Post on 12-Jan-2016
description
transcript
Professional Professional Opportunities in Internal Opportunities in Internal
Audit/Assurance WorkAudit/Assurance Work
CA. Rajkumar S. AdukiaCA. Rajkumar S. Adukia
B. Com (Hons.), FCA, ACS, AICWA, LL.B. M.B.A. B. Com (Hons.), FCA, ACS, AICWA, LL.B. M.B.A.
Dip IFR (UK), Dip LL & LWDip IFR (UK), Dip LL & LW
Chairman, Internal Audit Standard Board, ICAIChairman, Internal Audit Standard Board, ICAIrajkumarfca@gmail.com
09820061049/0932306104909820061049/09323061049
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 22
“He is able ,who
thinks he is able.”-Buddha
ATTITUDEATTITUDE
PAUL CATTS
2
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 33
What is an Internal What is an Internal Audit/Assurance Work?Audit/Assurance Work?
• A management functionA management function• Internal auditors to render impartial Internal auditors to render impartial
judgmentsjudgments• It is a dynamic oneIt is a dynamic one• It assists board in governance It assists board in governance
responsibilityresponsibility• Auditor assures the effectiveness of Auditor assures the effectiveness of
internal auditinternal audit• It is a component of internal controlIt is a component of internal control
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 44
Origin of AuditingOrigin of Auditing
• The process audit, timely submission of The process audit, timely submission of accounts and audit was initiated by Arya accounts and audit was initiated by Arya Chanakya in 300 BC.Chanakya in 300 BC.
• Auditing in the form of ancient checking Auditing in the form of ancient checking activities was found in the ancient activities was found in the ancient civilizations of civilizations of China, Egypt and Greece. China, Egypt and Greece.
• The ancient checking activities found in The ancient checking activities found in Greece (around 350 B.C.) Greece (around 350 B.C.)
• In the period pre-1840, Auditing was In the period pre-1840, Auditing was restricted to performing detailed restricted to performing detailed verification of every transaction verification of every transaction
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 55
Development of AuditingDevelopment of Auditing
• Auditing did not become established until Auditing did not become established until the industrial revolution during 1840s-the industrial revolution during 1840s-1920s in the UK 1920s in the UK
• Growth of the US economy in the 1920s-Growth of the US economy in the 1920s-1960s caused a shift of auditing 1960s caused a shift of auditing development from the UK to the USA.development from the UK to the USA.
• Auditors in the 1970s played an important Auditors in the 1970s played an important role in enhancing the credibility of role in enhancing the credibility of financial information and furthering the financial information and furthering the operations of an effective capital market. operations of an effective capital market.
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 66
Development of AuditingDevelopment of Auditing
• The auditing profession witnessed The auditing profession witnessed substantial and rapid change since substantial and rapid change since 1990s as a result of the accelerating 1990s as a result of the accelerating growth at the world economies. growth at the world economies.
7
Definition of Internal Definition of Internal AuditAudit
“ “Internal audit is an independent Internal audit is an independent management function, which involves a management function, which involves a continuous and critical appraisal of the continuous and critical appraisal of the functioning of an entity with a view to functioning of an entity with a view to suggest improvements thereto and add suggest improvements thereto and add value to and strengthen the overall value to and strengthen the overall governance mechanism of the entity, governance mechanism of the entity, including the entity's strategic risk including the entity's strategic risk management and internal control management and internal control systemsystem.”- Preface to SIA.”- Preface to SIA
CA Rajkumar S. Adukia
8
Scope of Internal AuditScope of Internal Audit
• Evaluating the adequacy of internal Evaluating the adequacy of internal controls controls
• Suggesting ways to reduce the costs and Suggesting ways to reduce the costs and promote efficiency promote efficiency
• Assessing the compliance with the Assessing the compliance with the applicable laws and regulations applicable laws and regulations
• Assist management in decision making Assist management in decision making
• Backbone of a sound corporate Backbone of a sound corporate governance system governance system
CA Rajkumar S. Adukia
9
Need for Internal AuditNeed for Internal Audit
• Increased complexity of businessesIncreased complexity of businesses• Enhanced compliance requirementsEnhanced compliance requirements• Focus on risk management and internal Focus on risk management and internal
controls to manage themcontrols to manage them• Unconventional business modelsUnconventional business models• Intensive use of information technologyIntensive use of information technology• Stringent norms mandated by regulators Stringent norms mandated by regulators
to protect investorsto protect investors• An increasingly competitive environment An increasingly competitive environment
CA Rajkumar S. Adukia
10
Internal Audit/Assurance Internal Audit/Assurance CycleCycle
– Pre engagement activityPre engagement activity– Understanding the workUnderstanding the work– Assurance planAssurance plan– Substantive workSubstantive work– ReportReport
CA Rajkumar S. Adukia
11
What is an opportunity?What is an opportunity?
Every event has two exhaustive Every event has two exhaustive classification namelyclassification namely
1.1. OpportunityOpportunity
2.2. RiskRisk
CA Rajkumar S. Adukia
12
Listing of Broad Listing of Broad Opportunities in Internal Opportunities in Internal AuditAudit1.1. Internal Controls AuditingInternal Controls Auditing2.2. Internal Audit Functions/Requirements Under Internal Audit Functions/Requirements Under
Various LawsVarious Laws3.3. Enterprise Risk Management – The ERM RoleEnterprise Risk Management – The ERM Role4.4. Audit of Compliance of Standards on Internal Audit of Compliance of Standards on Internal
Audit Audit 5.5. Monitoring XBRL Implementation and Monitoring XBRL Implementation and
Reporting ResultsReporting Results6.6. Audit of IFRS ConvergenceAudit of IFRS Convergence7.7. Forensic AuditForensic Audit
CA Rajkumar S. Adukia
13
Listing of Broad Listing of Broad Opportunities in Internal Opportunities in Internal AuditAudit8.8. Fraud DetectionFraud Detection9.9. Internal Audit and Corporate Internal Audit and Corporate
GovernanceGovernance10.10. Internal Audit Of Management Functions Internal Audit Of Management Functions 11.11. Stock Audit/Credit AuditStock Audit/Credit Audit12.12. Internal Audit of Compliance with Internal Audit of Compliance with
Commercial LawsCommercial Laws13.13. Due DiligenceDue Diligence14.14. Social Audit Social Audit
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1414
Listing of Broad Listing of Broad Opportunities in Internal Opportunities in Internal AuditAudit15.15.Environmental AuditEnvironmental Audit16.16.Corporate Social Responsibility (CSR) Corporate Social Responsibility (CSR)
AuditAudit17.17.ISO 9000 AuditISO 9000 Audit18.18.Cyber AuditCyber Audit19.19.Industry Specific Internal Audit ProgramsIndustry Specific Internal Audit Programs20.20.Assurance ServicesAssurance Services21.21.Internal Audit of Tendering ProcessInternal Audit of Tendering Process22.22.Audit of Sustainability Initiatives and Audit of Sustainability Initiatives and
Integrated ReportsIntegrated Reports
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1515
Procedural Aspects Procedural Aspects
of of
Internal Audit/Assurance Internal Audit/Assurance WorkWork
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1616
Internal Audit ProcedureInternal Audit Procedure
• Organizing Internal Audit FunctionOrganizing Internal Audit Function• Managing Internal Audit FunctionManaging Internal Audit Function• Internal Audit PlanningInternal Audit Planning• Importance of Effective Internal Control Importance of Effective Internal Control
Process Process • Internal Audit-Business Related KnowledgeInternal Audit-Business Related Knowledge• Knowledge of Processes followed by the Knowledge of Processes followed by the
OrganizationOrganization• Field SurveyField Survey
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1717
Internal Audit ProcedureInternal Audit Procedure
• Internal Audit ProgrammeInternal Audit Programme• Audit ProcedureAudit Procedure• Communication of Internal Auditor Communication of Internal Auditor
with Management Teamwith Management Team• Information Request ListInformation Request List• Audit Notification to ManagementAudit Notification to Management• Audit Report Cover LetterAudit Report Cover Letter• Internal Audit ReportInternal Audit Report
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1818
Change Change
in in
Business TrendsBusiness Trends
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 1919
Industrial ServicesIndustrial Services
• Classification into Primary, Secondary, Classification into Primary, Secondary, Tertiary and QuaternaryTertiary and Quaternary
• Categorized into Public and Private SectorCategorized into Public and Private Sector
• Classification of Internal AuditClassification of Internal Audit– Systems AuditSystems Audit– Operational AuditOperational Audit– Management AuditManagement Audit
• Source Anywhere and Build Anywhere Source Anywhere and Build Anywhere Business ModelsBusiness Models
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2020
Financial ServicesFinancial Services
• Onset of Globalization in 1991Onset of Globalization in 1991• 1969 Nationalization of Banks1969 Nationalization of Banks• IRDA Bill, 1999 – Privatization Process IRDA Bill, 1999 – Privatization Process
CommencedCommenced• Mutual Funds – 1963 UTI enactedMutual Funds – 1963 UTI enacted• 1986 Public Sector banks permitted1986 Public Sector banks permitted• 1993 – Economic Policy – Private Sector 1993 – Economic Policy – Private Sector
Mutual FundsMutual Funds• 2009 – Interest Rate Future launched in NSE2009 – Interest Rate Future launched in NSE
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2121
Financial ServicesFinancial Services
• E-finance dramatically changed the E-finance dramatically changed the structure and nature of financial structure and nature of financial servicesservices
• Technological advances changing the Technological advances changing the face of the financial services industryface of the financial services industry
• Electronic Trading and Electronic Trading and Communication NetworksCommunication Networks
• Financial services in India changed Financial services in India changed since 1991since 1991
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2222
Service IndustryService Industry
• Largest and fastest-growing sector in the Largest and fastest-growing sector in the global economy in the last 2 decades global economy in the last 2 decades
• Provides more than 60 per cent of global Provides more than 60 per cent of global outputoutput
• Also provides a larger share of Also provides a larger share of employmentemployment
• It now contributes around 51 percent of It now contributes around 51 percent of GDP GDP
• Growth pattern in the service sector has Growth pattern in the service sector has not been uniform across all services in not been uniform across all services in India India
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2323
Computer Computer
Assisted Assisted
Auditing TechniquesAuditing Techniques
(CAAT)(CAAT)
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2424
CAATsCAATs
• Provides reasonable evidenceProvides reasonable evidence• Helps in performingHelps in performing
– Tests of transactions Tests of transactions – Analytical review procedures Analytical review procedures – Compliance tests Compliance tests – Sampling ProgramsSampling Programs– Penetration TestingPenetration Testing
• Need for CAATNeed for CAAT– Audit Objective Audit Objective – Nature of data to be reviewedNature of data to be reviewed– Availability of requisite CAAT toolsAvailability of requisite CAAT tools– Availability of skilled audit staffAvailability of skilled audit staff
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2525
CAATsCAATs
• Types of computer audit Types of computer audit softwaresoftware– Generalized Audit software toolsGeneralized Audit software tools– Specialized Audit test and analysis Specialized Audit test and analysis
softwaresoftware– Utility softwareUtility software– Test data techniquesTest data techniques– Expert systems Expert systems – Embedded audit procedures Embedded audit procedures
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2626
Standards Standards
on on
Internal AuditInternal Audit
27
Internal Audit Standards Internal Audit Standards Board - IASBBoard - IASB
• Internal Audit Standards Board was Internal Audit Standards Board was constituted as the Committee on constituted as the Committee on Internal Audit in the year 2004Internal Audit in the year 2004
• With the mission of reinforcing the With the mission of reinforcing the primacy of the Institute of Chartered primacy of the Institute of Chartered Accountants of India (ICAI)Accountants of India (ICAI)
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2828
Standards on Internal Standards on Internal AuditAudit1.1. Standard on Internal Audit (SIA) 1, Planning an Standard on Internal Audit (SIA) 1, Planning an
Internal Audit Internal Audit
2.2. Standard on Internal Audit (SIA) 2, Basic Standard on Internal Audit (SIA) 2, Basic Principles Governing Internal Audit Principles Governing Internal Audit
3.3. Standard on Internal Audit (SIA) 3, Standard on Internal Audit (SIA) 3, Documentation Documentation
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 2929
Standards on Internal Standards on Internal AuditAudit4.4. Standard on Internal Audit (SIA) 4, Reporting Standard on Internal Audit (SIA) 4, Reporting
5.5. Standard on Internal Audit (SIA) 5, Sampling Standard on Internal Audit (SIA) 5, Sampling
6.6. Standard on Internal Audit (SIA) 6, Analytical Standard on Internal Audit (SIA) 6, Analytical Procedures Procedures
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3030
Standards on Internal Standards on Internal AuditAudit7.7. Standard on Internal Audit (SIA) 7, Quality Standard on Internal Audit (SIA) 7, Quality
Assurance in Internal Audit Assurance in Internal Audit
8.8. Standard on Internal Audit (SIA) 8, Terms Standard on Internal Audit (SIA) 8, Terms of Internal Audit Engagement of Internal Audit Engagement
9.9. Standard on Internal Audit (SIA) 9, Standard on Internal Audit (SIA) 9, Communication with Management Communication with Management
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3131
Standards on Internal Standards on Internal AuditAudit10.10.Standard on Internal Audit (SIA) 10, Internal Standard on Internal Audit (SIA) 10, Internal
Audit Evidence Audit Evidence
11.11.Standard on Internal Audit (SIA) 11, Standard on Internal Audit (SIA) 11, Consideration of Fraud in an Internal Audit Consideration of Fraud in an Internal Audit
12.12.Standard on Internal Audit (SIA) 12, Internal Standard on Internal Audit (SIA) 12, Internal Control EvaluationControl Evaluation
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3232
Standards on Internal Standards on Internal AuditAudit13.13.Standard on Internal Audit (SIA) 13, Enterprise Standard on Internal Audit (SIA) 13, Enterprise
Risk Management Risk Management
14.14.Standard on Internal Audit (SIA) 14, Internal Standard on Internal Audit (SIA) 14, Internal Audit in an Information Technology Environment Audit in an Information Technology Environment
15.15.Standard on Internal Audit (SIA) 15, Knowledge Standard on Internal Audit (SIA) 15, Knowledge of the Entity and its Environmentof the Entity and its Environment
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3333
Standards on Internal Standards on Internal AuditAudit16.16.Standard on Internal Audit (SIA) 16, Standard on Internal Audit (SIA) 16,
Using the Work of an ExpertUsing the Work of an Expert
17.17.Standard on Internal Audit (SIA) 17, Standard on Internal Audit (SIA) 17, Consideration of Laws and Regulations in Consideration of Laws and Regulations in an Internal Audit an Internal Audit
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3434
Professional Professional OpportunitiesOpportunities
InIn
Internal AuditInternal Audit
35
1. Internal Controls 1. Internal Controls AuditingAuditing
– Evaluation of Effectiveness Internal Audit Evaluation of Effectiveness Internal Audit FunctionFunction
– Providing Assurance regarding Internal Providing Assurance regarding Internal ControlsControls
– Determination of Adequacy of Internal Determination of Adequacy of Internal Control FrameworkControl Framework
– Internal Audit evaluating the policies and Internal Audit evaluating the policies and procedures of the organizationsprocedures of the organizations
– Offering Control Self AssessmentOffering Control Self Assessment
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3636
1. Internal Controls 1. Internal Controls AuditingAuditing– Internal Audit of various controls in an Internal Audit of various controls in an OrganizationOrganization
• Cash and Bank BalanceCash and Bank Balance
• CapitalCapital
• Debenture and Long Term LoansDebenture and Long Term Loans
• Creditors, Accruals, ProvisionCreditors, Accruals, Provision
• Contingent LiabilitiesContingent Liabilities
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 3737
1. Internal Controls 1. Internal Controls AuditingAuditing
• Purchase & Other ExpenditurePurchase & Other Expenditure
• Sales & Other IncomeSales & Other Income
• Fixed AssetFixed Asset
• InvestmentsInvestments
• Debtors, Prepayments, Accrued IncomeDebtors, Prepayments, Accrued Income
• Stock and WIPStock and WIP
• Wages & SalariesWages & Salaries
• Bank BranchesBank Branches
• Bank Head Office/Central OfficeBank Head Office/Central Office
38
2. Internal Audit 2. Internal Audit Functions /Requirements Functions /Requirements Under Various LawsUnder Various Laws
– Risk Based Internal Audit (RBIA) in Banks Risk Based Internal Audit (RBIA) in Banks under RBI Guidanceunder RBI Guidance
– Internal Audit requirement under sections Internal Audit requirement under sections 302 and 404 of the Sarbanes Oxley Act of 302 and 404 of the Sarbanes Oxley Act of 2002 f2002 f
– Compliance of Internal Audit requirements Compliance of Internal Audit requirements under Companies (Auditor's Report) Order, under Companies (Auditor's Report) Order, 20032003
– Internal audit of Operations of Depositary Internal audit of Operations of Depositary ParticipantsParticipants
– Internal Audit requirements mandated by Internal Audit requirements mandated by SEBI on a half yearly basis for stock SEBI on a half yearly basis for stock brokers/trading members/ clearing membersbrokers/trading members/ clearing members
CA Rajkumar S. Adukia
39
2. Internal Audit 2. Internal Audit Functions /Requirements Functions /Requirements Under Various LawsUnder Various Laws
– System Audit of Investment functions of System Audit of Investment functions of Insurance CompaniesInsurance Companies
– Concurrent Audit in banksConcurrent Audit in banks– Internal audit to be undertaken in respect of Internal audit to be undertaken in respect of
Credit Rating Companies Operations Credit Rating Companies Operations – Internal Audit of Mutual fundsInternal Audit of Mutual funds– Internal Audit of CustodiansInternal Audit of Custodians– Internal Audit of Registrar & Share Transfer Internal Audit of Registrar & Share Transfer
AgentsAgents
CA Rajkumar S. Adukia
40
2. Internal Audit 2. Internal Audit Functions /Requirements Functions /Requirements Under Various LawsUnder Various Laws
– Internal audit mandatory for multiple Internal audit mandatory for multiple banking or consortium - RBIbanking or consortium - RBI
– Internal Audit requirement every Internal Audit requirement every quarterly required for insurers under quarterly required for insurers under IRDA (Investment) (Fourth Amendment) IRDA (Investment) (Fourth Amendment) Regulations, 2008Regulations, 2008
CA Rajkumar S. Adukia
41
3. 3. Enterprise Risk Enterprise Risk Management – The ERM Management – The ERM RoleRole• Providing assurance on the design and Providing assurance on the design and
effectiveness of risk management effectiveness of risk management processes.processes.
• Providing assurance that risks are Providing assurance that risks are correctly evaluated.correctly evaluated.
• Evaluating risk management processes.Evaluating risk management processes.
• Evaluating the reporting on the status of Evaluating the reporting on the status of key risks and controls.key risks and controls.
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4242
3.Enterprise Risk 3.Enterprise Risk Management – The ERM Management – The ERM RoleRole• Reviewing the management of key risks, Reviewing the management of key risks,
including the effectiveness of the controls and including the effectiveness of the controls and other responses to them.other responses to them.
Consulting ActivitiesConsulting Activities• Championing the establishment of ERM within the Championing the establishment of ERM within the
organization.organization.• Developing risk management strategy for board Developing risk management strategy for board
approval.approval.• Facilitating the identification and evaluation of Facilitating the identification and evaluation of
risks.risks.
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4343
3.Enterprise Risk 3.Enterprise Risk Management – The ERM Management – The ERM RoleRole• Coaching management on responding to Coaching management on responding to
risks.risks.• Coordinating ERM activities.Coordinating ERM activities.• Consolidating the reporting on risks.Consolidating the reporting on risks.• Maintaining and developing the ERM Maintaining and developing the ERM
framework.framework.
Roles the internal auditors should NOT Roles the internal auditors should NOT undertake areundertake are::
• Setting the risk appetite.Setting the risk appetite.• Imposing risk management processes.Imposing risk management processes.
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4444
3.Enterprise Risk 3.Enterprise Risk Management – The ERM Management – The ERM RoleRole• Providing assurance to the board and Providing assurance to the board and
managementmanagement
• Making decisions on risk responses. Making decisions on risk responses. This is management's responsibility.This is management's responsibility.
• Implementing risk responses on Implementing risk responses on management s behalf.management s behalf.
• Accountability for risk management.Accountability for risk management.
45
4. 4. Internal Audit of Internal Audit of Compliance of Compliance of Standards on Internal Standards on Internal Audit Audit
– Till date there are 17 standards issued Till date there are 17 standards issued by IASB ,ICAIby IASB ,ICAI
– Standards on Internal Audit shall be Standards on Internal Audit shall be recommendatory in nature in the initial recommendatory in nature in the initial period. period.
– The Standards shall become The Standards shall become mandatory from such date as notified mandatory from such date as notified by the Council.by the Council.
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4646
Framework for Assurance Framework for Assurance Engagement Engagement (Effective 1(Effective 1stst April 2008) April 2008)
• Framework defines the elements and Framework defines the elements and objectives of an assurance objectives of an assurance engagementengagement
• Frame of reference is offered to Frame of reference is offered to – PractitionersPractitioners– Other involved in assurance engagementsOther involved in assurance engagements– AASB Board in the development of SAs, AASB Board in the development of SAs,
SREs and SAEsSREs and SAEs
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4747
Framework for Assurance Framework for Assurance Engagement (Engagement (Effective 1Effective 1stst April 2008) April 2008)
• The framework distinguishes the The framework distinguishes the assurance engagements from other assurance engagements from other engagements like consulting engagements like consulting engagementsengagements
• Assurance engagements include Assurance engagements include internal audit and due diligence internal audit and due diligence audits.audits.
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4848
Framework for Assurance Framework for Assurance
Engagement Engagement (Effective 1(Effective 1stst April 2008 April 2008))
• Definition of Assurance Engagement under Definition of Assurance Engagement under the Framework the Framework
““““Assurance engagement” means an Assurance engagement” means an engagement in which a practitioner engagement in which a practitioner expresses a conclusion designed to expresses a conclusion designed to enhance the degree of confidence of the enhance the degree of confidence of the intended users other than the responsible intended users other than the responsible party about the outcome of the evaluation party about the outcome of the evaluation or measurement of a subject matter or measurement of a subject matter against criteria.”against criteria.”
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 4949
Framework for Assurance Framework for Assurance Engagement Engagement (Effective 1(Effective 1stst April 2008) April 2008)
Framework identifies 5 elements of Framework identifies 5 elements of assurance engagements namelyassurance engagements namely– A three party relationshipA three party relationship– A subject matterA subject matter– CriteriaCriteria– EvidenceEvidence– Assurance ReportAssurance Report
50
5. Monitoring XBRL 5. Monitoring XBRL Implementation & Reporting Implementation & Reporting ResultsResults
– Ensuring savings in cost/resources for Ensuring savings in cost/resources for redundant data related work - XBRL redundant data related work - XBRL ensures data re-usabilityensures data re-usability
– Efficiency gains in external reporting Efficiency gains in external reporting processesprocesses
– Enables more frequent Enables more frequent review/updation of internal credit review/updation of internal credit rating systemrating system
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 5151
5. Monitoring XBRL 5. Monitoring XBRL Implementation & Reporting Implementation & Reporting ResultsResults
– Integrating different systems and provide Integrating different systems and provide for easier generation of complete, for easier generation of complete, consolidated and centralized informationconsolidated and centralized information
– Enhanced internal controls/audit Enhanced internal controls/audit processes if XBRL is extensively processes if XBRL is extensively leveragedleveraged
– Generation of standard and ad-hoc Generation of standard and ad-hoc reports as requiredreports as required
– Ease of incorporating data for various Ease of incorporating data for various analytical studies and periodic reportsanalytical studies and periodic reports
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 5252
5. Monitoring XBRL 5. Monitoring XBRL Implementation & Reporting Implementation & Reporting ResultsResults
– Use of business intelligence tool for advanced Use of business intelligence tool for advanced analytics and drill-down/roll up facilityanalytics and drill-down/roll up facility
– Contextual and explanatory information Contextual and explanatory information available around every dataavailable around every data
– There is a common framework of definitionsThere is a common framework of definitions– Corporate information is available with Corporate information is available with
transparency and accuracytransparency and accuracy– Comparison of financial data among multiple Comparison of financial data among multiple
companies made easiercompanies made easier
53
6. Audit of IFRS 6. Audit of IFRS Convergence Convergence
• Whether IFRS standards followedWhether IFRS standards followed
• Selection of options providedSelection of options provided
• First time adoption options selectedFirst time adoption options selected
• Fair value determinationsFair value determinations
CA Rajkumar S. Adukia
54
7. Forensic Audit7. Forensic Audit
– Strengthens control mechanisms, with Strengthens control mechanisms, with the objective of protecting the the objective of protecting the business against financial crimesbusiness against financial crimes
– Can play an important role for Can play an important role for companies under review by regulatory companies under review by regulatory authoritiesauthorities
– Can help protect organizations from Can help protect organizations from the long-term damage to reputation the long-term damage to reputation caused by the publicity associated with caused by the publicity associated with insider crimes. insider crimes.
CA Rajkumar S. Adukia
55
8.Fraud Detection8.Fraud Detection
• Banking FraudsBanking Frauds
• Insurance FraudsInsurance Frauds
• Stock market fraudsStock market frauds
• Internet fraudsInternet frauds
• Investment FraudsInvestment Frauds
• Cyber crimesCyber crimes
CA Rajkumar S. Adukia
56
8. Fraud Detection8. Fraud Detection
Common type of frauds which internal Common type of frauds which internal auditors are likely to come acrossauditors are likely to come across
• Frauds in computerized environmentFrauds in computerized environment• Cheque fraudCheque fraud• Trojan horse fraud or the time bomb fraudTrojan horse fraud or the time bomb fraud• Achilles Heel fraudsAchilles Heel frauds• Piggyback fraudsPiggyback frauds• Accounting manipulationsAccounting manipulations
CA Rajkumar S. Adukia
57
9.Internal Audit & 9.Internal Audit & Corporate GovernanceCorporate Governance
– The four characteristics of good governance The four characteristics of good governance areare• Transparency, Transparency, • Accountability, Accountability, • Effectiveness/efficiency and Effectiveness/efficiency and • Responsiveness. Responsiveness.
– The role of internal control in a CG frameworkThe role of internal control in a CG framework– Risk AssessmentRisk Assessment– Providing Assurance regarding controlsProviding Assurance regarding controls– ComplianceCompliance– Consulting and Operations Consulting and Operations
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 5858
9.Internal Audit & 9.Internal Audit & Corporate GovernanceCorporate Governance
– Organizational Independence is vital Organizational Independence is vital for an effective internal audit function for an effective internal audit function of the governance frameworkof the governance framework
– An Internal Audit Charter helps in An Internal Audit Charter helps in administering the audit functionadministering the audit function
– Unrestricted access to all forms of Unrestricted access to all forms of evidence offers efficient audit resultsevidence offers efficient audit results
59
10.Internal Audit Of 10.Internal Audit Of Management FunctionsManagement Functions
– Business strategy processBusiness strategy process– Human resources functionsHuman resources functions– Marketing strategyMarketing strategy– Production processProduction process
CA Rajkumar S. Adukia
60
Internal Audit of Human Internal Audit of Human Resource FunctionResource Function
• The Human resource audit ensures The Human resource audit ensures that the organization is aware of the that the organization is aware of the existing laws and rules and whether existing laws and rules and whether it is implementing them effectively.it is implementing them effectively.
• This creates an atmosphere of This creates an atmosphere of transparency and goes a long way in transparency and goes a long way in avoiding legal confrontation later avoiding legal confrontation later
CA Rajkumar S. Adukia
61
Internal Audit of Human Internal Audit of Human Resource FunctionResource Function• Human Resource Management (HRM) is Human Resource Management (HRM) is
the function within an organization that the function within an organization that focuses on recruitment of, management focuses on recruitment of, management of, and providing direction for the people of, and providing direction for the people who work in the organization. who work in the organization.
• The Human resource audit ensures that The Human resource audit ensures that the followingthe following– organization is aware of the existing laws and organization is aware of the existing laws and
rules and whether it is implementing them rules and whether it is implementing them effectively so that legal confrontation is effectively so that legal confrontation is avoided later. Tavoided later. T
..
CA Rajkumar S. Adukia
62
Internal Audit of Human Internal Audit of Human Resource FunctionResource Function
– It helps build trust in the minds of the It helps build trust in the minds of the employees who are confident that employees who are confident that things pertaining to their wellbeing are things pertaining to their wellbeing are being taken care of being taken care of
– It also makes the HR employees familiar It also makes the HR employees familiar with the current laws. with the current laws.
– It adds credibility to the company in the It adds credibility to the company in the eyes of the investors, who may look eyes of the investors, who may look favorably. favorably.
CA Rajkumar S. Adukia
63
Internal Audit of Human Internal Audit of Human Resource FunctionResource Function
– Laws such as those pertaining to Laws such as those pertaining to discrimination, sexual harassment, discrimination, sexual harassment, overtime etc should be particularly overtime etc should be particularly looked into. looked into.
– Even seemingly minor things such as Even seemingly minor things such as the employment application should be the employment application should be studied if it solicits inappropriate studied if it solicits inappropriate information information
CA Rajkumar S. Adukia
64
11.Stock Audit/Credit 11.Stock Audit/Credit AuditAudit
• Stock audit for bank borrowersStock audit for bank borrowers
• Stock audit other than bank borrowersStock audit other than bank borrowers
CA Rajkumar S. Adukia
65
12.Internal Audit of 12.Internal Audit of Compliance with Commercial Compliance with Commercial Laws (Illustrative List)Laws (Illustrative List)
1.1. Anti Money Laundering LawsAnti Money Laundering Laws
2.2. Laws relating to Alternate Dispute ResolutionLaws relating to Alternate Dispute Resolution
3.3. Laws relating Real EstateLaws relating Real Estate
4.4. Family and Succession Laws Family and Succession Laws
5.5. Legal Metrology laws Legal Metrology laws
6.6. Laws Relating to Charity Laws Relating to Charity
7.7. Labour Laws Labour Laws
8.8. IPR IPR
9.9. Insolvency Laws/BIFR Insolvency Laws/BIFR
CA Rajkumar S. Adukia
66
12.Internal Audit of 12.Internal Audit of Compliance with Commercial Compliance with Commercial Laws (Illustrative List)Laws (Illustrative List)
10.10.Securitization LawsSecuritization Laws
11.11.Laws relating to Non Banking Financial Laws relating to Non Banking Financial InstitutionsInstitutions
12.12.Competition Laws Competition Laws
13.13.Consumer Laws Consumer Laws
14.14.Laws relating to Cooperative SocietiesLaws relating to Cooperative Societies
15.15.Corporate LawsCorporate Laws
16.16.Laws Relating To Limited Liability Laws Relating To Limited Liability Partnership (LLP)Partnership (LLP)
CA Rajkumar S. Adukia
67
12.Internal Audit of 12.Internal Audit of Compliance with Commercial Compliance with Commercial Laws (Illustrative List)Laws (Illustrative List)
17.17.Laws Relating To Micro, Small And Medium Laws Relating To Micro, Small And Medium Enterprises (MSMES) Enterprises (MSMES)
18.18.Banking LawsBanking Laws
19.19.Insurance Laws Insurance Laws
20.20.Securities Law Securities Law
21.21.Laws relating to International Trade Laws relating to International Trade
22.22.Foreign Exchange Management LawsForeign Exchange Management Laws
23.23.Right to Information Law Right to Information Law
24.24.Laws relating to Special Economic Zones (SEZ) Laws relating to Special Economic Zones (SEZ)
CA Rajkumar S. Adukia
68
12.Internal Audit of 12.Internal Audit of Compliance with Commercial Compliance with Commercial Laws (Illustrative List)Laws (Illustrative List)
25.25.Energy Laws Energy Laws
26.26.Carriage Laws And Multi-Modal Carriage Laws And Multi-Modal Transportation Of Goods Transportation Of Goods
27.27.Laws relating to Aviation SectorLaws relating to Aviation Sector
28.28.Laws relating to Telecom IndustryLaws relating to Telecom Industry
29.29.Laws relating to PharmaceuticalsLaws relating to Pharmaceuticals
30.30.Information Technology and Cyber LawsInformation Technology and Cyber Laws
31.31.Environmental LawsEnvironmental Laws
32.32.Carbon Credit Carbon Credit
CA Rajkumar S. Adukia
69
13.Due Diligence (26)13.Due Diligence (26)
1.1. Commercial Due DiligenceCommercial Due Diligence
2.2. Legal Due DiligenceLegal Due Diligence
3.3. Operational Due Diligence Operational Due Diligence
4.4. Business Strategy/ Management Culture Business Strategy/ Management Culture Due Diligence Due Diligence
5.5. Environmental Due Diligence Environmental Due Diligence
6.6. Human Resource Due Diligence Human Resource Due Diligence
CA Rajkumar S. Adukia
70
13.Due Diligence13.Due Diligence
7.7. Marketing Due Diligence Marketing Due Diligence
8.8. Business Environmental Due Diligence Business Environmental Due Diligence
9.9. Preliminary Due Diligence Preliminary Due Diligence
10.10. Full Due Diligence Full Due Diligence
11.11. Ongoing Due Diligence Ongoing Due Diligence
12.12. Private Equity Due Diligence Private Equity Due Diligence
CA Rajkumar S. Adukia
71
13.Due Diligence13.Due Diligence
13.13. Mergers and Acquisitions Due Diligence Mergers and Acquisitions Due Diligence 14.14. Joint Venture Due Diligence Joint Venture Due Diligence 15.15. Venture Capital Due Diligence Venture Capital Due Diligence 16.16. Purchase of Business Due Diligence Purchase of Business Due Diligence 17.17. Investment in Business Due Diligence Investment in Business Due Diligence 18.18. Loans for Business Due Diligence Loans for Business Due Diligence
CA Rajkumar S. Adukia
72
13.Due Diligence13.Due Diligence
19.19. Partnership in Business Due Diligence Partnership in Business Due Diligence 20.20. Substantial Supply to Business Due Substantial Supply to Business Due
Diligence Diligence 21.21. Financial and Accounting Due Diligence Financial and Accounting Due Diligence 22.22. Tax Due Diligence Tax Due Diligence 23.23. Information Technology Due Diligence Information Technology Due Diligence 24.24. Strategic and Commercial Due Diligence Strategic and Commercial Due Diligence
CA Rajkumar S. Adukia
73
13.Due Diligence13.Due Diligence
25.25. Investor Due Diligence Investor Due Diligence
26.26. Vendor Due Diligence Vendor Due Diligence
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7474
14. Social Audit14. Social Audit
• Prepare a statement of purpose, Prepare a statement of purpose, objectives, key issues and activities for objectives, key issues and activities for Social Auditing.Social Auditing.
• Preparation of Social accounting plan and Preparation of Social accounting plan and timelinetimeline
• Budgeting for Social AuditBudgeting for Social Audit• Prepare social accounts using existing Prepare social accounts using existing
information, data collected and views of information, data collected and views of stakeholders.stakeholders.
• Reviewing support to civil society for its Reviewing support to civil society for its participationparticipation
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7575
14. Social Audit14. Social Audit
• The 6 steps followed in the performance The 6 steps followed in the performance of Social Audit areof Social Audit are
– Preparatory activities Preparatory activities – Defining audit boundaries and identifying Defining audit boundaries and identifying
stakeholders stakeholders – Social accounting and book‐keeping Social accounting and book‐keeping – Preparing and using social accounts Preparing and using social accounts – Social audit and dissemination Social audit and dissemination – Feedback and institutionalization of social Feedback and institutionalization of social
auditaudit
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7676
15. Environmental Audit15. Environmental Audit
• Reviewing the effectiveness of Reviewing the effectiveness of Environmental ManagementEnvironmental Management
• Reviewing the compliance of an Reviewing the compliance of an organization with all regulatory and organization with all regulatory and environmental performanceenvironmental performance
• Ensuring conformity with environmental Ensuring conformity with environmental assessment requirementsassessment requirements
• Testing the accuracy of the assessmentTesting the accuracy of the assessment
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7777
16. Corporate Social 16. Corporate Social Responsibility (CSR) AuditResponsibility (CSR) Audit• Gain an understanding of Corporate Social Responsibility Gain an understanding of Corporate Social Responsibility
(CSR) influences and initiatives. (CSR) influences and initiatives. • Understand CSR stakeholders and their needs. Understand CSR stakeholders and their needs. • Understand the economic value proposition and reputation Understand the economic value proposition and reputation
drivers. drivers. • Examine how organizations approach: climate change Examine how organizations approach: climate change
challenges, health and safety issues, and supply chain challenges, health and safety issues, and supply chain imperatives. imperatives.
• Review emerging practices in social responsibility and Review emerging practices in social responsibility and sustainable development.sustainable development.
• Examine CSR links to governance and risk management.Examine CSR links to governance and risk management.• A guidance on social responsibility ISO 26000:2010 ( Draft A guidance on social responsibility ISO 26000:2010 ( Draft
Stage) can be referred toStage) can be referred to• Network with your peers on this emerging area of internal Network with your peers on this emerging area of internal
audit focus. audit focus.
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7878
16. Corporate Social 16. Corporate Social Responsibility (CSR) AuditResponsibility (CSR) Audit
• A CSR audit program can cover all or any of the A CSR audit program can cover all or any of the following risks:following risks:
– Effectiveness of the operating framework for CSR Effectiveness of the operating framework for CSR implementationimplementation
– Effectiveness of implementation of specific, large Effectiveness of implementation of specific, large CSR projectsCSR projects
– Adequacy of internal control and review Adequacy of internal control and review mechanismsmechanisms
– Reliability of measures of performanceReliability of measures of performance– Management of risks associated with external Management of risks associated with external
factors like regulatory compliance, management factors like regulatory compliance, management of potential adverse NGO attention, etcof potential adverse NGO attention, etc
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 7979
17. ISO 9000 Audit17. ISO 9000 Audit
– The term The term ISO 9000 ISO 9000 has two different has two different meanings: meanings: • It refers to a single standard (ISO 9000) and It refers to a single standard (ISO 9000) and
• It refers to a set of three standards (ISO It refers to a set of three standards (ISO 9000, ISO 9001, and ISO 9004). 9000, ISO 9001, and ISO 9004).
– All three are referred to as All three are referred to as quality quality management system standardsmanagement system standards
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8080
17. ISO 9000 Audit17. ISO 9000 Audit
• Two types of auditing are required to Two types of auditing are required to become registered to the standard: become registered to the standard: auditing by an external certification auditing by an external certification body (external audit) and audits by body (external audit) and audits by internal staff trained for this process internal staff trained for this process (internal audits).(internal audits).
• The internal audit programs The internal audit programs comprises of five programs comprises of five programs
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8181
17. ISO 9000 Audit17. ISO 9000 Audit
• The five programs comprise ofThe five programs comprise of– ISO 9001 ISO 9001 Compliance Audit ProgramCompliance Audit Program – ISO 9001 ISO 9001 Policy Audit ProgramPolicy Audit Program – ISO 9001 ISO 9001 Procedures Audit ProgramProcedures Audit Program – ISO 9001 ISO 9001 Process Audit ProgramProcess Audit Program – ISO 9001 ISO 9001 Records Audit ProgramRecords Audit Program
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8282
18. Cyber Audit18. Cyber Audit
– COBIT based AuditsCOBIT based Audits• Reviews of Baselines and Standards for ITReviews of Baselines and Standards for IT
• Information System ImplementationsInformation System Implementations
• Pre-Implementation ReviewPre-Implementation Review
• Implementation of Controls Certification Reviews Implementation of Controls Certification Reviews
• Post Implementation ReviewPost Implementation Review
• Code Development / Source Code Management Code Development / Source Code Management ReviewsReviews
• General Controls ReviewsGeneral Controls Reviews
• Data Center reviewsData Center reviews
• Audits of the Business Continuity ProgramAudits of the Business Continuity Program
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8383
18. Cyber Audit18. Cyber Audit
• Audits of Security ConfigurationAudits of Security Configuration
• Reviews of Security AdministrationReviews of Security Administration
• Reviews of IT Purchasing and ProcurementReviews of IT Purchasing and Procurement
• Application Review / AuditsApplication Review / Audits
• Audits of Business ProcessesAudits of Business Processes
– System AuditSystem Audit– Internal Audit of System Security PolicyInternal Audit of System Security Policy– Network Security AuditNetwork Security Audit– Quality Management Systems AuditQuality Management Systems Audit
84
19. 19. Industry Specific Internal Industry Specific Internal Audit ProgramsAudit Programs (Illustrative (Illustrative List)List)
1.1. Educational InstitutionsEducational Institutions2.2. Information Technology CompaniesInformation Technology Companies3.3. HotelsHotels4.4. HospitalsHospitals5.5. Stock BrokersStock Brokers6.6. Portfolio ManagerPortfolio Manager7.7. CompanyCompany8.8. Mutual FundsMutual Funds
CA Rajkumar S. Adukia
85
19. 19. Industry Specific Internal Industry Specific Internal Audit ProgramsAudit Programs (Illustrative (Illustrative List)List)
8.8. Construction CompanyConstruction Company9.9. BanksBanks10.10.Manufacturing CompanyManufacturing Company11.11.Insurance CompanyInsurance Company12.12.Non Banking Finance CompaniesNon Banking Finance Companies13.13.Asset Management CompanyAsset Management Company14.14.Telecom CompaniesTelecom Companies15.15.Cooperative SocietiesCooperative Societies
CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8686
20. Assurance Services20. Assurance Services
1.1. Revenue AuditRevenue Audit2.2. Special AuditSpecial Audit3.3. Concurrent AuditConcurrent Audit4.4. Income & Expenditure AuditIncome & Expenditure Audit5.5. Grants AuditGrants Audit6.6. Projects AuditProjects Audit7.7. Investigative AuditInvestigative Audit8.8. CAG Audit for PSUsCAG Audit for PSUs9.9. Diligence ReportDiligence Report10.10. Assurance On Sustainability ReportingAssurance On Sustainability Reporting
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8787
List of Audit /Assurance List of Audit /Assurance Services under Internal Services under Internal AuditAudit1.1. Financial AuditFinancial Audit2.2. Operational AuditOperational Audit3.3. Grant AuditGrant Audit4.4. Project AuditProject Audit5.5. Information Systems AuditInformation Systems Audit6.6. Compliance AuditCompliance Audit7.7. Investigative AuditInvestigative Audit8.8. Enterprise Risk ManagementEnterprise Risk Management
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 8888
List of Audit /Assurance List of Audit /Assurance Services under Internal Services under Internal AuditAudit9.9. Assurance on Sustainability Assurance on Sustainability
ReportingReporting
10.10.Revenue AuditRevenue Audit
11.11.Special AuditSpecial Audit
12.12.Audit of Public Sector UndertakingAudit of Public Sector Undertaking
13.13.Audit of Stock BrokersAudit of Stock Brokers
21. Internal Audit of 21. Internal Audit of Tendering ProcessTendering Process
1.1. Open TendersOpen Tenders
2.2. Limited or Closed TendersLimited or Closed Tenders
3.3. International Competitive Bidding (ICB)International Competitive Bidding (ICB)
4.4. National Competitive Bidding (NCB)National Competitive Bidding (NCB)
5.5. Request for Proposal (RPF)Request for Proposal (RPF)
6.6. Request for Quote (RFQ)Request for Quote (RFQ)
7.7. Request for Information (RFI)Request for Information (RFI)
8.8. Expression of Interest (EOI)Expression of Interest (EOI)
21. Internal Audit of 21. Internal Audit of Tendering ProcessTendering Process
9.9. Single Envelop BiddingSingle Envelop Bidding
10.10.2 Envelop Bidding2 Envelop Bidding
11.11.Multiple Envelop BiddingMultiple Envelop Bidding
22. Audit of Sustainability 22. Audit of Sustainability Initiatives and Integrated Initiatives and Integrated ReportsReports• Report on Sustainability Progress and IssuesReport on Sustainability Progress and Issues• Best Practice Assessments – identify Best Practice Assessments – identify
enhancement opportunitiesenhancement opportunities• Best Practice Standards/Framework – Best Practice Standards/Framework –
Adoption of externally recognized Adoption of externally recognized framework, guidelines, standards in testing framework, guidelines, standards in testing sustainability activities and performance sustainability activities and performance measurementsmeasurements
• Assurance Service – Performing the Assurance Service – Performing the “Sustainability Readiness Audit” of non “Sustainability Readiness Audit” of non financial performance measurements for financial performance measurements for independent auditindependent audit
22. Audit of Sustainability 22. Audit of Sustainability Initiatives and Integrated Initiatives and Integrated ReportsReports• Advisory Opportunities – offering Advisory Opportunities – offering
consultancy services to management consultancy services to management by identifying key trends like green by identifying key trends like green building, brand positioningbuilding, brand positioning
• Looking out for regulatory changes Looking out for regulatory changes and process verification in place to and process verification in place to communicate changes if anycommunicate changes if any
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9393
Internal Audit Internal Audit
ReportingReporting
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9494
Contents of a Good Contents of a Good Internal/Assurance Audit Internal/Assurance Audit ReportReportThe assurance report should include The assurance report should include
the following basic elements the following basic elements – A TitleA Title– An addressee An addressee – An identification and description of the An identification and description of the
subject matter information and, when subject matter information and, when appropriate, the subject matter appropriate, the subject matter
– Identification of the criteria Identification of the criteria
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9595
Contents of a Good Contents of a Good Internal/Assurance Audit Internal/Assurance Audit ReportReport
– Where appropriate, a description of any Where appropriate, a description of any significant, inherent limitation associated with significant, inherent limitation associated with the evaluation or measurement of the subject the evaluation or measurement of the subject matter against the criteria matter against the criteria
– When the criteria used to evaluate or measure When the criteria used to evaluate or measure the subject matter are available only to specific the subject matter are available only to specific intended users, or are relevant only to a intended users, or are relevant only to a specific purpose, a statement restricting the specific purpose, a statement restricting the use of the assurance report to those intended use of the assurance report to those intended users or that purpose users or that purpose
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9696
Contents of a Good Contents of a Good Internal/Assurance Audit Internal/Assurance Audit ReportReport
– A statement to identify the responsible A statement to identify the responsible party and to describe the responsible party and to describe the responsible party’s and the practitioner’s party’s and the practitioner’s responsibilities responsibilities
– A statement that the engagement was A statement that the engagement was performed in accordance with SAEs performed in accordance with SAEs
– A summary of the work performed A summary of the work performed – Practitioner’s Signature Practitioner’s Signature
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9797
Contents of a Good Contents of a Good Internal/Assurance Audit Internal/Assurance Audit ReportReport
– The assurance report date The assurance report date – The place of signature – the report The place of signature – the report
should name specific location, which is should name specific location, which is ordinarily the city where the report is ordinarily the city where the report is signed signed
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9898
Audit Reporting CycleAudit Reporting Cycle
• Outline Audit findingsOutline Audit findings• Preparation of Audit report - First Preparation of Audit report - First
draft draft • Discussion with clientDiscussion with client• Preparation of Final Audit report draftPreparation of Final Audit report draft• Closing conferenceClosing conference• Issuance of Final reportIssuance of Final report• Evaluation and Follow UpEvaluation and Follow Up
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 9999
Role of an Internal Role of an Internal AuditorAuditor
The role of an Internal Auditor can be The role of an Internal Auditor can be simply captured in four pointssimply captured in four points
• To act as a CatalystTo act as a Catalyst
• To interface between different To interface between different groupsgroups
• To advise on the processTo advise on the process
• To report the facts of audit resultsTo report the facts of audit results
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 100100
Characteristics of an Characteristics of an Internal AuditorInternal Auditor
• ProfessionalismProfessionalism
• ProficiencyProficiency
• Due Professional CareDue Professional Care
• Continuing Professional DevelopmentContinuing Professional Development
• IndependenceIndependence
101
How to Succeed as an How to Succeed as an Internal AuditorInternal Auditor
• Sharpen dialogue with top management Sharpen dialogue with top management and directors in order to clearly establish and directors in order to clearly establish the value-added objectives of internal audit the value-added objectives of internal audit (i.e., strategic issues, risk management and (i.e., strategic issues, risk management and protection of company assets).protection of company assets).
• Realign to meet key stakeholders’ Realign to meet key stakeholders’ expectations (stockholders, executive expectations (stockholders, executive management, external auditors and management, external auditors and regulators).regulators).
• Think and act strategically.Think and act strategically.
CA Rajkumar S. Adukia
102
How to Succeed as an How to Succeed as an Internal AuditorInternal Auditor
• Expand audit coverage to include “tone at Expand audit coverage to include “tone at the top,” the conduct of executive the top,” the conduct of executive management in protecting the company.management in protecting the company.
• Assess and strengthen expertise for Assess and strengthen expertise for complex business auditing.complex business auditing.
• Leverage technology in high-risk areas.Leverage technology in high-risk areas.
• Focus on enterprise risk management Focus on enterprise risk management capabilities.capabilities.
CA Rajkumar S. Adukia
103
How to Succeed as an How to Succeed as an Internal AuditorInternal Auditor
• Make the audit process dynamic, Make the audit process dynamic, changing with changed business changing with changed business conditions.conditions.
• Strengthen quality assurance Strengthen quality assurance processes.processes.
• Measure the enhanced performance Measure the enhanced performance against expectations of stakeholders.against expectations of stakeholders.
CA Rajkumar S. Adukia
Invitation for the Invitation for the activities of IASBactivities of IASB• Preparing draft for new standardsPreparing draft for new standards
• Preparing background material for Preparing background material for industry specific guidance noteindustry specific guidance note
• Articles on internal audit for CA journalArticles on internal audit for CA journal
Contact email id Contact email id cia@icai.org
104CA Rajkumar S. Adukia
CA Rajkumar S. AdukiaCA Rajkumar S. Adukia 105105
Questions ????Questions ????
CA Rajkumar S AdukiaCA Rajkumar S Adukia 106106
Thank You!!Thank You!!