Concepts and Principles of Other Audits – CS Professional Study Material

Chapter 11 Concepts and Principles of Other Audits – Secretarial Audit Compliance Management and Due Diligence ICSI Study Material is designed strictly as per the latest syllabus and exam pattern.

Concepts and Principles of Other Audits – Secretarial Audit, Compliance Management and Due Diligence Study Material

Question 1.
Describe differences between Social audit and Takeover audit. (Dec 2019, 5 marks)
Answer:
A social audit is a way of measuring/ understanding/ reporting and ultimately improving an organization’s social and ethical performance. A social audit helps to narrow gaps between vision/goal and reality/ between efficiency and effectiveness. It is a technique .to understand/measure/verify/ report on and to improve the social performance of the organization.

Social auditing creates an impact upon governance. It values the voice of stakeholders/including marginalized/poor groups whose voices are rarely heard. Social auditing is taken up for the purpose of enhancing local governance/ particularly for strengthening accountability and transparency in local bodies.

Social audit is a process of reviewing official records and determining whether the reported expenditures reflect the actual money spent on the ground. A social audit is a formal review of a company’s endeavours in social responsibility.
The key difference between development and social audit is that a social audit focuses on the neglected issue of social impacts/ while a development audit has a broader focus including environment and economic issues/ such as the efficiency of a project or programme.

A social audit is an official evaluation of an organization’s involvement in social responsibility projects or endeavours. For example, a local family store makes a clothing donation to an NGO that has a homeless shelter for women and children. The store makes a similar donation three times a year. This is something that a social audit might uncover. Factors examined by a social audit include records of charitable contributions, volunteer events and efficient utilization of energy, transparency, work environment and employees wages.

Takeover audit: To provide the desired results to an investor and to ensure that the acquisition is executed in the most effective manner, the concept of the takeover audit has been evolved; the takeover audit provides a cost benefit analysis to suggest a strategic plan for the long term investment strategy. The audit provides for the Acquisition Audit as well as the interse Transfer performed by the acquirer.

Takeover Audit for merger/acquisition/takeover could be done as three parts:
pre-acquisition, post-acquisition and sell-side. Internal auditors or professionals with this domain expertise can contribute significant value by ensuring that a vibrant due diligence process is in place and operating as intended. A rigorous audit vide due diligence process help companies take advantage of legitimate new business opportunities while at the same time help minimize the risks. A strong audit cum due diligence process is critical to ensure that the acquirer is fully aware of all aspects of the proposed transaction and provides access to vital intelligence that is used to negotiate the final price and integrate the new subsidiary more effectively.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 2.
List the major differences between Cyber Audit and Forensic Audit. (Dec 2022, 5 marks)
Answer:

1. In Cyber Audit team of professionals conducts an organizational review to ensure that the correct and most up to date cyber and IT processes and infrastructure are being applied. Forensic Audit is a dynamic and Strategic tool in combating corruption, financial crimes and frauds through investigations and resolving allegations of fraud and embezzlement.
2. A cyber audit also includes a series of tests that guarantee that information security meets all expectations and requirements within an organization. Forensic, is the application of science to crime concerns. Forensic science matters especially criminal matters.
3. In Cyber Audit the Internal auditors and risk management professionals have key roles to play in the Information Management function of the company. A Forensic Audit is a comprehensive and systematic process involving a series of activities and tasks under taken for establishing the accuracy and authenticity of the transactions under review
4. Audit helps enterprises with the challenges of managing cyber threats, by providing an objective evaluation of the controls and making recommendations to improve them as well as assisting the senior management and the board of directors understand and respond to cyber risks The term Forensic Audit refers to the specific guidance carried out in order to produce evidence.
5. Internal Audit should support the board’s need to understand the effectiveness of cyber security controls. Forensic Audit task involves an investigation into the financial affairs of the entity and is often associated with investigation into the alleged fraudulent activity.
6. A cyber security assessment drives a risk-based IT internal audit plan. Audit frequency should correspond to the level of risk identified, and applicable regulatory requirements / expectations. The object of forensic auditing is to relate the findings of audit by examining and gathering legally tenable evidence and producing it to the Court.
7. Cyber Audit frequency should correspond to the level of risk identified, and applicable regulatory requirements/expectations. An assessment of the organization’s cyber security should evaluate specific capabilities across multiple domains. Forensic auditing involves application of audit skills to legally determine whether fraud has actually occurred. The entire process includes planning, gathering evidence, reviewing the evidence and reporting of the same.

Question 3.
Differentiate between Fraud Triangle Vs Fraud Risk Vs Fraud Risk assessment. (Dec 2021, 5 marks)
Answer:
A fraud triangle is a tool used in forensic auditing that explains three interrelated elements that assist the commission of fraud- Pressure (motive), opportunity (ability to carry out the fraud) and rationalization (justification of dishonest intentions).
Fraud risk is the vulnerability a company/organisation has to those who are capable of overcoming the three elements in the fraud triangle.
Fraud risk assessment is the identification of fraud risks that exist in the company/organisation. The planning involves the formulation of techniques and procedures that align with the fraud risk and fraud risk management.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 4.
(a) Prepare a note on Illustrative checkpoint on the Cyber Security Audit.
(b) “A Corporate Social Responsibility (CSR) Audit aims at identifying environmental, social or governance risks faced by the organization and evaluating managerial performance in respect of those”. Explain the purpose of CSR Audit. (June 2019, 5 marks each)
Answer:
(a) Cyber security is an attempt to minimising any risk of financial loss, disruption or damage to the reputation of an organisation that may arises from the failure of its information technology systems. The objective of the cyber audit is to provide an assessment of the operating effectiveness of cyber security policies and procedures, identify, protect, detect, respond and recover processes and activities to the board.
The following can be the illustrative check point on the Cyber Securities Audit:

  • Check points relating to the Personnel Security
  • Check points relating Physical access to electronic information systems
  • Account and Password Management
  • Confidentiality of Data
  • Compliance and Audit of policies, standards, procedures, and guidelines.

(b) Corporate Social Responsibility (“CSR”) is a broad term. However, for the purpose of addressing the scope of a CSR Audit, CSR is about managing and taking info consideration organization’s operational, processes and behavioural impact on society and stakeholders from a’ broad perspective. Contrary to common belief, CSR is more than basic legal compliance and is highly connected with and affects organization’s bottom line.
The followings are the purpose of CSR Audit:

  • To ensure compliance with the provisions of Companies Act, 2013 with respect to constitution of the Committee, adoption of policy and appropriate spending towards CSR activities.
  • To facilitate transparent monitoring mechanism and Act as a mentor for the Company’s CSR activities and implementation of CSR policy.
  • To evaluate internal control and governance framework.
  • To assess the project life cycle.
  • To conduct financial review of projects to confirm the utilization of budgets for achieving desired outcomes.

Question 5.
Differentiate between Fraud Triangle Vs Fraud Risk Vs Fraud Risk assessment. (Dec 2021, 5 marks)
Answer:
A fraud triangle is a tool used in forensic auditing that explains three interrelated elements that assist the commission of fraud- Pressure (motive), opportunity (ability to carry out the fraud) and rationalization Qustification of dishonest intentions).
Fraud risk is the vulnerability a company/organisation has to those who are capable of overcoming the three elements in the fraud triangle.
Fraud risk assessment is the identification of fraud risks that exist in the company/organisation. The planning involves the formulation of techniques and procedures that align with the fraud risk and fraud risk management.

Question 6.
(a) Prepare a note on Illustrative checkpoint on the Cyber Security Audit.
(b) “A Corporate Social Responsibility (CSR) Audit aims at identifying environmental, social or governance risks faced by the organization and evaluating managerial performance in respect of those”. Explain the purpose of CSR Audit. (June 2019, 5 marks each)
Answer:
(a) Cyber security is an attempt to minimising any risk of financial loss, disruption or damage to the reputation of an organisation that may arises from the failure of its information technology systems. The objective of the cyber audit is to provide an assessment of the operating effectiveness of cyber security policies and procedures, identify, protect, detect, respond and recover processes and activities to the board.
The following can be the illustrative check point on the Cyber Securities Audit:

  • Check points relating to the Personnel Security
  • Check points relating Physical access to electronic information systems
  • Account and Password Management
  • Confidentiality of Data
  • Compliance and Audit of policies, standards, procedures, and guidelines.

(b) Corporate Social Responsibility (“CSR”) is a broad term. However, for the purpose of addressing the scope of a CSR Audit, CSR is about managing and taking into consideration organization’s operational, processes and behavioural impact on society and stakeholders from a broad perspective. Contrary to common belief, CSR is more than basic legal compliance and is highly connected with and affects organization’s bottom line.
The followings are the purpose of CSR Audit:

  • To ensure compliance with the provisions of Companies Act, 2013 with respect to constitution of the Committee, adoption of policy and appropriate spending towards CSR activities.
  • To facilitate transparent monitoring mechanism and Act as a mentor for the Company’s CSR activities and implementation of CSR policy.
  • To evaluate internal control and governance framework.
  • To assess the project life cycle.
  • To conduct financial review of projects to confirm the utilization of budgets for achieving desired outcomes.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 7.
(a) What do you understand by a CSR Audit ? Explain its coverage. (3 marks)
(b) What is Forensic Audit Report ? Highlight its major contents. (Dec 2019, 3 marks)
Answer:
(a) Corporate Social Responsibility (CSR) audit help in measuring the actual social performance against the social objectives set by the Company. It also provides that at what level the decision making, mission statement, guiding principles, and business conduct are aligned with social responsibilities. The audit helps meeting the expectations of stakeholder groups relating to social and environmental responsibilities of the company.

The CSR audit cover the CSR activities relating to human rights, fundamental human rights, freedom of association and collective bargaining, non-discrimination, forced labor, child labor, health and safety, career development and training, environmental issues and issues relating to community development and social wellbeing. However, the Schedule VII of the Companies Act, 2013 provides the list of activities which could be taken by the company as their CSR activities and cover the following:
1. Eradicating hunger, poverty and malnutrition, promoting health care including preventive health care and sanitation including contribution to the Swach Bharat Kosh set-up by the Central Government for the promotion of sanitation and making available safe drinking water.

2. Promoting education, including special education and employment enhancing vocation skills especially among children, women, elderly and the differently abled and livelihood enhancement projects.

3. Promoting gender equality, empowering women, setting up homes and hostels for women and orphans; setting up old age homes, day care centres and such other facilities for senior citizens and measures for reducing inequalities faced by socially and economically backward groups.

4. Ensuring environmental sustainability, ecological balance, protection of flora and fauna, animal welfare, agro forestry, conservation of natural resources and maintaining quality of soil, air and water including contribution to the Glean Ganga Fund Set-up by the Central Government for rejuvenation of river Ganga.

5. Protection of national heritage, art and culture including restoration of buildings and sites of historical importance and works of art; setting up public libraries; promotion and development of traditional art and handicrafts;

6. Measures for the benefit of armed forces veterans, war widows and their dependents, Central Armed Police Forces (CAPF) and Central Para Military Forces (CPMF) veterans, and their dependents including widows;

7. Training to promote rural sports, nationally recognized sports, Paralympic sports and Olympic sports;

8. Contribution to the prime minister’s national relief fund or Prime Minister’s Citizen Assistance and Relief in Emergency Situations Fund (PM CARES Fund) or any other fund set up by the central govt for socio economic development and relief and welfare of the schedule caste, tribes, other backward classes, minorities and women;

9. (a) Contribution to incubators or research and development projects in the field of science, technology, engineering and medicine, funded by the Central Government or State Government or Public Sector Undertaking or any agency of the Central Government or State Government; and
(b) Contributions to public funded Universities; Indian Institute of
Technology (NTs); National Laboratories and autonomous bodies established under Department of Atomic Energy (DAE);
Department of Biotechnology (DBT); Department of Science and . Technology (DST); Department of Pharmaceuticals; Ministry of
Ayurveda, Yoga and Naturopathy, Unani, Siddha and Homoeopathy; Ministry of Electronics and Information
Technology and other bodies, namely Defense Research and Development Organisation (DRDO); Indian Council of Agricultural Research (ICAR); Indian Council of Medical Research (ICMR) and Council of Scientific and Industrial
Research (CSIR), engaged in conducting research in science, technology, engineering and medicine aimed at promoting Sustainable Development Goals (SDGs).

10. Rural development projects.

11. Slum area development.

12. disaster management, including relief, rehabilitation and reconstruction activities.

Concepts and Principles of Other Audits - CS Professional Study Material

(b) Forensic Audit is a dynamic and strategic tool in combating corruption, financial crimes and frauds through investigations and resolving allegations of fraud and embezzlement. It may be conducted to determine negligence. Forensic is the application of science to crime concerns. Forensic science is science which is applied to legal matters especially criminal matters.

“Forensic” means suitable for use in the court of law. The examination a company’s financial records to derive evidence which can be used in of court of law is a Forensic Audit. It includes the use of accounting, auditing and investigative skills to assist in the legal matters.
Forensic audits are highly specialized, and the work requires detailed knowledge of fraud investigation techniques and the legal framework. Forensic accountants are trained to look beyond the numbers and have necessary skills and experience to accept the work. Highly specialized and the work requires detailed knowledge of fraud investigation, techniques and the legal framework (civil, criminal laws and human psychology) and to identify substance over form when dealing with an issue.

A forensic auditor is required to have specialist training so that he can understand the legal framework and also has the knowledge of forensic audit techniques. He should also have the expertise in the use of IT tools and techniques that facilitate data recovery and analysis.
A forensic audit, also known as forensic accounting, refers to the application of accounting methods for detection and gathering evidence of frauds, embezzlement, or any other such white-collar crime. It is the application of accounting skills to legal questions.

Forensic audit is done in two-phases.
1. Investigation Services: At first the auditor begins with an investigation; looking into the accounts and statement and identifying defects in it. It then moves on to find ways to deal with such defects which is a reactionary function.

2. Litigation Services: It is entirely possible the frauds detected be resolved within the company itself. However mere are times when they need to be resolved through legal channels. During such situations forensic auditors give litigation support to the advocates. Their advice and consultation about the legalities of commercial disputes are very essential. Moreover they also provide research assistance by giving relevant documents and facts to support a legal claim and also help decide the extent of damage that is required. They are also called up by the Court as an expert witness for further investigation.

Illustrative table of contents of a Forensic Audit Report include the following points:

  • Executive Summary
  • Origin of the audit
  • Audit Objective
  • Proposed Audit Outputs
  • Audit Implementation approach
  • Risk Analysis
  • Internal Environment Risk: Custorhers product and Competitors;
  • Financial Management; Human Resource Management; Information Technology; Business processes
  • External Environment Risk: Economy and market situation; political and legal scenario; Technology in the sector
  • Audit Process
  • Preliminary understanding of scope and incident coverage
  • Collect evidence
  • Conduct Interviews
  • Analyse findings
  • Validate inferences and conclusions
  • Evidence of risk events
  • Conflicts of interest; Bribery; Extortion; Theft; Fraudulent transactions; inventory frauds; misuse of assets; financial statement frauds
  • Audit recommendations
  • Logical framework approach
  • Preconditions and risks
  • Governance on recommendation implementation
  • Stakeholders
  • Budget considerations.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 8.
What do you mean by Environment Audit? Prepare a process chart for conducting Environment Audit. (Dec 2019, 5 marks)
Answer:
Environmental audit is a general term that can reflect various types of evaluations intended to identify environmental compliance and management system implementation gaps, along with related corrective actiorfe and it has a wide variety of meanings. Environmental Audit refers to verification and assessment of environmental measures in an organisation.

There are generally two different types of environmental audits: compliance audits and management systems audits. These audits are intended to review the site’s/company’s legal compliance status in an operational context. Compliance audits generally begin with determining the applicable compliance requirements against which the operations will be assessed. This tends to include Central Law, State Laws, permits and local laws. In some cases, it may also include requirements within legal action.
Need for Environment Audit

  • Business can assess the environmental impact of their operations.
  • To ensure that the corporate decisions are not spoiling company’s market for its products, destroying the source of essential supply, damaging or polluting the very infrastructure.
  • It highlights areas of inefficiencies in process e.g. Where the amount of resources used are out of proportion to the amount of saleable items/ services produced.
  • It highlights excessive wastages.
  • It provides opportunity for business to decrease its wastes output and reduce the cost of waste treatment or waste disposal.

Process of Environment Audit:

  1. Understanding the industrial activity and Pre-audit or planning stage: Collection of background information about the entity, definition of objectives and scope of audit, formation of audit team and development of audit plan and protocols.
  2. On-site or Field Audit: Communicate the objectives of the audit to key faculties and schedule necessary meetings and interviews, identify areas of concern, site/facility inspection, evidence/records/document review, staff interviews, initial review of findings.
  3. Assessing the impact and post-audit: Final evaluation of findings, submit preliminary report with type and magnitude of impact, on the environment, get approval of management, introduce the findings to the auditees, submit final environment audit report along with short/ long term acceptability.
  4. Follow up or review: Verify the action taken on audit findings and recommendations.

Question 9.
“A fraud triangle is a tool used in forensic auditing.” – Elucidate. (Aug 2021, 3 marks)
Answer:
A fraud triangle is a tool used in forensic auditing that explains three interrelated elements that assist the commission of fraud- Pressure (motive), opportunity (ability to carry out the fraud) and rationalization (justification of dishonest intentions). Fraud risk is the vulnerability a company/organisation has to those who are capable of overcoming the three elements in the fraud triangle. Fraud risk assessment is the identification of fraud risks that exist in the company/organisation. The planning involves the formulation of techniques and procedures that align with the fraud risk and fraud risk management.

Planning also includes the identification of the best way/mode to.gather evidence. Thus, it is necessary that ample research should be done regarding certain investigative, analytical, and technology-based techniques, and also related legal process, with regard to the outcome of such investigation.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 10.
The Board of Directors of Vee Kay Ltd. has received a letterfrom a whistle blower alleging insider trading by few members amongst the Senior Management. The Board has appointed you to perform the insider trading audit. Explain the essential factors enabling review and reporting of insider trading audit. (Aug 2021, 5 marks)
Answer:
In India the SEBI (Prohibition of Insiders Trading) Regulation1, 2015 is the primary regulation which covers the insider trading activities.
Insider trading issues have resulted in significant importance in listed companies in the last few years. The directors, agents and other officers were found to be using insider information for profitably speculating in securities of their own company. The insider trading occurred due to

  • the possession of information by these people;
  • before everybody else;
  • regarding the changes in the economic condition of companies and particularly, regarding the size of dividends to be declared, or issue of bonus shares etc.

The SEBI (Prohibition of Insider trading) Regulations, 2015 provides that the board may appoint a qualified auditor to investigate into the books of account or the affairs of the insider or any other person as may be directed by the board. The auditor so appointed shall have the same powers of the inspecting authority as stated in insider trading regulations.
Also, SEBI has put in place a mechanism for preventing and controlling insider trading by putting primary responsibility to monitor and regulate insider trading activities on the company through the compliance officer and audit committee.

For the purpose of ensuring compliance with the insider trading regulations, the following would be some of the essential inputs to enable review and to report the status:

  • Code of conduct, framed in the lines of model code specified in the schedule I of Insider Trading Regulations;.
  • Appointment of compliance officer:
  • Responsibility discharged by the compliance officer, preservation of price sensitive information, closing of specific trading window;
  • Prior approval of trading;
  • Reporting requirement by the directors/officers/designated employees;
  • Restricted list for trading;
  • Disclosure by any person holding more than 5% of shares or voting rights and promoter or promoter group, code of corporate disclosure policy.

Question 11.
Describe the scope of Corporate Governance Audit. (Dec 2021, 3 marks)
Answer:
Scope of Audit of Corporate Governance
The scope of Corporate Governance Audit is wide and mainly focus on following:

  1. Boards of Directors (Composition, Mix, Independence).
  2. Financial and Non-Financial Stakeholders.
  3. Control Environment (Accounting, Controls, Internal and External Audit).
  4. Committees of the Boards and terms of References.
  5. Risk Management.
  6. Transparency and Disclosure of financial information and executive compensation.
  7. Strategic plans, programs and guidance on social responsibilities. In India, the Companies Act, 2013 and the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015 are the governing laws on corporate governance.

Question 12.
Prepare a checklist on operational Control under System Audit. (Dec 2021, 3 marks)
Answer:
Operational Controls under Audit System
A. Monitoring physical assets

  • Whether monitoring of physical assets are done at regular intervals?
  • Any discrepancy in the data collected as well as in the current data of physical assets are addressed immediately or not?

B. Ensure adequate environmental controls:

  • Whether proper facilities of Air-conditioning (dust, temperature & humidity controls), Power Conditioning (Online UPS functioning all the time with backups, proper earthing) are timely reviewed?
  • Whether the cable connections/electronic points are functioning properly or not is reviewed on regular intervals?

Concepts and Principles of Other Audits - CS Professional Study Material

Question 13.
What do you understand by Social Audit? State the implications of Social Audit. (June 2022, 5 marks)

Question 14.
Beeta Ltd. where you are the Company Secretary, has got listed in BSE and NSE recently. The company has not constituted an audit committee of the board yet. Advise the company about requirement and constitution of audit committee as per the Companies Act, 2013. (June 2022, 5 marks)

Question 15.
Claton Ltd., a Mumbai based company, started a make shift hospital in Mumbai suburbs to provide temporary Covid care facilities, which include creating health infrastructure for Covid care, establishment of medical oxygen plants etc.
Can these expenditures qualify for Corporate Social Responsibility (CSR) spending? What are the government guidelines in this regard? (June 2022, 5 marks)

Question 16.
Write a short note on Takeover Audit.
Answer:
The Takeover Audit includes the compliances relating disclosure requirements (event based /Continuous disclosures), Pricing, Open offer and verification of the compliance of various stage of takeover process etc., under the provision of the Companies Act, 2013 and the SEB[ (Substantial Acquisition of Shares and Takeovers) Regulations, 2011. However the takeover audit primarily includes:

  • Identify and Categorises of acquirer i.e. Promoter, Promoter group, Person in control, Persons acting in concert, Associates, Immediate Relatives etc.
  • Ensuring that the timely disclosures have been made by promoters, members of Promoter Group and PACs relating to Acquisition, Transfer and encumbrance.
  • Effective Monitoring of the holdings of promoters, members of Promoter Group and PACs and take necessary action as required
  • Ensuring that timely intimation is sent to stock exchanges in respects of transfers exempt under SEBI (SAST) Regulations.
  • Ensuring that timely reports are filed in respect of transfers exempt under SEBI (SAST) Regulations with Stock Exchanges and SEBI, it applicable.
  • Thoroughly examine the takeover regulations through checklist and timeline for compliances.

Question 17.
Write a short note on scope of cyber security audit.
Answer:
The Scope of a cyber security audit includes:

  • Data security policies relating to the network, database and applications in place
  • Data loss prevention measures deployed
  • Effective network access controls implemented
  • Detection/prevention systems deployed ,
  • Security controls established (physical and logical)
  • Incident response program implemented.

Question 18.
Write a short note on purpose of Environment Audit
Answer:
Process of Environment Audit

  • Understanding the industrial activity and Pre-audit or planning stage
  • On-site or Field Audit
  • Assessing the impact and post-audit
  • Follow up or review.

Concepts and Principles of Other Audits - CS Professional Study Material

Question 19.
Explain the purpose of CSR Audit
Answer:
Purpose of CSR Audit

  • To ensure compliance with the provisions of Companies Act, 2013 with respect to constitution of the Committee, adoption of policy and appropriate spending towards CSR activities.
  • To facilitate transparent monitoring mechanism and a mentor for the Company’s CSR activities and implementation of CSR policy.
  • To evaluate internal control and governánce framework
  • To assess the project life cycle
  • To conduct financial review of projects to confirm the utilization of budgets for achieving desired outcomes.

Question 20.
Forensic audit is done in two-phases. Explain
Answer:
Investigation Services: At first the auditor begins with an investigation; looking into the accounts and statement, and identifying defects in it. It then moves on to find ways to deal with such defects, which is a reactionary function.

Litigation Services: It is entirely possible the frauds detected be resolved within the company itself. However, there are times when they need to be resolved through legal channels. During such situations, forensic auditors give litigation support to the advocates. Their advice and consultation about the legalities of commercial disputes are very essential. Moreover, they also provide research assistance by giving relevant documents and facts to support a legal claim, and also help decide the extent of damage that is required. They are also called up by the Court as an expert witness for further investigation.

Question 21.
Explain the checklist on Forensic Audit.
Answer:
Illustrative Checklist on Forensic Audit

  • Whether the fraud detected is at the management level or employee level?
  • What was the reason or motive behind the fraud?
  • How is the internal check on cash transactions, raising of invoices etc.? Who is responsible for the checking if all the things are in order in regular intervals?
  • What is the nature of fraud – corruption, assets misappropriation or financial misstatement?
  • Whether the entries passed are properly reflected in the Balance sheet without any omission?
  • Whether IT returns are filed every year properly?
  • Whether bank entries are reconciled on regular basis? Whether Bank statements do not have any discrepancy.

Question 22.
What are the implications of Social Audit?
Answer:
Implications of Social Audit

  • Social auditing creates an impact upon governance. It values the voice of stakeholders, including marginalized/poor groups whose voices are rarely heard.
  • Social auditing is taken up for the purpose of enhancing local governance, particularly for strengthening accountability and transparency in local bodies.
  • Social Audit makes it sure that in democracy, the powers of decision makers should be used as far as possible with the consent and understanding of all concerned.

Concepts and Principles of Other Audits - CS Professional Study Material

Concepts and Principles of Other Audits Notes

Corporate Social Responsibility (CSR) Audit:
Corporate Social Responsibility (CSR) includes various social and environmentally responsible guidelines, essential for companies that want to maintain a strong connection to the marketplace. Corporate Social responsibility includes the way a company treats and proactively contributes to its community, promotes fair working conditions and a non discriminatory environment, conveys transparent and honest accounting reports, and generally earns a reputation of trust and integrity in the society where it serves.

CSR has become a mandatory part of many Companies vide introduction in Companies Act, 2013 and has changed the dynamics of CSR. An increased emphasis on governance, stricter monitoring and reporting obligations require companies to be more accountable, disciplined and Strategic in their CSR approach.

Objective of CSR Audit:
Corporate Social Responsibility (CSR) audit help in measuring the actual social performance against the social objectives set by the Company. It also provides that at what level the decision making, mission statement, guiding principles, and business conduct are aligned with social responsibilities. The audit helps meeting the expectations of stakeholder groups relating to social and environmental responsibilities of the company.

Methodology for CSR Audit:

  • Review of CSR policy, CSR committee, governance structure, strategy, projects, partner identification and selection process, monitoring, evaluation and reporting
  • Interact with beneficiaries, project team, management and other stakeholders
    Review of beneficiary identification and selection process, budget
  • Review of CSR expenditure, project’s direct expenditure, overheads and administrative expenses, traceability and genuiness of expenditure, per beneficiary cost, reasons for inability to spend 2% of profits.

Insider Trading Audit:
The Insider Trading Audit includes the compliances requirements (event based /continuous disclosures) under the SEBI (Prohibition of Insider Trading) Regulations, 2015 which includes:

  • Initial disclosures of trades which is to be made by only the promoters, key managerial personnel, directors internally;
  • Continual disclosures which is to be made by every promoter, employee or director in case value of trade exceed monetary threshold of ten lakh rupees over a calendar quarter; company to accordingly notify stock exchanges within 2 trading days;
  • Submission of Trading Plans ,
  • Appointment of Compliance Officer
  • Pre-clearance for trading
  • Codes of Fair Disclosure and Conduct
  • Role of the Designate person
  • Manner of dealing with UPSI(unpublished price sensitive information)

Industrial and labour law Audit:
Industrial and labour law Audit is an effective tool for compliance management of labour, employment and Industrial laws. Audit helps to detect non-compliances of labour and employment laws applicable to a business and take corrective measures to avoid any unwarranted legal actions by the regulators against the business and its management. Labour Law audit is useful in promoting cordial relations between employees and employers and also lead to better governance and value creation for the business.

Cyber Audit:
Cyber Security is an attempt to minimising any risk of financial loss, disruption or damage to the reputation of an organisation that may arises from the failure of its information technology systems. The objective of the cyber audit is to provide an assessment of the operating effectiveness of cyber security policies and procedures, identify, protect, detect, respond and recover processes and activities to the board. The Cyber audit program generally covers sub-processes such as asset management, awareness training, data security, resource planning, recover planning and communications, in order to identify internal control and regulatory deficiencies that could put the organization at risk.

Environmental Audit:
Environmental Audit in general term reflect various types of evaluations intended to verify the environmental compliance and management system implementation gaps, along with related corrective actions and it has a Wide variety of meanings. Environmental Audit refers to verification and assessment of environmental measures in an organisation.

Concepts and Principles of Other Audits - CS Professional Study Material

Objectives of environmental audit are to evaluate the efficacy of the utilization of resources of man, machine, materials, and to identify the areas of environmental risks and liabilities and weaknesses of management system and problems in compliance of the directives of the regulatory agencies and control the generation of pollutants and / or waste.

Information systems auditing or systems audit:
Information systems auditing or systems audit is an ongoing process of evaluating controls, collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively, and uses resources efficiently. Thus, information systems auditing supports traditional audit objectives; attest objectives (those of the external auditor) that focus on asset safeguarding and data integrity, and management objectives (those of the internal auditor) that encompass not only attest objectives but also effectiveness and efficiency objectives.

Forensic Audit:
Forensic Audit is a dynamic and strategic tool in combating corruption, financial crimes and frauds through investigations and resolving allegations of fraud and embezzlement. It may be conducted to determine negligence. Forensic is the application of science to crime concerns. Forensic science is science applied to legal matters especially criminal matters.

Fraud Triangle and Fraud Risk:
A fraud triangle is a tool used in forensic auditing that explains three interrelated elements that assist the commission of fraud- Pressure (motive), opportunity (ability to carry out the fraud) and rationalization (justification of dishonest intentions). Fraud risk is the vulnerability a company/organisation has to those who are capable of overcoming the three elements in the fraud triangle. Fraud risk assessment is the identification of fraud risks that exist in the company/organisation. The planning involves the formulation of techniques and procedures that align with the fraud risk and fraud risk.management.

Forensic Audit Report:
Forensic Audit Report is statement of observation gathered and considered while proving conclusive evidence. It is a medium through which an auditor expresses his opinion under audit after the forensic audit investigation is completed.

Social Audit:
A social audit is a way of measuring, understanding, reporting and ultimately improving an organization’s sopial and ethical performance. A social audit helps to narrow gaps between vision/goal and reality, between efficiency and effectiveness. It is a technique to understand, measure, verify, report on and to improve the social performance of the organization.

Social auditing creates an impact upon governance. It values the voice of stakeholders, including marginalized/poor groups whose voices are rarely heard. Social auditing is taken up for the purpose of enhancing local governance, particularly for strengthening accountability and transparency in local bodies.
Social audit is a process of reviewing official records and determining whether state reported expenditures reflect the actual money spent on the ground. A social audit is a formal review of a company’s endeavors in social responsibility.

Leave a Comment

Your email address will not be published. Required fields are marked *