Internal Audit & Performance i
Audit 14
Nt BH TH BS
a Internal Audit m Audit Techniques m Operational control m Risk areas of the organisation m= Internal Controls
m Risk management
Learning Objectives
To understand:
» Internal Audit as a mechanism to provide an independent and objective assessment of the
effectiveness and efficiency of qd company’s operations, specifically its internal control structure.
» How the function of internal audit helps an organization to accomplish its objectives by bringing
systematic and disciplined approach to evaluate and improve the effectiveness of risk management,
control, and governance processes.
» The broad scope of Internal Auditing and what are the Internal Audit Techniques.
» How Internal Audit includes effects the efficiency of internal control, operations, IT controls, the
reliability of financial reporting, deterring and detecting fraud and compliance with laws and
regulations.
» The pro-active and central role Company Secretary plays in the governance of the company.
» Role of Internal Audit in organisation Control Mechanism.
STRUT
» = Introduction » Appraisal of Management Decisions
» Internal Audit under the Companies Act, >» = Internal Control Mechanism
2013
» Lesson Round-Up
» Appointment of Internal Auditor
» Glossary
» Objective of Internal Audit
» Test Yourself
» Ss Int l Audit ; :
aaa aida » List of Further Readings
» = Internal Audit Core principles . .
» Other References (Including Websites/
» Independence of Internal Auditor Video Links)
» = Internal Audit Techniques
» Role of Internal auditor in organisation
Control mechanism
,PP-CMA&DD Internal Audit & Performance Audit
REGULATORY FRAMEWORK
» The Companies Act, 2013
» The Companies (Meeting of the Board and its Power), Rules, 2014
» The Companies (Accounts) Rule, 2014
INTRODUCTION
Historically, internal auditing was confined to ensure that, the accounting and allied records have been
properly maintained, the assets of the organization have been properly safeguarded and that the policies and
procedures laid down by the management have been complied with. Post liberalization of economy, the growth
and expansion made it increasingly difficult for organizations to maintain control and operational efficiency.
The economic conditions further expanded organizations’ responsibilities for scheduling, managing with limited
materials and labourers, complying with government regulations, and an increased emphasis on cost efficiency
It was difficult for management to observe all the operating areas or be in touch with everybody. This requires
companies to appointed auditing personnel for report on affairs of the company, which are known as ‘Internal
Auditors’.
The operations ofthe Companies which have huge andsophisticated business structure andhave decentralization
of their business activities among the various functional heads and division or wherein the top management is
remotely concerned with the day-to-day activities of the concern. Now a day, the role of internal auditing has a
great significance in the performance of the company.
With the changes in the economic conditions, now the scope of internal auditing is not confined to financial
transactions itis extended up to the minute activities of the company, which may or may not be the cost centre
but have an impact on the efficiency of the company.
DEFINITION OF INTERNAL AUDIT
Independence is established by the organizational and reporting structure. Objectivity is achieved by an
appropriate mind-set. The internal audit activity evaluates risk exposures relating to the organization’s
governance, operations and information systems, in relation to:
1. Effectiveness and efficiency of operations;
2. Reliability and integrity of financial and operational information;
3. Safeguarding of assets;
4. Compliance with Laws, regulations, and contracts.
According to Professor Walter B. Meigs, “Internal auditing consist of a continuous, critical review of
financial and operating activities by a staff of auditors functioning as full time salaried employees.”
496 ‘~
, Internal Audit & Performance Audit LESSON 14
Based on the results of the risk assessment, the internal auditors evaluate the adequacy and effectiveness
of how risks are identified and managed in the above areas. They also assess other aspects such as
ethics and values within the organization, performance management, communication of risk and control
information within the organization in order to facilitate a good governance process. An effective internal
audit activity is a valuable resource for management and the board and the audit committee due to
its understanding of the organization and its culture, operations, and risk profile. The objectivity, skills,
and knowledge of competent internal auditors can significantly add value to an organization’s internal
control, risk management, and governance processes. Similarly an effective internal audit activity can
provide assurance to other stakeholders such as regulators, employees, providers of finance, and
shareholders.
Nature of Internal Audit:
1. A Management tool: Internal Audit is management tool performed by the employees of the
organisation or the engaged professional firm to check the appropriateness of internal checks
and control in the organisation. The reporting authority is generally board of directors and audit
committee.
2. <A continuous Exercise: Internal Audit is a continuous and systematic process of examining and
reporting the operations and records of a concern by its employees or external agencies specially
assigned for this purpose. It is, in essence, auditing for the management and its scope may vary
depending upon the nature and size of the concern.
3. A Control System: It is a control system concerned with examination and appraisal of other control
mechanisms.
4. A Risk Management Tool: The internal audit work encompasses fostering the creation of a risk
management process and ensuring it addresses key objectives, and the subsequent evaluation of the
process. The internal audit work also encompasses an identical role in the creation and subsequent
evaluation of, the business continuity planning process, and the information security and privacy
system.
CASE STUDY
INTERNAL AUDIT UNDER THE COMPANIES ACT, 2013
The concept of the internal audit has been recognized as a statutory exercise under Section 138 of the
Companies Act, 2013, and has been made mandatory. As per Rule 13 of Companies (Accounts) Rule, 2014,
the following class of companies shall be required to appoint an internal auditor which may be either an
individual or a partnership firm or a body corporate, namely:
ll 497
Audit 14
Nt BH TH BS
a Internal Audit m Audit Techniques m Operational control m Risk areas of the organisation m= Internal Controls
m Risk management
Learning Objectives
To understand:
» Internal Audit as a mechanism to provide an independent and objective assessment of the
effectiveness and efficiency of qd company’s operations, specifically its internal control structure.
» How the function of internal audit helps an organization to accomplish its objectives by bringing
systematic and disciplined approach to evaluate and improve the effectiveness of risk management,
control, and governance processes.
» The broad scope of Internal Auditing and what are the Internal Audit Techniques.
» How Internal Audit includes effects the efficiency of internal control, operations, IT controls, the
reliability of financial reporting, deterring and detecting fraud and compliance with laws and
regulations.
» The pro-active and central role Company Secretary plays in the governance of the company.
» Role of Internal Audit in organisation Control Mechanism.
STRUT
» = Introduction » Appraisal of Management Decisions
» Internal Audit under the Companies Act, >» = Internal Control Mechanism
2013
» Lesson Round-Up
» Appointment of Internal Auditor
» Glossary
» Objective of Internal Audit
» Test Yourself
» Ss Int l Audit ; :
aaa aida » List of Further Readings
» = Internal Audit Core principles . .
» Other References (Including Websites/
» Independence of Internal Auditor Video Links)
» = Internal Audit Techniques
» Role of Internal auditor in organisation
Control mechanism
,PP-CMA&DD Internal Audit & Performance Audit
REGULATORY FRAMEWORK
» The Companies Act, 2013
» The Companies (Meeting of the Board and its Power), Rules, 2014
» The Companies (Accounts) Rule, 2014
INTRODUCTION
Historically, internal auditing was confined to ensure that, the accounting and allied records have been
properly maintained, the assets of the organization have been properly safeguarded and that the policies and
procedures laid down by the management have been complied with. Post liberalization of economy, the growth
and expansion made it increasingly difficult for organizations to maintain control and operational efficiency.
The economic conditions further expanded organizations’ responsibilities for scheduling, managing with limited
materials and labourers, complying with government regulations, and an increased emphasis on cost efficiency
It was difficult for management to observe all the operating areas or be in touch with everybody. This requires
companies to appointed auditing personnel for report on affairs of the company, which are known as ‘Internal
Auditors’.
The operations ofthe Companies which have huge andsophisticated business structure andhave decentralization
of their business activities among the various functional heads and division or wherein the top management is
remotely concerned with the day-to-day activities of the concern. Now a day, the role of internal auditing has a
great significance in the performance of the company.
With the changes in the economic conditions, now the scope of internal auditing is not confined to financial
transactions itis extended up to the minute activities of the company, which may or may not be the cost centre
but have an impact on the efficiency of the company.
DEFINITION OF INTERNAL AUDIT
Independence is established by the organizational and reporting structure. Objectivity is achieved by an
appropriate mind-set. The internal audit activity evaluates risk exposures relating to the organization’s
governance, operations and information systems, in relation to:
1. Effectiveness and efficiency of operations;
2. Reliability and integrity of financial and operational information;
3. Safeguarding of assets;
4. Compliance with Laws, regulations, and contracts.
According to Professor Walter B. Meigs, “Internal auditing consist of a continuous, critical review of
financial and operating activities by a staff of auditors functioning as full time salaried employees.”
496 ‘~
, Internal Audit & Performance Audit LESSON 14
Based on the results of the risk assessment, the internal auditors evaluate the adequacy and effectiveness
of how risks are identified and managed in the above areas. They also assess other aspects such as
ethics and values within the organization, performance management, communication of risk and control
information within the organization in order to facilitate a good governance process. An effective internal
audit activity is a valuable resource for management and the board and the audit committee due to
its understanding of the organization and its culture, operations, and risk profile. The objectivity, skills,
and knowledge of competent internal auditors can significantly add value to an organization’s internal
control, risk management, and governance processes. Similarly an effective internal audit activity can
provide assurance to other stakeholders such as regulators, employees, providers of finance, and
shareholders.
Nature of Internal Audit:
1. A Management tool: Internal Audit is management tool performed by the employees of the
organisation or the engaged professional firm to check the appropriateness of internal checks
and control in the organisation. The reporting authority is generally board of directors and audit
committee.
2. <A continuous Exercise: Internal Audit is a continuous and systematic process of examining and
reporting the operations and records of a concern by its employees or external agencies specially
assigned for this purpose. It is, in essence, auditing for the management and its scope may vary
depending upon the nature and size of the concern.
3. A Control System: It is a control system concerned with examination and appraisal of other control
mechanisms.
4. A Risk Management Tool: The internal audit work encompasses fostering the creation of a risk
management process and ensuring it addresses key objectives, and the subsequent evaluation of the
process. The internal audit work also encompasses an identical role in the creation and subsequent
evaluation of, the business continuity planning process, and the information security and privacy
system.
CASE STUDY
INTERNAL AUDIT UNDER THE COMPANIES ACT, 2013
The concept of the internal audit has been recognized as a statutory exercise under Section 138 of the
Companies Act, 2013, and has been made mandatory. As per Rule 13 of Companies (Accounts) Rule, 2014,
the following class of companies shall be required to appoint an internal auditor which may be either an
individual or a partnership firm or a body corporate, namely:
ll 497
