The absence of periodic external assessments is a direct violation of mandatory professional standards, such as The Institute of Internal Auditors (IIA) Standard 1312, which requires an external quality assessment at least once every five years. This is a fundamental component of a Quality Assurance and Improvement Program (QAIP). Failure to perform this independent review presents the greatest concern because it undermines the credibility, objectivity, and perceived value of the entire internal audit function. It deprives the audit committee and senior management of independent assurance that the audit activity conforms with globally recognized standards and operates effectively.

B. While reporting to the audit committee is critical, the specific frequency (e.g., quarterly) is a procedural detail; a lack of reporting altogether would be the core issue.

C. Inconsistent tracking of corrective actions is a significant internal process weakness, but the lack of an external assessment is a more fundamental governance failure that would likely identify such issues.

D. The use of substantive testing depends on the specific audit's objectives and risk assessment; its absence is not inherently a quality assurance failure for all audits.

---

1. The Institute of Internal Auditors (IIA)

International Standards for the Professional Practice of Internal Auditing (Standards)

July 2023. Standard 1312: External Assessments states

"External assessments must be conducted at least once every five years by a qualified

independent assessor or assessment team from outside the organization." The standard's interpretation notes that this assessment provides an independent opinion on the internal audit activity's conformance with the Standards and Code of Ethics.

2. ISACA

CISA Review Manual

27th Edition

2019. Domain 1: Information System Auditing Process

Section 1.5.4 Quality Assurance of the Audit Function. This section discusses the need for a quality assurance and improvement program that includes both internal and external reviews to ensure the audit function's compliance with standards and its overall effectiveness. The manual emphasizes that external reviews provide independent assurance to stakeholders.

3. Anderson

U. L.

Head

M. J.

Ramamoorti

S.

Riddle

C.

Salamasick

M.

& Sobel

P. J. Internal Auditing: Assurance & Advisory Services

4th Edition. The IIA Research Foundation

2017. Chapter 2

"The International Professional Practices Framework: Authoritative Guidance for the Internal Audit Profession

" details the components of a QAIP

explicitly citing Standard 1312 and explaining that external assessments are crucial for validating the internal audit function's conformance with professional standards and identifying opportunities for improvement.