In a letter to the body – and during a face-to-face meeting – ECIIA said that DG FISMA should promote the governance model in its non-binding guidance to companies on dealing with non-financial reporting. The ECIIA is part of DG FISMA’s stakeholder’s group, which enabled the conversations to take place.
Under the model, the first and second lines of defence are responsible for internal controls and risk management, while internal audit provides independent assurance that those systems are well-designed and functioning properly.
“The model puts internal auditors in an ideal position to assist companies in ensuring accuracy in non-financial reporting,” Henrik Stein, ECIIA President, says.
Internal auditors perform their review based on the International Professional Practices Framework, ECIIA said in its response to formal consultation on the issue. It said internal auditors could provide the board with assurance that their reporting systems were properly aligned with the guidance and capable of producing reliable information.
Read FISMA issue fiches document.