Page 318 - CA Final Audit Titanium Full Book. (With Cover Pages)
P. 318
CA Ravi Taori
Business Documents Understanding: Internal auditor must obtain knowledge of various business documents
– Standard Operating Procedures and Financial Statement, etc.
IT Landscape Knowledge: Internal auditor must also understand the underlying Information Technology
landscape, various applications, ERP systems, and the Management Information System of the organization.
Step 2 – Perform Audit Planning
Audit scope : Audit scope must be approved by Audit Committee and Board of Directors.
SIA 310: Internal Auditor must plan the audit engagement as per the Standard on Internal Audit (SIA) 310,
Planning the Internal Audit Assignment.
Work Plan Preparation: Detailed work plan must be prepared by the audit managers and approved with
Head of Internal Audit / Chief Internal Auditor. The work plan must be prepared after evaluating all major
underlying risks in the process being reviewed and the audit checks to assess the control environment's
adequacy.
Sharing Audit Plan: Once approved, Internal Auditor must share detailed Audit Plan with the key managerial
personals and plan in advance the detailed schedule of the Internal Audit to be conducted.
Opening Meeting: Internal Auditor must conduct the opening meeting with key stakeholders before the start
of the audit engagement and share details of Information and System Access required to perform the audit.
Step 3 – Gather required information
Direct Source: To the extent possible, Internal Auditor must obtain the information directly from the source.
Advance intimation: Adequate planning should be done and advance intimation should be made for any
interim information needed for performing audit checks.
Information Integrity: Internal Auditor must obtain the required information and perform checks to ensure
correctness and integrity of information received.
Step 4 – Perform audit checks
1. Analytical Procedures: Internal Auditor should collate all data and perform analytical procedures to
identify key trends and outliers. Analytical procedures should be performed in accordance with the Standard
on Internal Audit (SIA) 6, Analytical Procedures. To the extent possible, relevant analytical tools may be used
to perform review of the complete data for the audit period.
2A. Sampling: Wherever needed, Internal Auditor must select the sample in accordance with Standard on
Internal Audit (SIA) 5, Sampling.
2B. Audit Testing: Detailed audit testing must be performed as per the audit work plan. Internal Auditor must
ensure adequate evidences must be collected and stored in accordance to Standard on Internal Audit (SIA) 320,
Internal Audit Evidence.
3A. Audit Issues: Internal Auditor must prepare detailed list of the Identified audit issues and controls gaps.
3B. Interim Reports: Interim reports may be issued after proper review of the work performed as per the
Standard on Internal Audit (SIA) 350, Review and Supervision of Audit Assignments.
4. Documentation: Adequate documentation of the internal audit work papers needs to be ensured as per
Standard on Internal Audit (SIA) 330, Internal Audit Documentation.
Step 5 – Reporting of Internal Audit Issues
Adherence to SIA: Internal auditor must adhere to Standard on Internal Audit (SIA) 360, Communication
with Management and Standard on Internal Audit (SIA) 370, Reporting Results while sharing the result of
internal audit with the stakeholders.
Draft Report: Internal Auditor must prepare a draft report of Internal Audit issues comprising of the business
process/function reviewed as per scope, detailed audit coverage and exclusions, if any, and audit period covered
during the audit.
Audit Findings: Summary along with detailed issues over the gaps noted along with implication of the
business and recommendation to mitigate the identified gaps.
Management Action Plan: Management Action Plan should be agreed along with responsibility of action and
timelines for actions.
www.auditguru.in 16.6
