Beruflich Dokumente
Kultur Dokumente
Advantages of Financial Audit 1. Statutory financial audit gives the owners of a company and other stakeholders the
assurance that annual financial reports give true and rational view about the companys
financial performance.
2. Tax audit viz., the audit of financials of the company based on which taxable income
is determined and tax paid is mandatory. Tax auditors report has to be filed with the tax return. 3. Internal financial audit assists the CEO and his team of operating managers regularly and much more frequently in understanding the financial performance of the company and taking corrective actions necessary. 4. Financial audit is an invaluable tool for prevention and early detection of fraud and errors. 5. Audited financial report together with the auditors report is necessary for a company in sourcing funds from banks and other financial institutions. 6. The audited balance sheet of a company read with the auditors report is often the base document for valuation of companies in case mergers, acquisitions or outright sales. Limitations of Financial Audit As per SA 200A issued by The Institute of Chartered Accountants of India, the objective of an audit is to express an opinion as to the true and fair view of the financial statements. The audit gives no assurance on the future viability of the enterprise or the efficiency or effectiveness with which the management has conducted the affairs of the enterprise. It should also be understood that audit of accounts does not guarantee the detection of all the errors. These conceptual restrictions arise due to following inherent limitations of auditing: 1. It is a post-mortem: The annual statutory audit is not a concurrent activity, but starts only after the year is over. Naturally, the auditor has to rely on explanations given to him by the accountant for activities that happened quite a while ago. The essential truth behind some of the figures may therefore stil remain undiscovered.
1|P a ge
2. It is a test check: The auditor cannot examine all the transactions given the time and cost constraints. He applies test checks using statistical sampling techniques. The inherent weaknesses of such methods carry an element of uncertainty or risk. Thus, auditing only reduces and does not eliminate the possibilities of erroror fraud. 3. Inherent limitations of internal control system: An auditor largely relies on the internal controls of the enterprise as he cannot check everything. Internal controls are the inbuilt checks and balances in the companys accounting and administration. But these internal controls themselves are subject to some limitations: (a) Certain levels of management may override control and make exceptions to procedures. (b) Persons operating the internal control and employees or outside parties may collude and render the controls ineffective. (c) There is also human error that may escape the controls.
4. The examination of balance sheet items, tests of balances and transactions as to their authenticity through appropriate tests; etc. Under operational audit following activities may be included: 1. The study and assessment of operating practices to promote increased efficiency and economy; 2. The carrying out of audits to determine whether operating objectives, targets and associated control procedures are properly instituted and the degree to which the desired results are achieved; 3. The examination and the ascertainment of the extent to which established policies, plans and procedures are complied with; 4. The assessment of budgetary standard setting; 5. The assessment of the level of performance in successfully discharging duties and responsibilities assigned. Objectives Historical y, internal audit was conceived as a precursor to the annual statutory audit, and comprised of document-level checking of accounting records to give comfort to external auditors who did not have time for baselevel vouching. Over the years, the function has become far more versatile, going beyond accounting accuracy and venturing into areas of management audit. The key objectives of a good internal audit system are: 1. Evaluation of accounting controls: Ensuring that the checks and balances in the accounting processes are effective and provide the required accounting controls. 2. Compliance with policies and procedures: Verifying compliance with the policies and procedures laid down for key activities and reporting acts of omission and commission. For example, if a purchase order for capital equipment of any value requires the Purchase department to get at least 3 quotes, internal audit have to check if this rule has been followed in all cases, and report exceptions. 3. Protection and optimal utilisation of business assets: Ensuring physical availability and usefulness of fixed assets as per companys records, and checking utilisation of major assets vis--vis plan. For example, a piece of equipment purchased has not been
3|P a ge
installed within a reasonable period of time. The auditor wil check and report on the justification for the asset not having been put to use. 4. Testing the reliability of Management Information Systems (MIS): Reviewing the management reporting structure and the utility of reports flowing out of the system. Internal audit is often considered a part of the finance function of the enterprise since the technical expertise required to do the audit function is available only with the Finance & Accounts professionals. While this is natural, it may be a short-sighted approach. The internal auditor should be free to review and if necessary investigate all management areas, and by making him report to finance this freedom might be compromised. The following extract from the internal audit manual of a public undertaking gives a good idea of the role envisaged for the function and the scope of its activity. Internal audit has to ensure that the accounts are maintained correctly by the accounts department and that the rules, regulations and orders having financial bearing and issued by the competent authorities are observed by al departments. For this purpose, internal audit scrutinizes the accounts with reference to the related documents like purchase orders, receipt vouchers, issue vouchers, cash vouchers, payrolls, adjustment memos, sale invoices, journal entries etc. Internal audit has to review all transactions from the angle of financial propriety and suggest methods of executive action for effecting economy and for safeguarding against fraud, misappropriation or other losses. The emphasis is upon prevention; but where irregularities are detected internal audit should promptly report them to the higher authorities and ensure action is taken promptly. Internal audit has the responsibility of appraising the efficiency of accounting procedures as well as the actual performance of the accounts staff. Internal audit has to undertake special investigations and reviews as may be required from time to time and on the instructions of the Chief Finance Officer. Internal audit is entrusted with the responsibility of conducting physical verification of stores, raw materials, finished products and movable assets.
4|P a ge
Internal audit should check the accuracy of monthly journal entries prepared by various sections before these are passed on to the central accounts section for incorporation in the main and sub-ledgers. Internal audit also has the duty of constantly examining and improving the system of internal checks and controls.
5|P a ge
Role of Internal Auditor : The specific contributions that an internal auditor can make include: 1. Review of internal control systems: The internal auditor should review the internal control systems of the organisation. He should determine whether the existing control systems are appropriate and commensurate with the objectives, size, etc. of the organisation. For example a small company cannot afford a separate credit control department and so it wil need strong controls in the sales accounting process to minimize customer payment default. 2. Review of safeguards for assets: The auditor should regularly review the adequacy of insurance covers for fixed assets and complete accounting of all transactions relating to fixed assets, etc. 3. Review of compliance with policies, plans, procedures and regulations: The internal auditor should include a regular checklist of compliances by different functions of laid down procedural requirements. When a non-observance is spotted, he should inquire and ascertain the reason for the deviation, and report the event together with the Proposed solution. 4. Review of organisation structure: A well-designed organization structure is the basic requirement for the smooth functioning of any organisation. Organisation structure defines the authorities and responsibilities of executives. The internal auditor should evaluate the organisation structure from the following dimensions: a. Simplicity and lack of ambiguity. b. Clear definition of authority and responsibility at each level. c. Balance of power, to ensure there is no undue dominance of any function. d. Balance of responsibility, to ensure proper unity of command and span of control. e. Effective communication of the organisation chart to all concerned. 5. Review of deployment of resources: The internal auditor reviews utilisation of resources deployed for the business men, machines, money, materials and management to identify deviations both by way of excessive use of resources and resources that are under-utilised. He would be able to do this vis--vis the planned
6|P a ge
capacities and resources, and should include in his report significant trends and happenings. 6. Review of reliability of information: The Management Reporting and Information System (MRIS) of the company is an important aspect to be reviewed by the internal auditor. The content, format, frequency and timeliness of key management reports should be evaluated by discussions with the functional mangers receiving the reports as well aswith the finance manager who is usually the provider of the reports. The objective of this review is to see to what extent the information flow has helped in taking good decisions. 7. Review of achievement of company objectives: While the reviews in the foregoing paragraphs are centred on the management processes, the managers are essential y hired to deliver results and achieve the targets set for them. The internal auditor therefore reviews the final results achieved vis--vis planned results. As they say, the proof of the pudding is in the eating, and if for instance the company has underperformed, audit can make it clear whether the failure to achieve was for internal reasons or external factors beyond managements control.
7|P a ge
Steps in Internal Audit Planning Step 1: Understanding of the organisation, its business and its systems The internal auditor should first acquire in-depth knowledge of the business and the organisation, to help him understand the events, transactions and practices that have a significant impact on the performance of the company. SA 300 issued by ICAI has very clearly narrated the different sources from where the auditor can obtain knowledge of business. The text mentioned below is based on SA 300 and suitably modified to suit our requirement. Some of the key sources of valuable information about the company are: The companys annual reports to shareholders. Minutes of meetings of important committees, shareholders and Board of directors. Reports of internal financial management for the current year and previous years including budgets. The previous years audit report, management letter* issued by statutory auditors, working papers and other relevant accounts closing files. The organisations policy and procedures manual Large and professionally run companies usually have a Finance and Accounting Procedures Manual (FAPM) and a Delegation of Authority Manual (DOA) which set out the organisations policies and procedures. Publications from the Institute of Chartered Accountants of India and other professional bodies about accounting, reporting and disclosure needs specific to the industry.
8|P a ge
Industry publications, trade journals, magazines, newspaper reports and textbooks. Reports on the state of the economy and its effect on the organizations business. Visits to different plants and branch offices of the organisation and discussions with key divisional and functional heads. The internal auditor should provide enough to questions raised about the previous years statutory audit report and management letter. He should also respond to matters that require attention which have been pointed out by the external auditor. These matters wil definitely merit inclusion in the audit programme. *Management letter is a document given by statutory auditors on Conclusion of the annual audit to the companys Board on aspects of the financial reporting, internal controls and other governance issues that need to be addressed by the management satisfactorily in the current year. These are not serious matters that need to be included by the auditors in the report or to qualify the audit report, but nevertheless deserve attention of the management .Discussion with divisional and functional heads might include the following subjects with regard to the concerned function/division: Organisational structure and activities. Statutory rules and regulations. Major internal and external developments over the last 12 months. Key financial and accounting issues including accounting and reporting standards. Activities in which directors or substantial owners of the entity are interested and value of such activities. Business facilities started and/or closed during the year. Aspects of technology, lines of business, product mix, sales and distribution methods, etc. Apart from helping to establish the overall audit plan, knowledge of the auditees business is important to help the auditor in identifying areas that need special consideration, assessing the rationality of accounting estimates and management representations, and evaluating the correctness of accounting policies and internal control systems.
9|P a ge
e) Reporting and reviewing reconciliations. f) Checking arithmetical accuracy of the records. g) Controlling applications and environment of computer information environment systems. h) Maintaining and reviewing control accounts and related subsidiary ledgers. i) Ensuring approval and control of documents. j) Comparing internal data with relevant external information. k) Comparing the results of physical verification of cash, fixed assets, investments and inventory with corresponding accounting records. l) Restricting access to assets, records and information. m) Comparing and analysing results with corresponding budgets 4. Segregation and rotation of duties: Authorities and responsibilities of every department should be clearly defined based on the policies of the management, preferably in writing. There should not be any scope of duplication of jobs, duties and assignments. The entity must have a system of rotation of duties among employees. 5. Authorisation of transactions: Banks usual y prescribe well-set systems of approval and authorisation, both generally applicable and specific to some transactions. As public money is often involved, it is vital that authority levels are not breached. For example an industrial advance sanction may require zonal office clearance, while renewal of the advance may be within the authority of a branch head. 6. Accountability for assets: To ensure accountability and safeguarding of assets, it is important that complete records are maintained and access is limited to the authorised personnel only. Every access and every user should be documented. Periodic checking of actual assets with records and identifying discrepancies must be mandated. 7. Accounting, information and communication systems: A comprehensive system of accounting, financial reporting (both management and statutory) and non-financial analysis and reporting with clear content, format and frequency should be in place. Banks usually adopt the following procedures to meet this need: a) Al records are maintained as prescribed with transaction-level details. b) A unique code number is assigned to each branch and that number should be mentioned in all important documents.
11 | P a g e
c) Al inter office transactions are reconciled methodically during accounts closing. d) Accounts are closed and financials reported as per strictly laid down schedules 8. Monitoring activities: A full-fledged monitoring system should be in place to assess the effectiveness of internal controls continually. Monitoring is done internal y as well as externally. For internal monitoring or self-assessment the review functions are delegated to the staff at different levels. Monitoring activities are integrated to the daily activities as well as undertaken as specified periodic evaluations. For a transparent and fair review of banks internal control system help of external agencies should be taken. Banks usual y follow a wellplanned and organised system for internal audit which is either carried out by a separate department in the bank or by external professionals. They also have their own vigilance department for investigating matters related to fraud, misappropriation, etc. Moreover, periodic RBI inspections are also conducted.
12 | P a g e
Hypothetical data for fictitious transactions are integrated with actual client data and processed. These are subsequently removed from records of the client by manual y reversing journal entries or through programme commands and then the financial reports are compiled. Advantages: This provides assurance that the programs being tested by the auditor have actual y been used by the client. Itcan also be precisely targeted for specific procedures within the programmes. Disadvantages: Thereis the risk that fictitious transactions impact actual results. Wel laid frauds may be difficult to detect. This approach has a high initial cost. 3. Generalised Audit Software (GAS): In the above approaches the auditor is required to prepare input data or create programs. In case of generalized audit software, audit programmes are designed by computer manufacturers, software professionals and large firms of auditors. The functions which can be performed through GAS are as follows: (a) Examination and review of records based on auditors criteria: The computer can scan the records and point out the exceptions to the criteria established by auditor. For example, software can be designed to scan accounts receivable balances for amounts exceeding the credit limit. (b) Selecting and printing audit samples: The computer can be used to select and print audit samples using statistical or judgmental sampling techniques. For example receivable accounts may be selected for confirmation using random sampling tables and the computer might be used to print the confirmation letters. (c) Testing calculations and making computations: GAS helps the auditor to test the accuracy of computations in clients data files with greater speed as compared to a manual system. For example, the auditor can calculate the doubtful debts to sales ratio for the present year and compare it with the past years to ensure reasonableness of doubtful debts provision for the year under audit. (d) Comparing data on separate files: An auditor can compare data on separate files to determine whether compatible information is in agreement. Differences, if any, should be reconciled and investigated. Examples include comparing paid vouchers to cash
13 | P a g e
disbursement through cheques and purchases of inventory as per tock records to creditors file. (e) Summarising data and performing analysis: The auditor summarises and reorganises client data for his purposes. This can be done faster with the help of GAS. For example, he may want to determine the chances of recovery of debtors by looking at the ageing schedule or summarise inventory turnover statistics to determine slowmoving items. (f) Comparing audit data with clients records: Audited data must be converted to machine-readable form and compared with the information in client records. For example, comments made by the auditor of inventory on hand may be compared with the quantity shown in the perpetual inventory records or stock verification sheets of the client. Use of generalised audit software can greatly assist the auditor in performing compliance substantive tests. Its effectiveness depends upon availability of client data, auditors ingenuity and the strength of clients internal controls.
14 | P a g e