INTERNAL AUDIT MANUAL

____________GROUP

Internal Audit Manual

 

Section‐1. Introduction

 

Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Modern internal audit services are characterized by a shift toward more proactive auditing rather than after the‐fact detective auditing. Internal auditing is a catalyst for improving an organization's governance, risk management and management controls by providing insight and recommendations based on analyses and assessments of data and business process. With commitment to integrity and accountability, internal auditing provides value to the management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity. 

 

An Internal Audit Manual represents contemporary practices as employed by the professionals. In most cases they are not theoretical concepts; they are rooted in actual practice. The Audit Department of ____________ Group has prepared the manual containing charters, policies, procedures, guidelines, responsibility statements, job descriptions, administrative documents, etc.  

 

This Internal Audit Manual is issued by ____________ Group Corporate Office to standardize the internal audit activities of the Department. This manual is not designed to be an all‐inclusive outline for performing audits, but rather, has the following purposes:

 

(A)  To establish policies and standards and provide members of the internal audit team with practical professional guidance, tools and information for planning, conducting and reporting on internal audit works. 

(B)  To establish high level procedures intended to assist staff members in the discharge of their duties. 

(C)  To formalize administrative and organizational policies for Internal Audit Functions within the companies.

(D)  To define responsibility, authority, and accountability. 

(E) To help achieve consistency in internal auditing activities. The use of the manual should help bring a systematic and disciplined approach to the audit functions and assist the internal auditors to meet the goal of adding value to ____________ Group. 

(F)  To standardize the internal audit and risk assessment approach within the Group in a manner to ensure the consistency in the application of internal audit standards.

(G) To enhance the quality and effectiveness of the Internal Audit team by paving the way to put into practice procedures and processes that would help it conform to professional standards and best practices.

(H)  To ensure timely audit reports on the activity, performance, profitability, inventory control system

(I)  To advice, guide and assist management of the Group on matters of internal check and internal control.

This Manual will help the internal audit team of ____________ Group in executing its functions by adhering to best practices of internal audit. In addition to the corporate office, the jurisdiction of audit shall encompass 10 more companies of the Group namely :‐ 

  

• _____________________
• _____________________
• _____________________
• _____________________
• _____________________
• _____________________
• _____________________
• _____________________
• _____________________
• _____________________

1. 1. Mission.   The mission of Internal Audit is to provide independent and objective assurance and consulting services designed to assist ____________ Group in achieving its objectives by striving to provide a positive impact on the efficiency and effectiveness of operations. Internal audit helps the Group accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, internal controls, and governance processes.

 

1. 1. Objectives.    Objectives of internal audit are:

 

1. 1. 1. 1. Compliance with Policies, Procedures, Laws, Regulations and Contracts.    Review the systems established to ensure compliance with those policies, procedures, laws, regulations, and contracts which could have a significant impact on operations of the Group and determine whether the corporate office/factories are in compliance.

 

1. 1. 1. 1. Safeguarding of Assets.        Review the means of safeguarding assets and, as appropriate, verify the existence of such assets. 

 

1. 1. 1. 1. Effectiveness and Efficiency of Operations and Programs.   Appraise the effectiveness and efficiency with which resources are employed.

 

1. 1. 1. 1. Achievement of the Organization’s Strategic Objectives.    Review operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned.

 

1. 1. 1. 1. Reliability and Integrity of Financial and Operational Information.  Review the reliability and integrity of financial and operating information and the means used to identify, measure, classify, and report such information. 

 

1. 1. 1. 1. Assurance to the Management.      Provide assurance to the Management of ____________ Group regarding the handling of key risks and to provide independent and objective advice, counsel and assist them in discharging their duties and responsibilities. 

 

1. 1. 1. 1. Evaluation of Procedures. Evaluate financial and operational procedures for adequacy of internal controls and provide advice and guidance on control aspects of new policies, systems, processes and procedures.

3.1 Scope.  Internal audit coverage includes all aspects of ____________ Group activities in accordance with the internal audit programs set by the Audit Department and approved by the Management. The extent and frequency of internal audits will depend upon varying circumstances such as the results of previous audits, relative risk associated with activities, materiality, the adequacy of the system of internal controls and resources available at the at the disposal of the Audit Department.

 

3.2   Major Functions of Internal Audit.     The major functions of internal audit are:

 a) Audit of the budget cycle and report on variances;

b) Review of the human resources management and suggest about overstaff or under staff at corporate and factory levels;

c) Review of the work with cash / payment means and banks;

d) Review of the work with cash / payment means and banks;

e) Review of the work with incomes and demands;

f) Review of the processes for procurement and payments;

g) Review of the systems for stocks and property;

h) Review of the payroll and expense arrangements;

i)  Review of the procurement procedures;

j) Review of the inventory;

k)  Suggest, advice and guide the management on strategic issues, decision making, internal control system and risk areas.

l) Prepare comprehensive audit programs –short‐term, monthly, quarterly and annual covering the corporate office and the factories.

 

3.3   Types of Internal Audit

 

• • • • Financial audit
      • Compliance audit
      • Performance audit
      • System audit
      • Physical verification of cash, fixed assets and stock of stores
      • Special audit
      • Concurrent audit

 

4.1 Management Responsibilities.   To make internal audit effective the Group and factory Managements have to ensure:

 

1. 1. 1. 1. that the systems of internal control are in place, good business practices are implemented and followed in all areas, compliance is maintained, fraud risks are identified and mitigated, and effective governance is established.

 

1. 1. 1. 1. that the financial information and other management information are reliable, that the company resources are used efficiently and effectively and that the potential for fraud is minimized. 

 

1. 1. 1. 1. that the Management addresses the issues identified by implementing recommendations or agreed‐upon corrective action plans. 

 

1. 1. 1. 1. That the Audit Department/teams enjoy the required independence from the management which enables unrestricted evaluation of management activities and personnel and allows internal auditors to perform their role effectively. Although internal auditors are part of company management and paid by the Company, the primary customer of internal   audit activity is Management/Company itself.

 

1. 1. 1. 1. that the auditors are extended with required assistance in the investigation of significant suspected fraudulent activities within  the corporate office/factories.

 

1. 1. Audit Authority.    The Chief Auditor and auditors of the internal audit activity are authorized to:

 

a) Have unrestricted access to all functions, records, property and personnel.

b) Have full and free access to the Management.

c) Allocate resources, set frequencies, select subjects, determine scopes of work, and apply the techniques required to accomplish audit objectives.

d) Obtain the necessary assistance of personnel in the factories where they perform audits.

 

1. 1. 
      Internal Audit’s Responsibility.   The Chief Auditor and the auditors have responsibility to: 

 

1. 1. 1. Develop a flexible annual audit plan and submit to the Management for review and approval as well as periodic updates.

 

1. 1. 1. Implement the annual audit plan, as approved, including as appropriate, any special tasks or projects assigned by the Management.

 

1. 1. 1. Maintain a professional audit staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirement.

 

1. 1. 1. In addition to the routine reports, submit periodic reports to the Management summarizing results of audit activities as and when

 

1. 1. 1. Keep the Management informed of emerging trends and successful practices

in internal auditing.

 

1. 1. 1. Assist in the investigation of significant suspected fraudulent activities within the group/factory and notify the Management of the results.

 

1. 1. 1. Consider the scope of work of the external auditors and regulators, as appropriate, for the purpose of providing optimal audit coverage to the University at a reasonable overall cost.

 

 

4.4     Duties and Responsibilities of the Chief Auditor.

 

1. Hold the overall responsibility as Head of Audit Department;

 

1. Prepare audit calendar covering the all the companies/factories of the Group;

 

1. Prepare audit program for the corporate office and factories of the Group;

 

1. Supervise the audit staff and audit officers in the Audit Department;

 

1. Arrange periodical training for the auditors to keep them up‐to‐date on company policies, particularly applicable for the garments factories.

 

1. Develop an effective team of competent subordinates who understand and

able to carry out the vested responsibilities;

 

1. Advice, guide and suggest internal control systems to minimize possibility of frauds, misappropriation, etc.

1. Liaison with factory management on matters of audit queries;

 

1. Review and appraise the soundness, adequacy and application of accounting, financial and operational controls;

 

1. Take appropriate measures for the prevention of frauds and elimination of conditions inducing fraudulent actions;

 

1. Undertake special investigation at the directives of Chairman or Managing Director of the Group;

 

1. Formulate internal audit programs in order that all aspects of transactions are audited;

 

1. Ensure that the prescribed procedures are diligently followed within the Group, so that appraisal and monitoring can be reliable and effective;

 

1. Prepare reports containing observations, comments and recommendations based on carried out audit work.

 

1. Generate monthly audit reports in time within 10th of the following month; 

 

1. Prepare the Audit Report and follow up action with the concerned department/managers;

 

1. Perform any other task assigned by the Managing Director/Chairman of the Group.

 

4.5          Duties and Responsibilities of Audit Managers.

 

1. Conduct audit works as per audit calendar and audit programs approved by Chief Auditor;

 

1. Visit factories to conduct audit with the audit team;

 

1. Prepare list of audit queries and have meeting with the GM and concerned managers of the factory about the audit queries and irregularities;

 

1. Prepare the draft audit report and finalize after discussion with Chief Auditor;

 

1. Follow the action plans and keep the Chief Auditor informed;

 

1. Supervise the audit staff working under his/her supervision;

 

1. Lead or facilitate meetings to discuss audit findings with relevant department representative assigned for the audit and with department heads; 

 

1. Examine records to assure apt transactions recording and comply with

applicable agreements, laws and policies;

 

J. Develop a thorough understanding of the business, evaluate controls, make recommendations for improvement of controls, and prepare draft audit reports.

 

k.              Perform any other jobs as assigned by the management.

 

4.6          Duties and responsibilities of Senior Audit Officers.

 

1. Conduct the concurrent audits at corporate office and at factories like checking of payments, receipts, physical verification of cash as per audit programs;

 

1. Execute audit programs as framed by Chief Auditor/Audit Manager;

 

1. Perform any other assignment as assigned by Chief Auditor/Audit Manager;

 

1. Ensure all sorts of requisition, delivery challan, bill, voucher etc. are being checked and verified in the prescribed manner;

 

1. Check and verify production quantity regularly as well as wages of the worker;

 

1. Check the accuracy of monthly salary and wages;

 

1. Ensure/produce the audit findings report with necessary analysis and comparison;

 

1. Ensure proper documentation system and preserve appropriate audit evidence for future reference;

 

1. Coordinate / communicate with concerned department in relation to audit;

 

1. Perform any other task as assigned by the management from time to time.

 

4.7          Duties and Responsibilities of Audit Officers.

 

1. Lead or facilitate meetings to discuss audit findings with relevant department representative assigned for the audit and with department heads.

 

1. Report audit findings to the Manager‐Internal Audit and prepare written reports for areas audited, ensuring that they provide an accurate picture of findings. 

 

1. Prepare work papers, recording and               summarizing audit procedures

performed. 

 

1. Perform prescribed departmental administrative routines, to ensure that proper records are kept of work done in accordance with the Internal Audit Manual or other established standards.

 

1. Oversee special audits or investigations including due diligence work, postpurchase reviews and fraud Investigations.

 

1. Check and analyze the audit data with the accounting software and ERP system of the Group. 

 

1. Perform any other task as assigned by the management from time to time.

 

4.8          Organization Chart of Internal Audit Department.     Placed at Annex A.

5.1          Code of Conduct of Internal Audit Department.     Internal Audit Department shall have a codified code of conduct that promotes ethical culture and addresses the following principles:

 

1. Integrity. Internal Auditors shall perform their job responsibilities with sincerity, honesty, prudence and diligence. Establish trust that provides the basis for reliance on the assessment of internal audit.

 

1. Objectivity. Internal auditors shall not accept anything like gift, donation, etc. or take part any activity or relationship that may impair or presume to impair their unbiased or impartial assessment or professional judgment. They shall exhibit highest level of professional objectivity in gathering and evaluating information and data and shall not be influenced by individual or personal interests.

 

1. Confidentiality.      The term confidential means and applies to all sensitive or restricted information. It relates to both information obtained from an entity during the course of audit and the results of the audit itself. These are privileged information. Internal auditors, unless authorized by the management or required by law, should take care not to disclose any information obtained during the audit process.

 

1. Competency. Internal auditors shall engage only in those services for which they have the necessary knowledge, skills and experience.

 

5.2 Standards of Conduct.     Internal audit shall adhere to the following standards of conduct: 

 

1. Service.     Preserve a commitment to carry out all responsibilities with an attitude of service toward the management of the Group, maintaining a sincere and dignified attitude.

 

1. Excellence.     Uphold a high standard of service and a commitment to quality in performing all jobs and assignments.

 

1. Leadership.     Endow with noteworthy examples which emphasize high ethical and moral standard.

 

1. Professionalism.   Internal auditors shall conduct business in a manner that reveals favorably on the Group and the individuals. They shall exercise skill, integrity, maturity and tact in all relations.

 

5.3          The Code of Ethics for Internal Auditors.

 

‐ As the profession of internal auditing is based on the trust placed in its independent and objective assurance, opinions and reports about governance, risk management, and control, it is necessary that it be governed by a Code of Ethics.

 

‐ The Code of Ethics for internal auditors, adopted by ____________ Group consists of a set of principles relating to Integrity, Objectivity, Confidentiality and Competency.

 

‐ Conducting audit work in accordance with ethical principles is the responsibility of both Chief Auditor and his subordinates. The credibility of the internal auditors and the internal audit reports, among others, is gauged on compliance with the Code. The Code also enables internal auditors to foster a culture of ethics, an important cornerstone of good governance, within their organization. 

5.4          Values of Internal Auditors.

 

1. Integrity.     Internal auditors shall be honest, ethical, equitable and respectful with stakeholders, management and managers.

 

1. Accountability.     Internal auditors shall be responsive and open in dealing with the needs and expectations of stakeholders. 

 

1. Independence.       Internal auditors shall provide assurance and governance services in an objective and fair manner. 

 

1. Learning and Innovation.   Internal Auditors shall continually develop organizational capability through the development of individual and team knowledge and skills.

 

5.5          Attributes of Internal Auditors.     

 

1. Professional Proficiency.    Internal auditors are expected to possess adequate knowledge, technical skills and competencies to be able to apply and comply with the provisions of the generally accepted auditing standards for professional practice of internal auditing. They must have adequate knowledge of accounting and auditing to discharge their duties properly. Knowledge, skills, and other competencies are a collective term that refers to the professional proficiency required by internal auditors, to effectively carry out their professional responsibilities.

 

1. Due Professional Care.      Internal auditors shall apply due professional care and diligence while performing their duties and shall maintain strong personal integrity. Internal auditors must apply the care and skill expected of a reasonably prudent and competent internal auditor.  Due professional care does not imply infallibility. Internal auditors shall exercise due professional care by considering: 

 

• • The extent of work needed to achieve the assignment’s objectives; 

 

• • The relative complexity, materiality, or significance of matters to which assurance procedures are applied; 

 

• • The adequacy and effectiveness of governance, risk management, and control processes; 

 

• • The probability of significant errors, fraud, or noncompliance. 

  • 6.1 Internal Audit Calendar.       Internal audit department shall prepare a comprehensive audit calendar covering one complete year and all the areas of audit works.  

     

    6.2 Internal Audit Program.    The Chief Auditor shall chalk out a detailed audit program covering all the areas of activity of the factories under the Group. Usually the routine audit shall be conducted monthly. Besides, quarterly, half‐yearly, yearly and special audits to be conducted as per the audit calendar and as and when necessary. The audit programs shall cover the following areas:

     

  • Cash and bank transactions at the corporate office and at factories;

  •  

  • Bank reconciliation statement;

  •  

  • Payment of salary and wages at corporate office and factories;

  •  

  • Budget and actual performance evaluation;

  •  

  • Inventory of stock of raw materials, dyes & chemicals, packing materials, accessories and finished goods stock;

  •  

  • Inventory of fixed assets;

  •  

  • Accounts receivable and accounts payable;

  •  

  • Human resources management;

  •  

  • Internal control system and compliance;

  •  

  • Special audit and investigation/enquiry as and when required.

  •  

    6.3 Steps in Internal Audit Assignments.  A typical internal audit assignment involves the following Steps: 

     

  • Establish and communicate the scope and objectives for the audit to appropriate management.

  •  

  • Develop an understanding of the business area under review. This includes objectives, measurements and key transaction types. This also involves review of documents and interviews. Flowcharts and narratives may be prepared if necessary.

  •  

  • Describe the key risks facing the business activities within the scope of the audit.

  •  

  • Prepare/review the Internal Audit Checklist which can be a helpful tool to identify common risks and desired controls in the specific process or industry being audited.

  •  

  • Report issues and challenges identified and negotiate action plans with management to address the problems.

  •  

  • Follow‐up on reported findings at appropriate intervals. Internal audit departments must maintain a follow‐up database for this purpose.

  •  

  • 1. Internal Audit Process.   A Flowchart showing the internal Audit Process is placed at Annex B.

  •  

  • 1. Duration of Audit Assignment.     The length/duration of the routine monthly audit assignments to be fixed in a way that with the available resources and manpower audit of all the enterprises of the Group can be completed within the month and report can be produced within 10th of the following month.  

  •  

  • 1. Conducting the Audit Engagement (Fieldwork).     The purpose of conducting audit is to gather sufficient and appropriate audit evidence to reach a conclusion on each of the objectives identified in the planning phase. The internal auditor should execute all the tasks on the basis of audit programs prepared at the end of the Planning Phase of the Audit Engagement. The steps involved in audit engagement are:

  •   

  • Prior to commencing the fieldwork, the Chief Auditor should convene a meeting with the auditee and other senior staff to discuss the next stage of the audit. The agenda for the meeting should include the following: 

  •  

  • • Introductions – identifying members of the audit team and their areas of responsibility as well as key auditee staff and their areas of responsibility. 

  •  

  • • The audit objectives and scope ‐ including any limitations or exclusions. 

  •  

  • • The audit criteria – to be used in evaluating the audit objective – normally related to the achievement of the organizational and operational objectives.

  •  

  • • The audit process ‐ the approach or methodology adopted for the audit, the schedule (audit timing), and the locations where the audit will take place. 

  •  

  • • Debriefing process ‐ on the audit findings and the reporting process. 

  •  

  • After the entry meeting audit team members will normally meet individually with the concerned Heads of Departments/supervisors responsible for the activity, organization or program for which they have been assigned responsibility. This meeting can be used to gain an understanding of how the Heads of Departments/ supervisor’s responsibilities are carried out, to obtain access to required documentation, and to meet other staff. 

  •  

  • Monitoring quality of execution and progress of work.

  •  

  • As the execution of the work program proceeds, it may become necessary to make certain revisions. Internal auditors should be sensitive as to the purpose of the work program and what it expects to achieve. When in doubt, this should be reviewed as early as possible in the audit process in order to minimize wasted effort. 

  •  

  • Likewise, the scope of the audit may also occasionally be required to be amended in order to capture useful additional evidence. In addition, the extent of testing (for example instead of testing a sample of 50, it may be necessary to sample 100) may also be required to be extended. This may particularly be necessary when a fraud or other serious deficiencies, such as misinterpretation of a rule, is suspected and it may become necessary to fully quantify the effect of that deficiency. 

  •  

  • When there is adequate evidence to substantiate that a fraud has indeed taken place, the internal auditor should consult with the Chief Auditor on the steps to be taken – this should include the necessity to protect the evidence and inform appropriate levels of senior management.

  •  

  • Internal auditors should take care to ensure that changes to the audit program do not impact the audit objective, the audit criteria or time schedules. Internal auditors should consult with and obtain the approval of the Chief Auditor for any changes in the work program.

  •  

    h Internal auditors should ensure that evidence is properly recorded in appropriate worksheets, supported with copies of documents when deemed necessary. 

     

    6.7          Developing Recommendations. 

     

    6.7.1 Recommendations describe the course of action management should follow to rectify deficiencies by addressing underlying causes. These may include weaknesses in systems and/or controls. After identifying a defective condition and the underlying causes, the Audit Department should formulate recommendation (s) for corrective actions. Recommendations should not be developed in a vacuum but should be discussed with the client/auditees, considered in the light of best practice, and take into account costs and other factors in the client’s working environment. 

     

    6.7.2 Recommendations should be action‐oriented, convincing, well supported, and effective. When appropriately implemented, they should get the desired beneficial results. Recommendations should be: 

     

  • Properly directed –to those who have responsibility and authority to act on them. It must be clear who should be responsible for any corrective action. 

  •  

  • Brief ‐ without indicating specifically all the actions that are necessary for corrective action. For instance, the auditor should not have to tell the client how to develop a system, but they should be specific about the system that needs improvement and the objectives that should be achieved by the change.

  •  

  • Convincing – and well supported by facts and should flow logically from the findings.

  •  

  • Effective ‐ so as to provide reasonable assurance that the proposed recommendation will correct an identified problem or remove a root cause and will result in significant improvements within the foreseeable future. 

  •  

  • Cost Effective – so that it will be readily embraced by Management. Recommendations should be made only after the costs of acting on them have been considered. Offsetting costs should be considered. Favorable consideration of a recommendation is more likely if the report makes it apparent that the recommendation was made with knowledge of offsetting costs. 

  •  

    6.8.         Liaison with the Auditee and Other Senior Staff during Fieldwork.

     

    6.8.1 Throughout the audit, the Team Leader should have discussions with the auditee to review and discuss observations and findings and potential recommendations. This helps ensure that all pertinent information has been considered in developing conclusions and provides an opportunity for the audit team and the auditee to work to develop effective solutions to identified deficiencies. This process is likely to result in more prompt corrective actions. At the end of the audit, this informal communication process is formalized through closing or exit meetings and written reports.

     

    6.8.2 Upon completion of the fieldwork, the Chief Auditor/Team Leader and the internal auditors should consider if all the necessary evidence to support findings have been properly analyzed, evaluated and recorded.  The checklists that appear subsequently in this Section will facilitate such a review.  

    6.8.3 At this stage, the Chief Auditor/Team Leader should convene a formal exit meeting with the auditee and other senior managers as necessary and appropriate to discuss all significant audit findings and conclusions before the Audit Report is drafted. This formal debriefing helps ensure that: 

     

  • There are no “surprises” with respect to reporting results. 

  •  

  • There have been no misunderstandings or misinterpretations. 

  •  

  • The Internal Auditor has considered all relevant evidence and becomes aware of any corrective action that has already been initiated by the auditee. 

  •  

  • The likelihood of the auditee embracing the audit findings and the proposed recommendations are increased. 

  •  

    6.8.4 The debriefing meeting may also be used to discuss points that are of interest but are not significant enough for inclusion in the written audit report. These findings of lesser significance may be addressed in a management letter to the auditee. 

     

    6.9. Suggested Checklists for Internal Auditors.  Internal auditors shall follow the following checklists while conducting audit:

     

    6.9.1       Checklists for Cash and Bank Transactions. 

     

  • Select sample of the vouchers to be audited as per sampling techniques.

  •  

  • Review whether vouchers have been supported by proper evidences.

  •  

  • Ascertain whether payment vouchers/ payments by cash/cheque have been approved by the competent authority in line with the approved Delegation of Power (DOP). 

  •  

  • Verify whether payment relates to current year. If not, same should be booked as per the accounting policy. Also ensure whether accounting policy in respect of prepaid exp. and prior period adjustments are followed uniformly at all the accounting units.

  •  

  • Ensure accounting entries have been booked on timely basis so that no negative cash balances appear in the books of accounts at any point of time.

  •  

  • Ensure that acknowledgement of the receiver has been obtained on the cash /cheque payment voucher.
  • Verify that date of acknowledgement of cash receipt and date of payment is same.

  •  

  • Ensure that payments were made within the office working hours on working days. Any deviations should be properly supported by approvals as per DOP. 

  •  

  • Ensure that every cheque payment is supported by the acknowledgement of the payee and payments to suppliers/contractors are made by account payee cheque.

  •  

  • Ensure all the dishonored cheques have been reflected in proper account head and proper steps (on basis of root cause analysis) have been taken to avoid similar situation in future. 

  •  

  • Ensure that unpaid cheques for more than 3 months have been transferred to dead cheques/stale cheque accounts and review this account to further see that cheques outstanding for more than 3 years have been transferred to miscellaneous receipts accounts. 

  •  

  • Check the entry of cheques payment into the system records maintained for the same.

  •  

  • Ensure that bank charges charged by the bank for making any payment, should be in line with the bank charges list provided by the bank. 

  •  

  • Ensure that all cancelled/returned electronic transactions have been properly reflected in the accounts. 

  •  

  • Ensure that the voucher and supporting documents have been stamped ‘PAID’ as soon as payment is made.

  •  

  • Ensure that entry of payment has been booked in the correct head of account and on the date of payment. 

  •  

  • Collect sample of signature from relevant authority and verify that signatures marked on the vouchers match with them.

  •  

  • Examine that Cheque books are kept in the Cash Safe/Chest and handled by the competent person / officer in‐charge. 

  •  

    6.9.2       Checklist for Payment to Suppliers/Contractors.

     

  • Ensure that all payments have been properly authorized, recorded and made to the relevant supplier.

  •  

  • Invoices received are matched to approved orders, marked as delivered.

  •  

  • Invoices are checked, authorized for payment and stamped as ‘PAID’.

  •  

  • Payments are made to the right party for the right amount.

  •  

  • All the proper supporting documents are attached to the payment voucher.

  •  

  • The payment is correctly recorded in the accounting records.

  •  

  • All payments are correctly recorded under the appropriate budgetary heads and expenditure.

  •  

  • Key controls over cash payments.

  •  

    6.9.3       Checklist for Physical Verification of Cash.

     

  • Carry out a surprise physical verification of cash.

  •  

  • Check that the physical cash balance tallies with the balance shown by the cash book.

  •  

  • Check that the cash book is up to date at all times.

  •  

  • Check that the cash in safe/cash in transit is within the insurance cover taken.
  •  
  • Check that fidelity insurance cover is taken in the names of persons who have the custody of cash.

  •  

  • Check that receipts are issued by the cashier at the time of receipt of cash from the employees / others. 

  •  

  • Check that signatures of the payee are taken by the cashier on the cash payment Voucher at the time of making cash payment.

  • 6.9.4       Checklists for Payment of Salary & Wages.

     

  • Check and review the wages with calculation sheet, attendance sheet and production sheet.

  •  

  • Ensure that proper internal control system is working while preparing and making payments to workers.

  •  

  • On the payment date of wages, check dummy workers if any.

  •  

  • Make surprise visit to the production floor and check physically few number of workers, with the attendance sheet.

  •  

  • Ensure that the persons who prepare the wages sheet are not involved in payment of wages to the workers.

  •  

  • Ensure that no terminated employees/workers are on current payroll. 

  •  

  • Check the record relating to attendance/leave including a cross verification of data and ensure that the methods and procedure for recording of attendance / leave are sound and sufficient internal controls exist. Point out the lacunae / weakness in the internal control system.

  •  

  • Ensure that the various provisions of industrial and labor laws and compliances are met with.

  •  

    6.9.5       Checklist for Budget Evaluation.  

     

  • Check and verify the budget with actual performance of sales and expenses.

  •  

  • Find out the variances‐favorable/unfavorable

  •  

  • Ask for explanations for the adverse variances 

  •  

  • Submit the report to the management

  •  

    6.9.6 Checklist for Inventory of Stock of Raw Materials, Dyes & Chemicals, Packing Materials, Accessories and Finished Goods Stock.

     

  • Get copies of stock sheets at month‐end.

  •  

  • Select items to be physically checked.

  •  

  • Physically check the item, count them and record in the “actual’ column of the inventory sheets.

  •  

  • Compare and find out the difference between actual and physical quantity.

  •  

  • Ask for explanation the short/excess, if any.

  •  

  • Submit the report to the Management.

  •  

    6.9.7       Checklist for Inventory of Fixed Assets.  

     

  • Ensure that all fixed assets registers are updated.

  •  

  • Gets a list of Fixed Assets showing particulars, quantity, value, location, etc.

  •  

  • Physically verify the assets with the list.

  •  

  • Prepare inventory of fixed assets reports and the book quantity and physical quantity, present condition of assets.

  •  

  • Check that the physical verification of Fixed Assets is carried out at least once in a year.

  •  

    6.9.8       Checklist for Sale of Wastage (zhut) Items.

     

  • Ensure that a separate space/yard is earmarked for keeping the wastage/zhut items. 

  •  

  • Ensure that a proper record is kept of receipts, issues, opening and the closing balances quantity of each item of zhut items.

  •  

  • It should be ensured that the entries in respect of receipts and issues in the wastage/Zhut Stock Register are made.

  •  

  • Scrap/wastage sale should be affected on spot payment terms ‐ cash / DDs at   the time of delivery. Ensure that full amount is collected from the customer before the material is allowed to be lifted.

  •  

  • Ensure that rates of wastage sales are approved by the managing director of the company.

  •  

  • The scrap/wastage Stock Register should be kept updated at all times.

  •  

  • A periodical physical verification of wastage stock should be made and the physical qty tallied with the book quantity. The discrepancies, if any should be reported.

  •  

    6.9.9       Check List for Bank Reconciliation.

     

  • Check that bank reconciliation statements in respect of all the bank accounts are prepared on a monthly basis.

  •  

  • Check that the entries appearing in the bank reconciliation statements are cleared in the subsequent month/months.

  •  

  • Check for any old pending entry and inquire into the nature and details of such an outstanding entry.

  •  

  • Check that entries relating to cheques issued but not presented for payment for more than 6 months are reversed.

  •  

  • Check that all postdated cheques received are kept in safe custody until deposited.

  •  

  • Check that all cancelled cheques are kept properly in the cheque book.

  •  

  • Check the cheque signing authorization levels of management and ensure that the cheques are signed according to the prescribed and delegated authority.

  •  

  • Check that cheque books / counter foils are kept in safe custody.

  •  

    6.9.10 Checklist for Accounts Recivable & Accounts Payable.

     

  • Get a list of Accounts Receivable and Accounts Payable on a particular date.

  •  

  • Select some buyers and suppliers with substantial balance.  

  •  

  • Check the entries made thereon with the supporting bills/vouchers.

  •  

  • Get statement of accounts of buyers and suppliers and reconcile with the Group’s ledger accounts.

  •  

  • Ask for confirmation of balance wherever necessary.

  •  

  • Inquire about long outstanding receivable balance.

  •  

    6.9.11 Checklist for Purchases of Goods and services.

     

  • Ensure that for every purchase there must be a requisition with approval of delegated authorities.

  •  

  • Minimum three quotations shall be attached with the requisition when the value of goods or services exceeds Tk 50,000.00.

  •  

  • Ensure that bills, Material Receiving Report (MRR), Delivery Challan are there for making payment to the suppliers.

  •  

  • Ensure that payments and invoices are posted to the respective ledger accounts by A & F department.

  •  

    6.9.12 Checklist for Human Resources Management.

     

  • Get a list of officers and staff (summary) and check with approved man‐power as per organization chart.

  •  

  • Check the personal files of staff and officers.

  •  

  • Verify the time cards/attendance sheets of the officers and staff.

  •  

  • Prepare list of surplus or shortage of personnel, if any.

  •  

  • Check the recruitment policy and ensure that due approval of appropriate authority has been taken.

  •  

    6.9.13 Checklist for Internal Control and Compliance.

     

  • Ensure taxation and statutory compliance is being met.

  •  

  • Books and records are maintained as per laws of the land. 

  •  

  • Taxes for consideration include income taxation, payroll tax, stamp duty, fringe benefits tax and requirements of the Income Tax Laws of Bangladesh.

  •  

  • Ensure that the Accounts & Finance Department follows the Accounting & Financial Manual for maintaining books of accounts, preparing vouchers, documents, etc.

 

7.1     Purposes of Audit Reports.    The principal objectives of audit reports are:

- to communicate the problems identified and the causes of those problems  to explain the effects and repercussions of those problems and quantify them where necessary  to measure performance ‐ by providing analyses and appraisals. 

-to highlight areas in which greater efficiency and effectiveness may be achieved, and waste eliminated  to convince management of the need for change to suggest practical and cost effective solutions  to provide a basis for follow up to ensure that appropriate action has been taken. 

 

7.2     Functions of Audit Report.     There are three main functions of an audit report. 

- First, it is an action document ‐ unless the report achieves action it will have been a waste of time for everyone involved in the audit. To achieve action the report should provide the client with a brief, objective assessment of control in the area under review and highlight any significant weaknesses identified. It should also bring out the impact of those weaknesses on the level of control and demonstrate to management that they need to do something about it:  by explaining the risks involved, and by quantifying, where possible, those risks and any potential benefits.  

 

- Second, it acts as a formal, permanent record of the audit work undertaken and the conclusions drawn from it, and the level of control which exists in a particular area at a specific point in time. 

 

- Finally, a good report ‐ by communicating professionalism and competence ‐ demonstrates Internal Audit’s objectivity and independence and shows that auditors can help to improve efficiency and effectiveness.

 

7.3    Quality of Internal Audit Report.     The Internal Audit Report is intended to communicate to the Management the results of the audit engagement. In order to achieve its objectives, the report must be: 

• • Accurate ‐ The information contained in the report should be accurate, free from errors and distortions and based on underlying facts. 

  •  

  • Objective ‐ fair, impartial and in an unbiased tone based on a balanced assessment of all relevant facts and circumstances, noting where management has taken actions to correct deficiencies and pointing out exemplary performance. 

  •  

  • Clear and logical ‐ providing all significant and relevant information and avoiding unnecessary technical language to support conclusions and recommendations. The language used should be simple and straightforward. 

  •  

  • Concise ‐ to the point and avoid unnecessary elaboration, superfluous detail, redundancy and wordiness. Only significant matters are brought to the report. Other issues should be dealt with through Management Letters and other communications.

  •  

  • Constructive ‐ helpful to the Auditee and the organization and lead to improvements where needed.

  •  

  • Timely – opportune and expedient and allows appropriate corrective action to be taken early.

  • 7.4          Elements of Audit Reports.              

     

    7.4.1 Internal auditors typically issue reports at the end of each audit that summarize their findings, recommendations, and any responses or action plans from management. An audit report may have an executive summary; a body that includes the specific issues or findings identified and related recommendations or action plans; and appendix information such as detailed graphs and charts or process information. Each audit finding within the body of the report may contain five elements, sometimes called the "5 C's":

     

  • Condition.    What is the particular problem identified?

  •  

  • Criteria.    What is the standard that was not met? The standard may be a company policy or other benchmark.

  •  

  • Cause.  Why did the problem occur?

  •  

  • Consequence. What is the risk/negative outcome (or opportunity foregone) because of the finding ?

  •  

  • Corrective action.     What should management do about the finding? What have they agreed to do and by when?

  •  

    7.4.2      The recommendations in an internal audit report are designed to help the organization achieve effective and efficient governance, risk and control processes associated with        operations            objectives,            financial                and                 management       reporting              objectives;            and legal/regulatory compliance objectives.

     

    7.4.3 Audit findings and recommendations may also relate to particular assertions about transactions, such as whether the transactions audited were valid or authorized, completely processed, accurately valued, processed in the correct time period, and properly disclosed in financial or operational reporting, among other elements.

     

    7.4.4 Under the IIA standards, a critical component of the audit process is the preparation of a balanced report that provides executives and the board with the opportunity to evaluate and weigh the issues being reported in the proper context and perspective. In providing perspective, analysis and workable recommendations for business improvements in critical areas, auditors help the organization meet its objectives.

     

    7.5          Reporting. 

     

    7.5.1 In this phase, after the evidence obtained is carefully evaluated, the findings and conclusions are refined and recommendations that will help Management mitigate risks and root causes of deficiencies are formulated. The Audit Report on the engagement is then prepared on the basis of this information. 

     

    7.5.2 The draft Audit Report is discussed with the auditee to obtain agreement on the facts, findings and the appropriateness of the recommendations. The Draft Report may be further refined on the basis of inputs received from the auditee. 

     

    7.5.3 When the draft Report is finalized, the Auditee is requested to provide the action plan for the implementation of the recommendations. This action plan is then incorporated into the Report.

     

    7.5.4 The final Report is issued to the Management and the auditee. Where necessary the report is presented orally to the Management.

    7.6 Guidelines for Drafting Audit Reports (Read in conjunction with Para 7.4.1 above).  The Audit Team shall prepare the reports following the guidelines shown below:

     

  • Report shall be based on reliable information and documentations.

  •  

  • Deal with the underlying cause of the problem and not just the symptoms.

  •  

  • Describe precisely what needs to be done.

  •  

  • Suggest clearly who should be responsible for taking action.

  •  

  • Report must be unambiguous, clear, concise, simple and easily understandable, achievable.

  •  

  • Each point shall fix the pin‐point responsibility.

  •  

  • Recommendations of the report should be clear and in concise and statistical forms not in historical forms.

  •  

  • Before finalization of audit reports, the Audit Team shall discuss the draft audit reports with the concerned GM/Manager/Officer.

  • 7.7          Action Plans.

     

    7.7.1 Action plans are vital to recording and monitoring the action taken by management on internal audit’s recommendations. They make follow‐up audits easier and more effective. An Action Plan should be prepared for every standard audit report. It details what management has agreed to.   

     

    7.7.2 Action plans list every recommendations, suggestions and guide lines contained in the audit report and show against each of them:

     

  • The comments of management.
  • Who is responsible for action?
  • The date by which action will be taken.
  • Recommendations to be followed.

  •  

    7.8          Audit for Follow‐up of Recommendations.  

     

    7.8.1 The audit for follow‐up of the recommendations is one of the most important stages of any audit, which should not be neglected or incorrectly implemented. If internal audit fails to make sure that its recommendations are implemented, then all of the investment in doing the audit may be wasted. Internal Audit Team shall follow up the recommendations made by them.

     

    7.8.2 The timing of the follow‐up should be determined in relation to the significance and impact of the recommendations and the criticality of the system which has been audited. It should also take account of the implementation dates given in the Action Plan. It is important that time for follow‐up audits is provided in the short term (annual) plan and that any specific follow‐up audits are scheduled upon completion of each audit.