1. Introduction and Old Vs New
- Section 138 of the Companies Act deals with Internal Audit of Companies. This section states that certain classes of Companies shall be required to appoint an internal auditor who shall either be a Chartered Accountant, Cost Accountant or such other professional (#) as may be decided by the Board to conduct internal audit of the functions and activities of the Company.
- This is a new Section where in Internal Audits have been made mandatory for certain categories of Companies. There is no corresponding old section
Key Aspects
The following class of companies shall be required to appoint an internal auditor or a firm of internal auditors, namely (a) “Every listed company” and (b) Private and unlisted public companies meeting “any” of the following criteria
Criteria |
Unlisted Public |
Private |
Paid up Share Capital |
Fifty crore rupees or more during the preceding financial year |
No Share capital criteria |
Turnover |
Two hundred crore rupees or more during the preceding financial year |
Two hundred crore rupees or more during the preceding financial year |
Outstanding loans or borrowings from banks or public financial institutions |
Exceeding one hundred crore rupees or more at any point of time during the preceding financial year |
Exceeding one hundred crore rupees or more at any point of time during the preceding financial year |
Outstanding deposits |
Twenty five crore rupees or more at any point of time during the preceding financial year |
No deposit criteria |
- Provided that an existing company covered under any of the above criteria shall comply with the requirements of section 138 and this rule within six months of commencement of such section. For the purposes of this rule, (i) the internal auditor may or may not be an employee of the company and (ii) the term “Chartered Accountant” shall mean a Chartered Accountant whether engaged in practice or not. Internal Auditors cannot render Statutory Audit Services for the same Company (Sec 144 of the Act )
- The audit committee of the Company or the Board shall, in consultation with the Internal Auditor, formulate the scope, functioning, methodology and periodicity for the conduct of Internal Audit
- An interesting aspect is whether any professional can be appointed by the Board to conduct Internal Audit. In this regard, I am advised that the principle of Ejusdem generis ("of the same kinds, class, or nature") would apply and a professional as stated in the section cannot include a Doctor or a Lawyer !
Proposal for Internal Audit Services
1. Executive Summary
XYZ Limited, Chartered Accountants are pleased to propose to offer their services for the conduct of Internal Audit of (name of client) for year 2014-15. We appreciate the need for this engagement and believe that we possess the relevant skills, expertise and infrastructure to handle this engagement.
We appreciate the context and relevance of this engagement to client and would bring relevant experience and expertise to enable robust engagement definition and completion
2. Organisation Overview
Give a brief overview of the Organisation to be audited
3. About XYZ & Co
XYZ & Co is a niche practice that seeks to provide new age contemporary risk advisory and internal audit services to clients.
4. Internal Audit function
The main objective of the Internal Audit process is to provide an assurance on the organisation’s risk management, internal control environment and governance framework through review and appraisal of:
a. Operational control framework including fundamental and basic systems in all areas of the business. The adequacy of risk identification, assessment and mitigation in the organisation. This shall include fraud risks
b. Extent, adequacy, relevance of, and compliance with existing policy, plans and procedure documents within the SBU
c. The extent of compliance with relevant statutory requirements
d. Status of implementation of internal / external audit recommendations
5. Terms of Reference
Based on mutual discussions the following are agreed as the Broad Areas of Coverage with respect to the Internal Audit Engagement
- Fixed Assets
- Investments
- Inventories and Production Operations
- Cash and Bank
- Revenues and receivables
- Purchases and Payables
- Loans and Advances
- Payroll
- Key Spends
- Safety and Security norms
- Statutory Compliances
6. Methodology
A Risk Based Internal Audit Approach would be adopted and would comprise of the following
a. Develop an indepth understanding of the clients business process, accounting systems and internal controls
b. Field work as per agreed time lines
c. Define reporting formats for conclusion of audits and corrective action trackers to enable reporting to the audit committee.
d. The key focus areas for the Internal Audit would be also be to perform a robust follow up of previous audit reports on a 2 year rolling basis
e. The audit frequency will be on a quarterly basis
7. Detailed Coverage
a. Fixed Assets - Including Controls over additions, deletions, scrap, idle – inactive assets review, capitalisation protocols, depreciation accuracy, capital work in progress review, export schemes related to fixed assets, insurance
b. Cash and Bank – Including Controls over receipts, payments, custody, insurance, bank reconciliations, controls over master data creation and amendments
c. Loans and Advances – Including Controls over disbursements, monitoring and recoveries of trade / tooling advances
d. Procurement and Payments for Goods and Services including - Vendor master data review, Purchase Profiling, Vendor selection, Indenting, Sourcing protocols, Purchase Ordering, Material receipt, Liability Accounting, Payment Processing , Access rights on transactions, Controls over master data creation and amendments
e. Inventories – Controls over receipt, issues of inventory, physical verification, perpetual verification protocols, inventory adjustments, Bill of material related controls, Scrap, inventory adjustments and review of all unusual transactions in relation to inventory
f. Production – Production orders, material issues, production order closures, quality processes, finished goods booking
g. Payroll - controls over file maintenance, additions, deletions, changes to payroll masters, attendance , over time controls , Payroll reconciliations
h. Revenues and Receivables – Controls over orders, Order profitability and approvals thereon, costing assumptions review, Invoicing, despatch, Excise duties, Detailed review of Export operations, treasury and forex exposure management , Scrap sales and collections
8. Reporting
Periodic reports as mutually agreed would be issued to the management encapsulating the following
- Audit finding
- Impact of the issue
- Recommendation
- Management Comment
Responsibility / Target date
9. Fees
Based on our assessment of the work involved, we propose a fee of Rs XXXXXX per annum (plus service tax as applicable)
The fees will be payable on a quarterly basis after submission of draft reports
10. Confidentiality
We shall ensure strict adherence to data confidentiality requirements. All data received or accessed in the course of the engagement shall be treated as Confidential and we shall ensure the same degree of care in dealing with your data as we would with our own confidential information.