Certified Government Auditing Professional (CGAP) Practice Exam 2026 – The All-in-One Guide to Exam Success

The action of assuring the employee that their anonymity can be maintained while listening to their information about potential illegal activities is considered inconsistent with The Institute of Internal Auditors (IIA) Code of Ethics and Standards. This is because internal auditors must adhere to principles of integrity, objectivity, and accountability, and claiming to ensure complete anonymity could conflict with the ethical responsibilities of the auditor.

In situations involving illegal activities, it is crucial for auditors to address such issues transparently and according to established protocols. Maintaining anonymity might lead to complications, such as the inability to conduct a thorough investigation or the risk of not being able to substantiate claims, which could compromise the integrity of the audit process.

The other actions—suggesting that the employee consider talking to legal counsel, informing the employee about the potential attempts to keep the source confidential while investigating, and guiding them towards other communication methods—align with the ethical standards. They emphasize the importance of ensuring due diligence, considering legal implications, and guiding the employee appropriately without making unverifiable promises regarding confidentiality. This approach balances ethical responsibility with the need to handle sensitive information responsibly.