Applicability and Relevance of Internal Audit in Current Scenario

The mission of internal audit is: “To enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight.”

Internal auditor is familiar with the common construct for writing good audit findings for their audit reports, known as the 5-C’s:  Condition, Criteria, Cause, Consequence, and Corrective Action.

IA function focuses on offering assurance around business-process risks and controls. However, as risks have multiplied and become more complex, IA has been required to deliver a wider range of services, often on short notice. IA also has responsibilities around governance, risk appetite, and a risk and control culture

When is Internal Audit required?

1. Increased size and complexity of business.
2. Compliance of Statutory requirement.
3. Use of Information technology on large scale.
4. Internal controls for risk management.
5. Establish sound corporate governance and use of best industry practices.

Functions of Internal Auditor

1. Review operations, policies, and procedures and assist management in establishing better policies and procedures
2. Certify risks being managed within acceptable limits as laid down by the Board of Directors.
3. Examining and evaluating continuous effectiveness of the internal control system and making recommendations, if any, for improving internal control mechanism.
4. Help the management in identifying frauds and preventing them.

As per Securities and Exchange Board of India (SEBI), there is a statutory clause 49 of the Listing agreement which requires any listed entity to ensure that:-

• Weaknesses found in internal controls are reported.

• Internal audit function is being made functional.

• Finding and reporting of suspected frauds or irregularity as a result of failure of internal control mechanism.
• Certification and taking of responsibility by the CEO and the CFO to the Board of Directors for the effectiveness of internal controls, and steps taken by them to improve upon the deficiencies in internal control to the auditors and the audit committee.

As per section 138 of the internal audit, Chapter IX -Accounts of Companies, Companies Act,2013, it clearly states that every listed company and unlisted company having share capital of Fifty Crores INR, or Turnover of Two hundred crores INR or Bank Loans exceeding One hundred crores INR, outstanding deposits of Twenty- Five crores INR or more at any point of time, they are required to appoint an internal auditor or a firm of internal auditors. These auditors need to be either Chartered accountant or Cost accountant or any other professional as decided by the Board of Directors in order to conduct at regular intervals, internal audit of the various functions and activities of different departments of the organization.

Applicability of Internal Audit

As per the Companies Act 2013, following class of companies shall have to mandatorily appoint internal auditor.

• Every Listed Company
• Every Unlisted public company if during the preceding financial year, it satisfies any of the below mentioned conditions:
  1. Turnover of rupees two hundred crore or more.
  2. Paid up share capital of rupees fifty crore or more.
  3. Outstanding loans or borrowings from banks or PFI exceeding rupees one hundred crore or more at any point of time.
  4. Outstanding deposits of rupees twenty five crore or more at any point of time.
• Every private company if during the preceding financial year, it satisfies any of the below mentioned conditions:
  1. Turnover of rupees two hundred crore or more.
  2. Outstanding loans or borrowings from banks or PFI exceeding rupees one hundred crore or more at any point of time.
• Part of the management and have the authority to investigate the operations of organization.

Effect of CARO 2020 on Internal Audit

As per clause XIV of CARO 2020 an external auditor should consider the following while preparing its audit report

1. whether the company has an internal audit system commensurate with the size and nature of its business;
2. whether the reports of the Internal Auditors for the period under audit were considered by the statutory auditor;

Responsibilities of an Internal Auditor

• To maintain an independent status and shall not involve in the performance of executive function.
• Analyze the risk and bring them in the notice of management.
• Analyze the operations of the entity and maintain an adequate system of internal control, also provide safeguard. Against misappropriation of assets.
• Evaluate the policies of organization and made necessary changes on it, if required.
• Keep an eye on all all important occurrences and events which may affect the business.
• Shall not take operation decision on those matters later which may be internal audit.

Report of Internal Auditor

The Internal Auditor shall issue their report on the basis of his best professional judgment, after consultation with the auditee, in a reasonable period of time from the completion of audit. Key elements of internal audit report are as follows:

• Conclusion of internal audit report should be on the basis of audit procedures performed during the audit and the analysis of the audit evidence obtained by performing these procedures.
• If internal audit is performed as per Standards on Internal Audit then the auditor shall specify the same in his report.
• Since the Standards on Auditing does not mandate the auditor to follow a particular format. So, an auditor may frame his report by exercising professional judgment and may be influenced by the preferences of the recipients.
• After fulfillment of all the compliance procedure Copies of draft and final internal audit reports to should be maintained in a proper manner.

Characteristics of Internal Audit

• Internal audit is an independent management function, in order to provide an unbiased and impartial report.
• It studies the existing internal controls and standard operating procedures with the objective of determining whether they are properly carried out.
• It helps in improving internal control structures and promote better corporate governance.
• It identifies threat and opportunities and designs controls to manage the risks and taking advantage of opportunities.
• An internal audit is performed to ensure that the system of internal controls instituted by the management of a company is functioning in the manner intended by the key managerial personnel of the company and also for the welfare of the members of the company
• An internal audit takes into consideration the question of whether the business practices deployed by the officers of the company are helpful in prudently managing the business and meeting the strategic objective of the organisation.
• An internal audit can cover both operational as well as financial issues. However, the process of internal audit is generally understood to be a limited one and managed by any qualified person who can audit the governance of an organisation and the methodology by which it assesses and manages the risks faced by it in the dynamic business environment. The internal auditor by means of the internal audit process is responsible for reporting to the management or audit committee of the company.
• Internal audit is a function that, even though operating independently from other departments and involves reporting directly to the audit committee, remains within an organisation.
• Internal audits involve performing audits of both financial and non-financial nature within a wide of areas of operation in business, including those that are directed by the annual audit plan.
• Internal audit deals with the main risks facing the business and the action being taken to manage those risks in an effective manner so that the organisation can achieve its various objectives.
• The internal audit is limited to the governance of an organisation, management controls over the operations of an organisation and risk management.
• The internal audit is conducted based on the personal resolve of the business owners to measure the operation’ efficiency as conducted by the business.

Objectives of Internal Audit

The following are the primary objectives of conducting an internal audit in an organisation.

• Conducting an internal audit would keep adequate control over all the business activities.
• Internal audits include checking the proper authority for transactions such as purchase, retirement and disposal of fixed assets. It checks against the result against entries in order to determine the actual facts and figures.
• An internal auditor would be able to point out the weaknesses of an organisation. Internal audits may be used as a tool to make the necessary corrections. This would enable the management to perform correctly.
• Weak points could be located, and the corrective measures could be taken to ensure proper functioning.
• An internal auditor would be able to examine the valuation, verification and possession of assets belonging to the company. It would confirm that the purchase or sale of assets would be made under proper authority.
• An internal audit detects the errors in the accounting records. This would help the management to access the accounting record in order. This would also minimise the chances of errors occurring in the records. The accounting team of an organisation would be able to rectify mistakes to prepare accounts at the end of the year to help the external auditor.
• Conducting an internal audit can detect frauds in the books of accounting.
• An internal audit would be able to examine the accounting policies of an organisation. The understanding of the accounting system and its procedures would be helpful to formulate effective audit plans and procedures. The internal auditor would be able to find weaknesses in the internal control and help fix the accounting policies.
• The purpose of an internal audit may be to conduct a special investigation concerning any business matter. An internal audit may be used as a tool to find the effectiveness of the function of the management.

Conclusion

An internal audit ensures that a company follows the law and rules in a timely manner. The audit provides a level of security and aids in the management of risk arising from fraud, power abuse, or other scenarios. An internal auditor provides management with an unbiased assessment of the processes and financial statements. Using the services of an internal auditor, an organization can improve their operational and financial performance.

Also read:- Key things to know about Internal Audit

Contact us to know more.

Please email us:- [email protected]

or contact us on +91 88601-90008

Article contributed by:

Team- Risk & Transaction Advisory Services