manual on ia - icai
DESCRIPTION
IATRANSCRIPT
-
Manual on Internal Audit
DISCLAIMER : The views expressed in the Manual on Internal Audit are those of the
author(s). The Institute of Chartered Accountants of India may not
necessarily subscribe to the views of the author(s).
The Institute of Chartered Accountants of India
(Set up by an Act of Parliament) New Delhi
-
ii
The Institute of Chartered Accountants of India
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form, or by any means, electronic mechanical, photocopying, recording, or otherwise, without prior permission, in writing, from the publisher.
Edition : January, 2009
Website : www.icai.org
Email : [email protected]
Price : Rs. 400/- (Including CD)
ISBN : 978-81-8441-179-9
Published by : The Publication Department on behalf of CA. Puja Wadhera, Senior Assistant Director, Internal Audit Standards Board, The Institute of Chartered Accountants of India, Indraprastha Marg, New Delhi 110 002
Printed by : Sahitya Bhawan Publications, Hospital Road, Agra 282 003
January/2009/1000 Copies
-
iii
Foreword
The year 2008-09 has been a very active year for the Internal Audit Standards Board. The year has seen the Board issuing a number of Standards on Internal Audit as well as other technical literature such as generic and industry specific technical guides. I am happy to note that the Board is brining out this Manual on Internal Audit.
This is first of its kind of Manual on internal audit to be published by the Institute as it contains a step by step approach to conduct internal audit, right from appointment to reporting. The Manual has been developed by a team of experts in the field of internal audit and risk management and the fact is amply reflected in the fine balancing of conceptual vis a vis practical approach to internal audit in the Manual.
I appreciate that despite being a highly technical document, the Manual has been written in a very simple and lucid manner. Besides, the guidance contained herein being generic in nature, the Manual can be gainfully used by all the internal auditors across the cross section of industry type and size.
At this juncture, I wish to compliment all members of Internal Audit Standards Board, especially, the Chairman, CA. Abhijit Bandyopadhyay for having conceived the idea.
I am sure that this Manual, like other publications of the Board, would be warmly received and appreciated by the members and other interested readers.
January 16, 2009
New Delhi
Ved Jain
President, ICAI
-
v
Preface
Contemporary internal audit is a vast field with a number of facets to be understood and addressed. The Internal Audit Standards Board has been working relentlessly to bring out more and more quality literature for the guidance of the members. Till date the Board has brought out not only more than ten Standards on Internal Audit (SIAs) on various significant aspects of internal audit, it has published a number of widely appreciated generic as well as industry specific technical guides for the benefit of the members.
When the Board conceived the idea of having a Manual on Internal Audit, the basic objective behind the same was to bring out a comprehensive publication on internal audit, containing practical guidance on conducting an internal audit in a real life scenario. Accordingly, the Board roped in the services of an expert in the area of internal audit and risk management to prepare this Manual. The Manual, as you would see, is quite comprehensive, providing a step by step guidance on every aspect of internal audit. It is divided into four main parts. Part A deals with Internal Audit Engagement Management, Part B deals with Internal Audit Project Management, Part C deals with Close Outs and Part D deals with General Annexures. While each of the Parts is further divided into relevant sub topics, Part B contains, guidance on aspects such as overall planning, pre audit opening, detailed walk throughs, report, checklists, audit programmes, report compilation, exit meeting and report issuance.
The Manual contains a number of templates as well as checklists for ready reference and easy use of the readers. The Manual has therefore, a wider usage and appeal. I personally feel that the Manual has turned out to be the first of its kind one stop reference for the internal auditors to be issued by the Institute.
I wish to place on record my thanks for Shri Ved Jain, President, and Shri Uttam P Agarwal, Vice President, ICAI for their vision and unstinted support in the activities of the Internal Audit Standards Board. I also wish to express my sincere gratitude to all my colleagues from the Council at the Internal Audit Standards Board, viz., CA. Bhavna G. Doshi, Vice Chairperson, CA. Sunil H. Talati, CA. Mahesh P. Sarda, CA. Shanti Lal Daga, CA. K. P. Khandelwal, CA. Manoj Fadnis, CA. Anuj Goyal, CA. Amarjit Chopra, Shri Manoj K Sarkar, Shri K. P. Sasidharan, Dr. Pritam Singh and Shri O. P. Vaish for their vision and support. I also wish to place on records my gratitude for the co-opted members on the Board, viz., CA. Partha Sarathi De, CA. N. K. Aneja, CA. Charanjit S. Attra, CA. Nagesh D. Pinge as also special invitees on the Board, viz., CA. Harinderjit Singh (my Council colleague), CA. Deepak Wadhawan, CA. Manu Chadha, CA. Santosh Nair and CA. Amit Roy for their free and frank views, invaluable guidance as also their dedication and support to the various initiatives of the Board. I also wish to thanks to CA. K. Raghu (my Council colleague), for his support in bringing out the Manual. I also wish to express my thanks to CA. Puja Wadhera, Secretary, Internal Audit Standards Board and her
-
vi
team of officers, CA. Gurpreet Singh, Senior Executive Officer and CA. Arti Aggarwal, Executive Officer for their efforts in giving final shape to the Manual.
I am sure that the Manual would be warmly received by the interested readers and would be recounted as a landmark publication of the Institute. January 19, 2009
Kolkata
Abhijit BandyopadhyayChairman, Internal Audit Standards Board
-
Contents
Page No Foreword..(iii)
Preface. (v)
Format No
Part - A Internal Audit Engagement Management A/1 Initial Introduction Letter 3A/2 Proposal of Internal Audit Services 4A/3 Engagement letter 9A/4 Scope and Objective 15A/5 Organization Background 16A/6 Industry Research 18A/7 List of Files and Contents 20
Paet - B Internal Audit Project Management B/1 Overall Planning 23
Pre Audit Opening 25B/2.1 Opening Meeting Control Statement 25B/2.2 General Process Understanding 26B/2.3 Data Needs Identification and Collection 28B/2.4 Data Analysis and Summary Preparation 29B/2.5 Previous Audit Report Analysis 30B/2.6 Brain Storming Sessions (Internal) 31
Detailed Walk Throughs 32B/3.1 Selection of sample 32B/3.2 Walk Through Tracking 33B/3.3 Documentation of Walk Through 34
Risks, Checklists, Audit Programme 37 Listing of Risks and Audit Programme (Checklists) 37
B/4.1.1 Corporate Risks Review Checklist 37B/4.1.2 Finance and Accounts Risks Review Checklists 43B/4.1.3 Human Resources Process Review Checklists 51B/4.1.4 Inventory Risks Review Checklists 65B/4.1.5 Information Security Review Checklists 74B/4.1.6 Marketing Risks Review Checklists 83B/4.1.7 Purchases Risks Review Checklists 88
-
viii
B/4.1.8 Production Risks Review Checklists 93B/4.1.9 Sales and Despatch Risks Review Checklists 101
B/4.1.10 Statutory Compliances Review Checklists 106B/4.1.11 Administration Risks Review Checklists 120
B/4.2 Planning and Execution of Audit Programme 124B/4.3 Compilation of Observations and Draft Reporting 129B/4.4 Quality Check of Evidences Collection 132
Report Compilation 133B/5.1 Draft Audit Report 133B/5.2 Covering Letter for Draft Report by Email/ Letter Head 136B/5.1 Collection of Management Comments 137
Exit Meeting 138B/5.2 Fixing of the Meeting Time 138
B/6.2A, B/6.2B Presentation and Action Plan Preparation 139
B/5.1 Updation of the Action Plan into the Draft Report 144 Report Issue 145
B/7.1 Final Report Release Checklist 145B/7.2 Audit Committee Presentation (Where Applicable) 147B/7.3 Audit Feedback Collection 154
Work Paper Closures 157 Work Papers Compilation and Quality Audit Closures 157
B/8.1A Quality Audit Checklist 157B/8.1B Quality Audit Action Plan Statement 161B/8.2 Knowledge Bank Updation 162
Part -C Close Outs C/1 Invoice Format 165C/2 Out of Pocket Expenses Tracking 166C/3 Overall Closure Checklists 167
Part - D General Annexures D/1 Confirmation of Meetings Format 171D/2 Minutes of Meetings Formats 172D/3 Agenda of the Meeting 173D/4 Standards on Internal Audit Issued by the ICAI 175
-
1
PART A
Internal Audit Engagement Management
-
2
-
3
Initial Introduction Letter Format No: A/1
Date: ,
.
To
Mr./Mrs. , ,
,
.
Dear Sir,
Sub: Introduction of Our Internal Audit Services
In continuation to your request, we are very happy to introduce XYZ & Co, one of a specialist in delivering you high value Internal Audit Services based at . We are a team of XX Chartered Accountants, XX Information Systems Auditors, XX Internal Auditors.
Our methodology is adopted from global standards and ICAI standards and would be providing required value add. Some of the clients whom we have delivered the services are Client 1, Client 2, Client 3, Client 4 etc. to name a few.
Please also find attached a detailed profile1 of our organization for your review. We look forward to hear from you in this regard.
Warm Regards,
For XYZ & Co.
XYZ,
Partner 2 3
1 Attach your organizations profile to this letter. Please comb-bind the profile for presentation. 2 The objective of this letter is just to introduce your organization subject to a request from the client. 3 The letter should be preferably signed by the Partner of the organization or an authorized representative. Keep an
office copy of this letter. A file viz., Initial Introduction Letters may be opened to track all the letters.
-
4
Proposal for Internal Audit Services1
Format No: A/2
Overview:
Scope and Objective: The objectives for the internal audit are as under:
Evaluate the business processes to ensure that they are aligned to the business objectives. Evaluate the compliance to both the internal policies and procedures of the company and
external regulations to the extent applicable to the following key processes.
Evaluate the effectiveness and efficiency of the identified processes and related internal controls.
Evaluate the accuracy of accounting information systems supporting the process. Evaluate progressively the risks relating to the business management covering information
technology and general process
Scope of work / Areas to be covered as part of Internal Audit:
The scope shall be covering the transactions for the period to
Management Process
Process 12 Process 2 Marketing
Process 1 Process 2 1 Proposal may be printed on the letter head of the organization or a simple A4 Size Sheet. 2 You may also add a list of risks that shall be looked into in the process.
-
Proposal for Internal Audit Services
5
Contract/Project Management
Process 1 Process 2 Client Relationship Management
Process 1 Process 2 HR Process
Process 1 Process 2 Finance and Accounts
Process 1 Process 2 Administration and Logistics
Process 1 Process 2 Information Technology
Process 1 Process 2 The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.
Methodology and Deliverables3
We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.
3 Each firm may have its own methodology / format of deliverables. This is model only.
-
Manual on Internal Audit
6
The following are the benefits for the organization from outsourcing:
Global best methodology for handling Internal Audits
Relevant business / process / internal audit expertise and access to best practices
Structured deliveries with performance indicators and terms of delivery
Saving costs and efforts for the organization and help management concentrate on core competency
Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.
Pre Audit Opening
General Process Understanding Data Analysis and Summary Preparation Planning of Audit Detailed Walk Through
Detailed Walk Through Documentation of Walk Through Results Risks, Checklists, Audit Programme
Listing of Risks and Audit Programme (Checklists) Generation of Exceptions through Analytics Planning of Audit Programme Delivery Execution of Audit Programme Compilation of Observations and Draft Reporting Quality Check of adequacy of Evidences and Work Paper Linking Supervisory Review and Confirmation Report Compilation
Preparation of Audit Report Circulation of the Draft Report for Management Comments Collection of Management Comments Exit Meeting
Fixing of the Meeting Time Presentation and Action Plan Preparation Updation of the Action Plan into the Draft Report
-
Proposal for Internal Audit Services
7
Report Issue
Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI Audit Committee Presentation (Where Applicable) Audit Feedback Collection Each Audit Report shall contain the following information:4
Executive summary High, Medium, Low Risk Areas classified separately Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments,
Annexures of evidences
Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.
Presentation to management and Audit Committee The Audit shall be conducted as per the Standard on Internal Audit (SIA) 4 for Reporting released by ICAI.
Team, Schedule and Professional Fees:
Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:
Sl No Particulars / Name of the Resource
5 No of man days / man
months Qualifications
1 Partner
2 Senior Manager
3 Senior Associates / Consultants
4 Associates / Consultants
5 Junior Associates / Consultants
Total Time
Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.6
4 Incase you would like to expand the deliverables, it can be done. Sometimes clients would like to know what is the format of deliverable, in such cases, an annexure may be added. 5 A detailed resource list may be given where necessary. 6 It is always good practice to add commentary about service tax and out of pocket expenses (OPEs) applicability / inclusion.
-
Manual on Internal Audit
8
Resources Required
An audit room will be set up having the sufficient no. of Table and chairs along with White board for meeting and discussion.
Access to all the data, record, employees required for the effective performance of internal audit.
Computers with access to company ERP, email and other systems with printing facility with adequate stationary.
Project Coordination:
We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator.
About XYZ & Co
7
8
7 Logos of clients may be given, whereas prior permission of clients may be necessary. 8 Some firms also add confidentiality clause / non-compete clause in the proposal itself.
-
9
Engagement Letter
Format No: A/3
Date: ,
.
To
Mr./Mrs. ,
,
,
.
Dear Sir,
Sub: Internal Audit Engagement Letter
With regards to the discussions we had on DD/MM/YYYY and in continuation with the proposal given on DD/MM/YYYY, please find the Engagement Letter for the Internal Audit Assignment with the following Scope, Objective and Timelines:
Scope and Objective:1 The objectives for the internal audit are as under:
Evaluate the business processes to ensure that they are aligned to the business objectives. Evaluate the compliance to both the internal policies and procedures of the company and
external regulations to the extent applicable to the following key processes.
Evaluate the effectiveness and efficiency of the identified processes and related internal controls.
Evaluate the accuracy of accounting information systems supporting the process. Evaluate progressively the risks relating to the business management covering information
technology and general process
1 Specific objectives of client may be elaborated here.
-
Manual on Internal Audit
10
Scope of work / Areas to be covered as part of Internal Audit: The scope shall be covering the transactions for the period to
Management Process
Process 1 Process 2 Marketing
Process 1 Process 2 Contract/Project Management
Process 1 Process 2 Client Relationship Management
Process 1 Process 2 HR Process
Process 1 Process 2 Finance and Accounts
Process 1 Process 2 Administration and Logistics
Process 1 Process 2 Information Technology
Process 1 Process 2 The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.
-
Engagement Letter
11
Methodology and Deliverables2 We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.
The following are the benefits for the organization from outsourcing:
Global best methodology for handling Internal Audits
Relevant business / process / internal audit expertise and access to best practices
Structured deliveries with performance indicators and terms of delivery
Saving costs and efforts for the organization and help management concentrate on core competency
Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.
Pre Audit Opening
General Process Understanding Data Analysis and Summary Preparation Planning of Audit Detailed Walk Through
Detailed Walk Through Documentation of Walk Through Results Risks, Checklists, Audit Programme
Listing of Risks and Audit Programme (Checklists) Generation of Exceptions through Analytics Planning of Audit Programme Delivery Execution of Audit Programme 2 Some clients may not want a detailed methodology to be given in the engagement letter.
-
Manual on Internal Audit
12
Compilation of Observations and Draft Reporting Quality Check of adequacy of Evidences and Work Paper Linking Supervisory Review and Confirmation Report Compilation
Preparation of Audit Report Circulation of the Draft Report for Management Comments Collection of Management Comments Exit Meeting
Fixing of the Meeting Time Presentation and Action Plan Preparation Updation of the Action Plan into the Draft Report Report Issue
Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI Audit Committee Presentation (Where Applicable) Audit Feedback Collection Each Audit Report shall contain the following information: Executive summary High, Medium, Low Risk Areas classified separately Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments,
Annexures of evidences
Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.
Presentation to management and Audit Committee Team, Schedule and Professional Fees: Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:
Sl No Particulars / Name of the Resource
No of man days / man months Qualifications
1 Partner 2 Senior Manager 3 Senior Associates / Consultants 4 Associates / Consultants 5 Junior Associates / Consultants Total Time
-
Engagement Letter
13
3Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.
Resources Required An audit room will be set up having the sufficient no. of Table and chairs along with White
board for meeting and discussion.
Access to all the data, record, employees required for the effective performance of internal audit.
Computers with access to company ERP, email and other systems with printing facility with adequate stationary.
Project Coordination: We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator. It is the duty of the Project Coordinator to organize the information and time of the process owners. Any delay due to coordinator or process owner shall not be the responsibility of the Internal Audit Service Provider.
Confidentiality Clause: We shall maintain confidential all the information collected as part of the engagement and shall not disclose them unless until necessary as per the regulations of the land of assignment. Incase of need to disclose the information, we shall take the permission of the client coordinator before disclosing.
Termination Clause: The assignment can be terminated by either parties by giving a notice in advance of atleast 1 month. Thereafter the information / documentation collected shall be returned back to the client.
4Incase of negligence, quality standards compromise, and willful default, the client shall have the right to be indemnified for all the costs till the date of termination.
3 Some clients may be interested to add a detailed Gantt chart of the project. 4 Some clients may also be interested to add a Quality Assurance Clause.
-
Manual on Internal Audit
14
Signing of the Contract:
For XYZ & Co.,5
XYZ,
Partner
On behalf of Client
For
5 Please ensure that the seal is put on the Contract. The engagement letter shall be made in two copies, one for each party.
-
15
Scope and Objective Statement
Format No: A/4
Assignment No Assignment Name
Engagement Manager
Company Name
Objective of the Assignment1 a.
b.
c.
d.
Scope of the Assignment2 a.
b.
c.
d. 3
1 Please define in as much detail as possible the objectives for which the assignment is being handled. Objective is the element, one is trying to achieve at the end of the project. It is very important that the objectives are defined as clearly as possible to eliminate ambiguity. 2 Define the areas of coverage, it may be in period / departments / divisions / business processes / locations / units etc., The scope should be linked to objectives. 3 It is recommended to do as much brainstorming as possible to define this document at the planning stage.
-
16
Organization Background
Format No: A/5
Assignment No Assignment Name
Engagement Manager
Company Name
General Business Understanding
Overview of Business
Overview of Industry Segment1
Specific Risks faced by Industry Segment
1 Use Internet search engines, industry publications, websites, research reports.
-
Organization Background
17
Important Statistics (Financial, Manpower etc.) Collected2
Organization Structure and Decision Hierarchy3
Business Goals, Objectives
Description about the Business Systems, IT Infrastructure4
2 Obtain important performance statistics which shall help understand organizations current state of affairs. 3 Please give annexure where necessary. You may use MS-Visio or MS-Excel to prepare organization structures. 4 Detail about the systems and procedures currently in place. Also capture the level of standardization in the organization ie. Existence of Standard Operating Procedures, Policies etc.,
-
18
Industry Research
Format No: A/6
Assignment No Assignment Name
Engagement Manager
Company Name
The objective of this document is to identify the industry practices / competitor practices so as to enable the organization under to benchmark itself.1
List of Competitors and availability of Information with regards to financials, processes etc.
List of Best Practices Adopted by Industry
Sl No Area / Best Practice Source Name of the Company
1 The strength of this document projects you as an industry resource to the clients.
-
Industry Research
19
Key Performance Indicators of Various Business Processes in Industry
Sl No Performance Indicator Business / Business Process Source Name of the Company
Names of Industry Publications, Associations, Websites, Industry Consultants, Specialists
-
20
List of Files and Contents
Format No: A/7
Assignment No Assignment Name
Engagement Manager
Company Name
Sl No Contents of the Files A Name of the File: Client Master File (Project wise divider)
1 Proposal Copy
2 Engagement Letter, Purchase Order, Service Order, Appointment Order
3 Client Strategic Communications
4 Invoices, Cheque Receipts, OPE Claims
5 Any other relevant information
B Name of the File: Assignment File (Phase of Assignment wise divider)1
1 Scope, Objective Document
2 Organization Background
3 Industry Research
4 Minutes of Various Meetings
5 Work Papers
6 Risks Listing and Audit Programme with completed work papers
7 Draft Audit Report
8 Management Exit Meet Minutes
9 Final Report and Presentation2
10 Implementation Status Updates
11 Quality Audit Checklist
12 Documents Collected from the Client for Audit purposes3
13 Feedback Form
14 Overall Closure Checklist
1 Open multiple files if one file is not adequate. 2 It is a good practice to show links between the observations in the final report to the work papers evidencing them. 3 If the data collected is in bulk form, it may be written on a CD and filed.
-
21
PART B
Internal Audit Project Management
-
22
-
23
Overall Planning
Format No: B/1
Assignment No Assignment Name
Engagement Manager
Company Name
Team Identification for the Engagement:
Sl.no Type of Competency Required Period for Which Required
Name of Person Selected
Project Costing: Sl.no Expenditure type Planned
1 Man month Costing
2 Other Direct Costing
3 Administrative Costs
Total
Amount Billed
Profitability
% age of Profitability
Detailed Planning Sl. No Form Name Planned Date Auditor
1 Opening Meeting
2 Scope and Objective of the Assignment
3 Assignment Scheduling
-
Manual on Internal Audit
24
Sl. No Form Name Planned Date Auditor
4 Planning
4.1 General Process Understanding
4.2 Data Analysis
4.3 Walk Through
4.4 Documentation of Walk Through
4.6 Risks and Audit Programme Generation
4.7 Field Work Scheduling
5 Field Work
5.1 Field Work Execution
5.2 Draft Report Generation and Circulation
6 Exit Meeting
6.1 Draft Report with management comments
7 Final Report Issue
7.1 Structured Reporting
7.2 Presentation of Finding
8 Follow up and Implementation
8.1 Follow Up Check list
9 General Administrative Closures
9.1 Invoice Generation
9.2 Out of Pocket Expenses Collection
9.4 Client Feedback
9.5 Opportunity for future Businesses
9.6 Knowledge Base Updation
10 Quality Audit
10.1 Quality Review Report and Action Statement
10.2 File Closure
Any Other Remarks Manager Partner
-
Pre Audit Opening 2.1 Opening Meeting Control Statement
Format No: B/2.1
Assignment No Assignment Name
Engagement Manager Company Name
Date of Meeting Department Participants from Auditees Participants from Internal Audit Team Name Designation Name Designation
Sl No Steps of Opening Meet Handled by Documentation 1 Introduce the Internal Audit members to the
Auditees and explain about the objectives and methodology of the Audit
2 Explain about the time schedule of the project and the names of persons from the Auditee end to coordinate
3 Understand specific objectives of the Auditees and the business goals etc.,
4 Understand the specific performance indicators used to measure in the area under Audit
5 Get a general understanding of the business process, ERP etc.
6 Collect various operating procedures, policies
7 (Reffer footnote)
Any further specific questions may be raised apart from generic. Whereas, the objective of the meet is to give a very high level understanding on the audit.
-
Manual on Internal Audit
26
2.2 General Process Understanding
Format No: B/2.2
Assignment No Assignment Name Engagement Manager
Company Name
Name of the Process1
Major Process Name
Process Owner Division Location
Date of Process Analysis
No of Employees
System ERP / Manual
Process Objectives
Process Performance Measures
Process Map2
1 Document only the most important processes which relate to our audit objectives. 2 Process Maps can also be done using MS-Visio, Excel. Whereas, MS-Word may be most frequently used tool.
-
Pre- Audit Opening
27
Type of Boxes for Process Mapping34
3 We recommend basic flow charting techniques for process flow. You may also use advanced techniques where necessary. 4 Process flow should be signed off with the process owners.
Process / Activity /
Action Box Decision
Box
Filing, Document, Form etc.,
Process Gap
Indicator
-
Man
ual o
n In
tern
al A
udit
28
2.3
Dat
a N
eeds
Iden
tific
atio
n an
d C
olle
ctio
n5
Form
at N
o: B
/2.3
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl
No
Dat
a N
eeds
O
bjec
tive6
Pe
riod
to
be
Cov
ered
N
eces
sary
Fie
ldFo
rmat
in
Whi
ch R
equi
red
( E
xcel
/ Te
xt/P
DF)
Req
uest
ed
To
Dat
e of
R
eque
st
Expe
cted
D
ate
Act
ual D
ate
of
Col
lect
ion
5 T
he d
ata
colle
ctio
n m
ay b
e po
ssib
le w
ith E
RP
/ Tal
ly /
Exce
l / M
anua
l. 6 R
efer
to th
e R
isk
Che
cklis
ts fo
r mor
e in
form
atio
n on
Dat
a ne
eds
iden
tific
atio
n.
28
Manual on Internal Audit
-
Pre
- A
udit
Ope
ning
29
2.4
Dat
a A
naly
sis
and
Sum
mar
ies
Prep
arat
ion7
8
Form
at N
o: B
/2.4
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl N
o D
etai
ls o
f Dat
a A
naly
sis
Det
ails
of
Infe
renc
es9
Upd
ates
to th
e R
isk
List
ing
/ Aud
it Pr
ogra
mm
e / A
udit
5Rep
ort
Rem
arks
7 Th
e ob
ject
ive
of th
e do
cum
ent i
s to
con
solid
ate
the
anal
ysis
, res
earc
h, p
revi
ous
audi
t rep
orts
in a
n in
fere
nce
docu
men
t whi
ch s
hall
be a
n in
put t
o va
rious
oth
er p
hase
s,
repo
rts e
tc.
8 Th
is d
ocum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
9
Infe
renc
e m
ay b
e th
e co
nclu
sion
dra
wn
afte
r the
ana
lysi
s w
hich
in-tu
rn m
ay le
ad to
furth
er a
naly
sis,
in-d
epth
ver
ifica
tion,
dire
ct re
porti
ng e
tc.
29
Pre- Audit Opening
-
Man
ual o
n In
tern
al A
udit
30
2.5
Prev
ious
Aud
it R
epor
t Ana
lysi
s101
1
Form
at N
o: B
/2.5
A
ssig
nmen
t No
Ass
ignm
ent N
ame
E
ngag
emen
t Man
ager
Com
pany
Nam
e
Sl N
o A
udit
Rep
ort N
ame
/ Pe
riod
Det
ails
of I
nfer
ence
s12
Upd
ates
to th
e R
isk
List
ing
/ Aud
it Pr
ogra
mm
e / A
udit
Rep
ort
Rem
arks
10
The
obj
ectiv
e of
the
docu
men
t is
to c
onso
lidat
e th
e an
alys
is, r
esea
rch,
pre
viou
s au
dit
repo
rts in
an
infe
renc
e do
cum
ent
whi
ch s
hall
be a
n in
put
to v
ario
us o
ther
ph
ases
, rep
orts
etc
. 11
Thi
s do
cum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
12
Infe
renc
e m
ay b
e th
e co
nclu
sion
dra
wn
afte
r the
ana
lysi
s w
hich
in-tu
rn m
ay le
ad to
furth
er a
naly
sis,
in-d
epth
ver
ifica
tion,
dire
ct re
porti
ng e
tc.
30
Manual on Internal Audit
-
Pre
- A
udit
Ope
ning
31
2.6
Bra
in S
torm
ing
Sess
ions
(Int
erna
l)131
4
Form
at N
o: B
/2.6
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl N
o D
etai
ls o
f Pro
cess
es /
Ris
ks D
iscu
ssed
in
the
Sess
ion
Impo
rtan
t Con
clus
ions
U
pdat
es to
the
Ris
k Li
stin
g /
Aud
it Pr
ogra
mm
e / A
udit
Rep
ort
Rem
arks
13
Brai
nsto
rmin
g se
ssio
ns a
re a
ver
y go
od p
ract
ice
whe
re th
e C
onsu
ltant
s, M
anag
ers
and
Par
tner
s di
scus
s as
to th
e un
ders
tand
ing
of th
e pr
oces
ses,
risk
s an
d th
reat
s in
th
e or
gani
zatio
n an
d ev
olve
a d
eepe
r tho
ught
pro
cess
. Th
is is
als
o a
good
way
to e
xcha
nge
know
ledg
e in
you
r org
aniz
atio
n.
14
Th
is d
ocum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
31
Pre- Audit Opening
-
Detailed Walk Throughs
3.1 Selection of Samples1
Format No: B/3.1
Assignment No Assignment Name
Engagement Manager
Company Name
Mechanism for Selection of Sample:
Sl No Area of Verification Type of Sampling Technique to be used 1 To verify a process of very high concern with significant
materiality and impact on the bottom line of the organization
100% Verification
2 To verify a process in an ERP for the purpose of controls built inside the system (Automated Controls)
1 Sample
3 To verify a process not inside the ERP involving verification of a manual control and the objective is to get confidence on the entire population
Random Sampling2
4 To verify a process and understand the controls are working adequately only incase of significant value transactions
Random Sampling of transactions above threshold limit
5 To verify the controls in a specific attribute of transactions viz., of an individual, location, unit, time zone etc.,
Random Sampling of transaction satisfying the attribute
Samples Selected and Result Documentation
Sl No
Process to be verified and Objective to be achieved
Type of Sampling Adopted
No of Samples Selected3
Result of Verification4
Conclusions
1 Incase of usage of an Audit Tool viz., ACL, IDEA generally 100% transactions can be verified for exceptions study. 2 Seed technique may be used for random sample pick up. All the transactions should have equal probability of being picked up. Random number generator may be used for selection to avoid bias. 3 Attach a list of samples selected and the result of verification as an annexure. 4 Incase of high critical observations to be made, and the result is negative, you may confirm the conclusion by picking up further more sample.
-
Det
aile
d W
alk
Thro
ugh
33
3.2
Wal
k Th
roug
h Tr
acki
ng5
6
Form
at N
o: B
/3.2
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl N
o Sa
mpl
e Tr
ansa
ctio
n C
ontr
ol 1
C
ontr
ol 2
C
ontr
ol 3
C
ontr
ol 4
C
ontr
ol 5
C
ontr
ol 6
5 T
his
docu
men
t sho
uld
be u
sed
to tr
ack
the
wal
k th
roug
h / v
erifi
catio
n on
the
sam
ples
sel
ecte
d fo
r stu
dy.
6 Thi
s do
cum
ent m
ay b
e us
ed a
t the
tim
e of
pla
nnin
g or
at t
he ti
me
of fi
eld
wor
k.
33
Detailed Walk Through
-
Manual on Internal Audit
34
3.3 Documentation of Walk Through7
Format No: B/3.3
Assignment No Assignment Name
Engagement Manager
Company Name
Process 1: 8
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
7 It is not mandatory to document the processes always in the format given above, whereas once documented, it increases the clarity of the auditor on the business process and hence mistakes at the time of report are significantly reduced. 8 Process Sub Process can be as detailed as possible till it identifies an auditable area with clarity.
-
Detailed Work Throughs
35
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Process 2:
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
-
Manual on Internal Audit
36
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
-
Man
ual o
n In
tern
al A
udit
38
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
The
risk
that
ther
e is
no
clea
r suc
cess
ion
plan
, le
adin
g to
unc
erta
inty
a. D
oes
the
com
pany
hav
e cl
ear O
rgan
izat
ion
Cha
rt b.
Are
the
posi
tions
ad
equa
tely
fille
d in
c.
Is
ther
e a
succ
essi
on
plan
with
the
man
agem
ent f
or k
ey
posi
tions
a.
Org
aniz
atio
n C
hart
Ope
ratio
nal R
isks
Pos
sibi
lity
of fr
auds
, ill
egal
act
s a.
Has
th
e C
ompa
ny
desi
gned
pr
oces
ses
to
ensu
re t
hat
ther
e is
no
laps
e of
con
trol
lead
ing
to fr
auds
b.
Doe
s th
e M
anag
emen
t ac
t on
S
tatu
tory
an
d In
tern
al A
udit
Rep
orts
c.
Is
th
ere
a sy
stem
fo
r ev
alua
ting
lega
l co
mpl
ianc
e is
sues
a. A
udit
Com
mitt
ee
actio
n po
ints
The
use
of
inap
prop
riate
co
ntro
ls/p
erfo
rman
ce
mea
sure
s,
lead
ing
to
wro
ng c
oncl
usio
ns a
nd
infe
renc
es
abou
t pe
rform
ance
of
th
e
a. I
s th
ere
a M
IS
syst
em
high
light
s th
e pe
rform
-an
ces
of
the
vario
us
depa
rtmen
t an
d fu
nctio
ns
b. D
oes
the
Man
agem
ent
revi
ew
the
perfo
rm-
a.
M
IS
Rep
orts
re
ceiv
ed
by
Man
agem
ent
38
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
39
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
firm
's o
pera
tions
an
ces
and
take
effe
ctiv
e ac
tions
Ris
k of
ab
senc
e of
bu
dget
or
pl
anni
ng
syst
em
lead
ing
to
defo
cusi
ng o
f co
rpor
ate
oper
atio
ns
apar
t fro
m
lack
of i
mpo
rtant
con
trol
on s
pend
ing
a. I
s th
ere
a pr
oces
s of
ev
olvi
ng
annu
al
budg
et
in th
e or
gani
zatio
n b.
Is
budg
et c
onve
rted
into
O
pera
ting
plan
s
c.
Are
bu
dget
vi
s--
vis
actio
ns
mon
itore
d an
d co
rrec
tive
actio
ns t
aken
on
dev
iatio
ns
a.
A
nnua
l B
udge
t P
lan
b.
Ope
ratin
g P
lans
Ope
ratio
nal n
on c
larit
y af
fect
ing
perfo
rman
ce
a. D
oes
the
Com
pany
hav
e a
Sta
ndar
d O
pera
ting
Pro
cedu
re d
ocum
ent
for
each
pro
cess
es
b. I
s th
e S
OP
impl
emen
ted
succ
essf
ully
c.
Is
ther
e a
revi
ew o
f SO
P
frequ
ently
fo
r in
corp
orat
ing
chan
ges
a.
Sta
ndar
d O
pera
ting
Pro
cedu
res
Man
ual
Com
mun
icat
ion
Ris
ks
Inab
ility
of t
he c
ompa
ny
to
capt
ure
and
inst
itutio
naliz
e le
arni
ng
acro
ss th
e fir
m
a.
Are
tra
inin
g pr
ogra
ms
held
in
the
orga
niza
tion
for
trans
ferr
ing
know
ledg
e
a.
Li
st
of
train
ing
prog
ram
s an
d fe
edba
ck g
iven
39
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
40
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
b.
Doe
s th
e co
mpa
ny h
ave
a kn
owle
dge
base
The
risk
that
co
mm
unic
atio
n fro
m to
p m
anag
emen
t ge
ts
lost
in
tran
sitio
n
a.
Cap
ture
th
e pr
oces
s of
m
ovem
ent
of
mem
os/c
ircul
ars
and
eval
uate
if th
e pr
oces
s is
ad
equa
te
HR
Ris
ks
App
rais
al p
roce
sses
for
th
e em
ploy
ees
not
linke
d w
ith
the
com
pany
's o
bjec
tive
a. A
re
Key
P
erfo
rman
ce
Indi
cato
rs
desi
gned
fo
r ea
ch f
unct
ion
and
each
pe
rson
in
th
e or
gani
zatio
n b.
Are
th
e ex
pect
atio
ns
com
mun
icat
ed
to
the
empl
oyee
a.
K
ey
Per
form
ance
In
dica
tors
Inad
equa
te s
kill
set a
nd
know
ledg
e w
ith
firm
's
key
peop
le
a. C
heck
th
e pr
oces
s of
re
crui
tmen
t fo
r ke
y po
sitio
ns
b. A
re t
he r
equi
rem
ents
of
the
posi
tions
wel
l def
ined
Mar
ketin
g R
isks
Ris
k of
cu
stom
er
diss
atis
fact
ion
a. H
as
the
Man
agem
ent
take
n co
nsci
ous
effo
rts
for q
ualit
y im
prov
emen
t
a.
Qua
lity
docu
men
ts
40
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
41
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
b. H
as
the
com
pany
im
plem
ente
d qu
ality
st
anda
rds
such
as
Si
x S
igm
a or
IS
O
for
mai
ntai
ning
qu
ality
an
d th
ereb
y cu
stom
er
satis
fact
ion
Pos
sibi
lity
of
prod
uct
getti
ng o
bsol
ete
or n
ot
mee
ting
the
budg
et
requ
irem
ents
a. D
oes
the
com
pany
inve
st
in
Res
earc
h an
d D
evel
opm
ent,
Pro
duct
de
sign
etc
b.
Are
ef
forts
ta
ken
for
expl
orat
ion
of
new
pr
oduc
ts
c.
Are
ne
w
mar
kets
ex
plor
ed
for
adeq
uate
pr
oduc
t an
d m
arke
t sp
read
Pos
sibi
lity
of
busi
ness
cy
cles
, w
heth
er i
n ow
n bu
sine
ss o
r in
eco
nom
y in
ge
nera
l, cr
eatin
g vo
latil
e gr
owth
/pro
fitab
ility
si
tuat
ion
a. H
as th
e co
mpa
ny d
one
a ris
k as
sess
men
t exe
rcis
e to
ide
ntify
key
are
as o
f ris
k b.
Doe
s th
e co
mpa
ny h
ave
a ad
equa
te
busi
ness
co
ntin
uity
an
d di
sast
er
reco
very
pla
ns
a.
B
usin
ess
Con
tinui
ty
and
Dis
aste
r R
ecov
ery
Pla
n
41
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
42
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Ris
k fro
m
choo
sing
w
rong
pa
rtner
s,
inad
equa
te
com
mitm
ent,
poor
ex
ecut
ion
a.
Is
adeq
uate
ev
alua
tion
done
pr
ior
to
ente
ring
into
co
ntra
cts,
jo
int
vent
ures
etc
b.
A
re
Ser
vice
Le
vel
Agr
eem
ent
draw
n fo
r en
gage
men
ts
and
revi
ewed
42
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
43
Form
at N
o: B
/4.1
.2.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
2 Fi
nanc
e an
d A
ccou
nts
Ris
ks R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Rec
eiva
bles
Acc
ount
ing
and
Man
agem
ent P
roce
ss
Inef
fect
ive
proc
ess
of
invo
ice
gene
ratio
n
Che
ck
the
follo
win
g in
in
voic
es:
a. A
re th
e in
voic
es s
eria
lly
cont
rolle
d an
d ve
rify
if th
ere
are
any
dupl
icat
e,
canc
elle
d in
voic
es
and
asce
rtain
the
rea
sons
for
th
e sa
me1
b.
Che
ck if
the
calc
ulat
ion
of
disc
ount
s,
reba
tes,
pr
ices
etc
are
acc
urat
e by
ve
rifyi
ng
it ag
ains
t th
e te
rms
and
cond
ition
s
Invo
ices
no
t bo
oked
ac
cura
tely
an
d co
mpl
etel
y re
sulti
ng in
re
venu
e lo
ss
for
the
com
pany
. C
alcu
late
the
am
ount
to
be
invo
iced
aga
inst
th
e am
ount
in
voic
ed
and
chec
k w
ith
rece
ipts
to
iden
tify
the
quan
tum
of
re
venu
e lo
ss
1.
In
voic
es
Reg
iste
r/Lis
t 2.
S
uppo
rting
do
cum
ents
su
ch
as
term
s an
d co
nditi
ons
3.
Pay
men
t R
egis
ter
4.
Cre
dit N
otes
5.
D
ebto
r R
econ
-ci
liatio
n an
d co
nfirm
atio
n do
cum
ents
6.
B
ad
Deb
ts
writ
ten
off
1 A
naly
sis
of In
voic
e ca
n be
don
e us
ing
CA
AT
tool
s
43
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
44
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Cal
cula
te
the
dela
ys
in
gene
ratio
n an
d po
stin
g /
disp
atch
ing
of
invo
ices
w
ith r
easo
ns a
s w
ell
as
agei
ng a
naly
sis
Del
ays
in
invo
icin
g re
sulti
ng i
n de
lays
in
rece
ipts
an
d fu
nds
bloc
kage
. C
alcu
late
the
ave
rage
nu
mbe
r of
da
ys
of
dela
y an
d th
e ca
sh
flow
los
s du
e to
non
re
ceip
t of
fu
nds
on
time
Che
ck i
f cr
edit
note
s ar
e po
sted
acc
urat
ely
and
are
auth
oriz
ed
by
the
desi
gnat
ed p
erso
nnel
Cre
dit
note
s no
t ac
cura
tely
po
sted
re
sulti
ng
in
reve
nue
leak
age
Cal
cula
te t
he r
even
ue
loss
due
to s
uch
cred
it no
tes
Inad
equa
te
rece
ivab
les
man
agem
ent
Gen
erat
e re
ceiv
able
s ag
eing
re
port
and
asce
rtain
reas
ons
for l
ong
pend
ing
outs
tand
ing
and
chec
k th
e pr
oced
ure
for
follo
w u
p of
out
stan
ding
s
Del
ays
in
mon
itorin
g re
ceip
ts
resu
lting
in
ca
sh
flow
lo
ss.
Cal
cula
te t
he a
vera
ge
num
ber
of
days
of
de
lay
and
the
cash
flo
w l
oss
due
to n
on
rece
ipt
of
fund
s on
tim
e.
44
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
45
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Obt
ain
the
docu
men
tatio
n re
latin
g to
de
btor
re
conc
iliat
ion
and
verif
y if
co
nfirm
atio
ns
for
the
bala
nces
ar
e ob
tain
ed
from
the
debt
ors
Mis
stat
emen
t of d
ebto
r ba
lanc
es
in
the
final
ac
coun
ts.
Rep
erfo
rm
the
reco
ncili
atio
n pr
oces
s to
ens
ure
accu
racy
of
calc
ulat
ions
.
Obt
ain
the
bad
debt
s lis
t an
d ch
eck
if au
thor
izat
ion
is o
btai
ned
for
writ
e of
f of
bad
debt
s.
Che
ck
the
proc
edur
e fo
r re
solu
tion
of u
nrec
onci
led
debt
s
Bad
deb
ts w
ritte
n of
f w
ithou
t su
ffici
ent
just
ifica
tion
resu
lting
in
finan
cial
loss
.
Paya
bles
Acc
ount
ing
and
Man
agem
ent P
roce
ss
Inad
equa
te
Pay
men
t P
roce
ss
Che
ck
the
paym
ents
to
en
sure
the
follo
win
g:
a.
Pay
men
ts
are
supp
orte
d by
rel
ated
P
urch
ase
Ord
ers,
G
oods
/Ser
vice
s R
ecei
pt
note
an
d ap
prov
al
from
th
e us
er
depa
rtmen
t fo
r re
ceip
t of
m
ater
ial/s
ervi
ce
Mis
mat
ch
betw
een
actu
al
paym
ent
and
paym
ent
to b
e m
ade
resu
lting
in
re
venu
e le
akag
es
a.
P
urch
ase
Ord
ers
b.
Pay
men
t V
ouch
ers
c.
Pay
men
t R
egis
ter
d.
Goo
ds/S
er-v
ice
deliv
ery
Not
es
45
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
46
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
b.
Pay
men
t en
try
is
mad
e ac
cura
tely
and
co
mpl
etel
y fo
r al
l th
e G
RN
/Ser
vice
not
es
c.
Pay
men
t is
mad
e as
pe
r th
e te
rms
and
cond
ition
s en
tere
d in
to w
ith th
e ve
ndor
e.
A
gree
men
t w
ith
the
vend
or
Cal
cula
te
the
dela
ys
in
post
ing
of
paym
ent
entri
es
with
re
ason
s as
w
ell a
s ag
eing
ana
lysi
s
Del
ay
in
paym
ent
resu
lts
in
unne
ce-
ssar
y lia
bilit
y im
pose
d as
per
the
ter
ms
and
agre
emen
ts
with
th
e ve
ndor
C
alcu
late
th
e in
tere
st
char
ged
by th
e ve
ndor
fo
r lat
e pa
ymen
t
a.
Cre
dito
rs a
gein
g an
alys
is
Che
ck i
f de
bit
note
s ar
e po
sted
acc
urat
ely
and
are
auth
oriz
ed
by
the
desi
gnat
ed
pers
onne
l. E
nsur
e th
at th
e re
ject
ions
ar
e au
thor
ized
by
de
sign
ated
per
sonn
el
Deb
it no
tes
not
supp
orte
d by
P
urch
ase
retu
rns
docu
men
ts
and
repl
acem
ent/a
djus
tme
nt n
ot m
ade
accu
rate
ly
for t
he d
ebit
note
s
a.
Deb
it no
tes
46
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
47
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Ver
ify
the
proc
ess
of
reco
ncili
atio
n of
de
bit/c
redi
t no
tes
and
acco
unts
pay
able
Dup
licat
e pa
ymen
ts
mad
e w
ithou
t re
ceip
t of
goo
ds/s
ervi
ce
a.
V
endo
r re
conc
iliat
ion
docu
men
ts
Ens
ure
that
all
dues
are
se
ttled
at
the
time
of t
he
full
and
final
se
ttlem
ent
and
adeq
uate
follo
w u
p
Del
ay
in
paym
ent
resu
lts
in
unne
ce-
ssar
y lia
bilit
y im
pose
d as
per
the
ter
ms
and
agre
emen
ts
with
th
e ve
ndor
C
alcu
late
th
e in
tere
st
char
ged
by th
e ve
ndor
fo
r lat
e pa
ymen
t
Gen
eral
Fin
anci
al C
losu
re S
yste
m
Boo
ks
of
acco
unts
no
t cl
osed
on
a
timel
y ba
sis
Che
ck t
he p
roce
dure
for
cl
osur
e of
bo
oks
and
acco
unts
and
ens
ure
that
th
e cl
osur
es a
re d
one
on
a tim
ely
basi
s. C
heck
if
the
follo
win
g ar
e cl
osed
: a.
Le
dger
Acc
ount
s b.
P
&L
acco
unt
c.
Bal
ance
She
et
d.
Cas
h Fl
ow s
tate
men
t e.
D
ebto
rs a
gein
g
Del
ays
in
clos
ure
lead
ing
to
non
avai
labi
lity
of fi
nanc
ials
fo
r re
view
an
d de
cisi
on m
akin
g.
Asc
erta
in
dela
ys
in
clos
ure
of b
ooks
and
en
sure
the
reas
ons
for
the
dela
y
a.
B
ooks
of
A
ccou
nt
b.
Ledg
er
sum
mar
ies
c.
Age
ing
repo
rts
d.
Ban
k R
econ
cilia
t-ion
S
tate
m-e
nt
e.
Sta
tuto
ry
rem
ittan
ces
47
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
48
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
f. C
redi
tors
age
ing
g.
Ban
k R
econ
cilia
tion
h.
Sta
tuto
ry re
mitt
ance
s
P
efor
m a
GL
scru
tiny
to
asce
rtain
an
y irr
egul
ariti
es
in
trans
actio
ns
post
ing
and
unde
rtake
a
deta
iled
revi
ew
whe
reve
r di
scre
panc
ies
are
iden
tifie
d E
nsur
e th
at t
here
are
no
unre
conc
iled
item
s on
op
enin
g ba
lanc
es
a.
Gen
eral
Led
ger
S
tudy
/
revi
ew
of
the
Not
es
to
acco
unts
ap
pend
ed fo
r ade
quac
y of
di
sclo
sure
an
d co
mpl
ianc
e w
ith s
tatu
tory
la
ws
C
ompa
re
bala
nces
with
pr
evio
us
perio
ds
and
prep
arat
ion
varia
nce
anal
ysis
repo
rt
Inac
cura
te u
pdat
ion
of
acco
unts
re
sulti
ng
in
mis
stat
emen
t in
fin
anci
als.
48
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
49
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Inad
equa
te
prov
isio
ning
C
heck
if
the
prov
isio
ns
mad
e ar
e ac
cura
te
and
subs
eque
nt
acco
untin
g en
tries
pa
ssed
ar
e co
rrec
t. C
heck
if
the
prov
isio
ns a
re a
utho
rized
as
per
the
Del
egat
ion
of
Aut
horit
y M
atrix
Fund
and
Cas
h M
anag
emen
t2
Inad
equa
te
budg
et s
yste
m
Rev
iew
th
e bu
dget
sy
stem
an
d ve
rify
the
follo
win
g:
a. B
udge
t is
prep
ared
and
au
thor
ized
on
an
an
nual
bas
is
b. E
xpen
ditu
re i
ncur
red
is
verif
ied
with
the
budg
et
and
corr
ectiv
e ac
tions
ar
e ta
ken
for
devi
atio
ns
from
the
budg
et
c. R
evis
ed b
udge
t if
any
is
auth
oriz
ed
as
per
Del
egat
ion
of A
utho
rity
Mat
rix
Inor
dina
te
devi
atio
ns
from
th
e bu
dget
re
sulti
ng
in
exce
ss/s
hort
spen
ding
a.
A
nnua
l Bud
get
b.
Var
ianc
e A
naly
sis
Rep
ort
2
Fund
s M
anag
emen
t wou
ld a
lso
incl
ude
revi
ew o
f For
eign
Exc
hang
e ga
ins/
loss
, tec
hniq
ue o
f hed
ging
etc
dep
endi
ng u
pon
the
natu
re o
f the
com
pany
.
49
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
50
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Ens
ure
if re
view
of
in
vest
men
ts
/ ba
nk
bala
nces
, in
tere
st e
arne
d an
d id
entif
icat
ion
of
idle
ba
lanc
es is
bei
ng d
one
.
a.
In
vest
men
t de
tails
b.
B
ank
deta
ils
and
bank
st
atem
ents
c.
In
tere
st d
etai
ls
In
adeq
uate
fu
nd u
tiliz
atio
n
Com
pare
inte
rest
pai
d on
cr
edit
obta
ined
fro
m
bank
s vi
s--
vis
idle
ba
lanc
es if
any
; and
cre
dit
cycl
e (c
redi
t ob
tain
ed
from
sup
plie
rs).
Ens
ure
if P
hysi
cal
verif
icat
ion
of
cash
is
do
ne
P
erio
dici
ty
/ tim
ings
and
rec
onci
liatio
n of
diff
eren
ces
in b
alan
ces
if an
y.
a.
C
ash
Reg
iste
r b.
P
hysi
cal C
ash
In
adeq
uate
co
ntro
l ov
er
phys
ical
ca
sh/c
hequ
es
Rev
iew
th
e sy
stem
of
In
tern
al
Con
trols
on
co
llect
ion
of
cheq
ues
/ ca
sh r
ecei
ved
re
cord
ing
and
seria
l iss
ue o
f ca
sh /
ch
eque
re
ceiv
ed
vouc
hers
.
Inad
equa
te
fund
s m
anag
emen
t re
sulti
ng
in
idle
fu
nds
and
notio
nal
loss
on
id
le
fund
s
a.
C
hequ
e bo
oks
b.
PD
Cs
c.
Cas
h V
ouch
ers
50
Manual on Internal Audit
-
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
51
Form
at N
o: B
/4.1
.3.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
3 H
uman
Res
ourc
es P
roce
ss R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
HR
Pla
nnin
g Pr
oces
s
a.
Und
erst
and
the
proc
ess
of H
R p
lann
ing
to
verif
y th
at
adeq
uate
st
eps
are
take
n to
en
sure
th
at
the
cand
idat
e re
quire
men
t pr
ojec
ted
is ju
stifi
able
Pos
ition
s re
crui
ted
not
adeq
uate
ly
just
ified
res
ultin
g in
in
crea
sing
H
R
Cos
ts.
Che
ck
for
requ
irem
ents
whi
ch
are
not
prop
erly
au
thor
ized
.
H
R
Pla
n no
t m
eetin
g th
e ob
ject
ives
of t
he
Com
pany
b. C
ompa
re a
ctua
l vis
--
vis
the
plan
and
che
ck
for
maj
or
devi
atio
ns
if an
y
Num
ber
of p
erso
ns
recr
uite
d in
ex
cess
/sho
rt th
ereb
y re
sulti
ng i
n in
adeq
uate
H
R
sizi
ng
a.
Ann
ual
HR
P
lan
51
Risks, Checklists, Audit Programme
-
Man
ual o
n In
tern
al A
udit
52
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c.
V
erify
if
any
actio
n ta
ken,
whi
ch is
dev
iatin
g fro
m th
e pl
an h
as g
ot th
e ap
prov
al
of
the
conc
erne
d pe
rson
as
per
the
Del
egat
ion
of
Aut
horit
y de
fined
by
the
com
pany
App
rova
l no
t as
sign
ed
for
devi
atio
ns
resu
lting
in
no
n co
mpl
ianc
e w
ith
polic
y an
d in
adeq
uate
co
ntro
l ef
fect
iven
ess
Rec
ruitm
ent P
roce
ss
a.
Ver
ify
the
proc
ess
carr
ied
out
for
sele
ctio
n of
the
cand
idat
e. E
nsur
e if
it is
in
-hou
se
or
outs
ourc
ed
to
recr
uitm
ent a
genc
y
Sel
ectio
n of
C
andi
date
no
t as
pe
r th
e re
quire
men
ts
of
the
Com
pany
b. If
it is
out
sour
ced
to a
re
crui
tmen
t ag
ency
ve
rify
if th
e pr
oces
s ca
rrie
d ou
t fo
r se
lect
ion
of
the
agen
cy
is
done
af
ter p
rope
r eva
luat
ion
Impr
oper
se
lect
ion
of
recr
uitm
ent
agen
cy r
esul
ting
in
recr
uitm
ent f
law
s.
a.
Req
uisi
tion
form
whe
rein
the
re
quire
men
t of t
he
cand
idat
e an
d th
e ex
pect
atio
ns
are
fille
d in
b.
Iner
view
/Ass
essm
ent
form
c.
Can
dida
te's
re
sum
e d.
O
ffer
lette
r e.
R