Internal Audit: An effective tool of

cost control

Submitted by:
Harsh Kanani
15A2HP411
PGDM – Finance

1|Page
ACKNOWLEDGMENT

I would like to my express sincere gratitude to my company guide Mr. Hitesh Shah,
FinAdvantage Consulting Pvt. Ltd. For providing me the opportunity and access the essential data to
prepare the final report on internal audit. I would like to thank him for guiding me in understanding the
given project in a detailed manner.

I would also like to extend my heartiest thanks to Ms. Rupa Agarwal and Mrs. Suja Nair,
FinAdvantage Consulting for her assistance which enabled me to formulate this report.

I also express my heartiest thanks to Prof. Chakrapani, Professor, Institute of Management

Technology, Hyderabad for her constant support in making this report.

Harsh Kanani
Institute of Management Technology

2|Page
Contents
ACKNOWLEDGMENT .............................................................................. 2
INTRODUCTION ....................................................................................... 4
EVOLUTION OF INTERNAL AUDIT ...................................................... 7
TYPICAL WORK ACTIVITIES: ................................................................ 8
AREAS in which INTERNAL AUDIT OPERATES ................................... 9
ROLE OF INTERNAL AUDIT IN DIFFERENT AREAS ........................ 10
INTERNAL AUDIT CHECK LIST........................................................... 12
LIST OF AUDITS ..................................................................................... 13
STANDARDS RELATED TO INTERNAL AUDIT ................................ 14
LEARNING FROM AUDIT REPORT ..................................................... 15
Bibliography .............................................................................................. 16

3|Page
INTRODUCTION

The general definition of an audit is an evaluation of a person, organization, system, process,

enterprise, project or product. The term most commonly refers to audits in accounting, internal
auditing and government auditing, but similar concepts also exist in project management, quality
management, water management and energy conservation. Auditing is defined as a systematic
and independent examination of data, statements, records, operations and performances (financial
or otherwise) of an enterprise for a stated purpose. In any auditing the auditor perceives and
recognizes the propositions before him for examination, collects evidence, evaluates the same and
on this basis formulates his judgment which is communicated through his audit report. The types
of audit are:-

1. EXTERNAL AUDIT - independent of the organization.

2. INTERNAL AUDIT - an organization auditing its own systems, a self-assessment. (Sarkar, 2013-
14)

Here, we will study about internal audit and how it helps to control cost.

Internal auditors deal with issues that are fundamentally important to the survival and prosperity of any
organisation. Unlike external auditors, they look beyond financial risks and statements to consider wider
issues such as the organization’s reputation, growth, its impact on the environment and the way it treats
its employees. Internal auditors help organisations to succeed. They do it through a combination of
assurance and consulting. The assurance part of their work involves telling managers and governors how
well the systems and processes designed to keep the organisation on track are working. Then, they offer
consulting help to improve those systems and processes where necessary. (The institute of comapnies
secretaries of india, 2014)

4|Page
The scope of internal audit within an organization is broad and may involve topics such as an
organization's governance, risk management and management controls over:-
efficiency/effectiveness of operations, the reliability of financial and management reporting and
compliance with laws and regulations. Internal audit may also involve conducting proactive fraud
audits to identify potentially fraudulent acts; participating in fraud investigations under the
direction of fraud investigation professionals, and conducting post investigation fraud audits to
identify control breakdowns and establish financial loss. Internal audit is an audit conducted by
an internal auditor appointed by the management of the enterprises with a view to highlighting
the weak areas of the organizations. (The institute of comapnies secretaries of india, 2014)

The work of an internal auditor differs to that of external auditors as they look at more than financial and
accounting risks. They also consider factors such as reputation, growth, environmental impact, treatment
of employees and ethics. Their work helps senior management to provide evidence to stakeholders that
they are managing the business effectively.

5|Page
While sharing some characteristics, internal and external audit have very different objectives. These are
explained in the table below:

External audit Internal audit

Shareholders or members
The board and senior management who are
who are outside the
Reports to within the organisations governance
organisations governance
structure.
structure.

Add credibility and Evaluate and improve the effectiveness of

reliability to financial governance, risk management and control
reports from the processes. This provides members of the
Objectives
organisation to its boards and senior management with
stakeholders by giving assurance that helps them fulfill their duties
opinion on the report to the organisation and its stakeholders.

Financial reports, financial All categories of risk, their management,

Coverage
reporting risks. including reporting on them.

Improvement is fundamental to the purpose

of internal auditing. But it is done by
Responsibility for None; however there is a
advising, coaching and facilitating in order
improvement duty to report problems.
to not undermine the responsibility of
management.

(Audit Net)
The scope and nature of audits can vary significantly but the main priority of the work is to make sure
any issues that affect the survival and prosperity of the business are dealt with.

6|Page
EVOLUTION OF INTERNAL AUDIT
 As a sibling of External Audit

In the initial stages, internal audit begun as an extended arm of an external/statutory audit of
financial statements. The main, but rather restricted, function of the internal audit at this stage was
verifying the reliability of the financial information included in the financial statements. The
internal audit function in this stage of evolution could not understandably add much value to
functioning of the entity.

 As a cross check

In the stage of its evolution, internal audit was also required to test non-financial information and
transaction in terms of their correctness and compliance with the laid down policies and
procedures.

 As a Probity Policy

At this stage of its evolution, the internal audit came to be more concerned about the probity
aspects of the transaction especially those involving liquid and highly movable assets such as
cash, stock etc.

 As a Non-financial System Policy

As the global economy surged forward full steam, the need for having a full-fledged, strategically
directed internal audit emerged as an inevitable service that could assist

7|Page
TYPICAL WORK ACTIVITIES:
The work of internal auditors is varied and critical to the organisation. They look at ways of changing
out-dated processes, identify new opportunities and share good practice. Their range of tasks can
include:

 attending meetings with auditees to develop an understanding of business processes;

 travelling to different sites to meet relevant staff and obtain documents and information;
 researching and assessing how well risk management processes are working and recording the results
using software such as Microsoft Word and Excel;
 providing ad hoc advice and guidance to managers and staff at all levels, sometimes by delivering
courses and training sessions;
 performing risk assessments on key business activities and using this information to guide what to
cover in audits;
 anticipating emerging issues through research and interviews and deciding how best to deal with
them;
 providing support and guidance to management on how to handle new opportunities;
 agreeing recommendations with relevant staff members to make improvements to operations and
helping to secure backing for them in meetings;
 preparing reports to highlight issues and problems and distributing the reports to the relevant people;
 assessing how well the business is complying to rules and regulations and informing management
whether any issues need addressing;
 Managing a variety of stakeholders and their expectations through regular communications.
(The institute of comapnies secretaries of india, 2014)

8|Page
PURPOSE OF INTERNAL AUDIT

The internal audit is one of the management’s control tools who through its operations assist the entire
organization by examining and evaluating the adequacy and efficiency of internal control, risk
management, quality of operations and governance processes. The internal audit furnishes the
organization with analyses, appraisals, recommendations, counsel and information. The purpose is to
ascertain that the internal control system, by taking into account also the information produced by the
external auditors, functions so that the management can be reasonably sure that the set objectives and
goals will be achieved, the operations are effective, reporting is reliable and safeguarding of assets and
compliance with the laws and regulations is done. (Chartered institute of Internal Audits)

AREAS in which INTERNAL AUDIT OPERATES

 Review of Accounting System and Related Internal Controls - The establishment of an adequate
accounting system and related controls is the responsibility of management which demands proper
attention on a continuous basis. The internal audit function is often assigned specific responsibility by
management for reviewing the accounting system and related internal controls, monitoring their
operation and recommending improvements thereto.

 Examination for Management of Financial and Operating Information - This may include review
of the means used to identify, measure, classify and report such information and specific inquiry into
individual items including detailed testing of transactions, balances and procedures.

 Examination of the Economy, Efficiency and Effectiveness of Operations including Non-

Financial Controls of an Organization - Generally, the external auditor is interested in the results of
such audit work only when it has important bearing on the reliability of the financial records. (KPMG)

9|Page
ROLE OF INTERNAL AUDIT IN DIFFERENT AREAS
 Role of Internal Audit in Internal Control

The Internal auditor should examine and contribute to the on-going effectiveness of the internal
control system through evaluation and recommendations. However, the internal auditor is not
vested with management’s primary responsibility for designing, implementing, maintaining and
documenting internal control. Internal audit functions add value to an organization’s internal
control system by bringing a systematic, disciplined approach to the evaluation of risk and by
making recommendations to strengthen the effectiveness of risk management efforts. The internal
auditor should focus towards improving the internal control structure and promoting better
corporate governance. The role of the internal auditor encompasses:
– Evaluation of the efficiency and effectiveness of controls
– Recommending new controls where needed or discontinuing unnecessary controls
– Using control frameworks
– Developing Control self-assessment

 Role of Internal Audit in Risk Management

Internal auditing professional standards require the function to monitor and evaluate the
effectiveness of the organization’s Risk management processes. Risk management relates to how
an organization sets objectives, then identifies, analyses, and responds to those risks that could
potentially impact its ability to realize its objectives.

Under the COSO Enterprise Risk Management (ERM) Framework, risks fall under strategic,
operational, financial reporting, and legal/regulatory categories. Management performs risk
assessment activities as part of the ordinary course of business in each of these categories.
Examples include: strategic planning, marketing planning, capital planning, budgeting, hedging,
incentive pay-out structure, and credit/lending practices. Sarbanes-Oxley regulations also require
extensive risk assessment of financial reporting processes. Corporate legal counsel often prepares
comprehensive assessments of the current and potential litigation a company faces. Internal
auditors may evaluate each of these activities, or focus on the processes used by management to
report and monitor the risks identified. For example, internal auditors can advise management

10 | P a g e
 regarding the reporting of forward-looking operating measures to the Board, to help identify
emerging risks.
 Role of Internal Audit in Corporate Governance

Internal auditing activity as it relates to corporate governance is generally informal, accomplished

primarily through participation in meetings and discussions with members of the Board of
Directors. Corporate governance is a combination of processes and organizational structures
implemented by the Board of Directors to inform, direct, manage, and monitor the organization’s
resources, strategies and policies towards the achievement of the organizations objectives. The
internal auditor is often considered one of the “four pillars” of corporate governance, the other
pillars being the Board of Directors, management, and the external auditor. A primary focus area
of internal auditing as it relates to corporate governance is helping the Audit Committee of the
Board of Directors perform its responsibilities effectively. This may include reporting critical
internal control problems, informing the Committee privately on the capabilities of key managers,
suggesting questions or topics for the Audit Committee’s meeting agendas, and coordinating
carefully with the external auditor and management to ensure the Committee receives effective
information. (The institute of comapnies secretaries of india, 2014)

11 | P a g e
INTERNAL AUDIT CHECK LIST

12 | P a g e
LIST OF AUDITS
General Internal Audit HR and Payroll Audit

Treasury Audit Payables Audit

Receivables Audit Process Audit

Product Audit Assets Audit

Procurement to Pay Audit Legal Compliance Audit

Purchase Audit Sales Audit

Expense Audit Follow-up Audit

Information System Audit Stock Audit

13 | P a g e
STANDARDS RELATED TO INTERNAL AUDIT (My learning)

There are so many standards given by Institute of Internal Audit but I have considered only three which
also cover my learning through this internship program.

 Documentation
o Internal audit documentation should be designed and properly organized to meet the
requirements and circumstances of each audit. To formulate policies for standardization of
internal audit documentation.
o It should be sufficiently complete and detailed for an internal auditor to obtain an overall
understanding of the audit.
o It should cover all the important aspects of an engagement viz., engagement acceptance,
engagement planning, risk assessment and assessment of internal controls, evidence
obtained and examination / evaluation carried out, review of the findings, communication
and reporting and follow up.

 Sampling
o Design and select an audit sample, perform audit procedures thereon, and evaluate sample
results so as to provide sufficient appropriate audit evidence to meet the objectives of
internal audit engagement unless otherwise specified by the client.

o When designing an audit sample, internal auditor should consider specific audit
objectives, the population from which internal auditor wishes to sample, and the sample
size.

o When determining the sample size, internal auditor should consider sampling risk,
tolerable error and the expected error.

 Reconciliation

o BRS- Bank Reconciliation Statement.

 This used to verify all the accounts that our client YLG has across Bangalore and
Chennai. This verifies all the bank balances and the total bank balances in R & R
14 | P a g e
 Salons Private Limited and Niche Beaute Solution Private Limited books. The
difference may be due to following reasons. One reason may be due to availability of
the bank transactions fees at a later date. Other reason may be due to cheques not
cleared or not encashed at the time of preparing the report. This BRS exercise helps
to identify the loopholes in the accounting system as the bank balances from trail
balance and BRS statement is matched.

o CRS- Customer Reconciliation Statement.

 It used to verify the balances in the company’s books with the balance in the
customer books. This is done by getting a confirmation of the balance from the
customer. The basic concept here is the balances in company books is receivables
and customers’ is payables. There may be various reasons to explain this
difference. One of the reasons may be due to non-receipt of the payment made by
the customer when the report is being generated. Other reasons may be due to
previous miscommunication regarding the value of the products.

LEARNING FROM AUDIT REPORT

In an audit report, entire processes are looked into to ensure no stone is left unturned. Many cases
where there were lacks of internal process control. Areas like rental agreements, security, and hospitality,
procurement of stationery and Capex items. The audit report clearly states the legal and financial
implications of these unattended problems in future. Some of the recommendations have already been
implemented at the earliest to prevent further complications.

15 | P a g e
Bibliography
Audit Net. (n.d.). Audit Librabry. Retrieved april 22, 2016, from Audit Net: http://www.auditnet.org/audit-
library/the-internal-audit-process-from-a-to-z-how-it-works

Chartered institute of Internal Audits. (n.d.). About us . Retrieved april 23, 2016, from IIA:
https://www.iia.org.uk/about-us/what-is-internal-audit/

KPMG. (n.d.). Artical. Retrieved april 22, 2016, from CACLubindia:

http://www.caclubindia.com/articles/practical-approach-on-internal-audit-
8057.asp#.VSyNQvmUerM

Sarkar, S. (2013-14). How inteernal audit can control cost in the subject of advanced cost accountig .
Mumbai: NMIMS.

The institute of comapnies secretaries of india. (2014). Internal Audit. In Company accounts and auditing
practices (pp. 484-510). Delhi: Arushi Graphics.

16 | P a g e