices are typically mailed out to the member’s preferred                          mailing address as listed on his/her application or Notice of Change. Members are responsible for ensuring that TheIIC has a current mailing                    address on file.

            2.  A Member who fails to renew his/her membership in TheIIC will have their membership terminated on the date noted on the membership                       card issued to the member upon certification or his/her last renewal.

            3.  A Member who fails to renew his/her membership in TheIIC will have his/her certification  suspended after six months of                                          non- membership, retroactive to the date membership expired.

            4.  A Member who fails to renew his/her membership in TheIIC for three years will have his/her certification permanently revoked.                           Reinstatement will only be granted via passing of the certification examination.

    5.  Any Member who is in a terminated membership status cannot hold themselves out as a CICA or CCS. The member  must discontinue use of the CICA or CCS designation on their businesses cards, stationary, or any medium displaying                                              the designation. Display of the CICA or CCS certificate should be removed from display in any business environment. Use of the CICA                    or  CCS while   in a membership terminated status is a violation of both the Code of Ethics and Code of Professional Standards and                        cause for PERMANENT REVOCATION of all certifications granted by TheIIC without right for reinstatement.

    6. Any terminated Member who desires to reinstate their membership and certification must apply for  reinstatement via submission of the                         “Request for Reinstatement Form” and payment of the reinstatement fee as well as the annual dues fee. It should be noted that reinstatement                   is a one-time allowance and contingent on approval from the Office of the Chairman.

Article III. Standards of Professional Conduct

A.   Integrity and Objectivity:

    1. Members shall conduct themselves with the highest level of integrity. Members shall not   sacrifice integrity for any reason.

    2. Prior to entering into any engagement, members shall investigate for potential conflicts  of interest. Members shall disclose any potential conflicts of interest to all parties   involved in the engagement.

    3. Members shall maintain objectivity in discharging their professional responsibilities within the scope of the engagement.

    4. Members shall not commit any discreditable acts, and shall always conduct themselves in the best interests of the reputation of the profession.

    5. Members shall not knowingly make any false statements or withhold any information that is vital to the engagement.

    6. Members shall not commit criminal acts or knowingly induce others to do so.

B.  Professional Competence:

    1. Members shall be competent and shall not accept assignments where this competence  is lacking.

    2. Members shall maintain the minimum program of continuing professional education required by TheIIC. All members holding the professional certification designation of Certified Internal Controls Auditor (CICA) or Certified Controls Specialist (CCS) must agree to embrace a commitment to professionalism combining education and experience. Members shall continually strive to increase the competence and effectiveness of their professional services.

             C. Due Professional Care:

    1. Members shall exercise due professional care in the performance of their services. Due professional care requires diligence, critical analysis and professional skepticism in discharging professional responsibilities.

    2. Conclusions shall be supported with evidence that is relevant, competent and sufficient.

    3. Members’ professional services shall be adequately planned. Planning controls the performance of any engagement from inception  through completion and involves developing strategies and objectives for performing the services.

D. Understanding with Employers, Clients, and Auditees:

    1. At the beginning of an engagement, members shall reach an understanding with those involved in the engagement about the scope and limitations of the engagement and the responsibilities of all parties involved

    2. Whenever the scope or limitations of the engagement change significantly, a new understanding shall be reached with the parties involved in the engagement.

E.  Communication with parties involved:

    1. Members shall communicate to all parties involved in the engagement all significant findings made during the normal course of the engagement.

F.  Confidentiality:

    1. Members shall not disclose confidential or privileged information obtained during the course of the engagement without the express permission of proper authority or order of a court. This requirement does not preclude professional practice or investigative body reviews as long as the reviewing organization agrees to abide by the confidentiality restrictions.

Article IV. Standards of Engagement and Reporting

 A.  Engagements:

    1. All engagements shall be conducted in a professional, legal and thorough manner. The auditor’s or specialist’s objective shall be to obtain information and all supporting documentation that is complete, reliable and relevant.

    2. Members shall endeavor to establish effective control and management procedures for work papers and supporting documents. This is extended to all audit programs and  work plans,

B.  Reporting:

    1. Members’ reports may be written or oral, as agreed in the engagement letter or similar document. There is no single structure or format that is prescribed for a member’s report; however, the report should not be misleading.

    2. Members’ reports shall contain only information based on data that are sufficient and relevant to support the facts, conclusions, opinions and/or recommendations related to the engagement. The report shall be confined to subject matter, principles and methodologies within the member’s area of knowledge, skill, experience, training or education.

    3. All opinions, findings and recommendations must be supported in the workpapers for auditing type engagements, or documentation in design or implementation projects.

 Version -  May 2014

Click here to print out copy of Code

Click Here to View TheIIC Sitemap

Please contact WEBMASTER to report any problems on the use of this website.

Copyrighted 2003-2023,  Institute for Internal Controls, Inc., (TheIIC) - All rights reserved.

Social Media

Powered by Wild Apricot Membership Software