Internal Audit and Performance Audit – CS Professional Study Material

Chapter 10 Internal Audit and Performance Audit – Secretarial Audit Compliance Management and Due Diligence ICSI Study Material is designed strictly as per the latest syllabus and exam pattern.

Internal Audit and Performance Audit – Secretarial Audit, Compliance Management and Due Diligence Study Material

Question 1.
State the areas of operations of Internal Audit and its features. (Dec 2013, 8 marks)
Answer:
1. Reliability and integrity of financial and operating information: Internal auditors should review the reliability and integrity of financial and operating information and the means used to identify, measure, classify and report such information.

2. Compliance with laws, policies, plans, procedures and regulations: Internal auditor should review the systems established to ensure compliance with those policies, plans and procedures, laws and regulations which could have a significant impact on operations and reports and should determine whether the organization is in compliance thereof.

3. Safeguarding of Assets: Internal auditors should verify the existence of assets and should review the means of safeguarding assets.
Economic and efficient use of resources Internal auditor should ensure the economic and efficient use of resources available.

4. Accomplishing the established objectives and goals for operations: Internal auditor should review operation or programmes to ascertain whether results are consistent with established objectives and goals and whether the operations or programmes are being carried out as planned.

Features of Internal Audit:
(a) It is an independent appraisal activity within the organization.
(b) It can be conducted by the staff of the entity or by an independent professional appointed for that purpose.
(c) It is conducted for review of accounting, financial and other operations. and controls established within an organization.
(d) It is conducted as a service to the organization and is not a part of the organization.
(e) It intends to furnish the analysis, appraisal, suggestions and information concerning the activities reviewed to the management.
(f) Internal auditing functions as a continuous effort for promoting effective control at a reasonable cost.

Internal Audit and Performance Audit - CS Professional Study Material

Question 2.
Answer the following by explaining the provisions of the Companies Act, 2013 relating to‘internal audit’:
(i) Whether a private company is mandatorily required to appoint an internal auditor?
(ii) Who may be appointed as an internal auditor? Whether a Practicing Company Secretary (PCS) can be appointed as an internal auditor? (June 2015, 2 marks each)
Answer:
1. Section 138 of the Companies Act, 2013 provides that such class or classes of companies as may be prescribed shall be required to appoint an internal auditor, who shall either be a Chartered Accountant or a Cost Accountant, or such other professional as may be decided by the Board of Directors to conduct internal audit of the functions and activities of the company.

2. Every Private Company Having:

  • Turnover of two hundred crore rupees or more during the preceding financial year; or
  • Outstanding loans or borrowings from banks or public financial institutions exceeding one hundred crore rupees or more at any point of time during the preceding financial year.

3. Conclusion:

  • Therefore, a private company falling under any of the above criteria shall have to appoint an internal auditor.
  • The company’s Board is free to appoint any practicing chartered accountant or cost accountant or any other professional to whom it deems fit to be appointed as an internal auditor.
    Accordingly, where the Board decides a Practicing Company Secretary may be appointed as an internal auditor.

Question 3.
What do you mean by ‘efficiency audit’? How does it help the management of an enterprise? (Dec 2015, 5 marks)
Answer:
1. Efficiency Audit:In essence, efficiency indicates how well an organization uses its resources to produce goods and services. It focuses on resources (inputs), goods and services (outputs), and the rate (productivity) at which inputs are used to produce or deliver the outputs. To understand the meaning of “efficiency”, it is necessary to understand the following terms: inputs, outputs (including quantity and quality) productivity and level of service. Efficiency audit refers to comparing the actual results with the desired/projected results. It is directed towards the measurement of whether plans have been effectively executed. It is concerned with the utilisation of the resources in economic and most remunerative manner to achieve the objectives of the concern. It comprises of studying the plans of organisation, comparing actual performance with plans and investigating the reasons for variances to take remedial action.

2. Advantages of el ficiency audit given below:
(a) Help To Staff: Help managers and staff to be more sensitive to their obligation of due regard to efficiency.
(b) Underline the Importance of efficiency: Underline the importance of measuring efficiency and of using that information for managing operations and providing accountability.
(c) Identify: Identify means for improving efficiency, even in operations where efficiency is difficult to measure.
(d) Reduce Cost: Demonstrate the scope for lowering the cost of delivering programs without reducing the quantity or quality of outputs or the level of service.
(e) Increase Quantity and Quality Increase the quantity or improve the quality of outputs and level of service without increasing spending.
(f) improvement Require for better use of Resources Identify needed improvements in existing controls, operational systems, and work processes for better use of resources.

Internal Audit and Performance Audit - CS Professional Study Material

Question 4.
Despite numerous benefits, internal audit has got some limitations. Discuss. (June 2016, 5 marks)
Answer:
Limitation of Internal Audit:
Despite numerous benefits, internal audit has got some limitations

Headings Descripition
1. Extra Cost The installation and operation of internal audit involve extra expenditure which cannot be met by many small concerns. As a matter of fact, internal audit is confined to larger business.
2.Time Limit The limitation of internal audit starts when there is time lag between recording and checking of entries. The accounting and internal audit must go side by side with minimum time gap.
3. Deficiencies Internal audit becomes as better as it is used by managers. There are occasions when managers cannot accept the finding of. internal audit and take consequent actions. This defect arises mainly from the deficiencies of the internal auditing staff, because of their advisory staff position, unfamiliarity with operating aspects of work and accounting bias, internal auditors fail to be of any real help to the manager in many cases.
4. Lack of Transparency Internal audits are employed by the organization and this can be impair their independence and objectivity and ability to report fraud/error to senior management because of perceived threats to their continued employment within the company to ensure the transparency. Best practice indicates that the internal audit should report both to management and those charged with governance (audit committee).
5. Lack of Professionals Internal auditors are not required to be professionally qualified and so there may be limitations in their knowledge and technical expertise.

Question 5.
What is the propriety audit? What are the objectives and scope of propriety audit. (Dec 2017, 5 marks)
Answer:
Propriety Audit:
Kohler has defined propriety as that which meets the test of public interest, commonly accepted customs and standard of conduct and particularly as applied to professional performance, requirements of Government regulations and professional codes. Propriety Audit carry out to check, mean whether the transactions have been done in conformity with established rules, principles and established standard.

Objective of Propriety Audit:
The Propriety Audit means the verification of following main aspects to find out whether:
(a) Proper recording has been done in appropriate books of accounts,
(b) The assets have not been misused and have been properly safeguarded.
(c) The business funds have been utilized properly.
(d) The concern is yielding the expected results.

Scope of Propriety Audit:
The system of Propriety Audit is applied in respect to Government companies, Government Department because public money and public ) interest are involved therein and therefore it brings in light the cases of clear irregularity as well as improper expenditure or waste of public money or stores.

Question 6.
Perfect Pvt. Ltd. wishes to appoint its Secretary, Satish, as an internal auditor. Referring to the provisions of the Companies Act, 2013 advise the company. (June 2018, 4 marks)
Answer:
According to Section 138(1) of the Companies Act, 2013 read with the Rule ’ 13 of the Companies (Accounts) Rules, 2014, following persons may be
appointed as an internal auditor of the company:
(a) a Chartered Accountant or;
(b) a Cost Accountant or;
(c) such other professional as may be decided by the Board to conduct internal audit of the functions and activities of the Company.
Further, Rule 13of the Companies (Accounts) Rules, 2014 inter alia provides that the internal auditor may or may not be an employee of the Company. Mr. Satish being the Secretary of Perfect Ltd. may be appointed as an internal auditor of the company only if so decided by the Board to conduct internal audit of the functions and activities of the Company.

Internal Audit and Performance Audit - CS Professional Study Material

Question 7.
“Internal Audit is an important tool for the management.” – Discuss. (June 2018, 6 marks)
Answer:
Internal Audit is an important management tool for the following reasons:
(a) Internal Audit ensures compliance of Companies (Auditors Report) Order, 2016.
(b) It ensures compliance of accounting standards and policies.
(c) It ensures reliability of MjS through internal audit’s independent appraisal and review.
(d) It looks into the standard of efficiency of business operation.
(e) It can evaluate various problems independently and suggest improvement.
(f) This system makes the internal control system effective.
(g) It ensures the adequacy, reliability, accuracy and understandability of financial and operational data.
(h) It performs as an integral part of ‘Management by system’.
(i) It can add valuable assistance to management in acquiring new ’ business, promoting new products and expansion or diversification of business etc.

Question 8.
Internal audit is applicable to every company. Comment. (June 2019, 5 marks)
Answer:
Applicability of Internal Audit:
The concept of the Internal Audit has been recognized as a statutory requirement under Section 138 of the Companies Act, 2013 read with Rule 13 of Companies (Accounts) Rule, 2014, and has been made mandatory on the following class of companies:
(a) every listed company.

(b) every unlisted public company having

  • paid up share capital of fifty crore rupees or more during the preceding financial year; or
  • turnover of two hundred crore rupees or more during the preceding financial year; or
  • outstanding loans or borrowings from banks or public financial institutions exceeding one hundred crore rupees or more at any point of time during the preceding financial year; or
  • Outstanding deposits of twenty five crore rupees or more at any point of time during the preceding financial year: and

(c) every private company having –
1. turnover of two hundred crore rupees or more during the preceding financial year; or
2. outstanding loans or borrowings from banks or public financial institutions exceeding one hundred crore rupees or more at any point of time during the preceding financial year.
These companies are required to appoint an internal auditor which may be either an individual or a partnership firm or a body corporate.

Question 9.
Define Internal Audit. Describe core principles of Internal Audit. (Dec 2019, 5 marks)
Answer:
As defined by the Institute of Internal Auditors (IIA), Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization to accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
Independence is established by the organizational and reporting structure. Objectivity is achieved by an appropriate mind-set. The internal audit activity evaluates risk exposures relating to the organization’s governance, operations and information systems, in relation to:

  1. Effectiveness and efficiency of operations.
  2. Reliability and integrity of financial and operational information.
  3. Safeguarding of assets.
  4. Compliance with laws, regulations, and contracts.

Based on the results of the risk assessment, the internal auditors evaluate the adequacy and effectiveness of how risks are identified and managed in the above areas. They also assess other aspects such as ethics and values within the organization, performance management, communication of risk and control information within the organization in order to facilitate a good governance process. An effective internal audit activity is a valuable resource for management and the board and the audit committee due to its ‘ understanding of the organization and its culture, operations, and risk profile.

The objectivity, skills, and knowledge of competent internal auditors can significantly add value to an organization’s internal control, risk management, and governance processes. Similarly an effective internal audit activity can provide assurance to other stakeholders such as regulators, employees, providers of finance, and shareholders.

As per the IIA, core principles of Internal Audit hovers around the performance of effective internal auditing and all of them must be present and working well. How an internal auditor, as well as an internal audit function, demonstrate achievement of the core principles may be quite / different from organisation-to-organisation. But, failure to achieve any of the core principles implies that an internal audit activity is not as effective as it could be in achieving internal audit’s mission. Core principles of internal audit are:

  • Demonstrates integrity.
  • Demonstrates competence and due professional care.
  • Independent and objective exercise.
  • Aligns with the strategies, objectives, and risks of the organisation.
  • Is appropriately positioned and adequately resourced.
  • Demonstrates quality and continuous improvement.
  • Communicates effectively.
  • Provides risk-based assurance.
  • Insightful, proactive, and future-focused.
  • Promotes organisational improvement.

Internal Audit and Performance Audit - CS Professional Study Material

Question 10.
How monitoring and evaluation of effectiveness of the Organisation’s Risk Management Process is carried out through internal audit? Describe. (Dec 2020, 5 marks)
Answer:
Internal auditing professional standards require the function to monitor and evaluate the effectiveness of the organization’s Risk management processes.

Generally, the risks fall under strategic, operational, financial reporting, and legal/regulatory categories. Management performs risk assessment activities as part of the ordinary course of business in each of these categories. Examples include: strategic planning, marketing planning, capital planning, budgeting, hedging, incentive payout structure, and credit/lending practices. The finance department access the risk relating to account preparation, financial reporting and disclosures, corporate legal adviser often 1 prepares comprehensive assessments of the current and potential litigation a company faces. Internal auditors may evaluate each of these activities, or focus on the processes used by management to report and monitor the risks identified. For example, internal auditors can advise management regarding the reporting of forward-looking operating measures to the board, to help identify emerging risks.

Question 11.
Appraisal of management decisions involves a number of steps. Enumerate them. (Dec 2020, 5 marks)
Answer:
In appraisal of management decision the following step should be ; / considered by the auditor:

  • Whether the management decision are well defined or not.
  • Whether the Objectives and desired output has been set out clearly and relate explicitly with the policy or strategy adopted by the company to help in post event evaluation of the management decisions. Ideally the objectives of the every management decision should be specific, measurable, agreed, realistic and time-dependent.
  • While taking decision, whether the management has considered the effect of the associated risk; time availability; scale and location; scope for alternative arrangements with other public bodies; degree of involvement of regulators and civic bodies; capacity of the market to deliver the required output; alternative asset uses; use of new or established technology; and environmental issues.
  • In case of the major investment decision, whether the various possible options were considered.
  • Whether such potential options are analyzed reviewed in terms of value, costs, benefits, risk and uncertainties of options.
  • Whether the options are selected after due analysis and a consensus decision is taken after a manager has analyzed all the alternatives,
  • Whether the selected alternative implemented efficiently.
  • On going review of management decision control and evaluation system actions need to be monitored.

Question 12.
“To be efficient and effective, the internal auditor must have adequate independence”. Comment. (Aug 2021, 3 marks)
Answer:
Internal auditing, being an independent, objective assurance and consulting activity designed to add value to and improve an organisation’s operations, the concept of independence is equally relevant for the internal auditor. Linder the provisions of Companies Act, 2013, internal auditor may or may not be an employee of the company, but he evaluates the functioning of the management at different levels. Therefore, to be efficient and effective, the internal auditor must have adequate independence. It may be noted that by its very nature, the internal audit function cannot be expected to have the same degree of independence as is essential when the external auditor expresses his opinion on the financial information.

To ensure his independence he is made responsible directly to the board of directors through audit committee. Such a channel of communication provides an independent mode whereby an internal auditor can communicate and share his views on the scope of internal audit, findings, etc. If internal auditor is made subordinate to lower-level management, his independence will be affected which will affect his functioning and effectiveness. An outsider, like a Chartered Accountant or a Company Secretary or a firm of Chartered Accountants or a firm of Company Secretaries, if acting as internal auditor, is likely to be more independent than an employee of the organization.

Internal Audit and Performance Audit - CS Professional Study Material

Question 13.
Mayank has recently started as a Company Secretary in Practice. He has got an assignment of internal audit. Advise Mayank about internal audit and its stepwise approach. (Aug 2021, 5 marks)
Answer:
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.
Step-wise process

  • Establish and communicate the scope and objectives for the audit to appropriate management.
  • Develop an understanding of the business area under review. This includes objectives, measurements and key transaction types. This involves review of documents and interviews. Flow charts and narratives may be created if necessary.
  • Describe the key risks facing the business activities within the scope of the audit.
  • Identify control procedures used to ensure each key risk and transaction type is properly controlled and monitored.
  • Develop and execute a risk-based sampling and testing approach to determine whether the most important controls are operating as intended.
  • Report issues and challenges identified and negotiate action plans and solutions with management to address the problems.

Question 14.
Jain Ram & Co., Practicing Company Secretary, during the secretarial audit, wants to evaluate the function of internal Audit. Does , this come under the function of the Secretarial Auditor ? Prepare a note. (Dec 2021, 5 marks)
Answer:
During the performance of the Secretarial Audit, the secretarial auditor also needs to report on the adequacy of systems and process in the company.
The internal audit function greatly assist the Secretarial auditor in determining the extent to which he can place reliance upon the work of the internal auditor. The Secretarial auditor also needs to report on the adequacy of the systems and processes prevalent in the company. The important aspects to be considered in this context are:
1. Scope of Audit Function: The secretarial auditor should ascertain the nature and depth of coverage of the assignment. He should also – ascertain to what extent the management considers, and where appropriate acts upon internal audit recommendations.

2. Organisational Status: Whether internal audit is undertaken by an outside agency or by an internal audit department within the entity itself.
The internal auditor reports to the management, in an ideal situation he reports to the highest level of management and is free of any other operating responsibility. Any constraints or restrictions placed upon his work by management should be carefully evaluated. In particular, the internal auditor should be free to communicate fully with the external auditor.

3. Due Professional Care: The secretarial auditor should ascertain whether internal audit work appears to be property planned, supervised, reviewed and documented. An example of the exercise of due professional care by the internal auditor is the existence of adequate audit manuals, audit programmes and working papers.

4. Technical Competence: The secretarial auditor should ascertain that internal audit work is performed by persons having adequate technical training and proficiency.

5. Examination of financial and operating information: The internal audit function may be assigned to review the means used to identify, measure, classify and report financial and operating information, and to make specific inquiry into individual items, including detailed testing of transactions, balances and procedures.

6. Monitoring of internal control: The internal audit function may be assigned specific responsibility for reviewing controls, monitoring their operation and recommending improvements thereto.

7. Risk management: The internal audit function may assist the organization by identifying and evaluating significant exposures to risk and contributing to the improvement of risk management and control systems.

8. Review of operating activities: The internal audit function may be assigned to review the economy, efficiency and effectiveness of operating activities, including non- financial activities of an entity.

9. Review of compliance with laws and regulations: The internal audit function may be assigned to review compliance with laws, regulations and other external requirements, and with management policies and directives and other internal requirements.

10. Governance: The internal audit function may assess the governance process in its accomplishment of objectives on ethics and values, performance management and accountability, communicating risk and control information to appropriate areas of the organization and effectiveness of communication among those charged with governance, external and internal auditors, and management.

Internal Audit and Performance Audit - CS Professional Study Material

Question 15.
How the evaluation of internal audit function can be helpful to the secretarial auditor in performance of his duties? Describe. (June 2022, 5 marks)

Question 16.
XYZ Ltd. a public limited company appointed R, a practicing professional, as an Internal Auditor of the company. During its audit procedure, he came to know some material information of the company which was revealed, due to incompetency of his audit staff, to the outsiders. The company filed a suit against him stating that due to his unprofessional and irresponsible behaviour, the company has to bear a huge loss. Explain the auditor’s responsibility & duties in respect of the information acquired while performing the audit assignment. (June 2019, 5 marks)
Answer:
The Auditors of a company while performing the audit assignment accesses various confidential information of the company and it is essential for the auditors to maintain the confidentiality of the auditee information. The principle of confidentiality imposes an obligation on the auditor to refrain from:

  • Disclosing information acquired as a result of professional relationships without proper and specific authority or unless there is a legal or professional right or duty to disclose;
  • Using information acquired as a result of professional relationships to their personal advantage or the advantage of third parties.
  • An auditor should maintain confidentiality even in a social environment The auditor should be alert to the possibility of inadvertent disclosure, particularly in circumstances involving long association with a business associate or a relative.
  • He should also maintain confidentiality of information disclosed by a prospective client or employer.
  • An auditor should also consider the need to maintain confidentiality of information within the firm or employing organization.
  • An auditor should take all reasonable steps to ensure that staff underthe auditor’s control and persons from whom advice and assistance is obtained respect the auditor’s duty of confidentiality.

Question 17.
DEF Ltd. has to appoint the internal auditor for the financial year 2022-23. The company called a board meeting on 28th April, 2022 to appoint the internal auditor, but due to non-finalisation of audit firm, the Board of directors deferred the matter of appointment of internal auditor for next board meeting. Subsequently, the company has finalized the proposal of a practising Chartered Accountants firm for appointment as internal auditor. Now, in view of urgency, the directors of the company want to appoint the internal auditor by passing a resolution by circulation. Examine whether the appointment of internal auditor in this manner is permissible under the Companies Act, 2013. (June 2022, 5 marks)
Answer:

  • Strategy and objectives;
  • Role and responsibilities within the organisation;
  • Scope of work;
  • Accountability to the audit committee;
  • Reporting lines for line management purposes;
  • Accessibility to the board and the audit committee; and
  • Unfettered access to all information, people and records across the organisation.

Internal Audit and Performance Audit - CS Professional Study Material

Question 18.
Write a short note on “Appointment of Internal Auditor”.
Answer:
Section 179 read with Rule 8 (4) of the Companies (Meeting of the Board and its Power), Rules 2014 provide that the appointment of the internal auditors shall be done only through a resolutions passed by the Board of Directors at the meetings of the Board.

Also the resolution for appointment of the Internal Auditor shall be filed with the Registrar of Companies vide e-Form MGT-14 within 30 days from the passing of the said resolution pursuant to the provisions of Section 117 & 179 of the Companies Act, 2013. In case of Private Companies, an exemption has been granted from filing of e-Form MGT-14, vide notification issued by the Ministry of Corporate Affairs dated 5th June, 2015.

Terms of reference
The overall scope of internal audit should be formalized in terms of reference; it is often referred to as an audit manual, and approved by the board, normally through the audit committee. These should then be communicated to the functional heads within the organisation. Internal audit’s terms of reference or manual should provide clarity about its:

Question 19.
ABC Ltd. wants to appoint FMC & Associates as its internal auditor. What are the conditions of such appointment?
Answer:
Internal Audit:
Classes of companies requiring Internal Audit
The following class of companies shall be required to appoint an internal auditor or a firm of internal auditors:
(a) Every listed company;

(b) Every unlisted public company having:

  • Paid up share capital of fifty crore rupees or more during the preceding financial year; or
  • Turnover of two hundred crore rupees or more during the preceding financial year; or
  • Outstanding loans or borrowings from banks or public financial institutions exceeding one hundred crore rupees or more at any point of time during the preceding financial year; or
  • Outstanding deposits of twenty five crore rupees or more at any point of time during the preceding financial year; and

(c) Every private company having:
(i) Turnover of two hundred crore rupees or more during the preceding financial year; or
(ii) Outstanding loans or borrowings from banks or public financial institutions exceeding one hundred crore rupees or more at any point of time during the preceding financial year.
The Audit Committee of the company or the Board shall, in consultation with the Internal Auditor, formulate the scope, functioning, periodicity and methodology for conducting the internal audit.

The board may appoint any practicing Chartered Accountant or a Cost Accountant or any other person whom it deems fit to be appointed as its internal auditor. For this purpose, company board may consider the nature and volume of business of company; qualifications, experience and capabilities of such person being appointed as auditor and scope of internal audit.
Who can be an Internal Auditor
(a) A Chartered Accountant or;
(b) A Cost Accountant or;
(c) Such other professional as may be decided by the Board to conduct internal audit of the functions and activities of the Company.
For this sub-section, Chartered Accountant means a Chartered Accountant, who is a member of the Institute of Chartered Accountants of India and has a valid certificate of practice and Cost Accountant means a member of The Institute of Cost Accountants of India. Other professionals, as may be decided by the company’s board, may also be appointed as an internal auditor.
Following classes of companies are required to appoint internal auditor-
Internal Audit and Performance Audit – CS Professional Study Material 1

Internal Audit and Performance Audit - CS Professional Study Material

Question 20.
“An Internal auditor uses Internal Audit tools/techniques to ensure that controls, processes and policies are adequate and effective, and that they adhere to industry practices and regulatory mandates” Comment
Answer:
An Internal auditor uses Internal Audit tools/techniques to ensure that controls, processes and policies are adequate and effective, and that they adhere to industry practices and regulatory mandates. The techniques which are often used by an internal auditor are discussed herein.
(a) Review of Operating Environment
For carrying out the audit effectively, it is necessary for an internal auditor to understand how the company operates. An internal auditor also could determine how a corporation operates by evaluating industry trends and regulations.

(b) Review Controls
An internal auditor determines how a company’s segment or departmental controls operate by reading prior audit reports or working papers and by inquiring from segment employees who perform such controls on a regular basis.

(c) Test Controls
An internal auditor tests a business organization’s controls, policies and guidelines to ensure that such controls are adequately designed and are operating effectively. Effective controls remedy deficiencies and problems properly. Controls are adequate if they provide detailed step-by-step procedures and guidelines for task performance, decision-making processes and lines of hierarchy.

(d) Account Details
An internal auditor performs tests of account details to ensure that financial statements of a business entity are not “materially misstated.” Tests of account details and account balances are referred to as substantive tests. An auditor conducts such tests if a firm’s controls and processes are not adequate or not functioning properly.

Question 21.
“Internal Audit is a vital constituent of Internal Control Mechanism”
Comment
Answer:
Internal Audit is a vital constituent of Internal Control Mechanism. It is important to constitute and maintain an Audit Committee that shall provide assistance to the Board of Directors in fulfilling their oversight responsibility to the shareholders relating to:

  • the integrity of the financial statements and the financial reporting process and principles;
  • internal controls;
  • the qualifications, independence, remuneration, and performance of the independent auditors;
  • staffing, focus, scope, performance, and effectiveness of the internal audit function;
  • risk management; and
  • compliance with legal, regulatory, and corporate governance requirements.

Question 22.
What are the steps in needs to be considered by an auditor in appraisal of management decision? .
Answer:
Steps in Appraisal of Management Decision

  • Whether the management decision are well defined or not
  • Whether the Objectives and desired output has been set out clearly and relate explicitly with the policy or strategy adopted by the company to help in post event evaluation of the management decisions. Ideally the objectives of the every management decision should be specific, measurable, agreed, realistic and time-dependent.
  • While taking Decision, whether the management has considered the effect of the Associated Risk; Time Availability; Scale and location; Scope for Alternative arrangements with other public bodies; Degree of involvement of Regulators and Civic Bodies; Capacity of the market to deliver the required output; Alternative asset uses; Use of new or established technology; and Environmental Issues.

In case of the Major Investment decision, whether the various possible options were considered.
Whether such potential options are analyzed reviewed in terms of value, costs, benefits, risk and uncertainties of options.
Whether the options are selected after due analysis and a consensus decision is taken after a manager has analyzed all the alternatives Whether the selected alternative implemented efficiently.

Internal Audit and Performance Audit - CS Professional Study Material

Internal Audit and Performance Audit Notes

Internal Audit:
As defined by the Institute of Internal Auditors (IIA): Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

Objective of the Internal Audit:

  • Operational control framework including fundamental and basic systems in all areas of the business. The adequacy of risk identification, assessment and mitigation in the organisation. This shall include fraud risks.
  • Extent, adequacy, relevance of, and compliance with existing policy, plans and procedure documents within the Organisation.
  • The extent of compliance with relevant statutory requirements
  • Status of implementation of internal / external audit recommendations
  • Evaluating internal control. Internal control is broadly defined as a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of the following core objectives for which all businesses strive:
    • Effectiveness and efficiency of operations.
    • Reliability of financial and management reporting.
    • Compliance with laws and regulations
    • Accomplishment of Established Goals for Operations
    • Safeguarding of Assets
  • Determines the risk area of the organisation
  • Establishes the risk management framework
  • Identifies potential threats and assesses risks
  • Decides on response to risks like implementation of control outcomes
  • Provides assurance on the effectiveness of risk management processes

Scope of Internal Audit:

  • Review of Internal Control Systems and Procedures
  • Reliability and Integrity of Financial and Operating Information
  • Economical and Efficient Use of Resources
  • Compliance with Laws, Policies, Plans, Procedures, and Regulations
  • Review of Organizational Structure
  • Accomplishment of Established Goals for Operations
  • Review of Custodianship and Safeguarding of Asset

Core Principles of Internal Audit:

  • Demonstrates integrity.
  • Demonstrates competence and due professional care.
  • Independent and objective exercise.
  • Aligns with the strategies, objectives, and risks of the organisation.
  • Is appropriately positioned and adequately resourced.
  • Demonstrates quality and continuous improvement.
  • Communicates effectively.
  • Provides risk-based assurance.
  • is insightful, proactive, and future-focused.
  • Promotes organisational improvement.

Internal Audit Process: Step Wise Approach:

  • Identify control procedures used to ensure each key risk and transaction type is properly controlled and monitored.
  • Develop and execute a risk-based sampling and testing approach to determine whether the most important controls are operating as intended.
  • Report issues and challenges identified and negotiate action plans and solutions with management to address the problems.
  • Follow-up on reported findings at appropriate intervals. Internal Audit departments maintain a follow up database for this purpose.

Internal Audit and Performance Audit - CS Professional Study Material

Internal Control:
The Internal Control may be defined as “The process designed, implemented and maintained by those charged with governance, management and other personnel to provide reasonable assurance about the achievement of an entity’s objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, safeguarding of assets, and compliance with applicable laws and regulations. The term “controls” refers to any aspects of one or more of the components of internal control.

Leave a Comment

Your email address will not be published. Required fields are marked *