manual on ia - icai

Manual on Internal Audit

DISCLAIMER : The views expressed in the Manual on Internal Audit are those of the

author(s). The Institute of Chartered Accountants of India may not

necessarily subscribe to the views of the author(s).

The Institute of Chartered Accountants of India

(Set up by an Act of Parliament) New Delhi

ii

The Institute of Chartered Accountants of India

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form, or by any means, electronic mechanical, photocopying, recording, or otherwise, without prior permission, in writing, from the publisher.

Edition : January, 2009

Website : www.icai.org

Email : [email protected]

Price : Rs. 400/- (Including CD)

ISBN : 978-81-8441-179-9

Published by : The Publication Department on behalf of CA. Puja Wadhera, Senior Assistant Director, Internal Audit Standards Board, The Institute of Chartered Accountants of India, Indraprastha Marg, New Delhi 110 002

Printed by : Sahitya Bhawan Publications, Hospital Road, Agra 282 003

January/2009/1000 Copies

iii

Foreword

The year 2008-09 has been a very active year for the Internal Audit Standards Board. The year has seen the Board issuing a number of Standards on Internal Audit as well as other technical literature such as generic and industry specific technical guides. I am happy to note that the Board is brining out this Manual on Internal Audit.

This is first of its kind of Manual on internal audit to be published by the Institute as it contains a step by step approach to conduct internal audit, right from appointment to reporting. The Manual has been developed by a team of experts in the field of internal audit and risk management and the fact is amply reflected in the fine balancing of conceptual vis a vis practical approach to internal audit in the Manual.

I appreciate that despite being a highly technical document, the Manual has been written in a very simple and lucid manner. Besides, the guidance contained herein being generic in nature, the Manual can be gainfully used by all the internal auditors across the cross section of industry type and size.

At this juncture, I wish to compliment all members of Internal Audit Standards Board, especially, the Chairman, CA. Abhijit Bandyopadhyay for having conceived the idea.

I am sure that this Manual, like other publications of the Board, would be warmly received and appreciated by the members and other interested readers.

January 16, 2009

New Delhi

Ved Jain

President, ICAI

v

Preface

Contemporary internal audit is a vast field with a number of facets to be understood and addressed. The Internal Audit Standards Board has been working relentlessly to bring out more and more quality literature for the guidance of the members. Till date the Board has brought out not only more than ten Standards on Internal Audit (SIAs) on various significant aspects of internal audit, it has published a number of widely appreciated generic as well as industry specific technical guides for the benefit of the members.

When the Board conceived the idea of having a Manual on Internal Audit, the basic objective behind the same was to bring out a comprehensive publication on internal audit, containing practical guidance on conducting an internal audit in a real life scenario. Accordingly, the Board roped in the services of an expert in the area of internal audit and risk management to prepare this Manual. The Manual, as you would see, is quite comprehensive, providing a step by step guidance on every aspect of internal audit. It is divided into four main parts. Part A deals with Internal Audit Engagement Management, Part B deals with Internal Audit Project Management, Part C deals with Close Outs and Part D deals with General Annexures. While each of the Parts is further divided into relevant sub topics, Part B contains, guidance on aspects such as overall planning, pre audit opening, detailed walk throughs, report, checklists, audit programmes, report compilation, exit meeting and report issuance.

The Manual contains a number of templates as well as checklists for ready reference and easy use of the readers. The Manual has therefore, a wider usage and appeal. I personally feel that the Manual has turned out to be the first of its kind one stop reference for the internal auditors to be issued by the Institute.

I wish to place on record my thanks for Shri Ved Jain, President, and Shri Uttam P Agarwal, Vice President, ICAI for their vision and unstinted support in the activities of the Internal Audit Standards Board. I also wish to express my sincere gratitude to all my colleagues from the Council at the Internal Audit Standards Board, viz., CA. Bhavna G. Doshi, Vice Chairperson, CA. Sunil H. Talati, CA. Mahesh P. Sarda, CA. Shanti Lal Daga, CA. K. P. Khandelwal, CA. Manoj Fadnis, CA. Anuj Goyal, CA. Amarjit Chopra, Shri Manoj K Sarkar, Shri K. P. Sasidharan, Dr. Pritam Singh and Shri O. P. Vaish for their vision and support. I also wish to place on records my gratitude for the co-opted members on the Board, viz., CA. Partha Sarathi De, CA. N. K. Aneja, CA. Charanjit S. Attra, CA. Nagesh D. Pinge as also special invitees on the Board, viz., CA. Harinderjit Singh (my Council colleague), CA. Deepak Wadhawan, CA. Manu Chadha, CA. Santosh Nair and CA. Amit Roy for their free and frank views, invaluable guidance as also their dedication and support to the various initiatives of the Board. I also wish to thanks to CA. K. Raghu (my Council colleague), for his support in bringing out the Manual. I also wish to express my thanks to CA. Puja Wadhera, Secretary, Internal Audit Standards Board and her

vi

team of officers, CA. Gurpreet Singh, Senior Executive Officer and CA. Arti Aggarwal, Executive Officer for their efforts in giving final shape to the Manual.

I am sure that the Manual would be warmly received by the interested readers and would be recounted as a landmark publication of the Institute. January 19, 2009

Kolkata

Abhijit BandyopadhyayChairman, Internal Audit Standards Board

Contents

Page No Foreword..(iii)

Preface. (v)

Format No

Part - A Internal Audit Engagement Management A/1 Initial Introduction Letter 3A/2 Proposal of Internal Audit Services 4A/3 Engagement letter 9A/4 Scope and Objective 15A/5 Organization Background 16A/6 Industry Research 18A/7 List of Files and Contents 20

Paet - B Internal Audit Project Management B/1 Overall Planning 23

Pre Audit Opening 25B/2.1 Opening Meeting Control Statement 25B/2.2 General Process Understanding 26B/2.3 Data Needs Identification and Collection 28B/2.4 Data Analysis and Summary Preparation 29B/2.5 Previous Audit Report Analysis 30B/2.6 Brain Storming Sessions (Internal) 31

Detailed Walk Throughs 32B/3.1 Selection of sample 32B/3.2 Walk Through Tracking 33B/3.3 Documentation of Walk Through 34

Risks, Checklists, Audit Programme 37 Listing of Risks and Audit Programme (Checklists) 37

B/4.1.1 Corporate Risks Review Checklist 37B/4.1.2 Finance and Accounts Risks Review Checklists 43B/4.1.3 Human Resources Process Review Checklists 51B/4.1.4 Inventory Risks Review Checklists 65B/4.1.5 Information Security Review Checklists 74B/4.1.6 Marketing Risks Review Checklists 83B/4.1.7 Purchases Risks Review Checklists 88

viii

B/4.1.8 Production Risks Review Checklists 93B/4.1.9 Sales and Despatch Risks Review Checklists 101

B/4.1.10 Statutory Compliances Review Checklists 106B/4.1.11 Administration Risks Review Checklists 120

B/4.2 Planning and Execution of Audit Programme 124B/4.3 Compilation of Observations and Draft Reporting 129B/4.4 Quality Check of Evidences Collection 132

Report Compilation 133B/5.1 Draft Audit Report 133B/5.2 Covering Letter for Draft Report by Email/ Letter Head 136B/5.1 Collection of Management Comments 137

Exit Meeting 138B/5.2 Fixing of the Meeting Time 138

B/6.2A, B/6.2B Presentation and Action Plan Preparation 139

B/5.1 Updation of the Action Plan into the Draft Report 144 Report Issue 145

B/7.1 Final Report Release Checklist 145B/7.2 Audit Committee Presentation (Where Applicable) 147B/7.3 Audit Feedback Collection 154

Work Paper Closures 157 Work Papers Compilation and Quality Audit Closures 157

B/8.1A Quality Audit Checklist 157B/8.1B Quality Audit Action Plan Statement 161B/8.2 Knowledge Bank Updation 162

Part -C Close Outs C/1 Invoice Format 165C/2 Out of Pocket Expenses Tracking 166C/3 Overall Closure Checklists 167

Part - D General Annexures D/1 Confirmation of Meetings Format 171D/2 Minutes of Meetings Formats 172D/3 Agenda of the Meeting 173D/4 Standards on Internal Audit Issued by the ICAI 175

1

PART A

Internal Audit Engagement Management

3

Initial Introduction Letter Format No: A/1

Date: ,

.

To

Mr./Mrs. , ,

,

.

Dear Sir,

Sub: Introduction of Our Internal Audit Services

In continuation to your request, we are very happy to introduce XYZ & Co, one of a specialist in delivering you high value Internal Audit Services based at . We are a team of XX Chartered Accountants, XX Information Systems Auditors, XX Internal Auditors.

Our methodology is adopted from global standards and ICAI standards and would be providing required value add. Some of the clients whom we have delivered the services are Client 1, Client 2, Client 3, Client 4 etc. to name a few.

Please also find attached a detailed profile1 of our organization for your review. We look forward to hear from you in this regard.

Warm Regards,

For XYZ & Co.

XYZ,

Partner 2 3

1 Attach your organizations profile to this letter. Please comb-bind the profile for presentation. 2 The objective of this letter is just to introduce your organization subject to a request from the client. 3 The letter should be preferably signed by the Partner of the organization or an authorized representative. Keep an

office copy of this letter. A file viz., Initial Introduction Letters may be opened to track all the letters.

4

Proposal for Internal Audit Services1

Format No: A/2

Overview:

Scope and Objective: The objectives for the internal audit are as under:

Evaluate the business processes to ensure that they are aligned to the business objectives. Evaluate the compliance to both the internal policies and procedures of the company and

external regulations to the extent applicable to the following key processes.

Evaluate the effectiveness and efficiency of the identified processes and related internal controls.

Evaluate the accuracy of accounting information systems supporting the process. Evaluate progressively the risks relating to the business management covering information

technology and general process

Scope of work / Areas to be covered as part of Internal Audit:

The scope shall be covering the transactions for the period to

Management Process

Process 12 Process 2 Marketing

Process 1 Process 2 1 Proposal may be printed on the letter head of the organization or a simple A4 Size Sheet. 2 You may also add a list of risks that shall be looked into in the process.

Proposal for Internal Audit Services

5

Contract/Project Management

Process 1 Process 2 Client Relationship Management

Process 1 Process 2 HR Process

Process 1 Process 2 Finance and Accounts

Process 1 Process 2 Administration and Logistics

Process 1 Process 2 Information Technology

Process 1 Process 2 The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.

Methodology and Deliverables3

We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.

3 Each firm may have its own methodology / format of deliverables. This is model only.


6

The following are the benefits for the organization from outsourcing:

Global best methodology for handling Internal Audits

Relevant business / process / internal audit expertise and access to best practices

Structured deliveries with performance indicators and terms of delivery

Saving costs and efforts for the organization and help management concentrate on core competency

Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.

Pre Audit Opening

General Process Understanding Data Analysis and Summary Preparation Planning of Audit Detailed Walk Through

Detailed Walk Through Documentation of Walk Through Results Risks, Checklists, Audit Programme

Listing of Risks and Audit Programme (Checklists) Generation of Exceptions through Analytics Planning of Audit Programme Delivery Execution of Audit Programme Compilation of Observations and Draft Reporting Quality Check of adequacy of Evidences and Work Paper Linking Supervisory Review and Confirmation Report Compilation

Preparation of Audit Report Circulation of the Draft Report for Management Comments Collection of Management Comments Exit Meeting

Fixing of the Meeting Time Presentation and Action Plan Preparation Updation of the Action Plan into the Draft Report

Proposal for Internal Audit Services

7

Report Issue

Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI Audit Committee Presentation (Where Applicable) Audit Feedback Collection Each Audit Report shall contain the following information:4

Executive summary High, Medium, Low Risk Areas classified separately Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments,

Annexures of evidences

Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.

Presentation to management and Audit Committee The Audit shall be conducted as per the Standard on Internal Audit (SIA) 4 for Reporting released by ICAI.

Team, Schedule and Professional Fees:

Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:

Sl No Particulars / Name of the Resource

5 No of man days / man

months Qualifications

1 Partner

2 Senior Manager

3 Senior Associates / Consultants

4 Associates / Consultants

5 Junior Associates / Consultants

Total Time

Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.6

4 Incase you would like to expand the deliverables, it can be done. Sometimes clients would like to know what is the format of deliverable, in such cases, an annexure may be added. 5 A detailed resource list may be given where necessary. 6 It is always good practice to add commentary about service tax and out of pocket expenses (OPEs) applicability / inclusion.


8

Resources Required

An audit room will be set up having the sufficient no. of Table and chairs along with White board for meeting and discussion.

Access to all the data, record, employees required for the effective performance of internal audit.

Computers with access to company ERP, email and other systems with printing facility with adequate stationary.

Project Coordination:

We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator.

About XYZ & Co

7

8

7 Logos of clients may be given, whereas prior permission of clients may be necessary. 8 Some firms also add confidentiality clause / non-compete clause in the proposal itself.

9

Engagement Letter

Format No: A/3

Date: ,

.

To

Mr./Mrs. ,

,

,

.

Dear Sir,

Sub: Internal Audit Engagement Letter

With regards to the discussions we had on DD/MM/YYYY and in continuation with the proposal given on DD/MM/YYYY, please find the Engagement Letter for the Internal Audit Assignment with the following Scope, Objective and Timelines:

Scope and Objective:1 The objectives for the internal audit are as under:

Evaluate the business processes to ensure that they are aligned to the business objectives. Evaluate the compliance to both the internal policies and procedures of the company and

external regulations to the extent applicable to the following key processes.

Evaluate the effectiveness and efficiency of the identified processes and related internal controls.

Evaluate the accuracy of accounting information systems supporting the process. Evaluate progressively the risks relating to the business management covering information

technology and general process

1 Specific objectives of client may be elaborated here.


10

Scope of work / Areas to be covered as part of Internal Audit: The scope shall be covering the transactions for the period to

Management Process

Process 1 Process 2 Marketing

Process 1 Process 2 Contract/Project Management

Process 1 Process 2 Client Relationship Management

Process 1 Process 2 HR Process

Process 1 Process 2 Finance and Accounts

Process 1 Process 2 Administration and Logistics

Process 1 Process 2 Information Technology

Process 1 Process 2 The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.

Engagement Letter

11

Methodology and Deliverables2 We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.

The following are the benefits for the organization from outsourcing:

Global best methodology for handling Internal Audits

Relevant business / process / internal audit expertise and access to best practices

Structured deliveries with performance indicators and terms of delivery

Saving costs and efforts for the organization and help management concentrate on core competency

Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.

Pre Audit Opening

General Process Understanding Data Analysis and Summary Preparation Planning of Audit Detailed Walk Through

Detailed Walk Through Documentation of Walk Through Results Risks, Checklists, Audit Programme

Listing of Risks and Audit Programme (Checklists) Generation of Exceptions through Analytics Planning of Audit Programme Delivery Execution of Audit Programme 2 Some clients may not want a detailed methodology to be given in the engagement letter.


12

Compilation of Observations and Draft Reporting Quality Check of adequacy of Evidences and Work Paper Linking Supervisory Review and Confirmation Report Compilation

Preparation of Audit Report Circulation of the Draft Report for Management Comments Collection of Management Comments Exit Meeting

Fixing of the Meeting Time Presentation and Action Plan Preparation Updation of the Action Plan into the Draft Report Report Issue

Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI Audit Committee Presentation (Where Applicable) Audit Feedback Collection Each Audit Report shall contain the following information: Executive summary High, Medium, Low Risk Areas classified separately Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments,

Annexures of evidences

Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.

Presentation to management and Audit Committee Team, Schedule and Professional Fees: Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:

Sl No Particulars / Name of the Resource

No of man days / man months Qualifications

1 Partner 2 Senior Manager 3 Senior Associates / Consultants 4 Associates / Consultants 5 Junior Associates / Consultants Total Time

Engagement Letter

13

3Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.

Resources Required An audit room will be set up having the sufficient no. of Table and chairs along with White

board for meeting and discussion.

Access to all the data, record, employees required for the effective performance of internal audit.

Computers with access to company ERP, email and other systems with printing facility with adequate stationary.

Project Coordination: We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator. It is the duty of the Project Coordinator to organize the information and time of the process owners. Any delay due to coordinator or process owner shall not be the responsibility of the Internal Audit Service Provider.

Confidentiality Clause: We shall maintain confidential all the information collected as part of the engagement and shall not disclose them unless until necessary as per the regulations of the land of assignment. Incase of need to disclose the information, we shall take the permission of the client coordinator before disclosing.

Termination Clause: The assignment can be terminated by either parties by giving a notice in advance of atleast 1 month. Thereafter the information / documentation collected shall be returned back to the client.

4Incase of negligence, quality standards compromise, and willful default, the client shall have the right to be indemnified for all the costs till the date of termination.

3 Some clients may be interested to add a detailed Gantt chart of the project. 4 Some clients may also be interested to add a Quality Assurance Clause.


14

Signing of the Contract:

For XYZ & Co.,5

XYZ,

Partner

On behalf of Client

For

5 Please ensure that the seal is put on the Contract. The engagement letter shall be made in two copies, one for each party.

15

Scope and Objective Statement

Format No: A/4

Assignment No Assignment Name

Engagement Manager

Company Name

Objective of the Assignment1 a.

b.

c.

d.

Scope of the Assignment2 a.

b.

c.

d. 3

1 Please define in as much detail as possible the objectives for which the assignment is being handled. Objective is the element, one is trying to achieve at the end of the project. It is very important that the objectives are defined as clearly as possible to eliminate ambiguity. 2 Define the areas of coverage, it may be in period / departments / divisions / business processes / locations / units etc., The scope should be linked to objectives. 3 It is recommended to do as much brainstorming as possible to define this document at the planning stage.

16

Organization Background

Format No: A/5


Engagement Manager

Company Name

General Business Understanding

Overview of Business

Overview of Industry Segment1

Specific Risks faced by Industry Segment

1 Use Internet search engines, industry publications, websites, research reports.

Organization Background

17

Important Statistics (Financial, Manpower etc.) Collected2

Organization Structure and Decision Hierarchy3

Business Goals, Objectives

Description about the Business Systems, IT Infrastructure4

2 Obtain important performance statistics which shall help understand organizations current state of affairs. 3 Please give annexure where necessary. You may use MS-Visio or MS-Excel to prepare organization structures. 4 Detail about the systems and procedures currently in place. Also capture the level of standardization in the organization ie. Existence of Standard Operating Procedures, Policies etc.,

18

Industry Research

Format No: A/6


Engagement Manager

Company Name

The objective of this document is to identify the industry practices / competitor practices so as to enable the organization under to benchmark itself.1

List of Competitors and availability of Information with regards to financials, processes etc.

List of Best Practices Adopted by Industry

Sl No Area / Best Practice Source Name of the Company

1 The strength of this document projects you as an industry resource to the clients.

Industry Research

19

Key Performance Indicators of Various Business Processes in Industry

Sl No Performance Indicator Business / Business Process Source Name of the Company

Names of Industry Publications, Associations, Websites, Industry Consultants, Specialists

20

List of Files and Contents

Format No: A/7


Engagement Manager

Company Name

Sl No Contents of the Files A Name of the File: Client Master File (Project wise divider)

1 Proposal Copy

2 Engagement Letter, Purchase Order, Service Order, Appointment Order

3 Client Strategic Communications

4 Invoices, Cheque Receipts, OPE Claims

5 Any other relevant information

B Name of the File: Assignment File (Phase of Assignment wise divider)1

1 Scope, Objective Document

2 Organization Background

3 Industry Research

4 Minutes of Various Meetings

5 Work Papers

6 Risks Listing and Audit Programme with completed work papers

7 Draft Audit Report

8 Management Exit Meet Minutes

9 Final Report and Presentation2

10 Implementation Status Updates

11 Quality Audit Checklist

12 Documents Collected from the Client for Audit purposes3

13 Feedback Form

14 Overall Closure Checklist

1 Open multiple files if one file is not adequate. 2 It is a good practice to show links between the observations in the final report to the work papers evidencing them. 3 If the data collected is in bulk form, it may be written on a CD and filed.

21

PART B

Internal Audit Project Management

23

Overall Planning

Format No: B/1


Engagement Manager

Company Name

Team Identification for the Engagement:

Sl.no Type of Competency Required Period for Which Required

Name of Person Selected

Project Costing: Sl.no Expenditure type Planned

1 Man month Costing

2 Other Direct Costing

3 Administrative Costs

Total

Amount Billed

Profitability

% age of Profitability

Detailed Planning Sl. No Form Name Planned Date Auditor

1 Opening Meeting

2 Scope and Objective of the Assignment

3 Assignment Scheduling


24

Sl. No Form Name Planned Date Auditor

4 Planning

4.1 General Process Understanding

4.2 Data Analysis

4.3 Walk Through

4.4 Documentation of Walk Through

4.6 Risks and Audit Programme Generation

4.7 Field Work Scheduling

5 Field Work

5.1 Field Work Execution

5.2 Draft Report Generation and Circulation

6 Exit Meeting

6.1 Draft Report with management comments

7 Final Report Issue

7.1 Structured Reporting

7.2 Presentation of Finding

8 Follow up and Implementation

8.1 Follow Up Check list

9 General Administrative Closures

9.1 Invoice Generation

9.2 Out of Pocket Expenses Collection

9.4 Client Feedback

9.5 Opportunity for future Businesses

9.6 Knowledge Base Updation

10 Quality Audit

10.1 Quality Review Report and Action Statement

10.2 File Closure

Any Other Remarks Manager Partner

Pre Audit Opening 2.1 Opening Meeting Control Statement

Format No: B/2.1


Engagement Manager Company Name

Date of Meeting Department Participants from Auditees Participants from Internal Audit Team Name Designation Name Designation

Sl No Steps of Opening Meet Handled by Documentation 1 Introduce the Internal Audit members to the

Auditees and explain about the objectives and methodology of the Audit

2 Explain about the time schedule of the project and the names of persons from the Auditee end to coordinate

3 Understand specific objectives of the Auditees and the business goals etc.,

4 Understand the specific performance indicators used to measure in the area under Audit

5 Get a general understanding of the business process, ERP etc.

6 Collect various operating procedures, policies

7 (Reffer footnote)

Any further specific questions may be raised apart from generic. Whereas, the objective of the meet is to give a very high level understanding on the audit.


26

2.2 General Process Understanding

Format No: B/2.2

Assignment No Assignment Name Engagement Manager

Company Name

Name of the Process1

Major Process Name

Process Owner Division Location

Date of Process Analysis

No of Employees

System ERP / Manual

Process Objectives

Process Performance Measures

Process Map2

1 Document only the most important processes which relate to our audit objectives. 2 Process Maps can also be done using MS-Visio, Excel. Whereas, MS-Word may be most frequently used tool.

Pre- Audit Opening

27

Type of Boxes for Process Mapping34

3 We recommend basic flow charting techniques for process flow. You may also use advanced techniques where necessary. 4 Process flow should be signed off with the process owners.

Process / Activity /

Action Box Decision

Box

Filing, Document, Form etc.,

Process Gap

Indicator

Man

ual o

n In

tern

al A

udit

28

2.3

Dat

a N

eeds

Iden

tific

atio

n an

d C

olle

ctio

n5

Form

at N

o: B

/2.3

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

Sl

No

Dat

a N

eeds

O

bjec

tive6

Pe

riod

to

be

Cov

ered

N

eces

sary

Fie

ldFo

rmat

in

Whi

ch R

equi

red

( E

xcel

/ Te

xt/P

DF)

Req

uest

ed

To

Dat

e of

R

eque

st

Expe

cted

D

ate

Act

ual D

ate

of

Col

lect

ion

5 T

he d

ata

colle

ctio

n m

ay b

e po

ssib

le w

ith E

RP

/ Tal

ly /

Exce

l / M

anua

l. 6 R

efer

to th

e R

isk

Che

cklis

ts fo

r mor

e in

form

atio

n on

Dat

a ne

eds

iden

tific

atio

n.

28


Pre

- A

udit

Ope

ning

29

2.4

Dat

a A

naly

sis

and

Sum

mar

ies

Prep

arat

ion7

8

Form

at N

o: B

/2.4

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

Sl N

o D

etai

ls o

f Dat

a A

naly

sis

Det

ails

of

Infe

renc

es9

Upd

ates

to th

e R

isk

List

ing

/ Aud

it Pr

ogra

mm

e / A

udit

5Rep

ort

Rem

arks

7 Th

e ob

ject

ive

of th

e do

cum

ent i

s to

con

solid

ate

the

anal

ysis

, res

earc

h, p

revi

ous

audi

t rep

orts

in a

n in

fere

nce

docu

men

t whi

ch s

hall

be a

n in

put t

o va

rious

oth

er p

hase

s,

repo

rts e

tc.

8 Th

is d

ocum

ent a

lso

acts

as

a be

st p

ract

ice

inst

rum

ent a

nd is

gen

eral

ly h

ighl

y ap

prec

iate

d du

ring

Qua

lity

Assu

ranc

e / A

udits

/ P

eer R

evie

ws.

9

Infe

renc

e m

ay b

e th

e co

nclu

sion

dra

wn

afte

r the

ana

lysi

s w

hich

in-tu

rn m

ay le

ad to

furth

er a

naly

sis,

in-d

epth

ver

ifica

tion,

dire

ct re

porti

ng e

tc.

29

Pre- Audit Opening

Man

ual o

n In

tern

al A

udit

30

2.5

Prev

ious

Aud

it R

epor

t Ana

lysi

s101

1

Form

at N

o: B

/2.5

A

ssig

nmen

t No

Ass

ignm

ent N

ame

E

ngag

emen

t Man

ager

Com

pany

Nam

e

Sl N

o A

udit

Rep

ort N

ame

/ Pe

riod

Det

ails

of I

nfer

ence

s12

Upd

ates

to th

e R

isk

List

ing

/ Aud

it Pr

ogra

mm

e / A

udit

Rep

ort

Rem

arks

10

The

obj

ectiv

e of

the

docu

men

t is

to c

onso

lidat

e th

e an

alys

is, r

esea

rch,

pre

viou

s au

dit

repo

rts in

an

infe

renc

e do

cum

ent

whi

ch s

hall

be a

n in

put

to v

ario

us o

ther

ph

ases

, rep

orts

etc

. 11

Thi

s do

cum

ent a

lso

acts

as

a be

st p

ract

ice

inst

rum

ent a

nd is

gen

eral

ly h

ighl

y ap

prec

iate

d du

ring

Qua

lity

Assu

ranc

e / A

udits

/ P

eer R

evie

ws.

12

Infe

renc

e m

ay b

e th

e co

nclu

sion

dra

wn

afte

r the

ana

lysi

s w

hich

in-tu

rn m

ay le

ad to

furth

er a

naly

sis,

in-d

epth

ver

ifica

tion,

dire

ct re

porti

ng e

tc.

30


Pre

- A

udit

Ope

ning

31

2.6

Bra

in S

torm

ing

Sess

ions

(Int

erna

l)131

4

Form

at N

o: B

/2.6

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

Sl N

o D

etai

ls o

f Pro

cess

es /

Ris

ks D

iscu

ssed

in

the

Sess

ion

Impo

rtan

t Con

clus

ions

U

pdat

es to

the

Ris

k Li

stin

g /

Aud

it Pr

ogra

mm

e / A

udit

Rep

ort

Rem

arks

13

Brai

nsto

rmin

g se

ssio

ns a

re a

ver

y go

od p

ract

ice

whe

re th

e C

onsu

ltant

s, M

anag

ers

and

Par

tner

s di

scus

s as

to th

e un

ders

tand

ing

of th

e pr

oces

ses,

risk

s an

d th

reat

s in

th

e or

gani

zatio

n an

d ev

olve

a d

eepe

r tho

ught

pro

cess

. Th

is is

als

o a

good

way

to e

xcha

nge

know

ledg

e in

you

r org

aniz

atio

n.

14

Th

is d

ocum

ent a

lso

acts

as

a be

st p

ract

ice

inst

rum

ent a

nd is

gen

eral

ly h

ighl

y ap

prec

iate

d du

ring

Qua

lity

Assu

ranc

e / A

udits

/ P

eer R

evie

ws.

31

Pre- Audit Opening

Detailed Walk Throughs

3.1 Selection of Samples1

Format No: B/3.1


Engagement Manager

Company Name

Mechanism for Selection of Sample:

Sl No Area of Verification Type of Sampling Technique to be used 1 To verify a process of very high concern with significant

materiality and impact on the bottom line of the organization

100% Verification

2 To verify a process in an ERP for the purpose of controls built inside the system (Automated Controls)

1 Sample

3 To verify a process not inside the ERP involving verification of a manual control and the objective is to get confidence on the entire population

Random Sampling2

4 To verify a process and understand the controls are working adequately only incase of significant value transactions

Random Sampling of transactions above threshold limit

5 To verify the controls in a specific attribute of transactions viz., of an individual, location, unit, time zone etc.,

Random Sampling of transaction satisfying the attribute

Samples Selected and Result Documentation

Sl No

Process to be verified and Objective to be achieved

Type of Sampling Adopted

No of Samples Selected3

Result of Verification4

Conclusions

1 Incase of usage of an Audit Tool viz., ACL, IDEA generally 100% transactions can be verified for exceptions study. 2 Seed technique may be used for random sample pick up. All the transactions should have equal probability of being picked up. Random number generator may be used for selection to avoid bias. 3 Attach a list of samples selected and the result of verification as an annexure. 4 Incase of high critical observations to be made, and the result is negative, you may confirm the conclusion by picking up further more sample.

Det

aile

d W

alk

Thro

ugh

33

3.2

Wal

k Th

roug

h Tr

acki

ng5

6

Form

at N

o: B

/3.2

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

Sl N

o Sa

mpl

e Tr

ansa

ctio

n C

ontr

ol 1

C

ontr

ol 2

C

ontr

ol 3

C

ontr

ol 4

C

ontr

ol 5

C

ontr

ol 6

5 T

his

docu

men

t sho

uld

be u

sed

to tr

ack

the

wal

k th

roug

h / v

erifi

catio

n on

the

sam

ples

sel

ecte

d fo

r stu

dy.

6 Thi

s do

cum

ent m

ay b

e us

ed a

t the

tim

e of

pla

nnin

g or

at t

he ti

me

of fi

eld

wor

k.

33

Detailed Walk Through


34

3.3 Documentation of Walk Through7

Format No: B/3.3


Engagement Manager

Company Name

Process 1: 8

Sl No

Sub Pro-cess

Area Comments Form / Format

Objective

Critical Control Description

ERP / Application Used

Maker

Authorizer

Report Generated

Input

Output

Operating Procedures

Policies

Objective



Maker

Authorizer

Report Generated

Input

Output


Policies

7 It is not mandatory to document the processes always in the format given above, whereas once documented, it increases the clarity of the auditor on the business process and hence mistakes at the time of report are significantly reduced. 8 Process Sub Process can be as detailed as possible till it identifies an auditable area with clarity.

Detailed Work Throughs

35

Sl No

Sub Pro-cess


Objective



Maker

Authorizer

Report Generated

Input

Output


Policies

Process 2:

Sl No

Sub Pro-cess


Objective



Maker

Authorizer

Report Generated

Input

Output


Policies

Objective



Maker

Authorizer

Report Generated

Input


36

Output


Policies

Objective



Maker

Authorizer

Report Generated

Input

Output


Policies

Man

ual o

n In

tern

al A

udit

38

Ris

k Li

stin

g (W

hat W

rong

Can

H

appe

n)

Aud

it St

eps

to V

erify

A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

t-io

ns

The

risk

that

ther

e is

no

clea

r suc

cess

ion

plan

, le

adin

g to

unc

erta

inty

a. D

oes

the

com

pany

hav

e cl

ear O

rgan

izat

ion

Cha

rt b.

Are

the

posi

tions

ad

equa

tely

fille

d in

c.

Is

ther

e a

succ

essi

on

plan

with

the

man

agem

ent f

or k

ey

posi

tions

a.

Org

aniz

atio

n C

hart

Ope

ratio

nal R

isks

Pos

sibi

lity

of fr

auds

, ill

egal

act

s a.

Has

th

e C

ompa

ny

desi

gned

pr

oces

ses

to

ensu

re t

hat

ther

e is

no

laps

e of

con

trol

lead

ing

to fr

auds

b.

Doe

s th

e M

anag

emen

t ac

t on

S

tatu

tory

an

d In

tern

al A

udit

Rep

orts

c.

Is

th

ere

a sy

stem

fo

r ev

alua

ting

lega

l co

mpl

ianc

e is

sues

a. A

udit

Com

mitt

ee

actio

n po

ints

The

use

of

inap

prop

riate

co

ntro

ls/p

erfo

rman

ce

mea

sure

s,

lead

ing

to

wro

ng c

oncl

usio

ns a

nd

infe

renc

es

abou

t pe

rform

ance

of

th

e

a. I

s th

ere

a M

IS

syst

em

high

light

s th

e pe

rform

-an

ces

of

the

vario

us

depa

rtmen

t an

d fu

nctio

ns

b. D

oes

the

Man

agem

ent

revi

ew

the

perfo

rm-

a.

M

IS

Rep

orts

re

ceiv

ed

by

Man

agem

ent

38


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

39

Ris

k Li

stin

g (W

hat W

rong

Can

H

appe

n)

Aud

it St

eps

to V

erify

A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

t-io

ns

firm

's o

pera

tions

an

ces

and

take

effe

ctiv

e ac

tions

Ris

k of

ab

senc

e of

bu

dget

or

pl

anni

ng

syst

em

lead

ing

to

defo

cusi

ng o

f co

rpor

ate

oper

atio

ns

apar

t fro

m

lack

of i

mpo

rtant

con

trol

on s

pend

ing

a. I

s th

ere

a pr

oces

s of

ev

olvi

ng

annu

al

budg

et

in th

e or

gani

zatio

n b.

Is

budg

et c

onve

rted

into

O

pera

ting

plan

s

c.

Are

bu

dget

vi

s--

vis

actio

ns

mon

itore

d an

d co

rrec

tive

actio

ns t

aken

on

dev

iatio

ns

a.

A

nnua

l B

udge

t P

lan

b.

Ope

ratin

g P

lans

Ope

ratio

nal n

on c

larit

y af

fect

ing

perfo

rman

ce

a. D

oes

the

Com

pany

hav

e a

Sta

ndar

d O

pera

ting

Pro

cedu

re d

ocum

ent

for

each

pro

cess

es

b. I

s th

e S

OP

impl

emen

ted

succ

essf

ully

c.

Is

ther

e a

revi

ew o

f SO

P

frequ

ently

fo

r in

corp

orat

ing

chan

ges

a.

Sta

ndar

d O

pera

ting

Pro

cedu

res

Man

ual

Com

mun

icat

ion

Ris

ks

Inab

ility

of t

he c

ompa

ny

to

capt

ure

and

inst

itutio

naliz

e le

arni

ng

acro

ss th

e fir

m

a.

Are

tra

inin

g pr

ogra

ms

held

in

the

orga

niza

tion

for

trans

ferr

ing

know

ledg

e

a.

Li

st

of

train

ing

prog

ram

s an

d fe

edba

ck g

iven

39

Risks, Checklists, Audit Programme

Man

ual o

n In

tern

al A

udit

40

Ris

k Li

stin

g (W

hat W

rong

Can

H

appe

n)

Aud

it St

eps

to V

erify

A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

t-io

ns

b.

Doe

s th

e co

mpa

ny h

ave

a kn

owle

dge

base

The

risk

that

co

mm

unic

atio

n fro

m to

p m

anag

emen

t ge

ts

lost

in

tran

sitio

n

a.

Cap

ture

th

e pr

oces

s of

m

ovem

ent

of

mem

os/c

ircul

ars

and

eval

uate

if th

e pr

oces

s is

ad

equa

te

HR

Ris

ks

App

rais

al p

roce

sses

for

th

e em

ploy

ees

not

linke

d w

ith

the

com

pany

's o

bjec

tive

a. A

re

Key

P

erfo

rman

ce

Indi

cato

rs

desi

gned

fo

r ea

ch f

unct

ion

and

each

pe

rson

in

th

e or

gani

zatio

n b.

Are

th

e ex

pect

atio

ns

com

mun

icat

ed

to

the

empl

oyee

a.

K

ey

Per

form

ance

In

dica

tors

Inad

equa

te s

kill

set a

nd

know

ledg

e w

ith

firm

's

key

peop

le

a. C

heck

th

e pr

oces

s of

re

crui

tmen

t fo

r ke

y po

sitio

ns

b. A

re t

he r

equi

rem

ents

of

the

posi

tions

wel

l def

ined

Mar

ketin

g R

isks

Ris

k of

cu

stom

er

diss

atis

fact

ion

a. H

as

the

Man

agem

ent

take

n co

nsci

ous

effo

rts

for q

ualit

y im

prov

emen

t

a.

Qua

lity

docu

men

ts

40


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

41

Ris

k Li

stin

g (W

hat W

rong

Can

H

appe

n)

Aud

it St

eps

to V

erify

A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

t-io

ns

b. H

as

the

com

pany

im

plem

ente

d qu

ality

st

anda

rds

such

as

Si

x S

igm

a or

IS

O

for

mai

ntai

ning

qu

ality

an

d th

ereb

y cu

stom

er

satis

fact

ion

Pos

sibi

lity

of

prod

uct

getti

ng o

bsol

ete

or n

ot

mee

ting

the

budg

et

requ

irem

ents

a. D

oes

the

com

pany

inve

st

in

Res

earc

h an

d D

evel

opm

ent,

Pro

duct

de

sign

etc

b.

Are

ef

forts

ta

ken

for

expl

orat

ion

of

new

pr

oduc

ts

c.

Are

ne

w

mar

kets

ex

plor

ed

for

adeq

uate

pr

oduc

t an

d m

arke

t sp

read

Pos

sibi

lity

of

busi

ness

cy

cles

, w

heth

er i

n ow

n bu

sine

ss o

r in

eco

nom

y in

ge

nera

l, cr

eatin

g vo

latil

e gr

owth

/pro

fitab

ility

si

tuat

ion

a. H

as th

e co

mpa

ny d

one

a ris

k as

sess

men

t exe

rcis

e to

ide

ntify

key

are

as o

f ris

k b.

Doe

s th

e co

mpa

ny h

ave

a ad

equa

te

busi

ness

co

ntin

uity

an

d di

sast

er

reco

very

pla

ns

a.

B

usin

ess

Con

tinui

ty

and

Dis

aste

r R

ecov

ery

Pla

n

41


Man

ual o

n In

tern

al A

udit

42

Ris

k Li

stin

g (W

hat W

rong

Can

H

appe

n)

Aud

it St

eps

to V

erify

A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

t-io

ns

Ris

k fro

m

choo

sing

w

rong

pa

rtner

s,

inad

equa

te

com

mitm

ent,

poor

ex

ecut

ion

a.

Is

adeq

uate

ev

alua

tion

done

pr

ior

to

ente

ring

into

co

ntra

cts,

jo

int

vent

ures

etc

b.

A

re

Ser

vice

Le

vel

Agr

eem

ent

draw

n fo

r en

gage

men

ts

and

revi

ewed

42


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

43

Form

at N

o: B

/4.1

.2.

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

4.1.

2 Fi

nanc

e an

d A

ccou

nts

Ris

ks R

evie

w C

heck

list

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Rec

eiva

bles

Acc

ount

ing

and

Man

agem

ent P

roce

ss

Inef

fect

ive

proc

ess

of

invo

ice

gene

ratio

n

Che

ck

the

follo

win

g in

in

voic

es:

a. A

re th

e in

voic

es s

eria

lly

cont

rolle

d an

d ve

rify

if th

ere

are

any

dupl

icat

e,

canc

elle

d in

voic

es

and

asce

rtain

the

rea

sons

for

th

e sa

me1

b.

Che

ck if

the

calc

ulat

ion

of

disc

ount

s,

reba

tes,

pr

ices

etc

are

acc

urat

e by

ve

rifyi

ng

it ag

ains

t th

e te

rms

and

cond

ition

s

Invo

ices

no

t bo

oked

ac

cura

tely

an

d co

mpl

etel

y re

sulti

ng in

re

venu

e lo

ss

for

the

com

pany

. C

alcu

late

the

am

ount

to

be

invo

iced

aga

inst

th

e am

ount

in

voic

ed

and

chec

k w

ith

rece

ipts

to

iden

tify

the

quan

tum

of

re

venu

e lo

ss

1.

In

voic

es

Reg

iste

r/Lis

t 2.

S

uppo

rting

do

cum

ents

su

ch

as

term

s an

d co

nditi

ons

3.

Pay

men

t R

egis

ter

4.

Cre

dit N

otes

5.

D

ebto

r R

econ

-ci

liatio

n an

d co

nfirm

atio

n do

cum

ents

6.

B

ad

Deb

ts

writ

ten

off

1 A

naly

sis

of In

voic

e ca

n be

don

e us

ing

CA

AT

tool

s

43


Man

ual o

n In

tern

al A

udit

44

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Cal

cula

te

the

dela

ys

in

gene

ratio

n an

d po

stin

g /

disp

atch

ing

of

invo

ices

w

ith r

easo

ns a

s w

ell

as

agei

ng a

naly

sis

Del

ays

in

invo

icin

g re

sulti

ng i

n de

lays

in

rece

ipts

an

d fu

nds

bloc

kage

. C

alcu

late

the

ave

rage

nu

mbe

r of

da

ys

of

dela

y an

d th

e ca

sh

flow

los

s du

e to

non

re

ceip

t of

fu

nds

on

time

Che

ck i

f cr

edit

note

s ar

e po

sted

acc

urat

ely

and

are

auth

oriz

ed

by

the

desi

gnat

ed p

erso

nnel

Cre

dit

note

s no

t ac

cura

tely

po

sted

re

sulti

ng

in

reve

nue

leak

age

Cal

cula

te t

he r

even

ue

loss

due

to s

uch

cred

it no

tes

Inad

equa

te

rece

ivab

les

man

agem

ent

Gen

erat

e re

ceiv

able

s ag

eing

re

port

and

asce

rtain

reas

ons

for l

ong

pend

ing

outs

tand

ing

and

chec

k th

e pr

oced

ure

for

follo

w u

p of

out

stan

ding

s

Del

ays

in

mon

itorin

g re

ceip

ts

resu

lting

in

ca

sh

flow

lo

ss.

Cal

cula

te t

he a

vera

ge

num

ber

of

days

of

de

lay

and

the

cash

flo

w l

oss

due

to n

on

rece

ipt

of

fund

s on

tim

e.

44


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

45

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Obt

ain

the

docu

men

tatio

n re

latin

g to

de

btor

re

conc

iliat

ion

and

verif

y if

co

nfirm

atio

ns

for

the

bala

nces

ar

e ob

tain

ed

from

the

debt

ors

Mis

stat

emen

t of d

ebto

r ba

lanc

es

in

the

final

ac

coun

ts.

Rep

erfo

rm

the

reco

ncili

atio

n pr

oces

s to

ens

ure

accu

racy

of

calc

ulat

ions

.

Obt

ain

the

bad

debt

s lis

t an

d ch

eck

if au

thor

izat

ion

is o

btai

ned

for

writ

e of

f of

bad

debt

s.

Che

ck

the

proc

edur

e fo

r re

solu

tion

of u

nrec

onci

led

debt

s

Bad

deb

ts w

ritte

n of

f w

ithou

t su

ffici

ent

just

ifica

tion

resu

lting

in

finan

cial

loss

.

Paya

bles

Acc

ount

ing

and

Man

agem

ent P

roce

ss

Inad

equa

te

Pay

men

t P

roce

ss

Che

ck

the

paym

ents

to

en

sure

the

follo

win

g:

a.

Pay

men

ts

are

supp

orte

d by

rel

ated

P

urch

ase

Ord

ers,

G

oods

/Ser

vice

s R

ecei

pt

note

an

d ap

prov

al

from

th

e us

er

depa

rtmen

t fo

r re

ceip

t of

m

ater

ial/s

ervi

ce

Mis

mat

ch

betw

een

actu

al

paym

ent

and

paym

ent

to b

e m

ade

resu

lting

in

re

venu

e le

akag

es

a.

P

urch

ase

Ord

ers

b.

Pay

men

t V

ouch

ers

c.

Pay

men

t R

egis

ter

d.

Goo

ds/S

er-v

ice

deliv

ery

Not

es

45


Man

ual o

n In

tern

al A

udit

46

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

b.

Pay

men

t en

try

is

mad

e ac

cura

tely

and

co

mpl

etel

y fo

r al

l th

e G

RN

/Ser

vice

not

es

c.

Pay

men

t is

mad

e as

pe

r th

e te

rms

and

cond

ition

s en

tere

d in

to w

ith th

e ve

ndor

e.

A

gree

men

t w

ith

the

vend

or

Cal

cula

te

the

dela

ys

in

post

ing

of

paym

ent

entri

es

with

re

ason

s as

w

ell a

s ag

eing

ana

lysi

s

Del

ay

in

paym

ent

resu

lts

in

unne

ce-

ssar

y lia

bilit

y im

pose

d as

per

the

ter

ms

and

agre

emen

ts

with

th

e ve

ndor

C

alcu

late

th

e in

tere

st

char

ged

by th

e ve

ndor

fo

r lat

e pa

ymen

t

a.

Cre

dito

rs a

gein

g an

alys

is

Che

ck i

f de

bit

note

s ar

e po

sted

acc

urat

ely

and

are

auth

oriz

ed

by

the

desi

gnat

ed

pers

onne

l. E

nsur

e th

at th

e re

ject

ions

ar

e au

thor

ized

by

de

sign

ated

per

sonn

el

Deb

it no

tes

not

supp

orte

d by

P

urch

ase

retu

rns

docu

men

ts

and

repl

acem

ent/a

djus

tme

nt n

ot m

ade

accu

rate

ly

for t

he d

ebit

note

s

a.

Deb

it no

tes

46


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

47

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Ver

ify

the

proc

ess

of

reco

ncili

atio

n of

de

bit/c

redi

t no

tes

and

acco

unts

pay

able

Dup

licat

e pa

ymen

ts

mad

e w

ithou

t re

ceip

t of

goo

ds/s

ervi

ce

a.

V

endo

r re

conc

iliat

ion

docu

men

ts

Ens

ure

that

all

dues

are

se

ttled

at

the

time

of t

he

full

and

final

se

ttlem

ent

and

adeq

uate

follo

w u

p

Del

ay

in

paym

ent

resu

lts

in

unne

ce-

ssar

y lia

bilit

y im

pose

d as

per

the

ter

ms

and

agre

emen

ts

with

th

e ve

ndor

C

alcu

late

th

e in

tere

st

char

ged

by th

e ve

ndor

fo

r lat

e pa

ymen

t

Gen

eral

Fin

anci

al C

losu

re S

yste

m

Boo

ks

of

acco

unts

no

t cl

osed

on

a

timel

y ba

sis

Che

ck t

he p

roce

dure

for

cl

osur

e of

bo

oks

and

acco

unts

and

ens

ure

that

th

e cl

osur

es a

re d

one

on

a tim

ely

basi

s. C

heck

if

the

follo

win

g ar

e cl

osed

: a.

Le

dger

Acc

ount

s b.

P

&L

acco

unt

c.

Bal

ance

She

et

d.

Cas

h Fl

ow s

tate

men

t e.

D

ebto

rs a

gein

g

Del

ays

in

clos

ure

lead

ing

to

non

avai

labi

lity

of fi

nanc

ials

fo

r re

view

an

d de

cisi

on m

akin

g.

Asc

erta

in

dela

ys

in

clos

ure

of b

ooks

and

en

sure

the

reas

ons

for

the

dela

y

a.

B

ooks

of

A

ccou

nt

b.

Ledg

er

sum

mar

ies

c.

Age

ing

repo

rts

d.

Ban

k R

econ

cilia

t-ion

S

tate

m-e

nt

e.

Sta

tuto

ry

rem

ittan

ces

47


Man

ual o

n In

tern

al A

udit

48

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

f. C

redi

tors

age

ing

g.

Ban

k R

econ

cilia

tion

h.

Sta

tuto

ry re

mitt

ance

s

P

efor

m a

GL

scru

tiny

to

asce

rtain

an

y irr

egul

ariti

es

in

trans

actio

ns

post

ing

and

unde

rtake

a

deta

iled

revi

ew

whe

reve

r di

scre

panc

ies

are

iden

tifie

d E

nsur

e th

at t

here

are

no

unre

conc

iled

item

s on

op

enin

g ba

lanc

es

a.

Gen

eral

Led

ger

S

tudy

/

revi

ew

of

the

Not

es

to

acco

unts

ap

pend

ed fo

r ade

quac

y of

di

sclo

sure

an

d co

mpl

ianc

e w

ith s

tatu

tory

la

ws

C

ompa

re

bala

nces

with

pr

evio

us

perio

ds

and

prep

arat

ion

varia

nce

anal

ysis

repo

rt

Inac

cura

te u

pdat

ion

of

acco

unts

re

sulti

ng

in

mis

stat

emen

t in

fin

anci

als.

48


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

49

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Inad

equa

te

prov

isio

ning

C

heck

if

the

prov

isio

ns

mad

e ar

e ac

cura

te

and

subs

eque

nt

acco

untin

g en

tries

pa

ssed

ar

e co

rrec

t. C

heck

if

the

prov

isio

ns a

re a

utho

rized

as

per

the

Del

egat

ion

of

Aut

horit

y M

atrix

Fund

and

Cas

h M

anag

emen

t2

Inad

equa

te

budg

et s

yste

m

Rev

iew

th

e bu

dget

sy

stem

an

d ve

rify

the

follo

win

g:

a. B

udge

t is

prep

ared

and

au

thor

ized

on

an

an

nual

bas

is

b. E

xpen

ditu

re i

ncur

red

is

verif

ied

with

the

budg

et

and

corr

ectiv

e ac

tions

ar

e ta

ken

for

devi

atio

ns

from

the

budg

et

c. R

evis

ed b

udge

t if

any

is

auth

oriz

ed

as

per

Del

egat

ion

of A

utho

rity

Mat

rix

Inor

dina

te

devi

atio

ns

from

th

e bu

dget

re

sulti

ng

in

exce

ss/s

hort

spen

ding

a.

A

nnua

l Bud

get

b.

Var

ianc

e A

naly

sis

Rep

ort

2

Fund

s M

anag

emen

t wou

ld a

lso

incl

ude

revi

ew o

f For

eign

Exc

hang

e ga

ins/

loss

, tec

hniq

ue o

f hed

ging

etc

dep

endi

ng u

pon

the

natu

re o

f the

com

pany

.

49


Man

ual o

n In

tern

al A

udit

50

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erv-

atio

ns

Ens

ure

if re

view

of

in

vest

men

ts

/ ba

nk

bala

nces

, in

tere

st e

arne

d an

d id

entif

icat

ion

of

idle

ba

lanc

es is

bei

ng d

one

.

a.

In

vest

men

t de

tails

b.

B

ank

deta

ils

and

bank

st

atem

ents

c.

In

tere

st d

etai

ls

In

adeq

uate

fu

nd u

tiliz

atio

n

Com

pare

inte

rest

pai

d on

cr

edit

obta

ined

fro

m

bank

s vi

s--

vis

idle

ba

lanc

es if

any

; and

cre

dit

cycl

e (c

redi

t ob

tain

ed

from

sup

plie

rs).

Ens

ure

if P

hysi

cal

verif

icat

ion

of

cash

is

do

ne

P

erio

dici

ty

/ tim

ings

and

rec

onci

liatio

n of

diff

eren

ces

in b

alan

ces

if an

y.

a.

C

ash

Reg

iste

r b.

P

hysi

cal C

ash

In

adeq

uate

co

ntro

l ov

er

phys

ical

ca

sh/c

hequ

es

Rev

iew

th

e sy

stem

of

In

tern

al

Con

trols

on

co

llect

ion

of

cheq

ues

/ ca

sh r

ecei

ved

re

cord

ing

and

seria

l iss

ue o

f ca

sh /

ch

eque

re

ceiv

ed

vouc

hers

.

Inad

equa

te

fund

s m

anag

emen

t re

sulti

ng

in

idle

fu

nds

and

notio

nal

loss

on

id

le

fund

s

a.

C

hequ

e bo

oks

b.

PD

Cs

c.

Cas

h V

ouch

ers

50


R

isks

, Che

cklis

ts, A

udit

Pro

gram

me

51

Form

at N

o: B

/4.1

.3.

Ass

ignm

ent N

o A

ssig

nmen

t Nam

e

Eng

agem

ent M

anag

er

Com

pany

Nam

e

4.1.

3 H

uman

Res

ourc

es P

roce

ss R

evie

w C

heck

list

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

-tio

ns

HR

Pla

nnin

g Pr

oces

s

a.

Und

erst

and

the

proc

ess

of H

R p

lann

ing

to

verif

y th

at

adeq

uate

st

eps

are

take

n to

en

sure

th

at

the

cand

idat

e re

quire

men

t pr

ojec

ted

is ju

stifi

able

Pos

ition

s re

crui

ted

not

adeq

uate

ly

just

ified

res

ultin

g in

in

crea

sing

H

R

Cos

ts.

Che

ck

for

requ

irem

ents

whi

ch

are

not

prop

erly

au

thor

ized

.

H

R

Pla

n no

t m

eetin

g th

e ob

ject

ives

of t

he

Com

pany

b. C

ompa

re a

ctua

l vis

--

vis

the

plan

and

che

ck

for

maj

or

devi

atio

ns

if an

y

Num

ber

of p

erso

ns

recr

uite

d in

ex

cess

/sho

rt th

ereb

y re

sulti

ng i

n in

adeq

uate

H

R

sizi

ng

a.

Ann

ual

HR

P

lan

51


Man

ual o

n In

tern

al A

udit

52

Ris

k Li

stin

g (W

hat W

rong

C

an H

appe

n)

Aud

it St

eps

to V

erify

Im

pact

Ana

lysi

s A

udito

r C

heck

list

Tim

e fo

r A

udit

Step

Info

rmat

ion

Req

uire

d fr

om

Aud

itee

Obs

erva

-tio

ns

c.

V

erify

if

any

actio

n ta

ken,

whi

ch is

dev

iatin

g fro

m th

e pl

an h

as g

ot th

e ap

prov

al

of

the

conc

erne

d pe

rson

as

per

the

Del

egat

ion

of

Aut

horit

y de

fined

by

the

com

pany

App

rova

l no

t as

sign

ed

for

devi

atio

ns

resu

lting

in

no

n co

mpl

ianc

e w

ith

polic

y an

d in

adeq

uate

co

ntro

l ef

fect

iven

ess

Rec

ruitm

ent P

roce

ss

a.

Ver

ify

the

proc

ess

carr

ied

out

for

sele

ctio

n of

the

cand

idat

e. E

nsur

e if

it is

in

-hou

se

or

outs

ourc

ed

to

recr

uitm

ent a

genc

y

Sel

ectio

n of

C

andi

date

no

t as

pe

r th

e re

quire

men

ts

of

the

Com

pany

b. If

it is

out

sour

ced

to a

re

crui

tmen

t ag

ency

ve

rify

if th

e pr

oces

s ca

rrie

d ou

t fo

r se

lect

ion

of

the

agen

cy

is

done

af

ter p

rope

r eva

luat

ion

Impr

oper

se

lect

ion

of

recr

uitm

ent

agen

cy r

esul

ting

in

recr

uitm

ent f

law

s.

a.

Req

uisi

tion

form

whe

rein

the

re

quire

men

t of t

he

cand

idat

e an

d th

e ex

pect

atio

ns

are

fille

d in

b.

Iner

view

/Ass

essm

ent

form

c.

Can

dida

te's

re

sum

e d.

O

ffer

lette

r e.

R