Manual on Internal Audit
DISCLAIMER : The views expressed in the Manual on Internal Audit are those of the
author(s). The Institute of Chartered Accountants of India may not
necessarily subscribe to the views of the author(s).
The Institute of Chartered Accountants of India
(Set up by an Act of Parliament) New Delhi
ii
© The Institute of Chartered Accountants of India
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form, or by any means, electronic mechanical, photocopying, recording, or otherwise, without prior permission, in writing, from the publisher.
Edition : January, 2009
Website : www.icai.org
Email : [email protected]
Price : Rs. 400/- (Including CD)
ISBN : 978-81-8441-179-9
Published by : The Publication Department on behalf of CA. Puja Wadhera, Senior Assistant Director, Internal Audit Standards Board, The Institute of Chartered Accountants of India, Indraprastha Marg, New Delhi – 110 002
Printed by : Sahitya Bhawan Publications, Hospital Road, Agra 282 003
January/2009/1000 Copies
iii
Foreword
The year 2008-09 has been a very active year for the Internal Audit Standards Board. The year has seen the Board issuing a number of Standards on Internal Audit as well as other technical literature such as generic and industry specific technical guides. I am happy to note that the Board is brining out this Manual on Internal Audit.
This is first of its kind of Manual on internal audit to be published by the Institute as it contains a step by step approach to conduct internal audit, right from appointment to reporting. The Manual has been developed by a team of experts in the field of internal audit and risk management and the fact is amply reflected in the fine balancing of conceptual vis a vis practical approach to internal audit in the Manual.
I appreciate that despite being a highly technical document, the Manual has been written in a very simple and lucid manner. Besides, the guidance contained herein being generic in nature, the Manual can be gainfully used by all the internal auditors across the cross section of industry type and size.
At this juncture, I wish to compliment all members of Internal Audit Standards Board, especially, the Chairman, CA. Abhijit Bandyopadhyay for having conceived the idea.
I am sure that this Manual, like other publications of the Board, would be warmly received and appreciated by the members and other interested readers.
January 16, 2009
New Delhi
Ved Jain
President, ICAI
v
Preface
Contemporary internal audit is a vast field with a number of facets to be understood and addressed. The Internal Audit Standards Board has been working relentlessly to bring out more and more quality literature for the guidance of the members. Till date the Board has brought out not only more than ten Standards on Internal Audit (SIAs) on various significant aspects of internal audit, it has published a number of widely appreciated generic as well as industry specific technical guides for the benefit of the members.
When the Board conceived the idea of having a Manual on Internal Audit, the basic objective behind the same was to bring out a comprehensive publication on internal audit, containing practical guidance on conducting an internal audit in a real life scenario. Accordingly, the Board roped in the services of an expert in the area of internal audit and risk management to prepare this Manual. The Manual, as you would see, is quite comprehensive, providing a step by step guidance on every aspect of internal audit. It is divided into four main parts. Part A deals with Internal Audit Engagement Management, Part B deals with Internal Audit Project Management, Part C deals with Close Outs and Part D deals with General Annexures. While each of the Parts is further divided into relevant sub topics, Part B contains, guidance on aspects such as overall planning, pre audit opening, detailed walk throughs, report, checklists, audit programmes, report compilation, exit meeting and report issuance.
The Manual contains a number of templates as well as checklists for ready reference and easy use of the readers. The Manual has therefore, a wider usage and appeal. I personally feel that the Manual has turned out to be the first of its kind one stop reference for the internal auditors to be issued by the Institute.
I wish to place on record my thanks for Shri Ved Jain, President, and Shri Uttam P Agarwal, Vice President, ICAI for their vision and unstinted support in the activities of the Internal Audit Standards Board. I also wish to express my sincere gratitude to all my colleagues from the Council at the Internal Audit Standards Board, viz., CA. Bhavna G. Doshi, Vice Chairperson, CA. Sunil H. Talati, CA. Mahesh P. Sarda, CA. Shanti Lal Daga, CA. K. P. Khandelwal, CA. Manoj Fadnis, CA. Anuj Goyal, CA. Amarjit Chopra, Shri Manoj K Sarkar, Shri K. P. Sasidharan, Dr. Pritam Singh and Shri O. P. Vaish for their vision and support. I also wish to place on records my gratitude for the co-opted members on the Board, viz., CA. Partha Sarathi De, CA. N. K. Aneja, CA. Charanjit S. Attra, CA. Nagesh D. Pinge as also special invitees on the Board, viz., CA. Harinderjit Singh (my Council colleague), CA. Deepak Wadhawan, CA. Manu Chadha, CA. Santosh Nair and CA. Amit Roy for their free and frank views, invaluable guidance as also their dedication and support to the various initiatives of the Board. I also wish to thanks to CA. K. Raghu (my Council colleague), for his support in bringing out the Manual. I also wish to express my thanks to CA. Puja Wadhera, Secretary, Internal Audit Standards Board and her
vi
team of officers, CA. Gurpreet Singh, Senior Executive Officer and CA. Arti Aggarwal, Executive Officer for their efforts in giving final shape to the Manual.
I am sure that the Manual would be warmly received by the interested readers and would be recounted as a landmark publication of the Institute. January 19, 2009
Kolkata
Abhijit BandyopadhyayChairman, Internal Audit Standards Board
Contents
Page No
Foreword……………………………………………………………………………………….……….(iii)
Preface……………………………………………………………………………………………….… (v)
Format No
Part - A Internal Audit Engagement Management A/1 Initial Introduction Letter 3A/2 Proposal of Internal Audit Services 4A/3 Engagement letter 9A/4 Scope and Objective 15A/5 Organization Background 16A/6 Industry Research 18A/7 List of Files and Contents 20
Paet - B Internal Audit Project Management B/1 Overall Planning 23
Pre Audit Opening 25B/2.1 Opening Meeting Control Statement 25B/2.2 General Process Understanding 26B/2.3 Data Needs Identification and Collection 28B/2.4 Data Analysis and Summary Preparation 29B/2.5 Previous Audit Report Analysis 30B/2.6 Brain Storming Sessions (Internal) 31
Detailed Walk Throughs 32B/3.1 Selection of sample 32B/3.2 Walk Through Tracking 33B/3.3 Documentation of Walk Through 34
Risks, Checklists, Audit Programme 37 Listing of Risks and Audit Programme (Checklists) 37
B/4.1.1 Corporate Risks Review Checklist 37B/4.1.2 Finance and Accounts Risks Review Checklists 43B/4.1.3 Human Resources Process Review Checklists 51B/4.1.4 Inventory Risks Review Checklists 65B/4.1.5 Information Security Review Checklists 74B/4.1.6 Marketing Risks Review Checklists 83B/4.1.7 Purchases Risks Review Checklists 88
viii
B/4.1.8 Production Risks Review Checklists 93B/4.1.9 Sales and Despatch Risks Review Checklists 101
B/4.1.10 Statutory Compliances Review Checklists 106B/4.1.11 Administration Risks Review Checklists 120
B/4.2 Planning and Execution of Audit Programme 124B/4.3 Compilation of Observations and Draft Reporting 129B/4.4 Quality Check of Evidences Collection 132
Report Compilation 133B/5.1 Draft Audit Report 133B/5.2 Covering Letter for Draft Report – by Email/ Letter Head 136B/5.1 Collection of Management Comments 137
Exit Meeting 138B/5.2 Fixing of the Meeting Time 138
B/6.2A, B/6.2B Presentation and Action Plan Preparation 139
B/5.1 Updation of the Action Plan into the Draft Report 144 Report Issue 145
B/7.1 Final Report Release Checklist 145B/7.2 Audit Committee Presentation (Where Applicable) 147B/7.3 Audit Feedback Collection 154
Work Paper Closures 157 Work Papers Compilation and Quality Audit Closures 157
B/8.1A Quality Audit Checklist 157B/8.1B Quality Audit Action Plan Statement 161B/8.2 Knowledge Bank Updation 162
Part -C Close Outs C/1 Invoice Format 165C/2 Out of Pocket Expenses Tracking 166C/3 Overall Closure Checklists 167
Part - D General Annexures D/1 Confirmation of Meetings Format 171D/2 Minutes of Meetings Formats 172D/3 Agenda of the Meeting 173D/4 Standards on Internal Audit Issued by the ICAI 175
1
PART – A
Internal Audit Engagement Management
2
3
Initial Introduction Letter
Format No: A/1
Date: <DD MMM YYYY>,
<City>.
To
Mr./Mrs. <Name of the Client Representative>, <Designation>,
<Name of the Company>,
<City>.
Dear Sir,
Sub: Introduction of Our Internal Audit Services
In continuation to your request, we are very happy to introduce XYZ & Co, one of a specialist in delivering you high value Internal Audit Services based at <City>. We are a team of XX Chartered Accountants, XX Information Systems Auditors, XX Internal Auditors.
Our methodology is adopted from global standards and ICAI standards and would be providing required value add. Some of the clients whom we have delivered the services are Client 1, Client 2, Client 3, Client 4 etc. to name a few.
Please also find attached a detailed profile1 of our organization for your review. We look forward to hear from you in this regard.
Warm Regards,
For XYZ & Co.
XYZ,
Partner 2 3
1 Attach your organization’s profile to this letter. Please comb-bind the profile for presentation. 2 The objective of this letter is just to introduce your organization subject to a request from the client. 3 The letter should be preferably signed by the Partner of the organization or an authorized representative. Keep an
office copy of this letter. A file viz., “Initial Introduction Letters” may be opened to track all the letters.
4
Proposal for Internal Audit Services1
Format No: A/2
Overview: <Write a brief overview about the company you are giving a proposal>
<Write a brief overview about the Industry Segment to which the client belongs>
<Write briefly about the general challenges faced by the Industry>
<Write briefly about how Internal Audit can help eliminate them>
<Write briefly about your organization’s capabilities in providing Internal Audit Services>
<Write briefly about the contents of this proposal>
Scope and Objective: The objectives for the internal audit are as under:
Evaluate the business processes to ensure that they are aligned to the business objectives.
Evaluate the compliance to both the internal policies and procedures of the company and external regulations to the extent applicable to the following key processes.
Evaluate the effectiveness and efficiency of the identified processes and related internal controls.
Evaluate the accuracy of accounting information systems supporting the process.
Evaluate progressively the risks relating to the business management covering information technology and general process
Scope of work / Areas to be covered as part of Internal Audit:
The scope shall be covering the transactions for the period <Month, Year> to <Month, Year>
Management Process
Process 12
Process 2
Marketing
Process 1
Process 2
1 Proposal may be printed on the letter head of the organization or a simple A4 Size Sheet. 2 You may also add a list of risks that shall be looked into in the process.
Proposal for Internal Audit Services
5
Contract/Project Management
Process 1
Process 2
Client Relationship Management
Process 1
Process 2
HR Process
Process 1
Process 2
Finance and Accounts
Process 1
Process 2
Administration and Logistics
Process 1
Process 2
Information Technology
Process 1
Process 2
The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.
Methodology and Deliverables3
We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.
3 Each firm may have its own methodology / format of deliverables. This is model only.
Manual on Internal Audit
6
The following are the benefits for the organization from outsourcing:
• Global best methodology for handling Internal Audits
• Relevant business / process / internal audit expertise and access to best practices
• Structured deliveries with performance indicators and terms of delivery
• Saving costs and efforts for the organization and help management concentrate on core competency
Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.
Pre Audit Opening
• General Process Understanding
• Data Analysis and Summary Preparation
• Planning of Audit
Detailed Walk Through
• Detailed Walk Through
• Documentation of Walk Through Results
Risks, Checklists, Audit Programme
• Listing of Risks and Audit Programme (Checklists)
• Generation of Exceptions through Analytics
• Planning of Audit Programme Delivery
• Execution of Audit Programme
• Compilation of Observations and Draft Reporting
• Quality Check of adequacy of Evidences and Work Paper Linking
• Supervisory Review and Confirmation
Report Compilation
• Preparation of Audit Report
• Circulation of the Draft Report for Management Comments
• Collection of Management Comments
Exit Meeting
• Fixing of the Meeting Time
• Presentation and Action Plan Preparation
• Updation of the Action Plan into the Draft Report
Proposal for Internal Audit Services
7
Report Issue
• Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI
• Audit Committee Presentation (Where Applicable)
• Audit Feedback Collection
Each Audit Report shall contain the following information:4
• Executive summary
• High, Medium, Low Risk Areas classified separately
• Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments, Annexures of evidences
• Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.
• Presentation to management and Audit Committee
The Audit shall be conducted as per the Standard on Internal Audit (SIA) 4 for Reporting released by ICAI.
Team, Schedule and Professional Fees:
Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:
Sl No Particulars / Name of the Resource5
No of man days / man
months Qualifications
1 Partner
2 Senior Manager
3 Senior Associates / Consultants
4 Associates / Consultants
5 Junior Associates / Consultants
Total Time
Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.6
4 Incase you would like to expand the deliverables, it can be done. Sometimes clients would like to know what is the format of deliverable, in such cases, an annexure may be added. 5 A detailed resource list may be given where necessary. 6 It is always good practice to add commentary about service tax and out of pocket expenses (OPEs) applicability / inclusion.
Manual on Internal Audit
8
Resources Required
• An audit room will be set up having the sufficient no. of Table and chairs along with White board for meeting and discussion.
• Access to all the data, record, employees required for the effective performance of internal audit.
• Computers with access to company ERP, email and other systems with printing facility with adequate stationary.
Project Coordination:
We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator.
About XYZ & Co
<Write about your organization, history, locations, its team members, no of man years of experience totally, specific points about your organization’s capabilities etc.,>
<Write a list of services your firm offers apart from internal audits>
<Give a list of clients and work experiences where applicable>7
8
7 Logos of clients may be given, whereas prior permission of clients may be necessary. 8 Some firms also add confidentiality clause / non-compete clause in the proposal itself.
9
Engagement Letter
Format No: A/3 <on the letter head>
Date: <DD MMM YYYY>,
<City>.
To
Mr./Mrs. <Name of the Client Representative>,
<Designation>,
<Name of the Company>,
<City>.
Dear Sir,
Sub: Internal Audit Engagement Letter
With regards to the discussions we had on DD/MM/YYYY and in continuation with the proposal given on DD/MM/YYYY, please find the Engagement Letter for the Internal Audit Assignment with the following Scope, Objective and Timelines:
Scope and Objective:1 The objectives for the internal audit are as under:
Evaluate the business processes to ensure that they are aligned to the business objectives.
Evaluate the compliance to both the internal policies and procedures of the company and external regulations to the extent applicable to the following key processes.
Evaluate the effectiveness and efficiency of the identified processes and related internal controls.
Evaluate the accuracy of accounting information systems supporting the process.
Evaluate progressively the risks relating to the business management covering information technology and general process
1 Specific objectives of client may be elaborated here.
Manual on Internal Audit
10
Scope of work / Areas to be covered as part of Internal Audit: The scope shall be covering the transactions for the period <Month, Year> to <Month, Year>
Management Process
Process 1
Process 2
Marketing
Process 1
Process 2
Contract/Project Management
Process 1
Process 2
Client Relationship Management
Process 1
Process 2
HR Process
Process 1
Process 2
Finance and Accounts
Process 1
Process 2
Administration and Logistics
Process 1
Process 2
Information Technology
Process 1
Process 2
The depth and sample size under the above business processes will be decided based on Risk assessment, where incase the Risk level is high, the area shall be analyzed in depth and the sample size shall also accordingly increase. The coverage shall be based on significant risks identified in the area of concentration. The methodology adopted for internal audit deliveries is separately given in this proposal.
Engagement Letter
11
Methodology and Deliverables2 We have structured methodology starts from mapping the corporate vision to audit deliveries and value-add. The following chart displays the steps generally followed by us in an Internal Audit Outsourcing Service.
The following are the benefits for the organization from outsourcing:
• Global best methodology for handling Internal Audits
• Relevant business / process / internal audit expertise and access to best practices
• Structured deliveries with performance indicators and terms of delivery
• Saving costs and efforts for the organization and help management concentrate on core competency
Our strong methodology also includes taking the input of the top management, process management and audit management to design a solution that means value addition. Our deliverable will give a road map to make the necessary process improvements that gives a big seat for practicality of implementation of recommendations.
Pre Audit Opening
• General Process Understanding
• Data Analysis and Summary Preparation
• Planning of Audit
Detailed Walk Through
• Detailed Walk Through
• Documentation of Walk Through Results
Risks, Checklists, Audit Programme
• Listing of Risks and Audit Programme (Checklists)
• Generation of Exceptions through Analytics
• Planning of Audit Programme Delivery
• Execution of Audit Programme
2 Some clients may not want a detailed methodology to be given in the engagement letter.
Manual on Internal Audit
12
• Compilation of Observations and Draft Reporting
• Quality Check of adequacy of Evidences and Work Paper Linking
• Supervisory Review and Confirmation
Report Compilation
• Preparation of Audit Report
• Circulation of the Draft Report for Management Comments
• Collection of Management Comments
Exit Meeting
• Fixing of the Meeting Time
• Presentation and Action Plan Preparation
• Updation of the Action Plan into the Draft Report
Report Issue
• Final Official Report Issue as per Standards on Internal Audit (SIAs) Issued by the ICAI
• Audit Committee Presentation (Where Applicable)
• Audit Feedback Collection
Each Audit Report shall contain the following information: • Executive summary
• High, Medium, Low Risk Areas classified separately
• Detailed audit observations, covering Risks, Impact, Recommendations, Auditee Comments, Annexures of evidences
• Audit Implementation Action Plans with time lines and responsibility shall be updated after management discussion.
• Presentation to management and Audit Committee
Team, Schedule and Professional Fees: Based on the Information provided to us with regard to the infrastructure and statistics, we estimate the following:
Sl No Particulars / Name of the Resource No of man days /
man months Qualifications
1 Partner 2 Senior Manager 3 Senior Associates / Consultants 4 Associates / Consultants 5 Junior Associates / Consultants Total Time
Engagement Letter
13
3Taking the above deployments into account, the fee for the assignment is estimated as Rs. XXXXXXX/- excluding applicable service taxes. Incase there is any travel incidental to the delivery of the project we shall adhere to internal policies and shall be reimbursed on actual.
Resources Required • An audit room will be set up having the sufficient no. of Table and chairs along with White
board for meeting and discussion.
• Access to all the data, record, employees required for the effective performance of internal audit.
• Computers with access to company ERP, email and other systems with printing facility with adequate stationary.
Project Coordination: We understand the importance of a project coordinator over the period of the assignment. The team shall be interacting with the process owners through the project coordinator. It is the duty of the Project Coordinator to organize the information and time of the process owners. Any delay due to coordinator or process owner shall not be the responsibility of the Internal Audit Service Provider.
Confidentiality Clause: We shall maintain confidential all the information collected as part of the engagement and shall not disclose them unless until necessary as per the regulations of the land of assignment. Incase of need to disclose the information, we shall take the permission of the client coordinator before disclosing.
Termination Clause: The assignment can be terminated by either parties by giving a notice in advance of atleast 1 month. Thereafter the information / documentation collected shall be returned back to the client.
4Incase of negligence, quality standards compromise, and willful default, the client shall have the right to be indemnified for all the costs till the date of termination.
3 Some clients may be interested to add a detailed Gantt chart of the project. 4 Some clients may also be interested to add a Quality Assurance Clause.
Manual on Internal Audit
14
Signing of the Contract:
For XYZ & Co.,5
XYZ,
Partner
On behalf of Client
For <Name of the Client>
<Name of the Authorized Representative>
<Designation>
5 Please ensure that the seal is put on the Contract. The engagement letter shall be made in two copies, one for each party.
15
Scope and Objective Statement
Format No: A/4
Assignment No Assignment Name
Engagement Manager
Company Name
Objective of the Assignment1 a.
b.
c.
d.
Scope of the Assignment2 a.
b.
c.
d. 3
1 Please define in as much detail as possible the objectives for which the assignment is being handled. Objective is the element, one is trying to achieve at the end of the project. It is very important that the objectives are defined as clearly as possible to eliminate ambiguity. 2 Define the areas of coverage, it may be in period / departments / divisions / business processes / locations / units etc., The scope should be linked to objectives. 3 It is recommended to do as much brainstorming as possible to define this document at the planning stage.
16
Organization Background
Format No: A/5
Assignment No Assignment Name
Engagement Manager
Company Name
General Business Understanding
Overview of Business
Overview of Industry Segment1
Specific Risks faced by Industry Segment
1 Use Internet search engines, industry publications, websites, research reports.
Organization Background
17
Important Statistics (Financial, Manpower etc.) Collected2
Organization Structure and Decision Hierarchy3
Business Goals, Objectives
Description about the Business Systems, IT Infrastructure4
2 Obtain important performance statistics which shall help understand organization’s current state of affairs. 3 Please give annexure where necessary. You may use MS-Visio or MS-Excel to prepare organization structures. 4 Detail about the systems and procedures currently in place. Also capture the level of standardization in the organization ie. Existence of Standard Operating Procedures, Policies etc.,
18
Industry Research
Format No: A/6
Assignment No Assignment Name
Engagement Manager
Company Name
The objective of this document is to identify the industry practices / competitor practices so as to enable the organization under to benchmark itself.1
List of Competitors and availability of Information with regards to financials, processes etc.
List of Best Practices Adopted by Industry
Sl No Area / Best Practice Source Name of the Company
1 The strength of this document projects you as an industry resource to the clients.
Industry Research
19
Key Performance Indicators of Various Business Processes in Industry
Sl No Performance Indicator Business / Business Process Source Name of the Company
Names of Industry Publications, Associations, Websites, Industry Consultants, Specialists
20
List of Files and Contents
Format No: A/7
Assignment No Assignment Name
Engagement Manager
Company Name
Sl No Contents of the Files A Name of the File: Client Master File (Project wise divider)
1 Proposal Copy
2 Engagement Letter, Purchase Order, Service Order, Appointment Order
3 Client Strategic Communications
4 Invoices, Cheque Receipts, OPE Claims
5 Any other relevant information
B Name of the File: Assignment File (Phase of Assignment wise divider)1
1 Scope, Objective Document
2 Organization Background
3 Industry Research
4 Minutes of Various Meetings
5 Work Papers
6 Risks Listing and Audit Programme with completed work papers
7 Draft Audit Report
8 Management Exit Meet Minutes
9 Final Report and Presentation2
10 Implementation Status Updates
11 Quality Audit Checklist
12 Documents Collected from the Client for Audit purposes3
13 Feedback Form
14 Overall Closure Checklist
1 Open multiple files if one file is not adequate. 2 It is a good practice to show links between the observations in the final report to the work papers evidencing them. 3 If the data collected is in bulk form, it may be written on a CD and filed.
21
PART – B
Internal Audit Project Management
22
23
Overall Planning
Format No: B/1
Assignment No Assignment Name
Engagement Manager
Company Name
Team Identification for the Engagement:
Sl.no Type of Competency Required Period for Which Required
Name of Person Selected
Project Costing: Sl.no Expenditure type Planned
1 Man month Costing
2 Other Direct Costing
3 Administrative Costs
Total
Amount Billed
Profitability
% age of Profitability
Detailed Planning Sl. No Form Name Planned Date Auditor
1 Opening Meeting
2 Scope and Objective of the Assignment
3 Assignment Scheduling
Manual on Internal Audit
24
Sl. No Form Name Planned Date Auditor
4 Planning
4.1 General Process Understanding
4.2 Data Analysis
4.3 Walk Through
4.4 Documentation of Walk Through
4.6 Risks and Audit Programme Generation
4.7 Field Work Scheduling
5 Field Work
5.1 Field Work Execution
5.2 Draft Report Generation and Circulation
6 Exit Meeting
6.1 Draft Report with management comments
7 Final Report Issue
7.1 Structured Reporting
7.2 Presentation of Finding
8 Follow up and Implementation
8.1 Follow Up Check list
9 General Administrative Closures
9.1 Invoice Generation
9.2 Out of Pocket Expenses Collection
9.4 Client Feedback
9.5 Opportunity for future Businesses
9.6 Knowledge Base Updation
10 Quality Audit
10.1 Quality Review Report and Action Statement
10.2 File Closure
Any Other Remarks Manager Partner
Pre – Audit Opening
2.1 Opening Meeting Control Statement
Format No: B/2.1
Assignment No Assignment Name
Engagement Manager Company Name
Date of Meeting Department Participants from Auditees Participants from Internal Audit Team Name Designation Name Designation
Sl No Steps of Opening Meet Handled by Documentation 1 Introduce the Internal Audit members to the
Auditees and explain about the objectives and methodology of the Audit
2 Explain about the time schedule of the project and the names of persons from the Auditee end to coordinate
3 Understand specific objectives of the Auditees and the business goals etc.,
4 Understand the specific performance indicators used to measure in the area under Audit
5 Get a general understanding of the business process, ERP etc.
6 Collect various operating procedures, policies
7 (Reffer footnote)
Any further specific questions may be raised apart from generic. Whereas, the objective of the meet is to give a very high level understanding on the audit.
Manual on Internal Audit
26
2.2 General Process Understanding
Format No: B/2.2
Assignment No Assignment Name Engagement Manager
Company Name
Name of the Process1
Major Process Name
Process Owner Division Location
Date of Process Analysis
No of Employees
System ERP / Manual
Process Objectives
Process – Performance Measures
Process Map2
1 Document only the most important processes which relate to our audit objectives. 2 Process Maps can also be done using MS-Visio, Excel. Whereas, MS-Word may be most frequently used tool.
Pre- Audit Opening
27
Type of Boxes for Process Mapping34
3 We recommend basic flow charting techniques for process flow. You may also use advanced techniques where necessary. 4 Process flow should be signed off with the process owners.
Process / Activity /
Action Box Decision
Box
Filing, Document, Form etc.,
Process Gap
Indicator
Man
ual o
n In
tern
al A
udit
28
2.3
Dat
a N
eeds
Iden
tific
atio
n an
d C
olle
ctio
n5
Form
at N
o: B
/2.3
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl
No
Dat
a N
eeds
O
bjec
tive6
Perio
d to
be
C
over
ed
Nec
essa
ry F
ield
Form
at in
W
hich
Req
uire
d
( Exc
el /
Text
/PD
F)
Req
uest
ed
To
Dat
e of
R
eque
st
Expe
cted
D
ate
Act
ual D
ate
of
Col
lect
ion
5 T
he d
ata
colle
ctio
n m
ay b
e po
ssib
le w
ith E
RP
/ Tal
ly /
Exce
l / M
anua
l. 6 R
efer
to th
e R
isk
Che
cklis
ts fo
r mor
e in
form
atio
n on
Dat
a ne
eds
iden
tific
atio
n.
28
Manual on Internal Audit
Pre
- A
udit
Ope
ning
29
2.4
Dat
a A
naly
sis
and
Sum
mar
ies
Prep
arat
ion7 8
Fo
rmat
No:
B/2
.4
A
ssig
nmen
t No
Ass
ignm
ent N
ame
E
ngag
emen
t Man
ager
Com
pany
Nam
e
Sl N
o D
etai
ls o
f Dat
a A
naly
sis
Det
ails
of
Infe
renc
es9
Upd
ates
to th
e R
isk
List
ing
/ Aud
it Pr
ogra
mm
e / A
udit
5Rep
ort
Rem
arks
7 Th
e ob
ject
ive
of th
e do
cum
ent i
s to
con
solid
ate
the
anal
ysis
, res
earc
h, p
revi
ous
audi
t rep
orts
in a
n in
fere
nce
docu
men
t whi
ch s
hall
be a
n in
put t
o va
rious
oth
er p
hase
s,
repo
rts e
tc.
8 Th
is d
ocum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
9
Infe
renc
e m
ay b
e th
e co
nclu
sion
dra
wn
afte
r the
ana
lysi
s w
hich
in-tu
rn m
ay le
ad to
furth
er a
naly
sis,
in-d
epth
ver
ifica
tion,
dire
ct re
porti
ng e
tc.
29
Pre- Audit Opening
Man
ual o
n In
tern
al A
udit
30
2.5
Prev
ious
Aud
it R
epor
t Ana
lysi
s1011
Fo
rmat
No:
B/2
.5
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl N
o A
udit
Rep
ort N
ame
/ Pe
riod
Det
ails
of I
nfer
ence
s12
Upd
ates
to th
e R
isk
List
ing
/ Aud
it Pr
ogra
mm
e / A
udit
Rep
ort
Rem
arks
10
The
obj
ectiv
e of
the
docu
men
t is
to c
onso
lidat
e th
e an
alys
is, r
esea
rch,
pre
viou
s au
dit
repo
rts in
an
infe
renc
e do
cum
ent
whi
ch s
hall
be a
n in
put
to v
ario
us o
ther
ph
ases
, rep
orts
etc
. 11
Thi
s do
cum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
12
Infe
renc
e m
ay b
e th
e co
nclu
sion
dra
wn
afte
r the
ana
lysi
s w
hich
in-tu
rn m
ay le
ad to
furth
er a
naly
sis,
in-d
epth
ver
ifica
tion,
dire
ct re
porti
ng e
tc.
30
Manual on Internal Audit
Pre
- A
udit
Ope
ning
31
2.6
Bra
in S
torm
ing
Sess
ions
(Int
erna
l)1314
Fo
rmat
No:
B/2
.6
A
ssig
nmen
t No
Ass
ignm
ent N
ame
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl N
o D
etai
ls o
f Pro
cess
es /
Ris
ks D
iscu
ssed
in
the
Sess
ion
Impo
rtan
t Con
clus
ions
U
pdat
es to
the
Ris
k Li
stin
g /
Aud
it Pr
ogra
mm
e / A
udit
Rep
ort
Rem
arks
13
Brai
nsto
rmin
g se
ssio
ns a
re a
ver
y go
od p
ract
ice
whe
re th
e C
onsu
ltant
s, M
anag
ers
and
Par
tner
s di
scus
s as
to th
e un
ders
tand
ing
of th
e pr
oces
ses,
risk
s an
d th
reat
s in
th
e or
gani
zatio
n an
d ev
olve
a d
eepe
r tho
ught
pro
cess
. Th
is is
als
o a
good
way
to e
xcha
nge
know
ledg
e in
you
r org
aniz
atio
n.
14
Th
is d
ocum
ent a
lso
acts
as
a be
st p
ract
ice
inst
rum
ent a
nd is
gen
eral
ly h
ighl
y ap
prec
iate
d du
ring
Qua
lity
Assu
ranc
e / A
udits
/ P
eer R
evie
ws.
31
Pre- Audit Opening
Detailed Walk Throughs
3.1 Selection of Samples1
Format No: B/3.1
Assignment No Assignment Name
Engagement Manager
Company Name
Mechanism for Selection of Sample:
Sl No Area of Verification Type of Sampling Technique to be used
1 To verify a process of very high concern with significant materiality and impact on the bottom line of the organization
100% Verification
2 To verify a process in an ERP for the purpose of controls built inside the system (Automated Controls)
1 Sample
3 To verify a process not inside the ERP involving verification of a manual control and the objective is to get confidence on the entire population
Random Sampling2
4 To verify a process and understand the controls are working adequately only incase of significant value transactions
Random Sampling of transactions above threshold limit
5 To verify the controls in a specific attribute of transactions viz., of an individual, location, unit, time zone etc.,
Random Sampling of transaction satisfying the attribute
Samples Selected and Result Documentation
Sl No
Process to be verified and Objective to be achieved
Type of Sampling Adopted
No of Samples Selected3
Result of Verification4
Conclusions
1 Incase of usage of an Audit Tool viz., ACL, IDEA generally 100% transactions can be verified for exceptions study. 2 Seed technique may be used for random sample pick up. All the transactions should have equal probability of being picked up. Random number generator may be used for selection to avoid bias. 3 Attach a list of samples selected and the result of verification as an annexure. 4 Incase of high critical observations to be made, and the result is negative, you may confirm the conclusion by picking up further more sample.
Det
aile
d W
alk
Thro
ugh
33
3.2
Wal
k Th
roug
h Tr
acki
ng5 6
Fo
rmat
No:
B/3
.2
A
ssig
nmen
t No
Ass
ignm
ent N
ame
E
ngag
emen
t Man
ager
Com
pany
Nam
e
Sl N
o Sa
mpl
e Tr
ansa
ctio
n C
ontr
ol 1
C
ontr
ol 2
C
ontr
ol 3
C
ontr
ol 4
C
ontr
ol 5
C
ontr
ol 6
5 T
his
docu
men
t sho
uld
be u
sed
to tr
ack
the
wal
k th
roug
h / v
erifi
catio
n on
the
sam
ples
sel
ecte
d fo
r stu
dy.
6 Thi
s do
cum
ent m
ay b
e us
ed a
t the
tim
e of
pla
nnin
g or
at t
he ti
me
of fi
eld
wor
k.
33
Detailed Walk Through
Manual on Internal Audit
34
3.3 Documentation of Walk Through7
Format No: B/3.3
Assignment No Assignment Name
Engagement Manager
Company Name
Process 1: 8
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
7 It is not mandatory to document the processes always in the format given above, whereas once documented, it increases the clarity of the auditor on the business process and hence mistakes at the time of report are significantly reduced. 8 Process – Sub Process can be as detailed as possible till it identifies an auditable area with clarity.
Detailed Work Throughs
35
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Process 2:
Sl No
Sub Pro-cess
Area Comments Form / Format
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Manual on Internal Audit
36
Output
Operating Procedures
Policies
Objective
Critical Control Description
ERP / Application Used
Maker
Authorizer
Report Generated
Input
Output
Operating Procedures
Policies
Man
ual o
n In
tern
al A
udit
38
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
The
risk
that
ther
e is
no
clea
r suc
cess
ion
plan
, le
adin
g to
unc
erta
inty
a. D
oes
the
com
pany
hav
e cl
ear O
rgan
izat
ion
Cha
rt b.
Are
the
posi
tions
ad
equa
tely
fille
d in
c.
Is
ther
e a
succ
essi
on
plan
with
the
man
agem
ent f
or k
ey
posi
tions
a.
Org
aniz
atio
n C
hart
Ope
ratio
nal R
isks
Pos
sibi
lity
of fr
auds
, ill
egal
act
s a.
Has
th
e C
ompa
ny
desi
gned
pr
oces
ses
to
ensu
re t
hat
ther
e is
no
laps
e of
con
trol
lead
ing
to fr
auds
b.
Doe
s th
e M
anag
emen
t ac
t on
S
tatu
tory
an
d In
tern
al A
udit
Rep
orts
c.
Is
th
ere
a sy
stem
fo
r ev
alua
ting
lega
l co
mpl
ianc
e is
sues
a. A
udit
Com
mitt
ee
actio
n po
ints
The
use
of
inap
prop
riate
co
ntro
ls/p
erfo
rman
ce
mea
sure
s,
lead
ing
to
wro
ng c
oncl
usio
ns a
nd
infe
renc
es
abou
t pe
rform
ance
of
th
e
a. I
s th
ere
a M
IS
syst
em
high
light
s th
e pe
rform
-an
ces
of
the
vario
us
depa
rtmen
t an
d fu
nctio
ns
b. D
oes
the
Man
agem
ent
revi
ew
the
perfo
rm-
a.
M
IS
Rep
orts
re
ceiv
ed
by
Man
agem
ent
38
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
39
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
firm
's o
pera
tions
an
ces
and
take
effe
ctiv
e ac
tions
Ris
k of
ab
senc
e of
bu
dget
or
pl
anni
ng
syst
em
lead
ing
to
defo
cusi
ng o
f co
rpor
ate
oper
atio
ns
apar
t fro
m
lack
of i
mpo
rtant
con
trol
on s
pend
ing
a. I
s th
ere
a pr
oces
s of
ev
olvi
ng
annu
al
budg
et
in th
e or
gani
zatio
n b.
Is
budg
et c
onve
rted
into
O
pera
ting
plan
s
c.
Are
bu
dget
vi
s-à-
vis
actio
ns
mon
itore
d an
d co
rrec
tive
actio
ns t
aken
on
dev
iatio
ns
a.
A
nnua
l B
udge
t P
lan
b.
Ope
ratin
g P
lans
Ope
ratio
nal n
on c
larit
y af
fect
ing
perfo
rman
ce
a. D
oes
the
Com
pany
hav
e a
Sta
ndar
d O
pera
ting
Pro
cedu
re d
ocum
ent
for
each
pro
cess
es
b. I
s th
e S
OP
impl
emen
ted
succ
essf
ully
c.
Is
ther
e a
revi
ew o
f SO
P
frequ
ently
fo
r in
corp
orat
ing
chan
ges
a.
Sta
ndar
d O
pera
ting
Pro
cedu
res
Man
ual
Com
mun
icat
ion
Ris
ks
Inab
ility
of t
he c
ompa
ny
to
capt
ure
and
inst
itutio
naliz
e le
arni
ng
acro
ss th
e fir
m
a.
Are
tra
inin
g pr
ogra
ms
held
in
the
orga
niza
tion
for
trans
ferr
ing
know
ledg
e
a.
Li
st
of
train
ing
prog
ram
s an
d fe
edba
ck g
iven
39
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
40
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
b.
Doe
s th
e co
mpa
ny h
ave
a kn
owle
dge
base
The
risk
that
co
mm
unic
atio
n fro
m to
p m
anag
emen
t ge
ts
lost
in
tran
sitio
n
a.
Cap
ture
th
e pr
oces
s of
m
ovem
ent
of
mem
os/c
ircul
ars
and
eval
uate
if th
e pr
oces
s is
ad
equa
te
HR
Ris
ks
App
rais
al p
roce
sses
for
th
e em
ploy
ees
not
linke
d w
ith
the
com
pany
's o
bjec
tive
a. A
re
Key
P
erfo
rman
ce
Indi
cato
rs
desi
gned
fo
r ea
ch f
unct
ion
and
each
pe
rson
in
th
e or
gani
zatio
n b.
Are
th
e ex
pect
atio
ns
com
mun
icat
ed
to
the
empl
oyee
a.
K
ey
Per
form
ance
In
dica
tors
Inad
equa
te s
kill
set a
nd
know
ledg
e w
ith
firm
's
key
peop
le
a. C
heck
th
e pr
oces
s of
re
crui
tmen
t fo
r ke
y po
sitio
ns
b. A
re t
he r
equi
rem
ents
of
the
posi
tions
wel
l def
ined
Mar
ketin
g R
isks
Ris
k of
cu
stom
er
diss
atis
fact
ion
a. H
as
the
Man
agem
ent
take
n co
nsci
ous
effo
rts
for q
ualit
y im
prov
emen
t
a.
Qua
lity
docu
men
ts
40
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
41
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
b. H
as
the
com
pany
im
plem
ente
d qu
ality
st
anda
rds
such
as
Si
x S
igm
a or
IS
O
for
mai
ntai
ning
qu
ality
an
d th
ereb
y cu
stom
er
satis
fact
ion
Pos
sibi
lity
of
prod
uct
getti
ng o
bsol
ete
or n
ot
mee
ting
the
budg
et
requ
irem
ents
a. D
oes
the
com
pany
inve
st
in
Res
earc
h an
d D
evel
opm
ent,
Pro
duct
de
sign
etc
b.
Are
ef
forts
ta
ken
for
expl
orat
ion
of
new
pr
oduc
ts
c.
Are
ne
w
mar
kets
ex
plor
ed
for
adeq
uate
pr
oduc
t an
d m
arke
t sp
read
Pos
sibi
lity
of
busi
ness
cy
cles
, w
heth
er i
n ow
n bu
sine
ss o
r in
eco
nom
y in
ge
nera
l, cr
eatin
g vo
latil
e gr
owth
/pro
fitab
ility
si
tuat
ion
a. H
as th
e co
mpa
ny d
one
a ris
k as
sess
men
t exe
rcis
e to
ide
ntify
key
are
as o
f ris
k b.
Doe
s th
e co
mpa
ny h
ave
a ad
equa
te
busi
ness
co
ntin
uity
an
d di
sast
er
reco
very
pla
ns
a.
B
usin
ess
Con
tinui
ty
and
Dis
aste
r R
ecov
ery
Pla
n
41
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
42
Ris
k Li
stin
g (W
hat W
rong
Can
H
appe
n)
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Ris
k fro
m
choo
sing
w
rong
pa
rtner
s,
inad
equa
te
com
mitm
ent,
poor
ex
ecut
ion
a.
Is
adeq
uate
ev
alua
tion
done
pr
ior
to
ente
ring
into
co
ntra
cts,
jo
int
vent
ures
etc
b.
A
re
Ser
vice
Le
vel
Agr
eem
ent
draw
n fo
r en
gage
men
ts
and
revi
ewed
42
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
43
Form
at N
o: B
/4.1
.2.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
2 Fi
nanc
e an
d A
ccou
nts
Ris
ks R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Rec
eiva
bles
Acc
ount
ing
and
Man
agem
ent P
roce
ss
Inef
fect
ive
proc
ess
of
invo
ice
gene
ratio
n
Che
ck
the
follo
win
g in
in
voic
es:
a. A
re th
e in
voic
es s
eria
lly
cont
rolle
d an
d ve
rify
if th
ere
are
any
dupl
icat
e,
canc
elle
d in
voic
es
and
asce
rtain
the
rea
sons
for
th
e sa
me1
b. C
heck
if th
e ca
lcul
atio
n of
di
scou
nts,
re
bate
s,
pric
es e
tc a
re a
ccur
ate
by
verif
ying
it
agai
nst
the
term
s an
d co
nditi
ons
Invo
ices
no
t bo
oked
ac
cura
tely
an
d co
mpl
etel
y re
sulti
ng in
re
venu
e lo
ss
for
the
com
pany
. C
alcu
late
the
am
ount
to
be
invo
iced
aga
inst
th
e am
ount
in
voic
ed
and
chec
k w
ith
rece
ipts
to
iden
tify
the
quan
tum
of
re
venu
e lo
ss
1.
In
voic
es
Reg
iste
r/Lis
t 2.
S
uppo
rting
do
cum
ents
su
ch
as
term
s an
d co
nditi
ons
3.
Pay
men
t R
egis
ter
4.
Cre
dit N
otes
5.
D
ebto
r R
econ
-ci
liatio
n an
d co
nfirm
atio
n do
cum
ents
6.
B
ad
Deb
ts
writ
ten
off
1 A
naly
sis
of In
voic
e ca
n be
don
e us
ing
CA
AT
tool
s
43
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
44
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Cal
cula
te
the
dela
ys
in
gene
ratio
n an
d po
stin
g /
disp
atch
ing
of
invo
ices
w
ith r
easo
ns a
s w
ell
as
agei
ng a
naly
sis
Del
ays
in
invo
icin
g re
sulti
ng i
n de
lays
in
rece
ipts
an
d fu
nds
bloc
kage
. C
alcu
late
the
ave
rage
nu
mbe
r of
da
ys
of
dela
y an
d th
e ca
sh
flow
los
s du
e to
non
re
ceip
t of
fu
nds
on
time
Che
ck i
f cr
edit
note
s ar
e po
sted
acc
urat
ely
and
are
auth
oriz
ed
by
the
desi
gnat
ed p
erso
nnel
Cre
dit
note
s no
t ac
cura
tely
po
sted
re
sulti
ng
in
reve
nue
leak
age
Cal
cula
te t
he r
even
ue
loss
due
to s
uch
cred
it no
tes
Inad
equa
te
rece
ivab
les
man
agem
ent
Gen
erat
e re
ceiv
able
s ag
eing
re
port
and
asce
rtain
reas
ons
for l
ong
pend
ing
outs
tand
ing
and
chec
k th
e pr
oced
ure
for
follo
w u
p of
out
stan
ding
s
Del
ays
in
mon
itorin
g re
ceip
ts
resu
lting
in
ca
sh
flow
lo
ss.
Cal
cula
te t
he a
vera
ge
num
ber
of
days
of
de
lay
and
the
cash
flo
w l
oss
due
to n
on
rece
ipt
of
fund
s on
tim
e.
44
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
45
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Obt
ain
the
docu
men
tatio
n re
latin
g to
de
btor
re
conc
iliat
ion
and
verif
y if
co
nfirm
atio
ns
for
the
bala
nces
ar
e ob
tain
ed
from
the
debt
ors
Mis
stat
emen
t of d
ebto
r ba
lanc
es
in
the
final
ac
coun
ts.
Rep
erfo
rm
the
reco
ncili
atio
n pr
oces
s to
ens
ure
accu
racy
of
calc
ulat
ions
.
Obt
ain
the
bad
debt
s lis
t an
d ch
eck
if au
thor
izat
ion
is o
btai
ned
for
writ
e of
f of
bad
debt
s.
Che
ck
the
proc
edur
e fo
r re
solu
tion
of u
nrec
onci
led
debt
s
Bad
deb
ts w
ritte
n of
f w
ithou
t su
ffici
ent
just
ifica
tion
resu
lting
in
finan
cial
loss
.
Paya
bles
Acc
ount
ing
and
Man
agem
ent P
roce
ss
Inad
equa
te
Pay
men
t P
roce
ss
Che
ck
the
paym
ents
to
en
sure
the
follo
win
g:
a.
Pay
men
ts
are
supp
orte
d by
rel
ated
P
urch
ase
Ord
ers,
G
oods
/Ser
vice
s R
ecei
pt
note
an
d ap
prov
al
from
th
e us
er
depa
rtmen
t fo
r re
ceip
t of
m
ater
ial/s
ervi
ce
Mis
mat
ch
betw
een
actu
al
paym
ent
and
paym
ent
to b
e m
ade
resu
lting
in
re
venu
e le
akag
es
a.
P
urch
ase
Ord
ers
b.
Pay
men
t V
ouch
ers
c.
Pay
men
t R
egis
ter
d.
Goo
ds/S
er-v
ice
deliv
ery
Not
es
45
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
46
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
b.
Pay
men
t en
try
is
mad
e ac
cura
tely
and
co
mpl
etel
y fo
r al
l th
e G
RN
/Ser
vice
not
es
c.
Pay
men
t is
mad
e as
pe
r th
e te
rms
and
cond
ition
s en
tere
d in
to w
ith th
e ve
ndor
e.
A
gree
men
t w
ith
the
vend
or
Cal
cula
te
the
dela
ys
in
post
ing
of
paym
ent
entri
es
with
re
ason
s as
w
ell a
s ag
eing
ana
lysi
s
Del
ay
in
paym
ent
resu
lts
in
unne
ce-
ssar
y lia
bilit
y im
pose
d as
per
the
ter
ms
and
agre
emen
ts
with
th
e ve
ndor
C
alcu
late
th
e in
tere
st
char
ged
by th
e ve
ndor
fo
r lat
e pa
ymen
t
a.
Cre
dito
rs a
gein
g an
alys
is
Che
ck i
f de
bit
note
s ar
e po
sted
acc
urat
ely
and
are
auth
oriz
ed
by
the
desi
gnat
ed
pers
onne
l. E
nsur
e th
at th
e re
ject
ions
ar
e au
thor
ized
by
de
sign
ated
per
sonn
el
Deb
it no
tes
not
supp
orte
d by
P
urch
ase
retu
rns
docu
men
ts
and
repl
acem
ent/a
djus
tme
nt n
ot m
ade
accu
rate
ly
for t
he d
ebit
note
s
a.
Deb
it no
tes
46
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
47
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Ver
ify
the
proc
ess
of
reco
ncili
atio
n of
de
bit/c
redi
t no
tes
and
acco
unts
pay
able
Dup
licat
e pa
ymen
ts
mad
e w
ithou
t re
ceip
t of
goo
ds/s
ervi
ce
a.
V
endo
r re
conc
iliat
ion
docu
men
ts
Ens
ure
that
all
dues
are
se
ttled
at
the
time
of t
he
full
and
final
se
ttlem
ent
and
adeq
uate
follo
w u
p
Del
ay
in
paym
ent
resu
lts
in
unne
ce-
ssar
y lia
bilit
y im
pose
d as
per
the
ter
ms
and
agre
emen
ts
with
th
e ve
ndor
C
alcu
late
th
e in
tere
st
char
ged
by th
e ve
ndor
fo
r lat
e pa
ymen
t
Gen
eral
Fin
anci
al C
losu
re S
yste
m
Boo
ks
of
acco
unts
no
t cl
osed
on
a
timel
y ba
sis
Che
ck t
he p
roce
dure
for
cl
osur
e of
bo
oks
and
acco
unts
and
ens
ure
that
th
e cl
osur
es a
re d
one
on
a tim
ely
basi
s. C
heck
if
the
follo
win
g ar
e cl
osed
: a.
Le
dger
Acc
ount
s b.
P
&L
acco
unt
c.
Bal
ance
She
et
d.
Cas
h Fl
ow s
tate
men
t e.
D
ebto
rs a
gein
g
Del
ays
in
clos
ure
lead
ing
to
non
avai
labi
lity
of fi
nanc
ials
fo
r re
view
an
d de
cisi
on m
akin
g.
Asc
erta
in
dela
ys
in
clos
ure
of b
ooks
and
en
sure
the
reas
ons
for
the
dela
y
a.
B
ooks
of
A
ccou
nt
b.
Ledg
er
sum
mar
ies
c.
Age
ing
repo
rts
d.
Ban
k R
econ
cilia
t-ion
S
tate
m-e
nt
e.
Sta
tuto
ry
rem
ittan
ces
47
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
48
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
f. C
redi
tors
age
ing
g.
Ban
k R
econ
cilia
tion
h.
Sta
tuto
ry re
mitt
ance
s
P
efor
m a
GL
scru
tiny
to
asce
rtain
an
y irr
egul
ariti
es
in
trans
actio
ns
post
ing
and
unde
rtake
a
deta
iled
revi
ew
whe
reve
r di
scre
panc
ies
are
iden
tifie
d E
nsur
e th
at t
here
are
no
unre
conc
iled
item
s on
op
enin
g ba
lanc
es
a.
Gen
eral
Led
ger
S
tudy
/
revi
ew
of
the
Not
es
to
acco
unts
ap
pend
ed fo
r ade
quac
y of
di
sclo
sure
an
d co
mpl
ianc
e w
ith s
tatu
tory
la
ws
C
ompa
re
bala
nces
with
pr
evio
us
perio
ds
and
prep
arat
ion
varia
nce
anal
ysis
repo
rt
Inac
cura
te u
pdat
ion
of
acco
unts
re
sulti
ng
in
mis
stat
emen
t in
fin
anci
als.
48
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
49
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Inad
equa
te
prov
isio
ning
C
heck
if
the
prov
isio
ns
mad
e ar
e ac
cura
te
and
subs
eque
nt
acco
untin
g en
tries
pa
ssed
ar
e co
rrec
t. C
heck
if
the
prov
isio
ns a
re a
utho
rized
as
per
the
Del
egat
ion
of
Aut
horit
y M
atrix
Fund
and
Cas
h M
anag
emen
t2
Inad
equa
te
budg
et s
yste
m
Rev
iew
th
e bu
dget
sy
stem
an
d ve
rify
the
follo
win
g:
a. B
udge
t is
prep
ared
and
au
thor
ized
on
an
an
nual
bas
is
b. E
xpen
ditu
re i
ncur
red
is
verif
ied
with
the
budg
et
and
corr
ectiv
e ac
tions
ar
e ta
ken
for
devi
atio
ns
from
the
budg
et
c. R
evis
ed b
udge
t if
any
is
auth
oriz
ed
as
per
Del
egat
ion
of A
utho
rity
Mat
rix
Inor
dina
te
devi
atio
ns
from
th
e bu
dget
re
sulti
ng
in
exce
ss/s
hort
spen
ding
a.
A
nnua
l Bud
get
b.
Var
ianc
e A
naly
sis
Rep
ort
2 F
unds
Man
agem
ent w
ould
als
o in
clud
e re
view
of F
orei
gn E
xcha
nge
gain
s/lo
ss, t
echn
ique
of h
edgi
ng e
tc d
epen
ding
upo
n th
e na
ture
of t
he c
ompa
ny.
49
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
50
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Ens
ure
if re
view
of
in
vest
men
ts
/ ba
nk
bala
nces
, in
tere
st e
arne
d an
d id
entif
icat
ion
of
idle
ba
lanc
es is
bei
ng d
one
.
a.
In
vest
men
t de
tails
b.
B
ank
deta
ils
and
bank
st
atem
ents
c.
In
tere
st d
etai
ls
In
adeq
uate
fu
nd u
tiliz
atio
n
Com
pare
inte
rest
pai
d on
cr
edit
obta
ined
fro
m
bank
s vi
s-à-
vis
idle
ba
lanc
es if
any
; and
cre
dit
cycl
e (c
redi
t ob
tain
ed
from
sup
plie
rs).
Ens
ure
if P
hysi
cal
verif
icat
ion
of
cash
is
do
ne
– P
erio
dici
ty
/ tim
ings
and
rec
onci
liatio
n of
diff
eren
ces
in b
alan
ces
if an
y.
a.
C
ash
Reg
iste
r b.
P
hysi
cal C
ash
In
adeq
uate
co
ntro
l ov
er
phys
ical
ca
sh/c
hequ
es
Rev
iew
th
e sy
stem
of
In
tern
al
Con
trols
on
co
llect
ion
of
cheq
ues
/ ca
sh r
ecei
ved
– re
cord
ing
and
seria
l iss
ue o
f ca
sh /
ch
eque
re
ceiv
ed
vouc
hers
.
Inad
equa
te
fund
s m
anag
emen
t re
sulti
ng
in
idle
fu
nds
and
notio
nal
loss
on
id
le
fund
s
a.
C
hequ
e bo
oks
b.
PD
Cs
c.
Cas
h V
ouch
ers
50
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
51
Form
at N
o: B
/4.1
.3.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
3 H
uman
Res
ourc
es P
roce
ss R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
HR
Pla
nnin
g Pr
oces
s
a.
Und
erst
and
the
proc
ess
of H
R p
lann
ing
to
verif
y th
at
adeq
uate
st
eps
are
take
n to
en
sure
th
at
the
cand
idat
e re
quire
men
t pr
ojec
ted
is ju
stifi
able
Pos
ition
s re
crui
ted
not
adeq
uate
ly
just
ified
res
ultin
g in
in
crea
sing
H
R
Cos
ts.
Che
ck
for
requ
irem
ents
whi
ch
are
not
prop
erly
au
thor
ized
.
H
R
Pla
n no
t m
eetin
g th
e ob
ject
ives
of t
he
Com
pany
b. C
ompa
re a
ctua
l vis
-à-
vis
the
plan
and
che
ck
for
maj
or
devi
atio
ns
if an
y
Num
ber
of p
erso
ns
recr
uite
d in
ex
cess
/sho
rt th
ereb
y re
sulti
ng i
n in
adeq
uate
H
R
sizi
ng
a.
Ann
ual
HR
P
lan
51
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
52
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c.
V
erify
if
any
actio
n ta
ken,
whi
ch is
dev
iatin
g fro
m th
e pl
an h
as g
ot th
e ap
prov
al
of
the
conc
erne
d pe
rson
as
per
the
Del
egat
ion
of
Aut
horit
y de
fined
by
the
com
pany
App
rova
l no
t as
sign
ed
for
devi
atio
ns
resu
lting
in
no
n co
mpl
ianc
e w
ith
polic
y an
d in
adeq
uate
co
ntro
l ef
fect
iven
ess
Rec
ruitm
ent P
roce
ss
a.
Ver
ify
the
proc
ess
carr
ied
out
for
sele
ctio
n of
the
cand
idat
e. E
nsur
e if
it is
in
-hou
se
or
outs
ourc
ed
to
recr
uitm
ent a
genc
y
Sel
ectio
n of
C
andi
date
no
t as
pe
r th
e re
quire
men
ts
of
the
Com
pany
b. If
it is
out
sour
ced
to a
re
crui
tmen
t ag
ency
ve
rify
if th
e pr
oces
s ca
rrie
d ou
t fo
r se
lect
ion
of
the
agen
cy
is
done
af
ter p
rope
r eva
luat
ion
Impr
oper
se
lect
ion
of
recr
uitm
ent
agen
cy r
esul
ting
in
recr
uitm
ent f
law
s.
a.
Req
uisi
tion
form
whe
rein
the
re
quire
men
t of t
he
cand
idat
e an
d th
e ex
pect
atio
ns
are
fille
d in
b.
Iner
view
/Ass
essm
ent
form
c.
Can
dida
te's
re
sum
e d.
O
ffer
lette
r e.
R
ecru
itmen
t po
licy
and
Ope
ratin
g
52
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
53
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c.
Che
ck
if th
e re
crui
tmen
t of
th
e ca
ndid
ate
is
supp
orte
d by
do
cum
ents
, vi
z.
resu
me,
in
terv
iew
re
sults
, te
rms
of
empl
oym
ent,
offe
r le
tter
etc.
Non
av
aila
bilit
y of
su
ppor
ting
docu
men
ts
for
sele
cted
ca
ndid
ate
resu
lting
in
in
adeq
uate
ju
stifi
catio
n fo
r ca
ndid
ate
sele
cted
d. E
nsur
e if
the
sele
ctio
n m
ade
is
as
per
the
requ
irem
ent
rais
ed
by
chec
king
the
ski
lls a
nd
qual
ifica
tions
re
quire
d ar
e m
et b
y th
e pe
rson
se
lect
ed
Can
dida
te
sele
cted
no
t m
eetin
g th
e re
quire
men
ts o
f th
e de
partm
ent
resu
lting
in
in
effic
ienc
y in
th
e fu
nctio
nal a
rea
e. E
nsur
e th
at t
he H
R
depa
rtmen
t ha
s ca
rrie
d ou
t th
e re
crui
tmen
t w
ithou
t an
y de
lay
by
com
parin
g th
e da
te
of
requ
est
and
date
of
re
crui
tmen
t
Del
ay in
rec
ruitm
ent
resu
lting
in
po
sitio
ns
not
fille
d up
w
ithin
th
e re
quire
d tim
e le
adin
g to
in
effic
ienc
y an
d ov
ertim
e co
sts
for
the
exis
ting
empl
oyee
s
Pro
cedu
re
if av
aila
ble
53
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
54
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
f. C
heck
if
adeq
uate
ba
ckgr
ound
ve
rific
atio
n ha
s be
en d
one
for
the
cand
idat
e se
lect
ed.
If th
e se
lect
ion
is t
hrou
gh
the
recr
uitm
ent
agen
cy,
chec
k if
the
agen
cy h
as
carr
ied
out
adeq
uate
ba
ckgr
ound
ch
eck
for
the
cand
idat
e se
lect
ed
Inad
equa
te
back
-gr
ound
ve
rific
atio
n re
sulti
ng
in
sele
ct-
ion
of c
andi
date
not
su
itabl
e fo
r th
e re
late
d va
canc
y
g.
Che
ck
if th
e re
crui
tmen
t is
auth
oriz
ed
by
the
appr
opria
te
pers
onne
l
Sel
ectio
n no
t as
per
the
requ
irem
ents
of
the
com
pany
Indu
ctio
n
Indu
ctio
n fo
rmal
ities
no
t co
mpl
eted
as
pe
r re
quire
men
ts
a. C
heck
the
per
sonn
el
files
an
d en
sure
if
the
indu
ctio
n fo
rmal
ities
ch
eckl
ist
is s
igne
d an
d co
mpl
eted
on
time
Inad
equa
te
in
du-
ctio
n fo
rmal
ities
re
sulti
ng
in
adm
in-
istra
tive
inco
nv-
enie
nces
(e
g.
Sal
ary
paym
ent
to
be
proc
esse
d se
p-er
atel
y be
caus
e of
no
t op
enin
g ba
nk
acco
unt
of
the
empl
oyee
on
time)
a.
In
duct
ion
Che
cklis
t if
any
b.
Pol
icie
s/C
ode
of
cond
uct
docu
men
ts s
igne
d by
the
empl
oyee
s
54
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
55
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
b. C
heck
if th
e ne
w
join
ee h
as b
een
mad
e aw
are
of th
e ke
y pe
rson
nel p
olic
ies
of th
e co
mpa
ny
Inad
equa
te c
omm
-un
icat
ion
of
com
pany
's p
olic
ies
resu
lting
in d
ilutio
n of
Com
pany
's
obje
ctiv
es
Atte
ndan
ce M
anag
emen
t
a.
Sel
ect
sam
ple
of
atte
ndan
ce
regi
ster
(m
anua
l/sys
tem
ge
nera
ted)
for
a m
onth
an
d co
mpa
re i
t w
ith t
he
leav
e re
cord
s to
ens
ure
that
th
e at
tend
ance
ca
ptur
ed is
acc
urat
e
Inad
equa
te
atte
ndan
ce
capt
ured
resu
lting
in
inab
ility
to
com
pare
th
e sa
lary
pa
id
to
num
ber
of
days
w
orke
d
In
adeq
uate
pr
oced
ures
fo
r m
onito
ring
atte
ndan
ce
of
the
empl
oyee
s
b. I
n ca
se o
f le
ave
as
sele
cted
abo
ve,
chec
k if
the
leav
e ha
s be
en
sanc
tione
d by
th
e co
ncer
ned
pers
onne
l as
de
fined
in th
e D
eleg
atio
n of
Aut
horit
y.
Leav
e no
t sa
nctio
ned
by
the
desi
gnat
ed a
utho
rity
resu
lting
in
co
ntro
l la
pses
an
d in
accu
rate
pa
yrol
l pr
oces
sing
a.
Atte
ndan
ce
Reg
iste
rb.
Leav
e R
ecor
ds
55
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
56
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c.
Che
ck
if th
e le
ave
reco
rds
of t
he e
mpl
oye-
es
is
com
plet
e w
ith
resp
ect
of
upda
tion
of
vario
us
type
s of
le
ave
(CL/
SL/
PL)
and
ver
ify i
f th
e ba
lanc
e le
ave
calc
ulat
ion
is
done
ac
cura
tely
.
Inac
cura
te
calc
ulat
ion
of l
eave
re
sulti
ng
in
inac
cura
te
payr
oll
proc
essi
ng
and
sala
ry p
aym
ent
d. C
onfir
m t
hat
ther
e is
no
po
ssib
ility
fo
r m
odifi
catio
n of
at
tend
ance
/leav
e re
cord
s an
d in
cas
e of
m
odifi
catio
ns i
f an
y, a
re
auth
oriz
ed
by
the
rele
vant
per
son.
Pos
sibi
lity
for
mod
ifica
tions
in
re
cord
s re
sulti
ng i
n no
n re
liabi
lity
of
data
e.
If th
e at
tend
ance
is
ca
ptur
ed
usin
g el
ectro
nic
devi
ces,
ch
eck
the
accu
racy
and
au
then
ticity
by
re
perfo
rman
ce.
Inco
rrec
t log
ic in
the
syst
em r
esul
ting
in
inco
rrec
t pay
outs
56
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
57
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Payr
oll P
roce
ssin
g
a.
Inad
equa
te
Seg
rega
tion
of
Dut
y
a. C
heck
that
the
pers
on
capt
urin
g th
e at
tend
ance
an
d th
e pe
rson
pr
oces
sing
the
pay
roll
is
diffe
rent
, to
en
sure
ad
equa
te s
egre
gatio
n of
du
ty.
Inad
equa
te
Seg
rega
tion
of D
uty
resu
lting
in
un
auth
oriz
ed
acce
ss
to
reco
rds
incr
easi
ng
the
poss
ibili
ty
for
man
ipul
atio
n
b.
Com
pare
th
e em
ploy
ee d
etai
ls a
s pe
r th
e at
tend
ance
re
gist
er
and
empl
oyee
det
ails
as
per
Pay
roll
regi
ster
and
ch
eck
for
any
dum
my
nam
es
in
the
payr
oll
regi
ster
Fict
ituou
s em
ploy
ees
in
the
payr
oll
resu
lting
in
hi
gher
sal
ary
cost
s fo
r the
com
pany
b.
In
accu
rate
P
ayro
ll D
atab
ase
c.
Obt
ain
list
of
new
jo
inee
s fo
r th
e la
st t
hree
m
onth
s an
d ve
rify
that
in
case
of
new
joi
nees
the
da
te o
f up
datio
n of
the
en
try i
n em
ploy
ee l
ist
is
on
the
date
as
m
entio
ned
in
the
offe
r le
tter
Pay
men
t m
ade
in
exce
ss
to
new
jo
inee
s
a.
Pay
roll
Dat
abas
e b.
O
ffer
lette
r fo
r sa
lary
de
tails
c.
Li
st o
f ne
w
join
ees
d.
Li
st
of
resi
gnee
s e.
Li
st
of
empl
oyee
s tra
nsfe
rred
/pr
omot
ed
f. A
utho
rized
P
ayro
ll R
egis
ter
Man
ual o
n In
tern
al A
udit
58
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
d.
Obt
ain
list
of
resi
gnee
s fo
r th
e la
st
thre
e m
onth
s an
d ch
eck
if an
y na
mes
stil
l app
ear
in t
he p
ayro
ll em
ploy
ee
list
Sal
ary
paid
to
re
sign
ees
resu
lting
in
hi
gher
sa
lary
co
sts
e.
Obt
ain
the
sala
ry
deta
ils f
rom
the
pay
roll
regi
ster
an
d se
lect
a
sam
ple
of
empl
oyee
s an
d ch
eck
if th
e sa
lary
de
tails
up
date
d ar
e as
pe
r the
offe
r let
ter
Sal
ary
paid
not
as
per
the
term
s an
d co
nditi
ons
resu
lting
in
hig
her p
ayou
ts
f. O
btai
n lis
t of
em
ploy
ees
who
ha
ve
been
tra
nsfe
rred
/pro
mot
ed
in
the
last
th
ree
mon
ths
and
chec
k if
thei
r sa
lary
de
tails
ha
ve
been
m
odifi
ed
as
per
the
trans
fer
orde
r/pro
mot
ion
lette
r
Sal
ary
paid
not
as
per
the
term
s an
d co
nditi
ons
resu
lting
in
hig
her p
ayou
ts
58
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
59
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
g.
If th
e pa
yrol
l pr
oces
sing
is d
one
by a
so
ftwar
e,
repe
rform
th
e ca
lcul
atio
n to
en
sure
th
at t
he lo
gic
built
in t
he
softw
are
is c
orre
ct
Pro
gram
lo
gic
inac
cura
te r
esul
ting
in
wro
ng
sala
ry
proc
essi
ng
and
inac
cura
te p
ayou
ts
h. C
heck
if
the
payr
oll
calc
ulat
ions
ar
e au
thor
ized
by
th
e co
ncer
ned
pers
on
prio
r to
tra
nsfe
rrin
g it
for
paym
ent
Inad
equa
te
auth
oriz
atio
n fo
r do
cum
ent
auth
entic
ity
c. S
tatu
tory
Non
C
ompl
ianc
e i.
Ver
ify
PF/
ES
I/Pro
fess
iona
l Ta
x de
duct
ions
ar
e in
co
mpl
ianc
e w
ith
the
prev
ailin
g S
tatu
tory
N
orm
s.
Sta
tuto
ry
non
com
plia
nces
re
s-ul
ting
in
pena
lties
an
d of
fenc
es
as
defin
ed
unde
r th
e co
ncer
ned
Sta
tuto
ry
Reg
ulat
ion
Perf
orm
ance
App
rais
al
App
rais
al
not
alig
ned
to
perfo
rman
ce
a.
Obt
ain
the
Key
P
erfo
rman
ce
Indi
cato
rs
(KP
Is)
defin
ed f
or e
ach
role
if a
vaila
ble
Non
de
finiti
on
of
Key
R
esul
t A
reas
re
sulti
ng
in
inad
equa
te
com
mun
icat
ion
of
role
pro
file
and
non
alig
nmen
t of
rol
e to
th
e co
mpa
ny's
ob
ject
ives
a.
A
ppra
isal
R
ecor
dsb.
A
ppra
isal
Pol
icyc
. K
ey
Per
form
ance
In
dica
tors
(K
PIs
) if
avai
labl
e
59
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
60
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
b. O
btai
n th
e ap
prai
sal
shee
ts a
nd c
heck
if
the
appr
aisa
l is
don
e ba
sed
on th
e K
PIs
def
ined
App
rais
al
not
alig
ned
to
perfo
rman
ce
resu
lting
in
m
ism
atch
be
twee
n th
e po
sitio
n an
d th
e pe
rson
c.
In
case
of
no
n av
aila
bilit
y of
st
anda
rd
KP
Is,
ensu
re
the
follo
win
g:
• A
ppra
isal
is
done
by
the
conc
erne
d fu
nctio
nal
head
to
w
hom
th
e em
ploy
ee
repo
rts•
The
scor
es g
iven
are
ad
equa
tely
just
ified
App
rais
al
not
alig
ned
to
perfo
rman
ce
resu
lting
in
m
ism
atch
be
twee
n th
e po
sitio
n an
d th
e pe
rson
d.
Ens
ure
that
th
e ap
prai
sal
reco
rds
are
kept
sa
fe
and
conf
iden
tial.
Che
ck w
ho
are
the
auth
oriz
ed
pers
ons
for
hand
ling
the
appr
aisa
l re
cord
s an
d en
sure
tha
t th
e re
cord
s ar
e no
t m
ade
avai
labl
e to
any
one
othe
r th
an th
e au
thor
ized
per
sons
Non
co
nfid
entia
lity
of a
ppra
isal
rec
ords
re
sulti
ng
in
empl
oyee
di
ssat
isfa
ctio
n an
d un
rest
60
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
61
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
e.
Che
ck
if th
e sa
lary
up
grad
atio
n fo
r pe
rson
s pr
omot
ed i
s as
per
the
co
mpa
ny's
pol
icy
Non
co
mpl
ianc
e w
ith
Com
pany
's
polic
y re
sulti
ng
in
inef
ficie
ncy
Trai
ning
and
Dev
elop
men
t
a.
Obt
ain
the
list
of
train
ing
prog
ram
s co
nduc
ted
durin
g th
e pa
st s
ix m
onth
s
b. V
erify
the
atte
ndan
ce
regi
ster
ca
ptur
ing
the
train
ing
info
rmat
ion
and
also
ch
eck
the
train
ing
feed
back
form
s
Trai
ning
pro
vide
d to
fic
titio
us e
mpl
oyee
s re
sulti
ng
in
high
er
train
ing
cost
s
Incr
easi
ng
Trai
ning
Cos
ts
c.
Enq
uire
on
th
e de
cisi
ons
take
n ba
sed
on
train
ing
feed
back
fo
rms
Trai
ning
fe
edba
ck
form
s no
t an
alyz
ed
adeq
uate
ly r
esul
ting
in
train
ing
inef
ficie
ncie
s an
d la
ck o
f ben
efit
to th
e tra
inee
s
a.
Trai
ning
P
rogr
amm
e de
tails
b.
Tr
aini
ng
atte
ndan
ce
shee
t an
d Fe
edba
ck
form
c.
S
uppo
rting
do
cum
ents
fo
r tra
inin
g co
std.
Tr
aini
ng
Bud
get
and
appr
oval
s
61
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
62
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
d. C
heck
the
sup
porti
ng
docu
men
ts
for
the
rele
vant
tra
inin
g pr
ogra
m
(viz
. fo
od,
loca
tion,
tra
iner
's
cost
et
c) a
nd e
nsur
e th
at t
he
cost
in
curr
ed
is
supp
orte
d by
th
e un
derly
ing
docu
men
ts
Non
av
aila
bilit
y of
su
ppor
ting
docu
men
ts
for
just
ifyin
g th
e co
st
incu
rred
e. C
heck
if
the
cost
is
with
in
the
train
ing
budg
et
or
appr
oval
is
ob
tain
ed
in
case
of
de
viat
ions
if a
ny
Cos
t in
exce
ss/s
hort
of
the
budg
et
resu
lting
in
hi
gher
pa
yout
s or
in
effic
ienc
y
Sepa
ratio
n
a.Is
ex
it ha
ppen
ing
acco
rdin
g to
exi
t po
licy
of th
e co
mpa
ny
Non
co
mpl
ianc
e w
ith
Com
pany
's
polic
y re
sulti
ng
in
inef
ficie
ncy
In
adeq
uate
E
xit
Form
aliti
es
b.
Are
ex
it in
terv
iew
do
cum
ents
ava
ilabl
e fo
r al
l th
e em
ploy
ees
who
ha
ve r
esig
ned
(Che
ck in
ca
ses
of
resi
gned
em
ploy
ees)
Incr
easi
ng
attri
tion
due
to
diss
atis
fact
ion
a.
Exi
t P
olic
yb.
Fu
ll an
d fin
al
settl
emen
t fo
rms
of
resi
gned
em
ploy
ees
62
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
63
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c. C
heck
if
the
full
and
final
set
tlem
ent
is d
one
only
afte
r th
e em
ploy
ee
has
obta
ined
a
Cle
aran
ce
from
al
l th
e co
ncer
ned
depa
rtmen
t. C
heck
the
ful
l an
d fin
al
settl
emen
t fo
rm
and
ensu
re
that
it
is
auth
oriz
ed
by
all
the
conc
erne
d de
partm
ents
Una
utho
rized
ac
cess
to
co
mpa
ny's
as
sets
re
sulti
ng i
n lo
ss o
f in
form
atio
n or
re
sour
ce
Stat
utor
y C
ompl
ianc
es
a.
List
ou
t th
e va
rious
La
bour
A
cts
appl
icab
le
to th
e C
ompa
ny
a.
R
ecor
ds
mai
ntai
ned
unde
r va
rious
act
s
b.
List
ou
t th
e va
rious
re
turn
s an
d re
cord
s to
be
file
d an
d m
aint
aine
d by
the
Com
pany
b.
C
opie
s of
re
turn
s fil
ed
Sta
tuto
ry
Non
C
ompl
ianc
e
c.
Che
ck
the
reco
rds
agai
nst t
he li
st to
ens
ure
that
al
l th
e re
leva
nt
reco
rds
are
bein
g m
aint
aine
d an
d up
date
d by
the
com
pany
Sta
tuto
ry
non
com
plia
nces
re
sulti
ng
in
pena
lties
an
d of
fenc
es a
s de
fined
un
der
the
conc
erne
d S
tatu
tory
R
egul
atio
n
Che
cklis
t to
be
prep
ared
fo
r the
pr
ovis
ions
of
var
ious
La
bour
Act
ap
plic
able
to
the
Com
pany
c.
Rem
ittan
ces
chal
lans
63
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
64
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
d. C
heck
if
the
retu
rns
(PF/
ES
I) ar
e fil
ed w
ithin
th
e ap
plic
able
due
dat
e
Sta
tuto
ry
non
com
plia
nces
re
sulti
ng
in
pena
lties
an
d of
fenc
es a
s de
fined
un
der
the
conc
erne
d S
tatu
tory
R
egul
atio
n
e.
Che
ck
if th
e re
mitt
ance
s ar
e m
ade
with
in t
he r
elev
ant
due
date
Sta
tuto
ry
non
com
plia
nces
re
sulti
ng
in
pena
lties
an
d of
fenc
es a
s de
fined
un
der
the
conc
erne
d S
tatu
tory
R
egul
atio
n
64
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
65
Form
at N
o: B
/4.1
.4
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
4 In
vent
ory
Ris
ks R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Rec
eipt
Sys
tem
Che
ck
if th
ere
are
nece
ssar
y co
ntro
ls
impl
emen
ted
at t
he g
ate
to
ensu
re
that
al
l th
e m
en/m
ater
ials
(T
ruck
/mat
eria
l by
Cou
rier
, et
c.)
ente
ring
the
prem
ises
are
reco
rded
.
Inad
equa
te
cont
rol
over
m
en/m
ater
ial
ente
ring
the
prem
ises
Inad
equa
te
gate
en
try
cont
rols
fo
r m
ater
ial
rece
ipts
Is
ther
e a
proc
edur
e of
co
nfirm
ing/
cros
s ch
ecki
ng
the
mat
eria
l/men
rep
ortin
g at
th
e ga
te
with
th
e st
ores
/vis
itee
and
the
in
time/
out
time
of
the
truck
/men
ent
ered
in
the
regi
ster
Inad
equa
te
conf
irmat
ion
of
purp
ose
of
visi
t th
ereb
y re
sulti
ng
in
unau
thor
ized
acc
ess
to
the
info
rmat
ion
and
faci
litie
s at
th
e pr
emis
es
a. E
ntry
Reg
iste
r m
aint
aine
d by
th
e S
ecur
ity
Gua
rd
65
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
66
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Doe
s th
e se
curit
y en
sure
th
at
befo
re
givi
ng
entry
th
ere
is
no
haza
rdou
s/
inju
rious
/ pr
ohib
ited
mat
eria
l in
the
vehi
cle
Thre
at
of
expl
osio
ns
resu
lting
in d
amag
e to
m
en a
nd m
ater
ial
Are
the
re c
lear
ly d
efin
ed
timin
gs d
urin
g w
hich
the
ve
hicl
es
can
ente
r/lea
ve
the
fact
ory.
If
yes,
wha
t ha
ppen
s if
the
vehi
cles
co
me
at s
ome
othe
r tim
e
Una
utho
rized
en
try
durin
g no
n of
fice
hour
s
Che
ck i
f th
e m
ater
ial
into
th
e w
areh
ouse
is
ac
cept
ed
only
af
ter
chec
king
the
gate
sea
l
Una
utho
rized
re
ceip
t of
mat
eria
l
Ens
ure
that
the
good
s ar
e un
load
ed
only
af
ter
chec
king
th
e su
ppor
ting
docu
men
ts
viz.
in
voic
e,
deliv
ery
chal
lan
Rec
eipt
of m
ater
ial n
ot
orde
red.
Als
o ch
eck
if pa
ymen
t ha
s be
en
mad
e fo
r the
sam
e
Inad
equa
te
proc
ess
for
mat
eria
l rec
eipt
at
th
e w
areh
ouse
Che
ck
wei
ghm
ent
proc
edur
es
whe
reve
r ap
plic
able
an
d w
eigh
br
idge
ce
rtific
ate
is
avai
labl
e fo
r the
rece
ipts
Wei
ght
diffe
renc
es
betw
een
the
quan
tity
orde
red
and
quan
tity
rece
ived
an
d ex
cess
/sho
rt pa
ymen
t
a.
Goo
ds
Inw
ard
note
an
d re
gist
er
b.
Sup
porti
ng
docu
men
ts
viz.
invo
ice
and
deliv
ery
chal
lan,
pu
rcha
se
orde
r c.
W
eigh
men
t C
ertif
icat
e
66
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
67
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Che
ck
if th
e ga
te
entry
an
d re
ceip
ts e
ntry
tally
. In
case
of
di
ffere
nces
, ex
amin
e th
e re
ason
s fo
r th
e sa
me
Mis
sing
rec
eipt
ent
ries
resu
lting
in
un
auth
oriz
ed
mov
emen
t of m
ater
ial
Rec
ord
the
mis
sing
en
tries
an
d tra
ce
the
mat
eria
l. A
lso
chec
k if
paym
ent
has
been
m
ade
for
mat
eria
l no
t re
ceiv
ed.
Che
ck if
ther
e is
any
del
ay
in p
ostin
g re
ceip
t not
es b
y ca
lcul
atin
g th
e nu
mbe
r of
da
ys o
f del
ay b
etw
een
the
gate
en
try
and
rece
ipts
en
try
Del
ay
in
rece
ipt
of
mat
eria
l th
ereb
y af
fect
ing
issu
es
and
resu
lting
in
prod
uctio
n de
lays
C
alcu
late
th
e nu
mbe
r of
da
ys
of
dela
y in
pr
oduc
tion
due
to
dela
yed
issu
e.
67
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
68
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Che
ck fo
r ca
ses
whi
ch d
o no
t ad
here
to
th
e tim
elin
ess/
quan
tity/
qual
ity
para
met
ers
of
the
purc
hase
ord
er le
adin
g to
sh
orta
ges,
reje
ctio
ns, e
tc.,
to th
e pu
rcha
se, a
ccou
nts,
ve
ndor
de
velo
pmen
t, cl
aim
s de
partm
ents
Rec
eipt
of
su
b st
anda
rd
mat
eria
l th
ereb
y af
fect
ing
the
prod
uctio
n pr
oces
s C
ompi
le
case
s of
re
ject
ion
in
the
prod
uctio
n lin
e du
e to
su
bsta
ndar
d qu
ality
of
mat
eria
l
Mat
eria
l re
ceiv
ed
with
out
qual
ity
clea
ranc
es
Che
ck if
qua
lity
clea
ranc
e is
ob
tain
ed
for
the
mat
eria
l unl
oade
d
Rec
eipt
of
su
b st
anda
rd
mat
eria
l th
ereb
y af
fect
ing
the
prod
uctio
n pr
oces
s C
ompi
le
case
s of
re
ject
ion
in
the
prod
uctio
n lin
e du
e to
su
bsta
ndar
d qu
ality
of
mat
eria
l
A
naly
sis
of d
elay
s if
any
in
perfo
rmin
g qu
ality
ch
eck
by c
ompa
ring
the
date
of
rece
ipt
of
mat
eria
l an
d da
te o
f qua
lity
certi
ficat
e
Del
ays
in
qual
ity
verif
icat
ion
resu
lting
in
dela
ys in
pro
duct
ion
a. Q
ualit
y cl
eara
nce
certi
ficat
es
68
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
69
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Non
trac
king
of
good
s in
tran
sit
Ana
lyse
th
e go
ods
in
trans
it an
d re
cord
if
ther
e ar
e in
ordi
nate
de
lays
in
re
ceip
t of m
ater
ial
Cal
cula
te
the
num
ber
of
days
of
de
lay
betw
een
the
orde
r dat
e an
d re
ceip
t da
te.
Ana
lyse
th
e av
erag
e tim
e to
be
take
n an
d re
cord
tra
nsac
tions
w
here
th
ere
is
inor
dina
te d
elay
.
a.
Li
st o
f goo
ds
in tr
ansi
t b.
S
tock
R
egis
ter
Sta
tuto
ry
Non
co
mpl
ianc
e C
ompl
ianc
e w
ith
exci
se
law
s an
d en
surin
g co
mpl
eten
ess
of s
tatu
tory
re
cord
s re
quire
d to
be
m
aint
aine
d
Sta
tuto
ry
non
com
plia
nces
re
sulti
ng
in
pena
lties
an
d of
fenc
es
unde
r th
e re
leva
nt re
gula
tions
a.
S
tatu
tory
re
cord
s b.
S
tock
R
egis
ter
Mat
eria
l Sta
ckin
g Pr
oced
ure
Una
utho
rized
ac
cess
to
st
orag
e ar
ea
Che
ck if
the
stor
age
area
(w
areh
ouse
s at
m
ultip
le
plac
es a
lso
need
s to
be
cons
ider
ed)
is u
nder
the
co
ntro
l of
au
thor
ized
pe
rson
an
d en
try
for
othe
rs is
bar
red
Una
utho
rized
en
try
into
the
sto
rage
are
a re
sulti
ng
in
loss
or
da
mag
e of
m
ater
ial
stor
ed
Inad
equa
te
trans
fer o
f ris
k C
heck
th
e ad
equa
cy
of
insu
ranc
e co
ver
for
the
prem
ises
an
d th
e m
ater
ial
The
aver
age
amou
nt
held
in
st
ock
at
any
poin
t of
tim
e an
d th
e co
st f
or s
ettin
g up
the
w
areh
ouse
af
ter
a.
Insu
ranc
e P
olic
y fo
r w
areh
ouse
69
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
70
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
dam
ages
re
sulti
ng
in
finan
cial
bur
den,
in th
e ev
ent
of
any
cata
stro
phe
D
oes
the
inve
ntor
y ha
ve
earm
arke
d pl
aces
fo
r st
orag
e m
ater
ial.
Are
da
mag
ed
mat
eria
l /m
ater
ial
that
ha
ve
not
clea
red
qual
ity/li
ne
defe
cts
are
plac
ed
sepa
rate
ly f
rom
the
goo
d qu
ality
mat
eria
l
Mix
ing
up
of
good
s re
sulti
ng i
n in
accu
rate
is
sues
an
d in
effic
ienc
ies
in
prod
uctio
n
A
re b
in c
ards
mai
ntai
ned
and
all
rece
ipts
an
d is
sues
ar
e ac
cura
tely
up
date
d
Non
m
aint
enan
ce
of
bin
card
s an
d st
ock
regi
ster
re
sults
in
in
accu
rate
kn
owle
dge
on m
ater
ial
avai
labi
lity
lead
ing
to
exce
ss
purc
hase
s.
Che
ck
if pu
rcha
ses
have
be
en
mad
e in
spite
of a
vaila
bilit
y of
m
ater
ial
and
asce
rtain
th
e am
ount
in
curr
ed
for t
he p
urch
ases
.
70
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
71
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Issu
es M
anag
emen
t
Inad
equa
te
syst
em
for
issu
e of
m
ater
ial
from
th
e w
areh
ouse
Sel
ect
the
issu
es
mad
e fro
m
the
stoc
k re
gist
er
and
chec
k if
the
issu
es
are
track
ed
to
requ
est
from
var
ious
dep
artm
ents
Issu
es
mad
e w
ithou
t th
e re
ques
ts r
esul
ting
in i
nacc
urat
e di
spat
ch
of
stoc
k le
adin
g to
m
isut
iliza
tion
a.
Is
sue
Req
uest
/BO
M
b.
Sto
ck
Reg
iste
r
C
heck
if
ther
e ar
e de
lays
in
is
sue
of
mat
eria
l by
ca
lcul
atin
g th
e nu
mbe
r of
da
ys
of
diffe
renc
e be
twee
n th
e is
sue
requ
est
and
the
actu
al is
sues
Del
ay
in
issu
es
resu
lting
in
prod
uctio
n de
lays
.
C
heck
for
mat
eria
l ret
urns
fro
m
the
line
duet
to
w
rong
issu
es.
Inac
cura
te
issu
es
resu
lting
in
prod
uctio
n de
lays
. C
alcu
late
th
e tim
e di
ffere
nce
betw
een
the
issu
e re
ques
t and
the
corr
ect
issu
e qu
antit
y fo
r th
e de
lays
a.
Lis
t of r
etur
ns
from
the
line
C
heck
if
the
issu
es
are
upda
ted
accu
rate
ly i
n th
e bi
n ca
rd a
nd i
n th
e st
ock
regi
ster
fo
r ea
ch
of
the
issu
e re
ques
ts
Inac
cura
te
upda
tion
resu
lting
in
in
corr
ect
stoc
k po
sitio
n.
Che
ck
the
stoc
k re
conc
iliat
ion
reco
rds
and
iden
tify
case
s w
here
th
e re
conc
iliatio
n w
as
a.
S
tock
R
egis
ter
b.
Bin
Car
d c.
S
tock
R
econ
cilia
tion
Rec
ords
71
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
72
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
nece
ssita
ted
due
to
inac
cura
te u
pdat
ion
in
stoc
k re
cord
s.
Stoc
k R
econ
cilia
tion
Proc
ess
Inad
equa
te
proc
ess
for
reco
ncili
atio
n of
sto
ck
Che
ck
the
follo
win
g to
en
sure
th
e ad
equa
cy
of
the
stoc
k re
conc
iliat
ion
proc
ess:
a.
Fr
eque
ncy
of c
arry
ing
out
the
stoc
k re
conc
iliat
ion
and
the
last
dat
e w
hen
it w
as
carr
ied
out
b.
Cut
off
proc
edur
es a
t th
e tim
e of
st
ock
taki
ng
c.
Doc
umen
tatio
n fo
r st
ock
verif
icat
ion
and
ensu
re if
rea
sons
are
ca
ptur
es
for
the
diffe
renc
es
and
the
actio
n ta
ken
for
ensu
ring
non
recu
rren
ce
of
such
re
ason
s d.
If
any
writ
e of
f is
ne
cess
itate
d as
a
resu
lt of
su
ch
Diff
eren
ce
is
any
resu
lting
out
of
stoc
k re
conc
iliatio
n im
plie
s th
e fu
nds
lost
due
to
inad
equa
te
stoc
k ha
ndlin
g pr
oced
ures
a.
S
tock
R
egis
ter
b.
Phy
sica
l ve
rific
atio
n do
cum
ents
c.
A
ppro
vals
for
writ
e of
f
72
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
73
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
reco
ncili
atio
n ch
eck
if it
is a
utho
rized
as
per
the
dele
gatio
n of
au
thor
ity
mat
rix
and
such
writ
ten
off s
tock
s ar
e ph
ysic
ally
av
aila
ble
e.
Phy
sica
lly
verif
y ce
rtain
sam
ple
case
s to
en
sure
th
at
the
stoc
k ar
e ph
ysic
ally
av
aila
ble
Inad
equa
te
Mon
itorin
g of
no
n m
ovin
g,
dam
aged
sto
ck
Che
ck if
non
mov
ing
stoc
k is
kep
t se
para
tely
and
is
repo
rted
to
the
Man
agem
ent
from
tim
e to
tim
e E
nsur
e th
at d
amag
e st
ock
is k
ept
sepa
rate
ly a
nd i
s re
porte
d to
th
e M
anag
emen
t fro
m t
ime
to
time
Hol
ding
of
stoc
k fo
r a
long
pe
riod,
im
plie
s bl
ocka
ge o
f fun
ds.
Per
form
an
ag
eing
an
alys
is o
f non
mov
ing
stoc
k an
d as
certa
in th
e in
tere
st l
ost
on f
unds
bl
ocke
d.
a.
Lis
t of n
on
mov
ing/
dam
age
d st
ock
Inac
cura
te
fixin
g of
re
orde
r lev
els
Che
ck if
reor
der l
evel
s ar
e fix
ed a
dequ
atel
y to
ens
ure
that
ord
erin
g of
sto
ck i
s ac
cura
te
Che
ck fo
r cas
es w
here
or
ders
ar
e m
ade
befo
re
the
stoc
k re
achi
ng
the
reor
der
leve
l an
d th
e fin
anci
al
payo
uts
for
such
pr
ocur
emen
t
a.
Reo
rder
leve
l po
licy
73
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
74
Form
at N
o: B
/4.1
.5
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
5 In
form
atio
n Se
curit
y R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Secu
rity
Polic
y R
evie
w
Non
de
finiti
on
of
Sec
urity
P
olic
y in
ac
cord
ance
w
ith
busi
ness
re
quire
men
ts
and
rele
vant
la
ws
and
regu
latio
ns
• E
nqui
re
abou
t In
form
atio
n se
curit
y po
licy
avai
labi
lity
• If
exis
ts a
sk fo
r its
last
re
new
al a
nd a
ppro
val
• E
nsur
e th
at t
he p
olic
y ha
s be
en
com
mun
icat
ed
to
all
empl
oyee
s an
d ot
her
third
pa
rties
in
volv
ed
in a
spec
ts r
elat
ing
to
info
rmat
ion
secu
rity
in
the
orga
niza
tion
Lack
of
de
finiti
on
of
info
rmat
ion
secu
rity
aspe
cts
resu
lts i
n ris
k of
co
mpr
omis
e of
av
aila
bilit
y,
conf
iden
tialit
y an
d in
tegr
ity
of
data
an
d in
form
atio
n pr
oces
sing
as
sets
a.
In
form
atio
n S
ecur
ity
Pol
icy
b.
Min
utes
of
M
eetin
gs
in
whi
ch
the
polic
y is
re
view
ed
74
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
75
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
•
Che
ck
if co
nfid
entia
lity
agre
emen
t ex
ists
with
em
ploy
ees
and
othe
r th
ird p
artie
s w
ho h
ave
acce
ss
to
criti
cal
info
rmat
ion
in
the
orga
niza
tion
• R
evie
w
the
agre
emen
t an
d no
te
the
clau
ses
of
secu
rity.
E
nsur
e th
at
clau
ses
for
lega
l re
cour
se,
in
case
of
co
mpr
omis
e of
co
nfid
entia
lity
is
incl
uded
in
th
e ag
reem
ent
Con
fiden
tialit
y A
gree
men
ts w
ith
empl
oyee
s an
d th
ird p
artie
s
IT A
sset
s M
anag
emen
t
Inad
equa
te
Mai
nten
ance
of
IT A
sset
s
• C
heck
if
inve
ntor
y of
as
sets
exi
st (
softw
are
and
hard
war
e)
• R
evie
w
the
colu
mns
an
d ad
equa
cy o
f hea
ds
• C
heck
if
licen
ses
are
live
for
all t
he s
oftw
are
in th
e lis
ting
Obs
erve
if n
o in
vent
ory
of IT
ass
ets
exis
ts.
a.
IT
as
set
Reg
iste
r b.
IT
as
sets
pr
ocur
emen
t de
tails
75
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
76
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
• R
evie
w i
f th
e re
gist
er
is
mai
ntai
ned
adeq
uate
ly.
Ens
ure
that
th
e re
gist
er
is
com
plet
e an
d is
up
date
d fo
r ev
ery
purc
hase
, tra
nsfe
r an
d di
spos
al o
f ass
ets
• C
heck
if
any
guid
elin
es
exis
t fo
r cl
assi
ficat
ion
of
info
rmat
ion
as
sens
itive
, no
n se
nsiti
ve e
tc. I
dent
ify if
th
e as
set h
oldi
ng s
uch
sens
itive
info
rmat
ion
is
clas
sifie
d an
d pr
otec
ted
adeq
uate
ly
a.
Info
rmat
ion
Cla
ssifi
catio
n gu
idel
ines
if
any
Inad
equa
te
proc
edur
e fo
r di
spos
al
of
IT
asse
ts
• R
evie
w
the
IT
asse
ts/m
edia
dis
posa
l pr
oced
ures
in p
lace
•
List
out
the
cas
es o
f co
mpu
ter
sale
s in
the
la
st
1 ye
ar
and
anal
yze
how
the
har
d di
scs
wer
e re
mov
ed
from
th
e sy
stem
be
fore
sal
e
Acc
ess
to i
nfor
mat
ion
to
outs
ider
s du
e to
in
adeq
uate
di
spos
al
met
hods
a.
Li
st o
f as
sets
di
spos
ed
76
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
77
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Hum
an R
esou
rces
Sec
urity
Allo
win
g ac
cess
to
pe
rson
s w
ithou
t th
orou
gh
back
grou
nd
chec
k
• A
re
back
gr
ound
ch
ecks
don
e on
the
all
cand
idat
es,
third
pa
rty
user
s an
d co
ntra
ctor
s •
Ver
ify in
few
cas
es
• V
erify
w
ho
is
resp
onsi
ble
for
back
gr
ound
ver
ifica
tion
Una
utho
rized
ac
cess
to
in
form
atio
n to
pe
rson
s w
ho
may
m
isut
ilize
the
sam
e
Lack
of
aw
aren
ess
abou
t in
form
atio
n se
curit
y in
the
or
gani
zatio
n
• W
ere
ther
e an
y tra
inin
g pr
ogra
mm
es c
ondu
cted
on
IT s
ecur
ity
• W
hat
was
the
last
dat
e th
e tra
inin
g w
as
cond
ucte
d •
Rev
iew
th
e tra
inin
g do
cum
ents
an
d th
e pa
rtici
pant
s lis
t
Inad
equa
te
train
ing
resu
lting
in
la
ck
of
awar
enes
s an
d fin
anci
al p
ay o
uts
a.
Lis
t of t
rain
ing
prog
ram
mes
co
nduc
ted
and
thei
r det
ails
Inad
equa
te
sepa
ratio
n pr
oced
ures
• R
evie
w
the
proc
edur
e fo
r em
ploy
ee
resi
gnat
ion.
•
Rev
iew
the
chec
klis
t for
fu
ll an
d fin
al s
ettle
men
t to
re
view
IT
ac
cess
se
ttlem
ents
Acc
ess
to i
nfor
mat
ion
even
afte
r re
sign
atio
n of
th
e em
ploy
ee.
Obs
erve
cas
es w
here
th
e fu
ll an
d fin
al
settl
emen
t pr
oces
s is
no
t co
mpl
ete.
P
robe
in
to
list
of
item
s no
t re
turn
ed
by
the
empl
oyee
.
a.
Li
st
of
resi
gned
em
ploy
ees
b.
Full
and
final
se
ttlem
ent
77
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
78
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Phys
ical
and
Env
ironm
enta
l Sec
urity
Pro
cess
Inad
equa
te
Sec
urity
at
the
serv
er ro
om
• R
evie
w
the
secu
rity
syst
em f
or I
T fa
cilit
y,
serv
er ro
om
• N
ote
dow
n al
l th
e ch
ecks
ava
ilabl
e
Com
prom
ise
of
secu
rity
at t
he s
erve
r ro
om
wou
ld
resu
lt in
co
mpr
omis
ing
the
entir
e IT
inf
rast
ruct
ure
of th
e co
mpa
ny.
Iden
tify
the
thre
ats
due
to c
ompr
omis
e in
the
se
rver
ro
om
phys
ical
se
curit
y an
d lis
t.
•
Rev
iew
th
e en
viro
nmen
t ha
zard
s an
d th
reat
s an
d re
late
d co
ntro
ls.
Eg.
Fi
re, w
ater
logg
ing
etc
• R
evie
w
the
list
of
supp
ort
utili
ties
and
iden
tify
prot
ectio
n in
case
of f
ailu
res
• R
evie
w
whe
ther
th
e te
leco
mm
unic
atio
n an
d po
wer
cab
les
are
prop
erly
pr
otec
ted
(test
bas
is)
Pro
duct
ion/
oper
atio
ns
stop
page
du
et
o oc
curr
ence
of
su
ch
even
ts
Dow
ntim
e an
d re
cove
ry
time
to
be
calc
ulat
ed
due
to
occu
rren
ce
of
such
fa
ilure
s.
a.
In
sura
nce
polic
ies
78
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
79
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Inad
equa
te
Mai
nten
ance
of
IT a
sset
s
• R
evie
w w
heth
er A
MC
ex
ists
for a
ll th
e as
sets
(S
erve
r, D
eskt
ops,
B
ack
up,
Net
wor
k,
UP
S, P
ower
, AC
etc
.,)
Dow
ntim
e du
e to
re
pairs
and
dam
ages
. C
heck
th
e av
erag
e do
wnt
ime
and
frequ
ent
reas
ons
for r
epai
rs.
a.
A
MC
det
ails
b.
R
epai
rs
regi
ster
Info
rmat
ion
Secu
rity
Dep
artm
ent R
espo
nsib
ilitie
s re
view
Inad
equa
te
cont
rol
agai
nst
mal
icio
us
code
s
• N
ote
the
anti
viru
s so
ftwar
e be
ing
used
•
Ver
ify
whe
ther
th
e an
ti-vi
rus
is
upda
ted
regu
larly
Sys
tem
bre
akdo
wn
or
inef
ficie
ncie
s du
e to
no
n up
datio
n of
an
ti vi
rus
Inad
equa
te
back
up
of
in
form
atio
n
• Is
th
ere
a ba
ck
up
syst
em
in
exis
tenc
e.
Rev
iew
th
e ba
ck
up
frequ
ency
, m
edia
, da
ta
cove
rage
, st
orag
e,
reco
very
pr
oced
ures
Loss
of
da
ta
due
to
inad
equa
te
back
up
pr
oced
ures
. C
heck
the
nu
mbe
r of d
ays
of d
ata
that
wou
ld b
e lo
st i
n ca
se
of
failu
re
of
back
up m
echa
nism
Inad
equa
te
netw
ork
man
agem
ent
• U
nder
stan
d th
e ne
twor
k so
ftwar
e be
ing
used
•
Obt
ain
the
deta
iled
netw
ork
diag
ram
an
d id
entif
y th
e po
ints
of
co
ntac
t w
ith
exte
rnal
en
viro
nmen
t
Com
prom
ise
on
secu
rity
due
to
inad
equa
te
netw
ork
desi
gn
and
netw
ork
mon
itorin
g
a.
N
etw
ork
diag
ram
b.
N
etw
ork
secu
rity
polic
y
79
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
80
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
• R
evie
w
the
secu
rity
proc
edur
es
impl
emen
ted
in
the
exte
rnal
en
viro
nmen
t co
ntac
t poi
nts
• R
evie
w
the
netw
ork
secu
rity
polic
y an
d pr
oced
ures
in p
lace
•
Run
th
e ne
twor
k se
curit
y an
alyz
er
on
the
netw
ork
(if in
cas
e ne
cess
ary)
•
Ana
lyze
th
e ne
twor
k lo
g re
ports
to
ve
rify
thre
ats
Non
ava
ilabi
lity
of a
udit
logs
•
Rev
iew
the
set o
f log
s ge
nera
ted,
prin
ted
by
the
serv
er /
IT o
pera
tor
and
chec
k th
e pr
oced
ure
of a
naly
sis
• R
evie
w
the
rete
ntio
n pr
oced
ure
of t
he a
udit
logs
gen
erat
ed
Non
tra
ceab
ility
of
ac
tions
du
e to
no
n av
aila
bilit
y of
aud
it lo
gs
a.
A
udit
logs
de
tails
‘
80
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
81
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
Acc
ess
Con
trol
s R
evie
w
Inad
equa
te
acce
ss
defin
ition
s
• Is
th
ere
an
acce
ss
cont
rol p
olic
y in
pla
ce
• R
evie
w t
he p
roce
dure
fo
r gi
ving
lo
gin
/ ac
cess
for
new
use
rs
(for
dom
ain
/ se
rver
/
netw
ork,
ap
plic
atio
n sy
stem
s,
emai
l sy
stem
s, in
tern
et e
tc.,)
•
Rev
iew
th
e pr
oced
ures
fo
r de
letin
g th
e lo
gin
/ ac
cess
for
use
rs w
ho
have
resi
gned
. •
Rev
iew
w
heth
er
the
para
met
ers
are
upda
ted
for
regu
lar
pass
wor
d ch
ange
s,
pass
wor
d re
stric
tions
(a
lpha
num
eric
, sy
mbo
ls
etc.
), au
tom
atic
lock
ing
• Is
ther
e a
proc
edur
e in
pl
ace
for
regu
lar
man
agem
ent r
evie
w o
f ac
cess
rol
es g
iven
to
vario
us u
sers
.
Una
utho
rized
ac
cess
to
da
ta
resu
lting
in
co
mpr
omis
e of
co
nfid
entia
lity,
av
aila
bilit
y an
d in
tegr
ity
a.
A
cces
s co
ntro
l pol
icy
81
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
82
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erv-
atio
ns
• W
hen
was
th
e la
st
man
agem
ent
mee
ting
cond
ucte
d
•
Is
ther
e lo
gin
and
pass
wor
d sy
stem
be
fore
lo
ggin
g on
to
th
e op
erat
ing
syst
em
Info
rmat
ion
Secu
rity
Even
ts M
anag
emen
t
Inef
ficie
nt
Sec
urity
in
cide
nts
man
agem
ent
• W
ere
ther
e an
y se
curit
y br
each
es t
hat
have
ta
ken
plac
e in
th
e la
st
one
year
(h
acki
ng,
data
th
eft,
web
atta
ck e
tc.)
• R
evie
w t
he p
roce
dure
ho
w
they
ar
e m
anag
ed
Man
agin
g se
curit
y br
each
es
avoi
d re
curr
ence
of
su
ch
even
ts
a.
S
ecur
ity
Inci
dent
det
ails
82
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
83
Form
at N
o: B
/4.1
.6.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
6 M
arke
ting
Ris
ks R
evie
w C
heck
list
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Targ
et F
ixat
ion
a. C
heck
if
targ
ets
are
fixed
for
the
mar
ketin
g de
partm
ent
is
base
d on
th
e an
nual
sa
les
plan
Inac
cura
te
fixat
ion
of
targ
ets
b. R
evie
w i
f ta
rget
s ar
e br
oken
into
sho
rt te
rm
targ
ets
and
are
com
mun
icat
ed
to
the
mar
ketin
g te
am
Inac
cura
te
targ
ets
resu
lt in
in
adeq
uate
pl
an fo
r the
mar
ketin
g te
am.
Iden
tify
if th
e m
arke
ting
team
is
al
igne
d to
ac
hiev
e th
e ta
rget
s.
a.
Ann
ual S
ales
P
lan
b.
Sho
rt te
rms
sale
s pl
an
with
targ
ets
83
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
84
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
c. Is
th
e ta
rget
re
vise
d ba
sed
on a
naly
sis
of
actu
al p
erfo
rman
ce.
If th
ere
is a
revi
sion
, is
it ap
prov
ed
by
the
conc
erne
d au
thor
ity
Mar
ketin
g st
rate
gies
eva
luat
ion
Inap
prop
riate
m
arke
ting
stra
tegi
es
a.
Is
a m
arke
ting
plan
de
velo
ped
for
mee
ting
the
targ
ets.
• E
valu
ate
the
mar
ketin
g st
rate
gies
w
ith
resp
ect
to
Bra
ndin
g,
Adv
ertis
emen
t an
d ot
her
mar
ketin
g st
rate
gies
.
• Is
se
lect
ion
of
agen
cies
fo
r ad
verti
sem
ent
and
bran
ding
, fo
r m
edia
an
d pu
blis
hing
is d
one
base
d on
eva
luat
ion
of
qual
ity p
aram
eter
s
• Is
eva
luat
ion
done
for
in
crea
sing
cu
stom
er
base
, in
crea
sed
sale
s
Inad
equa
te m
arke
ting
plan
s re
sulti
ng
in
insu
ffici
ent
mar
ket
cove
rage
and
tar
gets
ac
hiev
emen
ts.
Ana
lyse
the
tre
nd o
f m
arke
ting
cost
s,
unde
r ea
ch s
trate
gy.
Ana
lyse
de
viat
ions
fro
m b
udge
t
a.
Adv
ertis
emen
t sp
end
deta
ils
84
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
85
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
etc
from
th
e m
arke
t sp
ends
c.
E
valu
ate
the
follo
win
g fo
r ens
urin
g th
e ad
equa
cy
of
mar
ketin
g st
rate
gies
:
• Is
th
ere
a de
pend
ence
on
si
ngle
cu
stom
er.
Cal
cula
te
the
prop
ortio
n of
sal
es
vis
– a-
vi
s th
e cu
stom
er
• Is
th
ere
depe
nden
ce
on
sing
le
prod
uct.
Ana
lyse
th
e pr
oduc
t wis
e sa
les
• Is
th
ere
depe
nden
ce
on
sing
le m
arke
t
Lack
of d
iver
sific
atio
n of
sa
les
resu
lts
in
sing
le p
oint
failu
re.
Cus
tom
er R
elat
ions
hip
Man
agem
ent
Inad
equa
te
Cus
tom
er
Info
rmat
ion
a.
Doe
s th
e co
mpa
ny
mai
ntai
n a
cust
omer
da
taba
se.
Is
it m
anua
l/sof
twar
e ba
sed.
C
heck
for
the
fol
low
ing
Inad
equa
te
info
rmat
ion
on
cust
omer
re
sults
in
in
accu
rate
dec
isio
ns.
a.
C
usto
mer
da
taba
se
85
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
86
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
in th
e da
taba
se:
• Is
the
upd
atio
n in
the
da
taba
se m
ade
on a
tim
ely
basi
s.
• A
re
all
the
requ
ired
field
s in
the
cus
tom
er
data
base
co
mpl
eted
by
the
sale
s te
am
• D
oes
it th
row
en
tire
info
rmat
ion
abou
t th
e cu
stom
er,
ie.
prod
ucts
or
dere
d,
no.
of
calls
m
ade
to th
e cu
stom
er,
deliv
ery
deta
ils e
tc
Iden
tify
case
s of
in
accu
rate
, in
com
plet
e an
d un
relia
ble
data
.
Inad
equa
te
actio
n on
C
usto
mer
Fe
edba
ck
Are
Cus
tom
er r
ejec
tions
ca
ptur
ed s
epar
atel
y an
d ac
tions
ar
e ef
fect
ivel
y ta
ken
on
the
sam
e.
Ens
ure
if re
ason
w
ise
anal
ysis
is
m
ade
and
corr
ectiv
e ac
tions
ar
e ta
ken
Freq
uent
C
usto
mer
re
ject
ion
resu
lts
in
poor
rep
utat
ion
of th
e co
mpa
ny.
Ana
lyse
the
rej
ectio
n ca
ses
and
perfo
rm
root
ca
use
anal
ysis
on
cas
es o
f fre
quen
t re
ject
ions
a.
C
usto
mer
re
ject
ions
su
mm
ary
Is
cu
stom
er
feed
back
ob
tain
ed
on
com
pany
’s
proj
ects
/per
form
ance
on
Cus
tom
er
feed
back
co
llect
ions
he
lps
in
desi
gnin
g th
e m
arke
t
86
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
87
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
a fre
quen
t ba
sis
and
step
s ta
ken
for
impr
ovem
ent
stra
tegy
an
d he
nce
need
s to
be
take
n on
a
frequ
ent b
asis
Mon
itorin
g
Inad
equa
te
ince
ntiv
e sy
stem
Che
ck t
he f
ollo
win
g fo
r ev
alua
ting
the
perfo
rman
ce
mea
sure
-m
ent
syst
em
of
the
mar
ketin
g te
am:
a. A
re
targ
ets
set
for
ever
y pe
rson
in
th
e m
arke
ting
team
b.
Are
the
tar
gets
bei
ng
revi
ewed
on
a m
onth
ly
basi
s c.
Is a
n in
cent
ive
syst
em
desi
gned
fo
r re
war
ding
ac
hiev
emen
t of
ta
rget
s d.
Are
su
itabl
e ac
tions
ta
ken
for
non
perfo
rman
ce
Inad
equa
te
mon
itor-
ing
of
perfo
rman
ce
resu
lting
in
po
or
sale
s an
d em
ploy
ee
mot
ivat
ion.
a.
Ta
rget
vi
s-a
vis
actu
als
com
paris
on
b.
Ince
ntiv
e sy
stem
an
d pa
ymen
t
87
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
88
Form
at N
o: B
/4.1
.7.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
7 Pr
oces
s R
isks
Rev
iew
Che
cklis
t
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Inde
nt R
aisi
ng P
roce
ss
Inad
equa
te
inde
ntin
g sy
stem
a. O
btai
n in
dent
s ra
ised
for
the
last
on
e m
onth
an
d ch
eck
the
adeq
uacy
, au
then
ticity
an
d co
mpl
eten
ess
of
inde
nts
with
res
pect
to
sanc
tioni
ng
auth
oriti
es,
desi
red
info
rmat
ion,
co
st
bene
fit
anal
ysis
, ba
ck-p
aper
s
etc.
,
Inde
nt r
aise
d w
ithou
t su
ffici
ent
just
ifica
tions
res
ultin
g in
pur
chas
e of
ite
ms
not
requ
ired
and
ther
eby
finan
cial
pa
yout
s
a.
In
dent
s ra
ised
fo
r a m
onth
b.
D
eleg
atio
n of
A
utho
rity
mat
rix
for
sanc
tioni
ng t
he
inde
nts
c.
Sup
porti
ng
docu
men
ts
for
inde
nts
88
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
89
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
b.
Stu
dy
cycl
e tim
e be
twee
n re
ceiv
ing
of
an
inde
nt a
nd r
aisi
ng o
f P
O
and
eval
uate
re
ason
s in
ca
se o
f exc
eptio
nal d
elay
s3
Del
ay in
pro
cure
men
t of
re
quire
d ite
ms
resu
lting
in
pr
oduc
tion
dela
ys
c. C
heck
if
the
requ
este
d ite
m i
s as
per
the
bud
get
or e
lse
auth
oriz
ed b
y th
e de
sign
ated
aut
horit
y
Pro
cure
men
t w
ithou
t su
ffici
ent
auth
oriz
atio
n re
sulti
ng
in
purc
hase
s m
ade
with
out j
ustif
icat
ion
a. P
urch
ase
Ord
ers
rais
ed
for
the
requ
isiti
ons
b. P
rocu
rem
ent
budg
et
d. G
ener
ate
an e
xcep
tion
repo
rt on
ope
n in
dent
s fo
r a
long
tim
e w
ith r
easo
ns
and
anal
yze
the
root
cau
se
for s
uch
dela
ys
Del
ay in
pro
cure
men
t of
re
quire
d ite
ms
resu
lting
in
pr
oduc
tion
dela
ys
a.
Lis
t of o
pen
inde
nts
e.
Che
ck
if an
y in
dent
s ha
ve
been
ra
ised
on
an
em
erge
ncy
basi
s an
d en
sure
th
at
they
ha
ve
been
au
thor
ized
ad
equa
tely
Pro
cure
men
t w
ithou
t su
ffici
ent
auth
oriz
atio
n re
sulti
ng
in
purc
hase
s m
ade
with
out j
ustif
icat
ion
3 1
. The
pro
cess
for c
alcu
latin
g th
e de
lays
can
be
done
usi
ng C
AAT
tool
s
89
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
90
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Purc
hase
Ord
er P
roce
ss
Inad
equa
te
sele
ctio
n of
ve
ndor
s
Che
ck i
f th
e pr
ocur
emen
t ha
s be
en m
ade
as p
er th
e P
urch
ases
po
licy
of
the
orga
niza
tion.
In
ca
se
of
non
avai
labi
lity
of p
urch
ase
polic
y,
for
the
sele
cted
pu
rcha
se o
rder
s ve
rify
the
follo
win
g:
a.
At
leas
t qu
otat
ions
fro
m
thre
e ve
ndor
s ha
ve
been
ob
ta-in
ed
for f
inal
izin
g
b.
Che
ck
if th
e ve
ndor
se
lect
ed
has
offe
red
the
best
rate
c.
V
erify
the
par
a-m
eter
s co
nsid
ered
fo
r ev
alua
tion
of q
ualit
y of
th
e pr
oduc
t/ser
vice
d.
C
heck
if
adeq
uate
ju
stifi
catio
ns
and
auth
oriz
atio
n ex
ist
in
case
of
purc
hase
fro
m
sole
su
pplie
r or
at
hi
gher
rate
s
Inad
equa
te
vend
or
sele
ctio
n re
sulti
ng i
n th
e fo
llow
ing:
4 a.
Pro
cure
men
t at
hi
gher
cos
t5 b.
Pro
cure
men
t of
su
b st
anda
rd
qual
ity m
ater
ial
c. V
endo
r no
t co
mpe
tent
to
de
liver
th
e se
rvic
e/m
ater
ial
d. P
ossi
bilit
y of
co
llusi
on
with
ve
ndor
s an
d th
ereb
y no
t ad
herin
g to
th
e ve
ndor
se
lect
ion
polic
y
a.
Pro
cure
men
t P
olic
y b.
Ven
dor s
elec
tion
docu
men
ts
c. D
eleg
atio
n of
A
utho
rity
Mat
rix
4 U
se o
f CA
AT
tool
s is
reco
mm
ende
d fo
r gen
erat
ing
exce
ptio
ns
5 Exc
eptio
nally
hig
h co
st o
f pro
cure
men
t nee
ds to
be
reco
rded
in th
e Fi
nal g
ener
atio
n of
Exc
eptio
ns re
port
90
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
91
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
e.
Che
ck
if ne
gotia
tions
ha
ve
been
m
ade
for
bette
r te
rms
of
purc
hase
f.
Che
ck i
f au
thor
izat
ion
for
the
purc
hase
s as
pe
r th
e D
eleg
atio
n of
A
utho
rity
defin
ed
by
the
orga
niza
tion
Rev
iew
the
agre
emen
t with
th
e ve
ndor
and
che
ck if
the
term
s an
d co
nditi
ons
are
met
for t
he m
ater
ial/s
ervi
ce
deliv
ered
Rec
eipt
of
m
ater
ial/s
ervi
ce
not
as p
er t
he t
erm
s an
d co
nditi
ons
agre
ed
upon
a.
Agr
eem
ent
betw
een
the
com
pany
and
the
vend
or
Che
ck
if th
ere
is
any
proc
ess
for
annu
al v
endo
r ev
alua
tion
and
the
perfo
rman
ce o
f th
e ve
ndor
ba
sed
on
qual
ity,
timel
y de
liver
y,
com
plia
nce
with
te
rms
and
cond
ition
s et
c ar
e ev
alua
ted
Inad
equa
te
Ord
erin
g pr
oces
s
Gen
erat
e lis
t of
Pur
chas
e O
rder
not
ser
vice
d on
tim
e an
d as
certa
in t
he r
easo
ns
for
the
sam
e. C
ompa
re th
e P
O
date
an
d G
R/s
ervi
ce
rece
ipt
note
da
te
and
asce
rtain
the
dela
ys
Del
ay in
pro
cure
men
t le
adin
g to
pro
duct
ion
dela
ys
a.
Goo
ds
deliv
ery/
serv
ice
rece
ipt n
ote
91
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
92
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Sta
tuto
ry
non
com
plia
nce
In c
ase
of im
ports
che
ck if
th
e st
atut
ory
regu
latio
ns
viz.
cu
stom
s re
gula
tions
, FE
MA
reg
ulat
ions
etc
are
co
mpl
ied
with
Sta
tuto
ry
Non
co
mpl
ianc
es re
sulti
ng
in
pena
lties
an
d of
fenc
es
unde
r va
rious
regu
latio
ns
S
tatu
tory
C
ompl
ianc
es
Che
cklis
t
a.
Cop
ies
of
paym
ent c
halla
ns
and
retu
rns
filed
Vend
or D
atab
ase
Man
agem
ent
Inac
cura
te
vend
or
data
base
Obt
ain
the
dum
p of
ven
dor
data
base
and
ana
lyze
for
th
e fo
llow
ing:
a.
Dup
licat
e ve
ndor
cod
esb.
Dup
licat
e ve
ndor
na
mes
c.
Ina
ccur
ate
upda
tion
of
vend
or d
etai
ls v
iz.
item
/s
ervi
ce s
uppl
ied,
rat
e,
term
s of
del
iver
y et
c by
co
mpa
ring
it w
ith
the
agre
emen
t d.
Acc
ess
to
the
vend
or
data
base
to
un
auth
oriz
ed
pers
on
(per
sons
in
de
partm
ents
oth
er th
an
proc
urem
ent
depa
rtmen
t)
Pur
chas
es
mad
e fro
m
fictit
ious
ve
ndor
s no
t su
ppor
ted
by
phys
ical
del
iver
y an
d re
sulti
ng in
pay
out
to
the
com
pany
a.
V
endo
r da
taba
se d
ump
b.
Agr
eem
ents
w
ith v
endo
rs
c.
Pur
chas
e or
ders
to th
e ve
ndor
d.
G
oods
rece
ipt
note
/ser
vice
de
liver
y no
te
92
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
93
Form
at N
o: B
/4.1
.8.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
8 P
rodu
ctio
n R
isks
Rev
iew
Che
cklis
t
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Prod
uctio
n Pl
anni
ng P
roce
ss
Inad
equa
te
Pro
duct
ion
Pla
n
a.
Is
ther
e a
Bill
of
M
ater
ial
(BO
M)
avai
labl
e fo
r th
e pr
oduc
tion
b.
Che
ck
the
proc
ess
for
evol
ving
the
Bill
of
Mat
eria
l c.
A
re
the
purc
hase
s m
ade
acco
rdin
g to
th
e B
OM
. C
heck
for
an
or
der,
of
the
purc
hase
s ar
e m
ade
as p
er B
OM
d.
Is
B
OM
co
mpr
ehen
sive
,
Inac
cura
te
estim
atio
n of
re
quire
men
ts
resu
lts in
un
nece
ssar
y pu
rcha
ses.
O
btai
n lis
t of v
ery
old
item
s in
the
inve
ntor
y an
d as
certa
in th
e re
ason
for n
ot u
sing
th
e ite
ms
and
agai
nst w
hich
BO
M
the
purc
hase
s w
ere
a.
Bill
of M
ater
ial
93
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
94
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
relia
ble
and
accu
rate
. C
heck
for
m
odifi
catio
ns i
f an
y in
B
OM
fo
r si
mila
r or
ders
an
d ob
tain
th
e ju
stifi
catio
n fo
r th
e sa
me
mad
e.
Che
ck th
e ov
ertim
e pa
ymen
ts m
ade
and
anal
yze
the
reas
ons
for w
orki
ng
over
time.
Che
ck if
th
e ov
ertim
e w
as
pre
plan
ned
or w
as
it in
the
proc
ess
of
prod
uctio
n.
a.
Is
pr
oduc
tion
plan
re
view
ed
on
a fre
quen
t ba
sis
for
mak
ing
nece
ssar
y ad
just
men
ts
b.
Is
the
cycl
e tim
e fro
m
Raw
m
ater
ial
char
ging
to
finis
hed
good
s ca
lcul
ated
an
d ev
alua
ted
Inad
equa
te re
view
of
the
prod
uctio
n pl
an re
sulti
ng in
pr
oduc
tion
inef
ficie
ncie
s.
Rev
iew
the
min
utes
of
the
mee
ting
rela
ting
to
prod
uctio
n re
view
s an
d ch
eck
if de
cisi
ons
mad
e in
th
e m
eetin
g ar
e im
plem
ente
d.
a.
Min
utes
of
mee
ting
for
prod
uctio
n re
view
94
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
95
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Raw
Mat
eria
l Cha
rgin
g
Inad
equa
te
cont
rols
on
raw
m
ater
ial
char
ging
pr
oces
s
a.
Are
th
e ra
w
mat
eria
ls
char
ged
as
per
the
prod
uctio
n pl
an
b.
Doe
s a
revi
ew
happ
ens
to
ensu
re
that
th
e co
rrec
t qu
ality
and
qua
ntity
of
ra
w
mat
eria
l fo
r th
e ba
tch
is
ch
arge
d c.
A
re
safe
ty
proc
edur
es
com
plie
d w
ith
in
case
of r
aw m
ater
ial
whi
ch
are
of
haza
rdou
s na
ture
Inac
cura
te c
harg
ing
of ra
w m
ater
ial
resu
lting
in q
ualit
y m
ism
atch
es.
a.
P
rodu
ctio
n P
lan
b.
Raw
M
ater
ial
char
ging
ch
ecks
heet
if
any
Inad
equa
te
qual
ity c
heck
a.
Is
the
raw
mat
eria
l ce
rtifie
d fo
r qu
ality
pr
ior t
o ch
argi
ng
b.
Che
ck
for
qual
ity
clea
ranc
e fo
r th
e ite
ms
intro
duce
d in
to
the
prod
uctio
n pr
oces
s c.
C
heck
th
e pr
oces
s
Inad
equa
te q
ualit
y ch
eck
resu
lts in
in
adeq
uate
qua
lity
of th
e fin
al p
rodu
ct
lead
ing
to c
usto
mer
re
ject
ions
. C
alcu
late
the
perc
enta
ge o
f
a.
Q
ualit
y cl
eara
nce
certi
ficat
es
b.
Qua
lity
chec
klis
t c.
C
usto
mer
re
ject
ions
d.
P
endi
ng c
laim
s
95
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
96
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
chec
klis
t us
ed
by
the
qual
ity
depa
rtmen
t fo
r ch
ecki
ng t
he q
ualit
y pa
ram
eter
s at
th
is
stag
e.
d.
Ver
ify if
the
chec
klis
t is
be
ing
fille
d up
ac
cura
tely
an
d co
mpl
etel
y fo
r ev
ery
inpu
t of m
ater
ial
reje
ctio
n at
the
raw
m
ater
ial s
tage
and
en
sure
if th
e pr
ocur
emen
t de
partm
ent h
as
take
n it
up w
ith th
e su
pplie
r for
cla
ims
if an
y.
Iden
tify
the
case
s of
cu
stom
er re
ject
ion
and
ensu
re if
it is
du
e to
raw
mat
eria
l qu
ality
. C
ompa
re th
e pr
oduc
tion
quan
tity
devi
atio
ns d
ue to
lo
w q
ualit
y of
raw
m
ater
ial.
Line
Pro
cess
es
Inad
equa
te
revi
ew o
f lin
e ac
tiviti
es
Doe
s th
e pr
oduc
tion
happ
en
as
per
the
defin
ed
proc
edur
e.
Ens
ure
the
follo
win
g fo
r ev
alua
ting
the
effic
ienc
y of
line
pro
cess
es:
a.
Are
lin
e ac
tiviti
es
Pro
duct
ion
not
carr
ied
out a
s pe
r th
e pr
oced
ure.
C
heck
on
qual
ity
reje
ctio
n in
line
and
ca
lcul
ate
the
a.
Doc
umen
ts
show
ing
outp
ut o
f lin
e ac
tiviti
es
96
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
97
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
supe
rvis
ed a
t ea
ch
stag
e b.
Is
th
e ou
tput
at
ea
ch
proc
ess
reco
rded
an
d si
gned
off
c.
Are
tra
nsfe
rs w
ithin
in
tern
al
proc
esse
s ad
equa
tely
do
cum
ente
d an
d re
view
ed
perc
enta
ge o
f suc
h re
ject
ions
and
fre
quen
t rea
sons
fo
r the
sam
e.
Inad
equa
te
reje
ctio
ns/re
wo
rk
Man
agem
ent
a. A
re
the
reje
ctio
ns/d
amag
es
and
was
tage
s ad
equa
tely
reco
rded
b.
Is
the
phys
ical
sto
ck
sent
to
raw
mat
eria
l w
areh
ouse
c.
Is
over
an
d un
der
cons
umpt
ion
calc
ulat
ions
m
ade
and
revi
ewed
by
the
prod
uctio
n de
partm
ent
Non
mon
itorin
g of
re
ject
ion
and
dam
ages
resu
lting
in
mat
eria
l le
akag
es.
Phy
sica
lly v
erify
if
the
mat
eria
l is
avai
labl
e
a.
Rej
ectio
ns/
dam
ages
re
cord
s
Inad
equa
te
Mac
hine
ry
Che
ck if
the
equi
pmen
ts
and
mac
hine
ry u
sed
in
Pro
duct
ion
dow
n tim
e du
e to
a. P
reve
ntiv
e M
aint
enan
ce
97
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
98
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Mai
nten
ance
th
e lin
es a
re m
aint
aine
d ad
equa
tely
. Is
th
ere
a pr
even
tive
mai
nten
ance
sc
hedu
le
evol
ved
and
adhe
red
to
by th
e co
mpa
ny
mac
hine
ry
brea
kdow
n R
evie
w th
e in
stan
ces
of
mac
hine
ry
brea
kdow
n an
d tim
e ta
ken
to re
ctify
th
e sa
me
and
the
num
ber o
f tim
es th
e in
stan
ce h
as
recu
rred
Sch
edul
e b.
Equ
ipm
ent
failu
re d
etai
ls
Non
ava
ilabi
lity
of u
tiliti
es
Iden
tify
the
key
utili
ties
requ
ired
for
the
prod
uctio
n pr
oces
s an
d en
sure
if
the
com
pany
ha
s ad
equa
te b
ack
up
for s
horta
ge in
sup
ply
of
utili
ties.
A
lso
ensu
re i
f re
cord
s ar
e m
aint
aine
d sh
owin
g ut
iliza
tion
deta
ils o
f ke
y ut
ilite
s
Non
ava
ilabi
lity
or
inef
ficie
nt u
sage
of
utili
ties
resu
lting
in
dow
n tim
e Id
entif
y in
stan
ces
of
dow
n tim
e du
e to
no
n av
aila
bilit
y of
ke
y ut
ilitie
s an
d th
e ac
tions
take
n fo
r en
surin
g co
ntin
uous
sup
ply
of th
e sa
me
a.
Pro
duct
ion
dow
n tim
e de
tails
Inad
equa
te
qual
ity c
heck
in
a.
Is t
he o
utpu
t in
the
lin
e ce
rtifie
d fo
r In
adeq
uate
qua
lity
chec
k re
sults
in
a.
Q
ualit
y cl
eara
nce
98
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
99
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
the
lines
qu
ality
pr
ior
to
pass
ing
it to
the
next
pr
oces
s or
to
th
e fin
ishe
d go
ods
war
ehou
se
b.
Che
ck
for
qual
ity
clea
ranc
e fo
r th
e ou
tput
c.
C
heck
th
e pr
oces
s ch
eckl
ist
used
by
th
e qu
ality
de
partm
ent
for
chec
king
the
qua
lity
para
met
ers
at
this
st
age.
d.
V
erify
if th
e ch
eckl
ist
is
bein
g fil
led
up
accu
rate
ly
and
com
plet
ely
for
ever
y in
put o
f mat
eria
l
inad
equa
te q
ualit
y of
the
final
pro
duct
le
adin
g to
cus
tom
er
reje
ctio
ns.
Cal
cula
te th
e pe
rcen
tage
of
reje
ctio
n an
d qu
antif
y th
e fin
anci
al b
urde
n Id
entif
y th
e ca
ses
of
cust
omer
reje
ctio
n an
d en
sure
if it
is
due
to p
roce
ssin
g qu
ality
. C
ompa
re th
e pr
oduc
tion
quan
tity
devi
atio
ns d
ue to
lo
w q
ualit
y of
out
put
certi
ficat
es
b.
Qua
lity
chec
klis
t c.
C
usto
mer
re
ject
ions
d.
P
endi
ng c
laim
s
Fini
shed
Goo
ds M
anag
emen
t Pro
cess
Inad
equa
te
stor
age
of
finis
hed
good
s
a. A
re
the
finis
hed
good
s st
ored
in
a
safe
loca
tion
prio
r to
tra
nsfe
rrin
g it
to t
he
war
ehou
se
Qua
lity
reje
ctio
ns
due
to im
prop
er
stor
age
a.
Qua
lity
reje
ctio
ns
99
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
10
0
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Che
ck fo
r ins
tanc
es
of q
ualit
y re
ject
ions
du
e to
dam
age
to
mat
eria
l afte
r pr
oduc
tion
and
prio
r to
tran
sfer
to
pack
ing
sect
ion
Inad
equa
te
proc
edur
e fo
r pa
ckin
g an
d la
belin
g of
m
ater
ial
Che
ck
for
cont
rols
ad
opte
d du
ring
the
pack
ing
and
labe
ling
proc
ess
to
ensu
re
the
follo
win
g:
• C
onta
iner
s us
ed f
or
pack
ing
are
corr
ect
• Th
e qu
antit
y of
m
ater
ial
pack
ed
is
accu
rate
• Ta
ggin
g of
the
fin
al
prod
uct
to t
he b
atch
is
mad
e ac
cura
tely
• La
belli
ng i
s do
ne a
s pe
r th
e st
anda
rds
defin
ed
• P
rices
are
prin
ted
as
per
the
appr
oved
pr
ice
list
Qua
lity
reje
ctio
ns –
in
tern
al a
nd
exte
rnal
due
to
inad
equa
te p
acki
ng
and
labe
ling.
Id
entif
y th
e re
ason
s fo
r rej
ectio
ns a
nd
eval
uate
the
actio
n ta
ken
for a
void
ing
recu
rren
ce o
f the
sa
me.
100
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
10
1
Form
at N
o: B
/4.1
.9.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
9 S
ales
and
dis
patc
h R
isks
Rev
iew
Che
cklis
t
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Sale
s Pl
an
Inac
cura
te
fixat
ion
of
targ
ets
a.
Eva
luat
e th
e pr
oces
s ad
opte
d fo
r m
akin
g an
nual
sa
les
plan
. C
heck
the
follo
win
g:
• Is
the
annu
al s
ales
pla
n pr
epar
ed
afte
r co
nsid
erat
ion
of
perfo
rman
ce
in
the
prev
ious
per
iod
• W
hat
are
the
aspe
cts
anal
yzed
fo
r pr
epar
atio
n of
pla
n an
d ar
e th
ey a
dequ
ate
Inac
cura
te
targ
ets
resu
lt in
in
adeq
uate
pl
an
for
the
mar
ketin
g te
am.
Iden
tify
if th
e m
arke
ting
team
is
al
igne
d to
ac
hiev
e th
e ta
rget
s.
a.
A
nnua
l Sal
es
Pla
n b.
S
hort
term
s sa
les
plan
w
ith ta
rget
s
101
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
10
2
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
• Is
the
annu
al s
ales
pla
n ap
prov
ed
by
the
conc
erne
d au
thor
ity
• Is
the
sal
es p
lan
mad
e fo
r al
l the
pro
duct
s an
d lo
catio
ns
of
the
com
pany
• H
as
it be
en
com
mun
icat
ed to
all
the
depa
rtmen
ts
Ord
er B
ooki
ng a
nd D
eliv
ery
Inco
mpl
ete/
ina
ccur
ate
orde
rs
book
ed
Rev
iew
th
e pr
oces
s of
or
der
book
ing
and
verif
y th
e fo
llow
ing:
a.
A
re
the
orde
rs
book
ed
com
plet
ely.
C
heck
if
all
the
calls
as
up
date
d in
th
e cu
stom
er
call
data
base
is b
ooke
d. If
no
t as
certa
in
the
reas
ons
for
non
conv
ersi
on
of
the
orde
r b.
C
ompa
re t
he d
ate
of
call
and
date
of
orde
r an
d id
entif
y re
ason
s fo
r del
ays
if an
y
Ris
k of
de
liver
y w
ithou
t bo
okin
g of
or
ders
. E
valu
ate
the
mon
itorin
g sy
stem
for
cust
omer
cal
ls, f
ollo
w
up a
nd c
losu
re a
nd
iden
tify
poin
ts
of
cont
rol
laps
es
lead
ing
to
non
book
ing
of o
rder
s.
a.
S
ales
O
rder
co
pies
b.
C
usto
mer
ca
ll in
form
atio
n
102
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
10
3
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
Mis
mat
ch
betw
een
orde
rs
and
deliv
ery
a. V
erify
if
the
deliv
ery
is
supp
orte
d by
sa
les
orde
r b.
Ens
ure
that
the
deliv
ery
is
mon
itore
d an
d au
thor
ized
c.
Ver
ify
the
cont
rols
fo
r as
certa
inin
g th
at
the
mat
eria
l ha
s ac
tual
ly
reac
hed
the
cust
omer
. D
oes
the
pers
on
deliv
erin
g th
e go
ods
carr
y th
e ac
know
ledg
emen
t co
py
from
the
cus
tom
er a
nd
is it
che
cked
. d.
Ver
ify i
f th
ere
are
any
dela
ys
in
deliv
ery
by
com
parin
g th
e ca
ll cl
osur
e,
orde
r an
d de
liver
y
e. If
th
e de
liver
y is
ou
tsou
rced
to
an
ag
ency
, an
alyz
e th
e su
ppor
ting
docu
men
ts
for
mak
ing
paym
ents
to
the
agen
cy a
nd a
lso
the
syst
ems
for
mon
itorin
g th
e ag
ency
’s
perfo
rman
ce
Cus
tom
er
reje
ctio
ns
due
to
inad
equa
te
deliv
ery.
C
heck
fo
r in
stan
ces
of r
ejec
tions
from
the
cust
omer
s an
d an
alyz
e th
e re
ason
s fo
r th
e sa
me.
C
alcu
late
th
e m
onet
ary
impa
ct,
due
to
repe
ated
di
spat
ches
or
wro
ng
disp
atch
es,
dam
ages
du
ring
trans
porta
tion
etc.
a.
D
eliv
ery
Ord
ers
b.
Cus
tom
er
ackn
owle
dge
men
ts
c.
Cus
tom
er
reje
ctio
ns
103
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
10
4
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
f. A
naly
ze
the
logi
stic
s ar
rang
emen
ts
and
iden
tify
area
s of
du
plic
atio
n,
inef
ficie
ncie
s et
c
Invo
icin
g In
accu
rate
in
voic
ing
a.
Che
ck i
f th
e in
voic
es
are
seria
lly c
ontro
lled
and
iden
tify
dupl
icat
e,
canc
elle
d or
m
issi
ng
invo
ices
if a
ny
b.
Che
ck i
f th
e in
voic
es
are
prep
ared
at
th
e rig
ht p
rice
for t
he ri
ght
mat
eria
l. If
the
invo
ices
ar
e sy
stem
ge
nera
ted,
che
ck t
he
appl
icat
ion
logi
c fo
r ra
te
and
mat
eria
l/ser
vice
s se
lect
ion
c.
Che
ck
if th
ere
has
been
an
y de
lays
in
voic
ing
by
com
parin
g th
e or
der
date
and
invo
ice
date
an
d as
certa
in
reas
ons
for t
he s
ame
d.
Che
ck if
all
the
orde
rs
and
deliv
erie
s ar
e
Inad
equa
te
invo
icin
g re
sults
in
di
rect
re
venu
e lo
ss f
or t
he
com
pany
. Id
entif
y ca
ses
of
inac
cura
cies
an
d de
lays
and
cal
cula
te
the
reve
nue
lost
due
to
the
sam
e.
a.
In
voic
e R
egis
ter
b.
Sal
es
orde
rs
and
deliv
ery
note
s
104
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
10
5
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
-tio
ns
invo
iced
e.
A
re
the
invo
ices
au
thor
ized
by
th
e de
sign
ated
per
son
Col
lect
ion
Proc
ess
Inad
equa
te
cont
rols
in
co
llect
ion
proc
ess
Che
ck i
f th
e co
llect
ion
is
mad
e by
th
e m
arke
ting
team
. If
yes
eval
uate
the
fo
llow
ing:
a.
A
re a
dequ
ate
cont
rols
de
sign
ed
in
the
colle
ctio
n pr
oces
s to
en
sure
th
at
ther
e is
no
le
akag
e at
th
e po
int o
f col
lect
ion
and
rem
ittin
g it
to
the
com
pany
b.
A
re
cash
co
llect
ions
di
sallo
wed
, if
allo
wed
is
it
supp
orte
d by
su
itabl
e do
cum
ents
c.
Is
the
re a
pos
sibi
lity
for
collu
sion
bet
wee
n th
e m
arke
ting
team
an
d cu
stom
er
d.
Is
agei
ng
anal
ysis
do
ne
on
rece
ivab
les
and
follo
w
up
take
n pe
riodi
cally
Inad
equa
te
cont
rols
re
sult
in
reve
nue
leak
age.
A
sses
s th
e tre
nd o
f co
llect
ions
, ch
eck
if th
ey a
re a
s pe
r th
e te
rms
and
cond
ition
s an
d is
th
ere
any
poss
ibili
ty
for
rela
xatio
n in
th
e cy
cle
a.
A
gein
g re
port
b.
Col
lect
ion
sum
mar
y
105
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
10
6
Form
at N
o: B
/4.1
.10.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
10
Stat
utor
y C
ompl
ianc
es R
evie
w C
heck
list6
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
Cen
tral
Exc
ise
Act
• D
oes
the
exci
se
regi
stra
tion
certi
ficat
e co
ver
all
chap
ters
/sub
head
ings
/pro
duct
s
• Is
th
e st
orag
e gr
ound
pl
an
appr
oved
by
th
e E
xcis
e R
ange
su
perin
tend
ent
• H
as n
otic
e of
the
last
cha
nge
in th
e un
it he
ad
been
gi
ven
to
Exc
ise
auth
oriti
es
• A
re t
he E
xcis
e au
thor
ities
info
rmed
ab
out
the
pre-
auth
entic
ated
ser
ial
nos.
of i
nvoi
ces
a.
Exc
ise
Reg
istra
tion
Cer
tific
ate
b.
RG
23D
Reg
iste
r c.
E
xcis
e R
etur
ns
6 T
he C
heck
list i
s in
clus
ive
and
is s
ubje
ct to
cha
nge
as p
er th
e ch
ange
s to
the
Sta
tute
s. T
he c
heck
list c
an b
e us
ed a
s an
indi
cativ
e ch
eckl
ist a
nd is
not
fina
l.
106
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
10
7
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• A
re d
uplic
ate
for
trans
porte
r co
pies
of
exc
ise
invo
ices
ava
ilabl
e fo
r al
l co
nsig
nmen
ts
ente
red
in
RG
23D
re
gist
er (
for
rece
ipt
of g
oods
fro
m
plan
ts o
r oth
er lo
catio
ns)
• Is
the
RG
23D
reg
iste
r m
aint
aine
d pr
oper
ly
(con
sign
men
t-wis
e)
and
alw
ays
kept
upt
o da
te
• D
o ph
ysic
al s
tock
s re
conc
ile w
ith
book
sto
cks
as s
how
n in
RG
23D
re
gist
er a
s on
the
date
of r
epor
t
• A
re e
xcis
e re
turn
s fil
ed b
y th
e 10
th
of th
e su
bseq
uent
mon
th
Inco
me
Tax
Act
• H
as
the
unit
mad
e an
y ca
sh
paym
ents
for
exp
ense
s ab
ove
Rs
2000
0
• H
as th
e un
it pa
id lo
ans
/ adv
ance
s /
depo
sits
in c
ash
abov
e R
s 20
000
• H
as
the
unit
rece
ived
lo
ans
/ ad
vanc
es /
dep
osits
in c
ash
abov
e R
s 20
000
• if
yes,
the
n ha
s th
e un
it ob
tain
ed
the
PA
N n
umbe
r and
add
ress
of t
he
party
a.
TDS
Cha
llans
b.
TD
S re
turn
s
107
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
10
8
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• Is
tax
bei
ng d
educ
ted
at s
ourc
e at
co
rrec
t ra
tes
on a
ll pa
ymen
ts li
able
fo
r ded
uctio
n of
tax
at s
ourc
e
• H
as T
DS
rem
ittan
ces
and
retu
rns
mad
e as
per
the
due
date
Serv
ices
Tax
• V
erify
th
e R
egis
tratio
n of
th
e as
sess
ee
with
th
e S
ervi
ce
Tax
Com
mis
sion
erat
e
• W
heth
er s
epar
ate
regn
. ta
ken
for
each
ser
vice
pro
vide
d
• C
heck
th
e op
enin
g cr
edit
of
the
curr
ent
year
and
clo
sing
ent
ries
of
the
prev
ious
yea
r
• C
heck
whe
ther
the
tax
inv
oice
is
prop
er a
nd m
entio
ns th
e R
egn.
No.
of
th
e as
sess
ee,
Sep
arat
ely
men
tions
the
rate
of t
ax a
nd a
mou
nt
of t
ax.
(Fro
m s
ampl
es o
f th
e bi
lls
rais
ed fo
r col
lect
ing
the
serv
ice
tax.
)
• C
heck
whe
ther
the
tax
inv
oice
is
prop
er a
nd m
entio
ns th
e R
egn.
No.
of
th
e se
rvic
e pr
ovid
er
and
Sep
arat
ely
men
tions
the
rat
e of
tax
an
d am
ount
of t
ax. (
Fro
m s
ampl
es
of
the
bills
re
ceiv
ed
by
the
asse
ssee
from
ser
vice
pro
vide
rs)
108
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
10
9
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• If
the
rate
s ap
plie
d ar
e di
ffere
nt,
take
a
copy
of
th
e au
thor
ity/n
otifi
catio
n un
der
whi
ch
such
ch
ange
is
ap
prov
ed.
Ex.
C
ompo
sitio
n, N
otifi
catio
n, e
tc.
• C
heck
w
heth
er
mon
th
wis
e st
atem
ent
of
serv
ice
tax
rece
ivab
le/p
ayab
le
acco
unt
mat
chin
g w
ith
the
mon
thly
pa
ymen
ts o
f ser
vice
tax.
• C
heck
whe
ther
the
ser
vice
tax
has
be
en
depo
site
d w
ith
in
the
due
date
s
• C
heck
H
alf
Yea
rly
retu
rns
filed
. Ta
lly
it w
ith
both
th
e m
onth
ly
paym
ents
and
as
wel
l as
the
ledg
er
entri
es a
s th
e re
leva
nt d
ates
.
• R
evie
w t
he r
etur
n an
d se
e w
heth
er
the
retu
rn i
s ac
cura
te a
s to
, in
put
cred
it, o
utpu
t tax
pay
able
, val
uatio
n of
ser
vice
s, c
arry
for
war
d of
cre
dit,
etc.
• C
heck
the
Cor
resp
onde
nce
if an
y w
ith
the
Dep
artm
ent
and
its
com
plia
nce
and
impa
ct.
109
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
11
0
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
Sale
s Ta
x A
ct/ V
alue
Add
ed T
ax/ C
entr
al S
ales
Tax
Act
• D
oes
the
esta
blis
hmen
t ha
ve
regi
stra
tion
certi
ficat
es f
or L
ST
and
CS
T
• H
as
the
unit
incl
uded
ad
ditio
nal
godo
wn
/ se
ason
al
godo
wns
as
ad
ditio
nal p
lace
s of
bus
ines
s in
the
sa
les
tax
regi
stra
tion
certi
ficat
e
• H
ave
all t
he p
rodu
cts
hand
led
been
de
clar
ed in
the
sale
s ta
x re
gist
ratio
n ce
rtific
ates
• Is
th
e LS
T an
d C
ST
certi
ficat
e pr
omin
ently
di
spla
yed
at
the
unit
and
addi
tiona
l god
owns
• H
as s
ales
tax
been
cha
rged
on
sale
of
ass
ets
at c
orre
ct ra
tes
• A
re
the
reco
rds,
re
quire
d to
be
m
aint
aine
d fo
r S
ales
Tax
/ In
com
e Ta
x pu
rpos
es
avai
labl
e at
th
e lo
catio
n
• H
as th
e un
it re
conc
iled
the
varia
nce
betw
een
the
sale
s ta
x pa
yabl
e as
sh
own
in b
ooks
of a
ccou
nts
( E
RP
) an
d th
e am
ount
act
ually
pai
d
Reg
istra
tion
Cer
tific
ate
Sal
es T
ax C
halla
n S
ales
Tax
Ret
urns
110
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
11
1
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• D
oes
the
unit
mai
ntai
n ac
know
ledg
ed S
ales
Tax
cha
llans
• D
oes
the
unit
depo
sit
sale
s ta
x du
es d
uly
with
in d
ue d
ates
• D
oes
the
unit
file
the
sale
s ta
x re
turn
s du
ly w
ithin
due
dat
es
ESIC
Act
Is
the
uni
t re
gist
ered
und
er E
SIC
1
Em
ploy
ees
draw
ing
wag
es
(exc
ludi
ng
over
time)
le
ss
than
or
eq
ual
to
Rs
7500
/- ar
e co
vere
d un
der t
he A
ct.
2.
If no
t co
vere
d un
der
ES
IC,
Wor
kmen
C
ompe
nsat
ion
Act
w
ill
appl
y.
• If
secu
rity
cont
ract
ors
have
be
en
regi
ster
ed s
epar
atel
y, t
hen
are
the
copi
es o
btai
ned
from
them
and
kep
t in
saf
e cu
stod
y
• H
ave
decl
arat
ion
form
s (F
orm
1)
an
d re
turn
of
de
clar
atio
n fo
rm
(For
m 3
) fo
r ne
w e
mpl
oyee
s be
en
subm
itted
imm
edia
tely
on
thei
r da
y of
join
ing
ES
I C
halla
ns
of
bo
th
com
pany
/ co
ntra
ctor
E
SI
Ret
urns
of
bo
th
com
pany
/ con
tract
ors
ES
I C
ompl
ianc
es
File
s (V
ario
us f
orm
s fil
ed w
ith
ES
I aut
horit
ies)
111
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
11
2
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• H
as
the
unit
pres
erve
d al
l E
SIC
pa
ymen
t cha
llans
and
retu
rns
• H
as th
e un
it m
aint
aine
d an
Acc
iden
t re
gist
er (F
orm
15)
• H
as t
he u
nit
repo
rted
all r
epor
tabl
e ac
cide
nts
(i.e.
w
hich
pr
even
t an
em
ploy
ee t
o re
port
from
dut
y fo
r a
perio
d gr
eate
r th
an 4
8 ho
urs)
to th
e E
SIC
au
thor
ities
vi
de
Acc
iden
t R
epor
t (F
orm
16
- a
vaila
ble
in t
he
Act
)
• H
as
the
unit
mai
ntai
ned
Form
-7
regi
ster
sh
owin
g m
onth
ly
ES
IC
cont
ribut
ions
and
all
the
deta
ils o
f em
ploy
ees
cove
red
unde
r th
e E
SIC
A
ct
(The
Com
pany
or
the
cont
ract
or,
in
case
he
has
his
own
code
, nee
ds to
m
aint
ain
Form
7)
• H
as
the
unit
mai
ntai
ned
ES
IC
Rec
ords
fo
r pr
evio
us
year
s (n
o m
axim
um l
imit)
as
insp
ectio
n ca
n be
car
ried
out
by a
utho
ritie
s at
any
tim
e.
• H
as
the
unit
depo
site
d E
SIC
m
onth
ly
cont
ribut
ions
(b
oth
empl
oyer
an
d em
ploy
ee)
befo
re
21st
of t
he n
ext m
onth
112
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
11
3
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• H
as t
he u
nit
filed
ES
IC h
alf-y
early
re
turn
in
Form
-6 w
ithin
42
days
of
the
half-
year
end
ed S
epte
mbe
r 30
or
Mar
ch 3
1, a
s th
e ca
se m
ay b
e
Wor
kmen
’s C
ompe
nsat
ion
Act
• H
as t
he u
nit
filed
the
ann
ual r
etur
n un
der W
orkm
en's
com
pens
atio
n A
ct
with
in
the
due
date
s? (T
his
act
is n
ot a
pplic
able
to
thos
e co
vere
d un
der t
he E
SIC
Act
)
Min
imum
Wag
es A
ct
• H
as th
e un
it di
spla
yed
a co
py o
f the
A
bstra
ct o
f the
Min
imum
Wag
es A
ct
• H
as t
he u
nit
disp
laye
d th
e no
tice
cont
aini
ng
the
min
imum
ra
tes
of
wag
es a
pplic
able
• Is
min
imum
wag
es p
aid
to c
ontra
ct
labo
ur
/sec
urity
pe
rson
nel,
in
the
pres
ence
of c
ompa
ny e
mpl
oyee
s
• H
as th
e un
it fil
ed th
e A
nnua
l ret
urns
un
der M
inim
um W
ages
act
113
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
11
4
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
Paym
ent o
f Wag
es A
ct
• D
oes
the
unit
appr
opria
tely
mai
ntai
n re
cord
s sp
ecify
ing
nam
es
of
empl
oyee
s an
d w
ages
pai
d to
them
• D
oes
the
unit
prom
inen
tly d
ispl
ay
the
abst
ract
of
paym
ent
of w
ages
ac
t and
rule
s
• H
as t
he u
nit
filed
Ann
ual
retu
rns
unde
r P
aym
ent
of
Wag
es
Act
NO
T A
PPLI
CA
BLE
FO
R U
NIT
S IN
M
AH
AR
ASH
TRA
Prof
essi
onal
Tax
• D
oes
the
unit
mai
ntai
n ac
know
ledg
ed
Pro
fess
ion
tax
chal
lans
• H
as t
he u
nit
depo
site
d th
e m
onth
ly
prof
essi
on T
ax w
ithin
the
due
date
s(T
ime
perio
d fo
r th
e pa
ymen
t of t
ax
is S
tate
spe
cific
)
• H
as t
he u
nit
filed
Pro
fess
ion
Tax
retu
rns
with
in d
ue d
ates
• H
as
the
unit
paid
co
mpa
ny
prof
essi
on ta
x w
ithin
due
dat
e
114
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
11
5
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
Shop
and
Est
ablis
hmen
t Act
• Is
th
e S
hop
and
Est
ablis
hmen
t R
egis
tratio
n ce
rtific
ate
valid
as
on
date
• Is
th
e S
hop
and
Est
ablis
hmen
t re
gist
ratio
n ce
rtific
ate
prom
inen
tly
disp
laye
d
• H
as n
otic
e of
the
last
cha
nge
in th
e un
it he
ad b
een
give
n to
Sho
p an
d E
stab
lishm
ent a
utho
ritie
s
• H
as
the
unit
subm
itted
no
tice
of
wee
kly
holid
ays
and
notic
e of
dai
ly
wor
king
ho
urs
to
the
Insp
ecto
r un
der S
hop
and
Est
b A
ct
• H
as th
e un
it di
spla
yed
a co
py o
f the
no
tice
of
daily
w
orki
ng
hour
s su
bmitt
ed
to
the
Insp
ecto
r un
der
Sho
ps a
nd E
stb
Act
• Is
the
nam
e an
d ad
dres
s of
the
lo
cal
labo
ur i
nspe
ctor
dis
play
ed a
s pe
r Sho
p an
d E
stb
Act
• D
oes
the
unit
mai
ntai
n an
in
spec
tion
book
for
vis
it re
mar
ks o
f th
e In
spec
tor
115
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
11
6
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• D
oes
the
unit
mai
ntai
n a
mus
ter
regi
ster
as
per
Sho
p an
d E
stb
Act
fo
r al
l co
mpa
ny
and
cont
ract
ed
empl
oyee
s
• A
re
the
empl
oyee
le
ave
card
s m
aint
aine
d an
d up
date
d as
on
date
Paym
ent o
f Bon
us A
ct
• D
oes
the
unit
mai
ntai
n pa
ymen
t of
B
onus
regi
ster
Paym
ent o
f Gra
tuity
Act
• H
as
the
unit
subm
itted
no
tice
of
open
ing
of e
stab
lishm
ent
(For
m A
) un
der
the
Gra
tuity
A
ct
to
the
Con
trolli
ng A
utho
rity
with
in 3
0 da
ys
of
star
ting
of
the
unit
(Not
e: T
his
poin
t is
app
licab
le o
nly
for n
ew u
nits
)
• H
as t
he u
nit
prom
inen
tly d
ispl
ayed
th
e ab
stra
ct o
f P
aym
ent
of G
ratu
ity
Act
• H
as t
he u
nit
intim
ated
any
cha
nge
in th
e un
it he
ad o
r add
ress
of u
nit t
o th
e C
ontro
lling
Aut
horit
y in
For
m B
• H
as t
he u
nit d
ispl
ayed
the
nam
e of
C
ompa
ny’s
of
ficer
au
thor
ized
to
re
ceiv
e no
tices
und
er th
e A
ct
116
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
11
7
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
Con
trac
t Lab
our [
Reg
ulat
ion
and
Abo
litio
n] A
ct
• Is
this
Act
app
licab
le to
the
unit?
• H
as t
he u
nit
obta
ined
Reg
istra
tion
Cer
tific
ate
unde
r th
e A
ct
for
enga
ging
Con
tract
Lab
our?
• D
oes
the
unit
mai
ntai
n R
egis
ters
of
Con
tract
ors
cont
aini
ng
all
the
nam
es
of
Con
tract
La
bour
st
aff
(from
va
rious
co
ntra
ctor
s),
the
natu
re o
f w
ork
perfo
rmed
by
the
cont
ract
la
bour
an
d th
e ra
tes
of
wag
es p
aid
to c
ontra
ct la
bour
?
• A
re t
he w
ages
to
cont
ract
lab
our
staf
f pa
id
in
pres
ence
of
m
anag
emen
t re
pres
enta
tive
Com
pany
?
• H
as t
he u
nit
disp
laye
d th
e ab
stra
ct
of th
e C
ontra
ct L
abou
r Act
/Rul
es?
• H
as th
e co
mpa
ny e
nter
ed in
to le
gal
agre
emen
t with
the
Con
tract
ors?
• H
as
the
unit
(prin
cipa
l em
ploy
er)
filed
ann
ual r
etur
ns u
nder
the
Act
?
• H
ave
the
Con
tract
ors
obta
ined
Li
cens
e un
der t
he A
ct?
117
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
11
8
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• D
o th
e C
ontra
ctor
s re
new
th
eir
Lice
nse
ever
y ye
ar?
• H
ave
the
Con
tract
ors
take
n a
sepa
rate
cod
e nu
mbe
r fo
r P
F an
d E
SI
cove
rage
and
con
tribu
tions
are
re
mitt
ed a
ccor
ding
ly?
• D
o th
e co
ntra
ctor
s m
aint
ain
the
fo
llow
ing:
M
uste
r Rol
l
R
egis
ter o
f Wag
es
R
egis
ter o
f Ded
uctio
ns
R
egis
ter o
f Ove
rtim
e
R
egis
ter o
f Fin
es
R
egis
ter o
f Adv
ance
• A
re
the
Con
tract
ors
keep
ing
the
regi
ster
s/re
cord
s re
leva
nt
to
the
empl
oym
ent
with
in 3
km
s ne
arer
to
the
wor
k pl
ace?
• H
ave
the
Uni
t di
spla
yed
notic
e sh
owin
g ra
tes
of
wag
es/h
ours
of
w
ork/
wag
e pe
riod/
date
of
paym
ent
of w
ages
/dat
e of
pay
men
t of u
npai
d w
ages
and
the
nam
e an
d ad
dres
s of
the
Ins
pect
or h
avin
g ju
risdi
ctio
n ov
er th
e U
nit?
118
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
11
9
Aud
it St
eps
to V
erify
A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
In
form
atio
n R
equi
red
from
Aud
itee
Obs
erva
tions
• H
as
the
Con
tract
ors
issu
ed
Em
ploy
men
t C
ard/
Wag
e sl
ips
to
thei
r wor
kers
?
• H
ave
the
Con
tract
ors
filed
H
alf
year
ly re
turn
s un
der t
he A
ct?
• D
o th
e C
ontra
ctor
s is
sue
Ser
vice
C
ertif
icat
e to
th
eir
wor
kers
on
te
rmin
atio
n?
119
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
12
0
Form
at N
o: B
/4.1
.11.
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
4.1.
11 A
dmin
istr
atio
n R
isks
Rev
iew
Che
cklis
t
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Faci
litie
s Pl
an
Non
ava
ilabi
lity
of
adm
inis
tratio
n pl
an
• C
heck
if
faci
litie
s pl
an
is
mad
e ba
sed
on
Ann
ual O
pera
ting
Pla
n
• C
heck
if
it is
co
mm
unic
ated
ad
equa
tely
• C
heck
if
the
adm
inis
tratio
n de
partm
ent
has
an
inte
rnal
pr
ocur
emen
t pl
an g
ener
ated
for
the
ap
prov
ed fa
cilit
ies
and
plac
ed
it w
ith
the
proc
urem
ent
depa
rtmen
t
Inad
equa
te
plan
re
sulti
ng
in
inad
equa
te
purc
hase
s an
d no
n av
aila
bilit
y of
th
e re
leva
nt
faci
litie
s on
tim
e
A
nnua
l pe
ratin
g P
lan
Faci
ltiie
s P
lan
120
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
12
1
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Secu
rity
Func
tions
Inad
equa
te
sele
ctio
n an
d m
onito
ring
of
secu
rity
func
tions
Rev
iew
if
the
Sec
urity
fu
nctio
ns a
re m
anag
ed i
n ho
use
or
outs
ourc
ed.
If ou
tsou
rced
, ch
eck
the
adeq
uacy
of
ev
alua
tion
done
fo
r se
lect
ion
of
secu
rity
pers
ons7
Com
prom
ise
to
phys
ical
se
curit
y as
pect
s du
e to
w
rong
sel
ectio
n of
gu
ards
R
evie
w
the
secu
rity
proc
ess
and
ensu
re
the
follo
win
g:
a. D
oes
the
Sec
urity
G
uard
no
te
dow
n de
tails
of
al
l pe
rson
s (e
mpl
oyee
s/vi
sito
rs)
mov
ing
in
and
out
of
the
com
pany
pre
mis
es
b. D
oes
the
Sec
urity
sto
p an
d ch
eck
the
visi
tors
an
d un
ders
tand
th
e pu
rpos
e of
vis
it be
fore
le
tting
them
in
c. A
re v
ehic
les
adeq
uate
ly
chec
ked
and
regi
ster
ed
prio
r to
givi
ng e
ntry
Una
utho
rized
ent
ry
and
exit
resu
lting
in
un
auth
oriz
ed
acce
ss
to
the
com
pany
an
d co
mpa
ny’s
re
sour
ces.
a.
V
isito
rs
Reg
iste
r b.
In
war
d G
ate
Pas
s c.
O
utw
ard
Gat
e P
ass
d.
Vis
itors
pa
sses
e.
In
war
d an
d O
utw
ard
Reg
iste
rs
7 T
he ri
sk in
volv
ed in
out
sour
cing
act
ivity
is n
ot in
clud
ed a
s a
part
of th
is c
heck
list.
121
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
12
2
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
d. Is
th
e m
ovem
ent
of
mat
eria
l m
onito
red
by
Inw
ard
Gat
e P
ass
and
Out
war
d G
ate
pass
Hou
se K
eepi
ng
Inad
equa
te
hous
e ke
epin
g R
evie
w
if th
e ho
use
keep
ing
func
tions
ar
e m
anag
ed
in
hous
e or
ou
tsou
rced
. If o
utso
urce
d,
chec
k th
e ad
equa
cy
of
eval
uatio
n do
ne
for
sele
ctio
n of
pe
rson
s un
derta
king
hou
seke
epin
g ac
tivity
C
heck
the
follo
win
g:
a.
Doe
s th
e ho
usek
eepi
ng
func
tion
have
a
chec
klis
t fo
r th
eir
activ
ity
b.
Is
thei
r ac
tiviti
es
mon
itore
d c.
Is
the
cos
t of
hou
se
keep
ing
high
d.
Is
the
hou
se k
eepi
ng
mat
eria
l ke
pt
unde
r sa
fe c
usto
dy
Hig
h sp
endi
ng o
n ho
use
keep
ing
with
out
a bu
dget
re
sulti
ng
in
inef
ficie
nt
utili
zatio
n of
fund
s.
Ana
lyze
the
tre
nd
in
hous
e ke
epin
g co
st.
Com
pare
the
co
st
as
a pe
rcen
tage
of t
otal
co
st a
nd s
ales
and
co
mm
ent i
f it
is o
n a
high
er s
ide
a.
H
ouse
keep
ing
Che
ckls
it b.
H
ouse
keep
ing
cost
s br
eaku
p c.
H
ouse
ke
epin
g st
aff
atte
ndan
ce
122
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
12
3
Ris
k Li
stin
g (W
hat W
rong
C
an H
appe
n)
Aud
it St
eps
to V
erify
Im
pact
Ana
lysi
s A
udito
r C
heck
list
Tim
e fo
r A
udit
Step
Info
rmat
ion
Req
uire
d fr
om
Aud
itee
Obs
erva
t-io
ns
Mai
nten
ance
Inad
equa
te
Mai
nten
ance
of
faci
lites
a.
Che
ck
if th
ere
is
a m
aint
enan
ce
sche
dule
an
d it
is
bein
g ad
here
d to
b.
In
cas
e of
AM
Cs
or
war
rant
ies,
is
th
e fo
llow
up
do
ne
with
th
e ve
ndor
fo
r se
rvic
es
c.
Is
the
mai
nten
ance
co
st to
o hi
gh
d.
Doe
s th
e co
mpa
ny
have
any
ser
vice
leve
l ag
reem
ent
for
mai
nten
ance
ac
tivity
an
d is
it
bein
g ad
here
d to
an
d m
onito
red
e.
Is a
ll th
e co
mpl
aint
s re
gist
ered
and
act
ions
ar
e ta
ken
on ti
me
Inad
equa
te
mai
nten
ance
re
sults
in
frequ
ent
mac
hine
ry
brea
kdow
ns.
Cal
cuat
e th
e nu
mbe
r of
br
eakd
owns
an
d th
e tim
e ta
ken
for
rect
ifyin
g. A
naly
se
the
trend
in
m
aint
enan
ce
cost
to
see
if it
is r
isin
g du
e to
ina
dequ
ate
prev
entiv
e m
aint
enan
ce.
a.
M
aint
enan
ce
Reg
iste
r b.
A
MC
s c.
M
aint
enan
ce
Cos
t det
ails
123
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
12
4
4.2
Plan
ning
and
Exe
cutio
n of
Aud
it Pr
ogra
mm
e
Form
at N
o: B
/4.2
Ass
ignm
ent N
o A
ssig
nmen
t Nam
e
Eng
agem
ent M
anag
er
Com
pany
Nam
e
Sl
No
Proc
ess
/ Are
a A
udito
r Pr
oces
s O
wne
r Pl
anne
d D
ate
Act
ual
Dat
e St
atus
W
ork
Pape
r R
emar
ks
A
Cor
pora
te
1 Le
ader
ship
2 O
pera
tiona
l
3 C
omm
unic
atio
n
4 M
arke
ting
B
Fina
nce
and
Acc
ount
s
1 R
ecei
vabl
es
2 P
ayab
les
3 Fi
nanc
ial C
losu
res
4 C
ash
Man
agem
ent
124
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
12
5
Sl
No
Proc
ess
/ Are
a A
udito
r Pr
oces
s O
wne
r Pl
anne
d D
ate
Act
ual
Dat
e St
atus
W
ork
Pape
r R
emar
ks
C
HR
1 P
lann
ing
2 R
ecru
itmen
t
3 In
duct
ion
4 A
ttend
ance
5 P
ayro
ll
6 P
erfo
rman
ce A
ppra
isal
7 Tr
aini
ng
8 S
epar
atio
n
9 S
tatu
tory
D
Inve
ntor
y
1 R
ecei
pts
2 S
tack
ing
3 Is
sue
4 R
econ
cilia
tions
E IT
1 S
ecur
ity P
olic
y
2 IT
Ass
ets
125
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
12
6
Sl
No
Proc
ess
/ Are
a A
udito
r Pr
oces
s O
wne
r Pl
anne
d D
ate
Act
ual
Dat
e St
atus
W
ork
Pape
r R
emar
ks
3 H
R S
ecur
ity
4 P
hysi
cal S
ecur
ity
5 IT
Dep
t
6 A
cces
s C
ontro
ls
7 E
vent
s
F M
arke
ting
1 Ta
rget
ing
2 S
trate
gic
Eva
luat
ion
3 C
RM
4 M
onito
ring
G
Proc
urem
ent
1 R
equi
sitio
ns
2 P
O R
elea
ses
3 V
D M
anag
emen
t
H
Prod
uctio
n
1 P
rodu
ctio
n P
lann
ing
2 R
aw M
ater
ial C
harg
ing
3 P
rodu
ctio
n Li
ne
126
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
12
7
Sl
No
Proc
ess
/ Are
a A
udito
r Pr
oces
s O
wne
r Pl
anne
d D
ate
Act
ual
Dat
e St
atus
W
ork
Pape
r R
emar
ks
Fi
nish
ed G
oods
I Sa
les
and
Des
patc
h
1 S
ales
Pla
nnin
g
2 O
rder
Man
agem
ent
3 In
voic
ing
4 C
olle
ctio
n
J St
atut
ory
1 C
entra
l Exc
ise
2 In
com
e Ta
x
3 S
ervi
ce T
ax
4 S
ales
Tax
/ V
AT
5 E
SI
6 W
orkm
en’s
C
ompe
nsat
ion
7 M
inim
um W
ages
8 P
aym
ent o
f Wag
es
9 P
rofe
ssio
nal T
ax
10
Sho
p &
Est
ablis
hmen
ts
127
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
12
8
Sl
No
Proc
ess
/ Are
a A
udito
r Pr
oces
s O
wne
r Pl
anne
d D
ate
Act
ual
Dat
e St
atus
W
ork
Pape
r R
emar
ks
1 P
aym
ent o
f Bon
us
2 P
aym
ent o
f Gra
tuity
3 C
ontra
ct L
abou
r
K
Adm
inis
trat
ion
1 Fa
cilit
ies
Pla
nnin
g
2 S
ecur
ity
3 H
ouse
Kee
ping
4 M
aint
enan
ce a
nd F
ixed
A
sset
s
L O
ther
s
128
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
12
9
4.3
Com
pila
tion
of O
bser
vatio
ns a
nd D
raft
Rep
ortin
g
Form
at N
o: B
/4.3
. Ex
ecut
ive
Sum
mar
y <O
verv
iew
abo
ut th
e as
sign
men
t may
be
expl
aine
d in
itial
ly>
<Upd
ate
on th
e sc
hedu
le o
f aud
it co
mpl
etio
n>
<Im
porta
nt S
trate
gic
Obs
erva
tions
to b
e gi
ven
here
>
Sl N
o O
bser
vatio
ns a
nd Im
pact
R
isk
Leve
l A
rea
Obs
erva
tion
No
Ref
eren
ce
Nee
d fo
r Man
agem
ent
Inte
rven
tion
Onl
y H
igh
Scop
e an
d O
bjec
tive
of th
e A
ssig
nmen
t <R
epea
t as
give
n in
the
Eng
agem
ent L
ette
r. If
ther
e is
any
cha
nge
in th
e S
cope
ple
ase
give
det
ails
whe
n th
e sc
ope
was
am
ende
d>
<Giv
e a
list o
f mee
tings
, int
ervi
ews
cond
ucte
d du
ring
the
assi
gnm
ent a
long
with
the
date
s>
Det
aile
d R
epor
t <G
ive
the
Det
aile
d R
epor
t Pro
cess
-wis
e or
Are
a-w
ise>
129
Risks, Checklists, Audit Programme
Man
ual o
n In
tern
al A
udit
13
0
Proc
ess
/ Are
a N
ame:
O
bser
vatio
n N
o. X
1: <
Def
ine
the
Obs
erva
tion
as a
Hea
ding
>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
<Wha
t sho
uld
be>
<Wha
t is
curr
ently
pra
ctic
ed>
<The
pro
blem
def
initi
on>
<Roo
t cau
se o
f the
pro
blem
>
Ris
k Le
vel:
Hig
h /
Med
ium
/
Low
<V
alue
of t
he R
isk>
<G
ive
Ann
exur
e fo
r bre
ak u
p of
evi
denc
es /
Cal
cula
tions
et
c.>
<How
to
re
ctify
th
e ex
istin
g co
nditi
on, t
rans
actio
n>
<How
to
rect
ify t
he s
yste
m s
o as
to
avoi
d re
peat
of a
sim
ilar s
ituat
ion>
<D
etai
ls o
f ho
w c
hang
e sh
ould
be
brou
ght i
n>
<Com
men
ts f
rom
the
Aud
itee
– as
it is
> <D
ate
by
whi
ch
the
impl
emen
tatio
n sh
all
be
com
plet
ed>
<Nam
e of
th
e P
erso
n R
espo
nsib
le>
Ann
exur
e to
the
Obs
erva
tion:
<G
ive
the
anne
xure
rele
vant
to th
e ob
serv
atio
n. E
nsur
e th
at th
e ev
iden
ce s
atis
fies
the
thre
e co
nditi
ons
as u
nder
: a.
A
ccur
ate
– C
alcu
latio
ns e
tc.,
shou
ld m
atch
to th
e ob
serv
atio
n b.
R
elev
ant –
The
evi
denc
e sh
ould
be
rele
vant
to th
e ob
serv
atio
n c.
C
ompl
ete
– Th
e ev
iden
ce s
houl
d be
com
plet
e, th
ere
shou
ld n
ot b
e an
y am
bigu
ity>
Obs
erva
tion
No.
X2:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
130
Manual on Internal Audit
R
isks
, Che
cklis
ts, A
udit
Pro
gram
me
13
1
Obs
erva
tion
No.
X3:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
Pr
oces
s / A
rea
Nam
e:
Obs
erva
tion
No.
Y1:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
131
Risks, Checklists, Audit Programme
Manual on Internal Audit
132
4.4 Quality Checklist of Evidence Collection
Format No: B/4.4.
Assignment No Assignment Name Engagement Manager
Company Name
Obs No
Observation Brief
Work Papers
Collected Accurate8 Relevant9 Complete10 Annexure
Area:
Area:
Area:
Prepared by Check by
8 Accuracy – Evidence accurately confirms the observation without ambiguity. 9 Relevant – Evidence is relevant and relates to the observation. Irrelevant evidence may result in the observation being disputed. 10 Complete – All the supporting, calculations necessary to confirm the observation are provided. The evidence should not be incomplete. Incomplete evidence is sometimes as good as no evidence.
Report Compilation
5.1 Draft Audit Report
Format No: B/5.1.
Title and Date of the Audit Report
Addressed to: <Name and Designation of the Person Addressed to >
Report Distribution List:
a.
b.
c.
d.
e.
<Mention that the report is not intended to anyone other than included in the distribution list>
Introduction:
<Give a brief overview about the functions / processes audited>
<Give a statement of responsibility of the management of the organization and Internal Audit in the organization>
Man
ual o
n In
tern
al A
udit
13
4
Exec
utiv
e Su
mm
ary
<Ove
rvie
w a
bout
the
assi
gnm
ent m
ay b
e ex
plai
ned
initi
ally
>
<Upd
ate
on th
e sc
hedu
le o
f aud
it co
mpl
etio
n>
<Im
porta
nt S
trate
gic
Obs
erva
tions
to b
e gi
ven
here
>
Sl N
o O
bser
vatio
ns a
nd Im
pact
R
isk
Leve
l A
rea
Obs
erva
tion
No
Ref
eren
ce
Nee
d fo
r Man
agem
ent
Inte
rven
tion
Onl
y H
igh
Scop
e an
d O
bjec
tive
of th
e A
ssig
nmen
t <R
epea
t as
give
n in
the
Eng
agem
ent L
ette
r. If
ther
e is
any
cha
nge
in th
e S
cope
ple
ase
give
det
ails
whe
n th
e sc
ope
was
am
ende
d>
<Ens
ure
that
the
perio
d of
cov
erag
e is
giv
en in
the
Sco
pe>
<Ple
ase
men
tion
scop
e lim
itatio
ns>
<Giv
e a
list o
f mee
tings
, int
ervi
ews
cond
ucte
d du
ring
the
assi
gnm
ent a
long
with
the
date
s>
<Giv
e re
fere
nce
to th
e ad
optio
n of
Gen
eral
ly A
ccep
ted
Aud
it P
roce
dure
s of
Indi
a>
<Giv
e a
brie
f met
hodo
logy
(do
not g
ive
it in
det
aile
d. G
ive
it as
nec
essa
ry fo
r the
read
er to
und
erst
and
the
exte
nt a
nd w
ay o
f stu
dy)>
134
Manual on Internal Audit
Rep
ort
Com
pila
tion
135
Det
aile
d R
epor
t <G
ive
the
Det
aile
d R
epor
t Pro
cess
-wis
e or
Are
a-w
ise>
Proc
ess
/ Are
a N
ame:
Obs
erva
tion
No.
X1:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
<Wha
t sho
uld
be>
<Wha
t is
curr
ently
pra
ctic
ed>
<The
pro
blem
def
initi
on>
<Roo
t cau
se o
f the
pro
blem
>
Ris
k Le
vel:
Hig
h /
Med
ium
/
Low
<Val
ue o
f the
Ris
k>
<Giv
e A
nnex
ure
for b
reak
up
of e
vide
nces
/ C
alcu
latio
ns
etc.
>
<How
to
re
ctify
th
e ex
istin
g co
nditi
on, t
rans
actio
n>
<How
to
rect
ify t
he s
yste
m s
o as
to
avoi
d re
peat
of a
sim
ilar s
ituat
ion>
<Det
ails
of
how
cha
nge
shou
ld b
e br
ough
t in>
<Com
men
ts f
rom
the
Aud
itee
– as
it is
>
<Dat
e by
w
hich
th
e im
plem
enta
tion
shal
l be
co
mpl
eted
>
<Nam
e of
th
e P
erso
n R
espo
nsib
le>
Ann
exur
e to
the
Obs
erva
tion:
<Giv
e th
e an
nexu
re re
leva
nt to
the
obse
rvat
ion.
Ens
ure
that
the
evid
ence
sat
isfie
s th
e th
ree
cond
ition
s as
und
er:
a.
Acc
urat
e –
Cal
cula
tions
etc
., sh
ould
mat
ch to
the
obse
rvat
ion
b.
Rel
evan
t – T
he e
vide
nce
shou
ld b
e re
leva
nt to
the
obse
rvat
ion
c.
Com
plet
e –
The
evid
ence
sho
uld
be c
ompl
ete,
ther
e sh
ould
not
be
any
ambi
guity
>
Obs
erva
tion
No.
X2:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
135
Report Compilation
Man
ual o
n In
tern
al A
udit
13
6
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
Obs
erva
tion
No.
X3:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
Proc
ess
/ Are
a N
ame:
Obs
erva
tion
No.
Y1:
<D
efin
e th
e O
bser
vatio
n as
a H
eadi
ng>
Obs
erva
tion
Ris
k Le
vel a
nd Im
pact
R
ecom
men
datio
n M
anag
emen
t Com
men
ts
Ann
exur
e to
the
Obs
erva
tion:
C
losu
re:
Sig
natu
re o
f the
Mem
ber
Mem
bers
hip
No:
136
Manual on Internal Audit
Report Compilation
137
5.2 Covering Letter for Draft Report – By email / letter head
Format No: B/5.2. Date: <DD MMM YYYY>,
<City>.
To
Mr./Mrs. <Name of the Process Owner>,
<Designation>, <Department>
Dear Sir,
Sub: Circulation of Draft Report for Management Comments
With regard to the Internal Audit Engagement captioned – “<Name of the Engagement>” assigned to us, we have completed the field work of the engagement and have firmed up the “Draft Report” and is being circulated to you for your comments. The process from now onwards shall be as under:
a. The process owners shall go through the observations and give their comments in the designated zone provided against each observation.
b. A copy of email is also sent to your official id.
c. The documents shall be returned to us by DD/MMM/YYYY either by an email or printed copy.
d. Incase you need our team member to explain you the observation, you can contact Mr. XYZ, (Mob No: XXXXXXX) for the same.
We look forward for your dates availability for holding Exit Meeting for this engagement. We look forward for your response in this regards.
Warm Regards,
For XYZ & Co.,
YZ,
Manager / Partner 5.3 Collection of Management Comments
(Refer to Format No – B/5.1)
Exit Meeting
6.1 Fixing of the Meeting Time (Refer to Format No – B/5.2)
6.2 Presentation and Action Plan Preparation
Format No: B/6.2A.
Assignment No Assignment Name Engagement Manager
Company Name
Observation-wise Discussion Obs No. Observation Details Status Management Comments
Dropped / Retained
Action Plan Statement
Sl No Action Plan Statement Ref of
Observation Responsibility Dead Line Remarks
Signature of the Process Owner1 Signature of the Auditor 1 It is important to take the signature of the Process Owner as it shall act as an evidence and the Process owner does not disclaim
Exit Meeting
139
Format No: B/6.2B.
XYZ & Co., <Client Logo>
Internal Audit Report
Presentation
<Name of the Company>
<Location>
<Date of Presentation>
Format:B/6.2
XYZ & Co., <Client Logo>Contents of the Presentation
1. Overview …………………………………………………………………<Page No>
2. Detailed Observations ……………………………….……...……………<Page No>
3. Action Plan for Implementation ………………………………..…….….<Page No>
Manual on Internal Audit
140
XYZ & Co., <Client Logo>
Overview
XYZ & Co., <Client Logo>Overview
<Give engagement details>
<Give detailed Scope & Objective of the Engagement>
<Timelines & Delivery Dates>
Exit Meeting
141
XYZ & Co., <Client Logo>Most Important Observations
1. Observation 1: (Reference)
Impact: Value:
2. Observation 1: (Reference)
Impact: Value:
3. Observation 1: (Reference)
Impact: Value:
4. Observation 1: (Reference)
Impact: Value:
5. Observation 1: (Reference)
Impact: Value:
XYZ & Co., <Client Logo>
Detailed Audit Observations
Area 1 Area 2 Area 3 Area 4 Area 5
Manual on Internal Audit
142
XYZ & Co., <Client Logo>
Detailed Audit Observations
Area 1 Area 2 Area 3 Area 4 Area 5
XYZ & Co., <Client Logo>Detailed Audit Observations
<Comments from the Auditee– as it is><Date by which the implementation shall be completed><Name of the Person Responsible>
<How to rectify the existing condition, transaction><How to rectify the system so as to avoid repeat of a similar situation><Details of how change should be brought in>
Risk Level: High / Medium / Low<Value of the Risk><Give Annexure for break up of evidences / Calculations etc.>
<What should be><What is currently practiced><The problem definition><Root cause of the problem>
Management CommentsRecommendationRisk Level & ImpactObservation
1.1. Observation Heading
Annexure
Exit Meeting
143
XYZ & Co., <Client Logo>
Detailed Audit Observations
Area 1 Area 2 Area 3 Area 4 Area 5
XYZ & Co., <Client Logo>Detailed Audit Observations
<Comments from the Auditee– as it is><Date by which the implementation shall be completed><Name of the Person Responsible>
<How to rectify the existing condition, transaction><How to rectify the system so as to avoid repeat of a similar situation><Details of how change should be brought in>
Risk Level: High / Medium / Low<Value of the Risk><Give Annexure for break up of evidences / Calculations etc.>
<What should be><What is currently practiced><The problem definition><Root cause of the problem>
Management CommentsRecommendationRisk Level & ImpactObservation
2.1. Observation Heading
Annexure
Manual on Internal Audit
144
XYZ & Co., <Client Logo>
Action Plan
XYZ & Co., <Client Logo>Action Plan Statement
RemarksDead LineResponsibilityRef of ObservationAction Plan StatementSl No
6.2 Updation of the Action Plan into the Draft Report (Refer to Format No – B/5.1)
Report Issue
7.1 Final Report Release Checklist
Format No: B/7.1
Assignment No Assignment Name Engagement Manager
Company Name
Sl. No Checklist Status Remarks
1 Whether there is an Executive Summary written with summary of high risk observations for a top management view
2 Whether Objective and Scope Document is given and relates to the Engagement Letter
3 Whether the Language used in the Reports are positive, affirmative and objective
4 Whether the language is easily understandable to a general person and jargon free
5
Whether there are no comments which are in an attacking tone and adequate care is taken to keep them free of abuses
6
Whether there is adequate numbering system followed and there is a table of contents referring to the report and observations
7 Whether all the observations are supported by evidences and are not ambiguous
8
Are there any trend, performance information which may be represented using Graphs
Manual on Internal Audit
146
Sl. No Checklist Status Remarks
9 Is caution taken in usage of logos of the clients with adequate written permissions
10
Is the formatting of the report done using your standardized formats signed of with the client. Please give extra check on headers, footers, first page, annexure etc.,
11 Check the valuation of Risk levels is as per the methodology / score matrix signed off with the client
12 All the observations are linked / mapped to the evidences
13
Ensure that the Audit Report adheres to the Standard of Internal Audit (SIA) 4 for Reporting issued by Institute of Chartered Accountants of India. (ICAI)
14
15
Team Leader Engagement Manager Partner
Report Issue
147
7.2 Audit Committee Presentation (Where Applicable)
Format No: B/7.2
XYZ & Co., <Client Logo>
Quarterly Report
Audit Committee Presentation
<Name of the Company>
<Location>
<Quarter No / Date>
Format:B/6.2
XYZ & Co., <Client Logo>Contents of the Presentation
1. Plan vis-à-vis Actual………………………………………………………<Page No>
2. Quarterly Critical Audit Observations……………….……...……………<Page No>
3. Old Pending Audit Observations ………………………………..…….….<Page No>
Manual on Internal Audit
148
XYZ & Co., <Client Logo>
Plan vis-à-vis Actual
XYZ & Co., <Client Logo>Plan vis-à-vis Actual
Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4
Area 1Audit 1
Audit 2
Audit 3Area 2Audit 1
Audit 2
Audit 3Area 3Audit 1
Audit 2
Audit 3Area 4Audit 1
Audit 2
Audit 3Area 5Audit 1
Audit 2
Audit 3
Month 1 Month 2 Month 3Details
Status of Plan vis-à-vis Actual Report of various projects planned during the quarter
Report Issue
149
XYZ & Co., <Client Logo>Plan vis-à-vis Actual
Not Started
Delayed
RemarksReasonStatusAudit NameAudit No
XYZ & Co., <Client Logo>
Quarterly Audits –Critical Observations
Presentation
Manual on Internal Audit
150
XYZ & Co., <Client Logo>
Low Risk
Medium Risk
High Risk
No of Observations
Name of AuditAudit No
Statistics of Audit Observations
XYZ & Co., <Client Logo>High Risk / High Critical Observations
Audit No Audit Name
Observation Management CommentsRisk / Impact
Audit No Audit Name
Observation Management CommentsRisk / Impact
Report Issue
151
XYZ & Co., <Client Logo>High Risk / High Critical Observations
Audit No Audit Name
Observation Management CommentsRisk / Impact
Audit No Audit Name
Observation Management CommentsRisk / Impact
XYZ & Co., <Client Logo>
Status of Closures of Old Observations
Manual on Internal Audit
152
XYZ & Co., <Client Logo>
StatusStatus of
Implementation & Remarks
ImpactObservationQuarterAudit No
Status of Old Pending Observations
XYZ & Co., <Client Logo>
StatusSupporting DocumentResponseAreaQueryQuarter
No
Queries Raised by Audit Committee
Report Issue
153
XYZ & Co., <Client Logo>
Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4 Week 1 Week 2 Week 3 Week 4
Area 1Audit 1
Audit 2
Audit 3Area 2Audit 1
Audit 2
Audit 3Area 3Audit 1
Audit 2
Audit 3Area 4Audit 1
Audit 2
Audit 3Area 5Audit 1
Audit 2
Audit 3
Details Month 1 Month 2 Month 3
Plan for Next Quarter
XYZ & Co., <Client Logo>Important Performance Measures of Internal Audit
Last QuarterAchievementStandardMeasureSlNo
Manual on Internal Audit
154
7.3 Audit Feedback Collection
Format No: B/7.3
Assignment No Assignment Name Engagement In-charge
Company Name
a. How do you find the methodology adopted by us in delivering the assignment
Excellent Very Good Good Average Poor
Additional Comments:
b. How do you rate the knowledge levels of out team members in delivering the assignment
Excellent Very Good Good Average Poor
Additional Comments:
c. How do you find the report content and presentation and the general visuals
Excellent Very Good Good Average Poor
Additional Comments:
Report Issue
155
d. How do you rate the overall team performance
Excellent Very Good Good Average Poor
Additional Comments:
e. How do you rate the time schedules adherence and general project management of the our Team
Excellent Very Good Good Average Poor
Additional Comments:
f. How do you rate the client communication levels
Excellent Very Good Good Average Poor
Additional Comments:
Overall rating about us
Excellent Very Good Good Average Poor
Additional Comments:
Manual on Internal Audit
156
Additional Comments (Any other):
Client Coordinator
Man
ual o
n In
tern
al A
udit
15
8
Sl.
No
Part
icul
ars
Scor
e A
chie
ved*
Wor
k Pa
per f
or
Det
ails
(to
list o
ut
obse
rvat
ions
and
R
ecom
men
datio
n)
Rec
omm
enda
tions
R
emar
ks
2 Fi
ling
dist
ribut
ion:
• A
re th
e fil
es b
roke
n ph
ase
wis
e of
the
assi
gnm
ent
• Is
ther
e a
mas
ter f
ile
• A
re th
ere
divi
ders
in th
e fil
es to
id
entif
y se
ts o
f wor
k pa
pers
3 A
ssig
nmen
t Pha
se F
iles:
• D
oes
it co
ntai
n th
e fin
al re
port
rele
ased
• D
oes
it co
ntai
n th
e lis
t of
inte
rvie
ws
cond
ucte
d an
d th
eir
rele
vant
min
utes
and
sup
porti
ng
docu
men
ts c
olle
cted
• A
re a
ll th
e w
orki
ng p
aper
s re
ferr
ed in
the
conc
lusi
ons
draw
n fo
r fin
al re
ports
• A
re th
ere
any
phas
es w
hich
are
co
mpl
ete
with
out r
epor
ts
4 M
aint
enan
ce o
f Wor
k P
aper
s in
Sof
t fo
rm: •
Are
the
files
in th
e fo
lder
pr
oper
ly a
rran
ged,
nam
ed a
nd
reta
ined
158
Manual on Internal Audit
Wor
k Pa
per C
losu
res
15
9
Sl.
No
Part
icul
ars
Scor
e A
chie
ved*
Wor
k Pa
per f
or
Det
ails
(to
list o
ut
obse
rvat
ions
and
R
ecom
men
datio
n)
Rec
omm
enda
tions
R
emar
ks
• A
re th
ere
irrel
evan
t file
s in
the
fold
er
• Is
ther
e ad
equa
te v
ersi
on
cont
rol r
etai
ned
on th
e fil
es
5 C
losi
ng o
f the
ass
ignm
ent:
• Is
ther
e a
cost
ing
stat
emen
t av
aila
ble
• Is
ther
e a
know
ledg
e de
rived
fro
m th
e as
sign
men
t sta
tem
ent
prep
ared
• Is
ther
e cl
ient
feed
back
not
e av
aila
ble
159
Work Paper Closures
Man
ual o
n In
tern
al A
udit
16
0
A.1
Fi
nal S
core
Car
d Sl
No
Part
icul
ars
Tota
l Sco
re A
chie
ved
Max
imum
Sco
re P
ossi
ble
V
isua
l Pre
sent
atio
n of
Wor
k P
aper
s
Fi
ling
Dis
tribu
tion
A
ssig
nmen
t Pha
se F
iles
▪
Pla
nnin
g
▪
Fiel
d W
ork
▪
Exi
t Mee
ting
▪
Fina
l Rep
ortin
g
▪
Impl
emen
tatio
n
M
aint
enan
ce o
f Wor
k P
aper
s in
sof
t for
m
C
losi
ng o
f the
ass
ignm
ent
To
tal
Sl.
No
Part
icul
ars
/ Rem
arks
D
eadl
ine
for I
mpl
emen
tatio
n
Sig
natu
re o
f the
Aud
itor
Sig
natu
re o
f the
Eng
agem
ent M
anag
er
160
Manual on Internal Audit
Work Paper Closures
161
B. Quality Audit Action Plan Statement
Format No: B/8.1B
Assignment No Assignment Name
Engagement In-charge
Company Name
Name of the Quality Auditor
Sl. No
Non Conformities Identified
Improvements Responsibility Future Action Plan
1
2
3
4
Manual on Internal Audit
162
8.2 Knowledge Bank Updation
Format No: B/8.2
Assignment No Assignment Name
Engagement In-charge
Company Name
Sl.no Particulars Updation Status
Work Paper
Reference
Acted on and By
1 Please make a separate statement listing the major industry segment value adds learnt during the assignment delivery
2 Key Performance Indicators / Best Practices identified during the assignment attached as a separate statement
3 Updation of the credentials statement with brief description of the assignment
4 Updation of team level credentials with brief description of the assignment
5 Updation of website incase of any innovation
6
7
8
163
PART – C
Clouse Outs
164
Manual on Internal Audit
165
Close Outs
C.1 Invoice Format
Format No: C/1 <On Your Letter Head / Pre Printed Form> Date: <DD MMM YYYY>, <City>. To Mr./Mrs. <Name of the Client Representative>, <Designation>, <Name of the Company>, <City>. Invoice No: Service Tax Registration No: PAN: TAN:
Invoice
S. No. Particulars Amount (Rs.)
1.
Add: Service Tax @ 10% Excluding OPEs as per the annexure
Total
(Rupees …………………………………………………………………… only)
For XYZ & Co.,,
Authorized Signatory
Man
ual o
n In
tern
al A
udit
16
6
C.2
Out
of P
ocke
t Exp
ense
s Tr
acki
ng
Fo
rmat
No:
C/2
Tr
avel
Exp
ense
/ Gen
eral
Exp
ense
Re-
imbu
rsem
ent S
tate
men
t Tr
avel
Det
ails
St
art
Des
tinat
ion
Dat
e C
lient
C
ode
Part
icul
ars
Tick
etLo
dg-
ing
Boa
rd-
ing
Con
ve-
yanc
eC
ourie
rXe
rox
Oth
ers
Tota
l
TOTA
L
Trai
n Ti
cket
Sum
mar
y
To
tal E
xpen
ses
incu
rred
Cos
t of t
he ti
cket
Less
: Adv
ance
Tak
en
Le
ss: S
pent
by
Com
pany
Due
Fro
m/T
o
B
alan
ce fr
om A
dvan
ce
166
Manual on Internal Audit
Close Outs
167
C.3 Overall Closure Checklist
Format No: C/3
Assignment No Assignment Name Engagement Manager
Company Name
Sl. No Form Name Planned
Date Complete
Date Signature
1 Opening Meeting
2 Scope and Objective of the Assignment
3 Assignment Scheduling
4 Planning
4.1 General Process Understanding
4.2 Data Analysis
4.3 Walk Through
4.4 Documentation of Walk Through
4.6 Risks and Audit Programme Generation
4.7 Field Work Scheduling
5 Field Work
5.1 Field Work Execution
5.2 Draft Report Generation and Circulation
6 Exit Meeting
6.1 Draft Report with management comments
7 Final Report Issue
7.1 Structured Reporting
7.2 Presentation of Finding
8 Follow up and Implementation
8.1 Follow Up Check list
9 General Administrative Closures
9.1 Invoice Generation
9.2 Out of Pocket Expenses Collection
9.4 Client Feedback
Manual on Internal Audit
168
Sl. No Form Name Planned
Date Complete
Date Signature
9.5 Opportunity for future Businesses
9.6 Knowledge Base Updation
10 Quality Audit
10.1 Quality Review Report and Action Statement
10.2 File Closure Any Comments:
Major Learning from Assignment:
Partner’s Comments:
169
PART – D
General Annexures
170
171
General Annexures
D.1 Confirmation of Meeting Format
Format No: D/1
Dear Sir,
With regards to the Engagement “___________________________________”, we have been appointed, we would like to have a meeting with you to discuss the following:
a.
b.
c.
d.
We shall be needing ________ hours to complete the discussion. Please provide us suitable time for the same.
Regards,
XYZ
Team, XYZ & Co.,
Manual on Internal Audit
172
D.2 Minutes of Meeting Formats
Format No: D/2
Meeting No Details of the Meeting
Date of Meeting
Company Name
Participants
From Client From Auditor
Important Issues Discussed: a. b. c. d.
General Annexures
173
D.3 Agenda for the Meeting
Format No: D/3
Meeting No
Details of the Meeting
Date of Meeting
Company Name
Participants From Client From Auditor
Sl No
Agenda of the Meeting
Supporting Information Time Status Remarks
Man
ual o
n In
tern
al A
udit
174
Min
utes
of t
he a
bove
Mee
ting
Com
plet
ion
Stat
us
In
tern
al A
udit
Obs
erva
tion
Dat
abas
e an
d St
atus
Com
pila
tion
Nam
e of
the
Clie
nt :
Nam
e of
the
Part
ner
Aud
it N
o an
d N
ame
Obs
erva
- tio
n N
o O
bser
- va
tion
Impa
ct
Ris
k Le
vel
Rec
omm
e-nd
atio
n
Man
age-
men
t C
omm
ents
Dat
eof
R
epor
tA
udito
r D
epar
t-m
ent
Div
isio
n Lo
ca-
tion
Res
pons
i-bi
lity
Dea
d Li
ne
Act
ion
Pla
n C
losu
reS
tatu
s D
ate
ofC
losu
re
Wor
k P
aper
R
efer
ence
174
Manual on Internal Audit
General Annexures
175
D.4 Standards on Internal Audit Issued by the Institute of Chartered Accountants of India
Internal audit is an independent appraisal involving specialized application of techniques of auditing in accordance with the specific needs of an enterprise. The nature and scope of internal audit depends upon the requirements of an enterprise. It is a systematic evaluation of risk management, control and governance processes particularly with reference to:
• Safeguarding of assets
• Compliance with laws, regulations and contracts as well as policies laid down by the management
• Reliability and integrity of financial and operational information
• Effectiveness and efficiency of operations
• Accomplishment of objectives and goals of the organization through ethical and effective governance
The Institute of Chartered Accountants of India constituted the “Committee on Internal Audit” on 5th February 2004. The Council, at its 282nd meeting held in November 2008, had renamed the Committee on Internal Audit as “Internal Audit Standards Board”. The primary mission of the Board is to enable its members to provide more effective and efficient value added services relating to internal audit to the industry and others by issuing Standards on Internal Audit, Guidance Notes and Industry Specific Technical Guides.
The following definition of internal audit, as contained in the Preface to the Standards on Internal Audit, issued by the Institute of Chartered Accountants of India, amply reflects the current thinking as to what is an internal audit:
“3. Internal audit is an independent management function, which involves a continuous and critical appraisal of the functioning of an entity with a view to suggest improvements thereto and add value to and strengthen the overall governance mechanism of the entity, including the entity’s strategic risk management and internal control system.”
It is, however, pertinent to note that variations in propositions do not change the basic philosophy of collecting and evaluating evidence and formulating an opinion; what undergoes a change is the approach, the tools and the techniques used. Internal audit is, therefore, an important tool in the hands of the management to help improve its decision making process. The growing importance of internal audit to good governance can be appreciated from the spate of legal and regulatory requirements world over, directly or indirectly necessitating the need for internal help management to rope in the services of internal audit to help in improving the former’s efficiency in running an enterprise. However, before discussing how internal audit can help management in that respect and the drivers of an efficient and effective internal audit, it is essential to understand the various stages of evolution of internal audit over time.
5.4.1 Preface to Standards on Internal Audit The Preface to Standards on Internal Audit is an important document, which gives an insight into Committee on Internal Audit (presently known as Internal Audit Standards Board). It deals
Manual on Internal Audit
176
with aspects like scope and functions of the Committee on Internal Audit, scope of Standards on Internal Audit and Guidance Notes on Internal Audit and their status being mandatory or recommendatory in nature, as also the implications in case of departures from the Standards on Internal Audit, the basic procedures for issuing the Standards and Guidance Note on Internal Audit and the date of coming into force of the particular Standard on Internal Audit.
Preface to Standards on Internal Audit issued by the Institute of Chartered Accountants of India.
5.4.2 Framework for Standards on Internal Audit Internal Audit Standards Board has issued the Framework for Standards on Internal Audit which provides a frame of reference for the internal audit standards being issued by the Institute. The objective of the Framework is to promote the professionalism in the internal audit activity. The Framework comprises of four components viz the Code of Conduct, the Competence Framework, the Body of Standards and the Technical Guidance.
Framework for Standards on Internal Audit issued by the Institute of Chartered Accountants of India.
5.4.3 Basic Principles Governing an Internal Audit Like any other profession, the profession of internal audit also is based on a certain fundamental principles, which constitute the life and blood of this profession. Standard on Internal Audit (SIA) 2, Basic Principles Governing Internal Audit, had also been issued by the Institute of Chartered Accountants of India. The purpose of this Standard on Internal Audit (SIA) is to establish standards and provide guidance on the general principles governing internal audit. This Standard explains the principles, namely, integrity, objectivity and independence, confidentiality, due professional care, skills and competence, work performed by others, documentation, planning, Evidence and reporting which governs the internal auditor’s professional responsibilities. These principles have been discussed in the following paragraphs:
Integrity, Objectivity and Independence The internal auditor should be straight forward, honest and sincere in his approaching to the assignment, keeping free of any bias that may override/compromise his integrity and objectivity. The internal auditor should also be impartial and free of any interest that may be regarded as incompatible to integrity and objectivity and inform his supervisors of any personal or external factors that actually do or are likely to impede his independence and objectivity so that necessary remedial action may be taken.
Confidentiality The internal auditor, in the course of his work, invariably comes across information that is confidential and/ or critical to the working of the entity. The internal auditor should respect the confidentiality of such information and should not disclose the same to a third party without the specific authority or unless there is a legal or professional duty to do so. The internal auditor should, therefore, ensure that there are adequate policies and mechanisms to protect the confidentiality of the information.
Standards on Internal Audit
177
Due Professional Care, Skills and Competence Performance of the audit and preparation of the report require due professional care by persons who have adequate training, experience and competence in auditing. Development of audit skills may be achieved through training courses. Much of staff development results from on the job training where experienced auditors assist in the training of new, less experienced internal staff. Each internal auditor is responsible for continuing his education in order to maintain his proficiency.
Internal auditors should also take reasonable professional care in specifying evidence required, in gathering and evaluating that evidence and in reporting the findings. They need to remain alert to the instances that could indicate errors, fraud, etc.
Planning Adequate planning for every audit should cover all material areas. The audit working papers should incorporate documentary evidence of audit planning in the form of an audit plan, setting out the objectives and scope of an audit and the techniques and resources to be used by an internal auditor. Plans may be revised as required in the course of the audit.
Delegation and Supervision Internal auditor would invariably require delegating work to assistants. At times, services of an expert might also be sought. The internal auditor would, however, continue to be responsible for his opinion on the activities being subject to internal audit or his findings. The internal auditor should carefully direct, supervise and review the work delegated to assistants. The amount of supervision required depends on the skill and experience of the assistant on the job. The supervisory role of the internal auditor includes:
• Providing suitable instructions for the audit.
• Approving or recommending the approval of the audit plan.
• Ensuring that the audit program is completed.
• Ensuring that working papers adequately support the audit findings, conclusions and reports.
• Ensuring that the reports are unambiguous, accurate and concise.
• Ensuring that the audit objectives have been met.
Evaluation of Internal Control Internal auditors should systematically evaluate the nature of operations and system of internal controls in the departments being audited to determine the nature, extent and timing of audit procedures. Internal controls of an organization comprise the plan of organization and methods adopted to safeguard assets, comply with laws, ensure the completeness and correctness of data, promote efficiency and encourage adherence to management policies. It is important that a review of an internal control system be directed primarily towards those controls that have an important bearing on the reliability of the system (i.e., key controls).
Manual on Internal Audit
178
Evidence The internal auditor should obtain all the evidence considered necessary for the expression of an informed opinion. Professional judgment is needed to determine the nature and amount of evidence required. In this regard, the internal auditor should consider:
• The item under consideration;
• Materiality of possible errors;
• Degree of risk of error; and
• Probability of the error occurring.
Work Papers The internal auditor should document matters that are important in providing evidence to his opinion or the findings. Advantages of having sufficient and properly maintained work papers include the following:
• Assistance in the performance of the audit.
• Providing record of work done.
• Forming basis of the auditor’s observations/ findings in his report.
• Providing information for the report.
• Aiding the review and evaluation of the work done.
• Aiding cross referencing between audit evidence and decision taken by the internal auditor.
• Providing evidence that the internal audit was carried out in accordance with the requirements of the relevant pronouncements of the Institute of Chartered Accountants of India.
Standard on Internal Audit (SIA) 2, Basic Principles Governing Internal Audit issued by the Institute of Chartered Accountants of India.
5.4.4 Planning an Internal Audit Planning is one of the basic principles governing internal audit. Adequate planning ensures that appropriate attention is devoted to significant areas of audit, potential problems are identified, and that the skills and time of the staff are appropriately utilised. Planning also ensures that the work is carried out in accordance with the applicable pronouncements of the Institute of Chartered Accountants of India. Planning should also be based on the knowledge of the entity’s business. Standard on Internal Audit (SIA) 1, Planning an Internal Audit was also issued by the Institute of Chartered Accountants of India. The basic objective of the SIA is to establish standards and provide guidance in respect of planning an Internal and helping in achieving the objectives of an Internal Audit function. This SIA gives an insight into the objectives of the planning. It provides knowledge about the factors affecting the planning process. It deals with the scope of the planning and planning process.
Standards on Internal Audit
179
5.4.5 Documentation Adequate documents act as basis for the planning and performing the internal audit. Documents provide the evidence of the work of the internal auditor. The Institute of Chartered Accountants of India had also issued the Standard on Internal Audit (SIA) 3, Documentation. The purpose of this Standard on Internal Audit is to establish Standards and provide guidance on the documentation requirements in an internal audit. This Standard provides guidance regarding the form and content of the internal audit documentation, detention and retention of the same and identification of the preparer and reviewer.
5.4.6 Reporting Reporting is a formal opinion or disclaimer thereof, issued by the internal auditor as a result of evaluations made by him as per the terms of the engagement. The Institute of Chartered Accountants of India has also issued the Standard on Internal Audit (SIA) 4, Reporting. The purpose of the Standard on Internal Audit (SIA) 4, Reporting is to establish standards on the form and content of the internal auditor’s report issued as a result of the internal audit performed by an internal auditor of the systems, processes, controls including the items of financial statements of an entity. This SIA describes the basic elements of an internal audit report such as opening, objectives, scope paragraphs, and executive summary. This SIA also deals with the different stages of communication and discussion of the report and describes the reporting responsibilities of the internal auditor when there is a limitation on the scope. The Standard also lays down the reporting responsibilities of the internal auditor when there is restriction on usage and circulation of the report.
5.4.7 Sampling Sampling is that part of statistical practice concerned with the selection of individual observations intended to yield some knowledge about the audit population, especially for the purpose of statistical inference. The Institute of Chartered Accountants of India had also issued the Standard on Internal Audit (SIA) 5, Sampling. The Standard on Internal Audit (SIA) 5, Sampling provides the guidance regarding the design and selection of an audit sample and also on the use of the audit sampling in the internal audit engagements. This SIA also deals with the evaluation of the sample results. This Standard also provide guidance on the use of sampling in risk assessment procedures and tests of controls performed by the internal auditor to obtain an understanding of the entity, business and its environment, including mechanism of its internal control. The areas covered by the SIA include design of sample, tolerable and expected error, selection of sample, evaluation of sample results, analysis of errors in the sample, projection of errors, reassessing sampling risk. This also describes the internal auditor’s documentation requirements in the context of the sampling.
5.4.8 Analytical Procedures Analytical Procedures is the skill which help an auditor understanding the client business and changes in the business, to identify potential risk arrears. The Institute of Chartered Accountants of India had also issued the Standard on Internal Audit (SIA) 6, Analytical Procedures. The Standard on Internal Audit (SIA) 6, Analytical Procedures provides the guidance regarding the application of analytical procedures during internal audit. The SIA deals with the aspects such as, the nature and purpose of analytical procedures, analytical procedures as risk assessment procedures and in planning the internal audit, analytical procedures as substantive procedures, analytical procedures in the overall review at the end
Manual on Internal Audit
180
of the internal audit, extent of reliance on analytical procedures and investigating unusual items or trends.
5.4.9 Quality Assurance in the Internal Audit Quality assurance is a standard for meeting the client requirements. It documents how an Internal Auditor will meet the requirements of a client or customer in a systematic, reliable fashion. It shows an Internal Auditor commitment to delivering quality products and services to the client. The Institute of Chartered Accountants of India had also issued the Standard on Internal Audit 7, Quality Assurance in Internal Audit. The Standard on Internal Audit (SIA) 7, Quality Assurance in Internal Audit establishes standards and provide guidance regarding quality assurance in internal audit. A system for assuring the quality in internal audit should provide reasonable assurance that the internal auditors comply with professional standards, regulatory and legal requirements so that the reports issued by them are appropriate in the circumstances. This Standard provide the guidance to the person entrusted with the responsibility for the quality of the internal audit whether in-house internal audit or a firm carrying out internal audit. This Standard also provides the extensive knowledge about the internal quality reviews, external quality reviews and communicating the results thereof.
5.4.10 Terms of Internal Audit Engagement The Terms of engagement defines the scope, authority, responsibilities, confidentiality, limitation and compensation of the internal auditors. Terms of Internal Audit Engagement lay down clarity between the internal auditors and the users of their services for inculcating professionalism and avoiding misunderstanding as to any aspect of the engagement. This Standard on Internal Audit (SIA) 8, Terms of Internal Audit Engagement provides guidance in respect of terms of engagement of the internal audit activity whether carried out in house or by an external agency. This SIA describes the elements of the terms of engagement viz, scope, responsibility, authority, confidential, limitations, reporting, compensation and compliance with Standards.
Top Related