Supply Chain

Auditing Public Sector Procurement: What’s New in The IIA Guide

The Institute of Internal Auditors (IIA)
The Institute of Internal Auditors (IIA)May 5, 2026

Why It Matters

The updated guide equips public‑sector auditors with a standards‑aligned, risk‑focused toolkit that enhances fraud detection and compliance, protecting public resources and reinforcing stakeholder confidence.

Key Takeaways

  • Public procurement demands transparency, fairness, and strict legal compliance.
  • Distinguish vendors from sub‑recipients by ownership of program functions.
  • Fraud risk in public procurement requires dedicated audit lane and controls.
  • The guide aligns procurement lifecycle with third‑party risk topical requirement.
  • Risk‑control matrix and AI tools streamline assessments for public auditors.

Summary

The Institute of Internal Auditors released the second‑edition Global Practice Guide “Auditing Procurement in the Public Sector” in December 2025. Hosts Pam Strobl Powers and Mark Marasini walk listeners through its purpose, structure, and how it dovetails with the International Professional Practices Framework.

The guide highlights three pillars unique to public procurement—transparency, fairness/equity, and legal compliance. It stresses public RFP scoring, committee decision‑making, and rigorous record‑keeping. A key distinction is made between vendors (routine services) and sub‑recipients (owners of program components), illustrated by examples such as Motorola phone services versus a delivery firm that assumes transportation ownership in a hunger‑relief program. Fraud risk is flagged as a separate audit lane, given its high visibility in public contracts.

Mark notes that the procurement lifecycle—planning, solicitation, selection, contracting, and management—mirrors the new third‑party risk topical requirement, enabling auditors to map audit phases directly to IPPF criteria. The accompanying risk‑control matrix offers pre‑populated risk scenarios, and emerging AI tools can accelerate manual assessments, turning a traditionally labor‑intensive process into a more efficient one.

For auditors, the guide provides a ready‑made framework to meet compliance standards, identify high‑risk procurement stages, and embed fraud‑focused controls. Leveraging the matrix and technology can improve audit coverage, reduce manual effort, and ultimately strengthen public‑sector stewardship of taxpayer funds.

Original Description

The Institute of Internal Auditors Presents: All Things Internal Audit
In this episode, Pam Strobel Powers and Mark Maraccini discuss The IIA's recently updated Global Practice Guide ( https://www.theiia.org/en/content/guidance/recommended/supplemental/practice-guides/auditing-procurement-in-the-public-sector/?utm_source=google&utm_medium=cpc&utm_campaign=20253036447&utm_content=&utm_term=&utm_term=&utm_campaign=2026+%7C+PMAX+%7C+EN+%7C+NA+Expanded+%7C+MEM+%7C+Membership+%7C+2023-4444+%7C+AO&utm_source=adwords&utm_medium=ppc&hsa_acc=9042658708&hsa_cam=20253036447&hsa_grp=&hsa_ad=&hsa_src=x&hsa_tgt=&hsa_kw=&hsa_mt=&hsa_net=adwords&hsa_ver=3&gad_source=1&gad_campaignid=20262062845&gbraid=0AAAAADsnbmzTCuc1q3AxoCnJPJNcTqL8n&gclid=Cj0KCQjwyr3OBhD0ARIsALlo-OluKF8OoyaUrdKiWXAKhHBw0GlJI2H3BIsUpfmtC3QeM_IeHLYBJ6gaArWaEALw_wcB ) Auditing Procurement in the Public Sector. They walk through the three pillars that make public sector procurement unique, explain how to distinguish a vendor from a subrecipient, and share why fraud risk in procurement deserves its own lane in your audit approach.
Members Save in May
Members can save 20% on CIA, CRMA, and IAP application and exam fees throughout May.
Becker, the official CIA exam review partner of The IIA, is also offering up to 20% off CIA exam prep and $50 off IAP prep.
Use the code May20% and access the offer here.
HOST:
Pamela Stroebel Powers, CIA, CGAP, CRMA, CPA
Director of Professional Guidance, Public Sector, The IIA
GUEST:
Mark Maraccini, CIA, CPA
Partner, Crowe LLP
Member, International Internal Audit Standards Board
KEY POINTS:
Introduction [00:00:02 - 00:00:30]
What Makes Public Sector Procurement Unique [00:01:07 - 00:04:16]
Transparency in Procurement [00:01:37 - 00:02:42]
Fairness and Equity in Procurement [00:02:42 - 00:03:31]
Legal and Regulatory Compliance [00:03:31 - 00:04:16]
Vendor vs. Subrecipient: Key Differences [00:05:24 - 00:08:44]
Applying the Procurement Lifecycle [00:09:34 - 00:10:54]
Using Risk and Control Matrices [00:11:23 - 00:12:54]
Manual vs. Technology-Driven Risk Assessment [00:11:48 - 00:12:33]
Fraud Risk in Procurement [00:13:24 - 00:15:31]
Equity and Supplier Diversity Programs [00:17:49 - 00:20:11]
Auditing Program Effectiveness vs. Compliance [00:20:47 - 00:21:28]
Final Thoughts [00:21:28 - 00:21:50]
IIA RELATED CONTENT: 
Interested in this topic? Visit the links below for more resources:
-Global Practice Guide: Auditing Procurement in the Public Sector
-Audit Tool: Procurement Risks and Controls for the Public Sector Examples
-Third-Party Topical Requirement
-Global Internal Audit Standards
-Knowledge Centers: Public Sector
-Certifications May Sale
Visit The IIA’s website for related topics and more.
Follow All Things Internal Audit:

Comments

Want to join the conversation?

Loading comments...