APrior chapters of this book have described the internal audit process as it exists for today’s modern internal auditor. We have described areas where internal audit skills and understanding are essential, and other areas where internal auditors should have a strong general understanding. All of these become an internal audit common body of knowledge (CBOK).

Our internal auditor CBOK approach has been based on current and evolving governance, risk, and compliance areas important for internal auditors, this author’s past experience in performing and leading internal audits, and his research on important and developing trends. Thus we have highlighted internal audit knowledge areas that should be important, if not essential, for internal auditors. An example here would be our Chapter 6 discussion on COBIT, an important alternative framework for documenting and understanding internal controls. While extracts from the IIA web site tend to view COBIT as just a specialized IT audit tool and not much else, we discuss the importance of COBIT as an alternative and important internal audit tool for evaluating and understanding internal controls. We suggest that all internal auditors should have a high-level CBOK understanding and familiarity with the COBIT framework.

This comment on COBIT references our approach to defining an internal audit CBOK. Rather than publishing the results from a fairly wide-open but not necessarily controlled ...