Professional standards are promulgated by numerous organizations, with the most significant ones included here. These standards do not have the weight of law, but some laws adopt or make reference to particular professional standards established by these organizations.

Association of College & University Auditors (ACUA)

The Association of College & University Auditors (“ACUA”) is a professional organization comprised of audit professionals from all over the globe. ACUA strives to continually improve the internal [audit] operations and processes of the individual institutions they serve, through continued professional development and the dissemination of individual internal audit experiences in an open forum with friends and colleagues. The ACUA was founded in 1958 to provide an arena to discuss mutual professional problems and to generate new ideas and methods concerning the [college and university audit] profession. ACUA is available to provide multiple resources, in various forms, to members to enrich their knowledge base. ACUA’s members include schools of all sizes from community colleges to large university systems; both public and private institutions.

The Institute of Internal Auditors (The IIA)

Established in 1941, The Institute of Internal Auditors (The IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession's global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. The mission of The IIA is to provide dynamic leadership for the global profession of internal auditing. The IIA has more than 185,000 members globally.  The IIA provides certifications to promote internal audit competency and professionalism which include Certified Internal Auditor (CIA), Qualification in Internal Audit Leadership (QIAL), Certification in Control Self-Assessment (CCSA), Certification in Risk Management Assurance (CRMA), Certified Financial Services Auditor (CFSA), Certified Government Auditing Professional (CGAP), Certified Professional Environmental Auditor (CPEA), Certified Process Safety Auditor (CPSA). Both the FCIAA and the SIAAB recognize The IIA as the relevant authoritative body serving the internal audit profession.


As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves. ISACA provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive guidance and services, ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide. The Control Objectives for Information and Related Technologies (COBIT) framework and the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), and Certified in Risk and Information Systems Control (CRISC) certifications are ISACA brands respected and used by these professionals for the benefit of their enterprises.  ISACA was incorporated in 1969 by a small group of individuals who recognized a need for a centralized source of information and guidance in the growing field of auditing controls for computer systems. Today, ISACA serves 140,000 professionals in 180 countries.

Association of Certified Fraud Examiners (ACFE)

The Association of Certified Fraud Examiners (“ACFE”) is the world's largest anti-fraud organization and premier provider of anti-fraud training and education. The mission of the ACFE is to reduce the incidence of fraud and white-collar crime and to assist the membership in fraud detection and deterrence. Based in Austin, Texas, the ACFE was founded in 1988 by preeminent fraud expert and author, Dr. Joseph T. Wells, CFE, CPA. Dr. Wells’ insight as an accountant-turned-FBI agent led to the formation of a common body of knowledge known today as fraud examination. The ACFE has nearly 80,000 members.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO)

The mission of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) is to provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance and to reduce the extent of fraud in organizations. The COSO Internal Control—Integrated Framework (2013) is generally considered the internal control framework of choice in the United States, and is the framework of reference for public company compliance with the Sarbanes-Oxley act. The COSO Enterprise Risk Management – Integrated Framework is a widely recognized risk management framework used throughout the world.

COSO was organized in 1985 to sponsor the National [Treadway] Commission on Fraudulent Financial Reporting, an independent private-sector initiative that studied the causal factors that can lead to fraudulent financial reporting. It also developed recommendations for public companies and their independent auditors, for the SEC and other regulators, and for educational institutions. The Commission was sponsored jointly by five major professional associations headquartered in the United States: the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), Financial Executives International (FEI), The Institute of Internal Auditors (The IIA), and the National Association of Accountants (now the Institute of Management Accountants [IMA]). Wholly independent of each of the sponsoring organizations, the Commission included representatives from industry, public accounting, investment firms, and the New York Stock Exchange.  The first chairman of the National Commission was James C. Treadway, Jr., Executive Vice President and General Counsel, Paine Webber Incorporated and a former Commissioner of the U.S. Securities and Exchange Commission. Hence, the popular name "Treadway Commission."

COSO continues today as a joint initiative of the original five private sector organizations dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence.