Professional Documents
Culture Documents
Presentation On Requirement of Audit Trail
Presentation On Requirement of Audit Trail
Presentation On Requirement of Audit Trail
Requirement Of
Audit Trail
• In simple term, Audit Trail means a system that traces detailed transactions relating
to any item in an accounting record.
• More than a historical record, audit trails can show proof of compliance and
operational integrity
• If any software / system forms part of accounting system than its audit trail should
be maintained
CA Mitesh Lotia - Internal Auditor 3
Statutory Requirement
• Proviso to Rule 3 (1) of Companies (Accounts) Rules, 2014, for the financial year
beginning on or after 01-Apr-23, every company that uses accounting software to
maintain its books of account shall use only Accounting Software that has a feature
of recording an:-
Creating an edit log of each change made in books of account along with the
date when such changes were made.
• Clause (g) of Rule 11 of Companies (Audit and Auditors) Rules, 2014 read with sub-
section 3 of Section 143 of the Companies Act, 2013, requires auditors’ report to
state whether company, has used such accounting software for maintaining its
books of accounts:
To operated throughout the year for all transactions recorded in the software
• Only companies under companies act has this compulsion. LLP, partnerships,
Societies, trusts, are out of this requirements
• An auditor can trace financial data of a particular transaction right from general
ledger to its source document with the help of the audit trail.
• If existing software does not support audit trail then its newer versions or new
software application need to be installed
• Every software integrated with accounting software to have audit trail and edit log
feature
• Large store is required as every transaction & its version has to stored
• Both front-end entry and automatic transaction should be available in audit log
• Security and confidentiality of the audit trail data is crucial to prevent unauthorized
access to the data
• Each entry must have a timestamp using a controlled clock system that cannot be
changed.
• Systems should not allow to disabled Audit Trail after an initial system configuration.
• What user, system, or application launched the event / entered transaction i.e. IP
address and device type and Link to the record (Transaction Id, Record Id, etc)
• Affected field of the entity and type of action performed: registration, cancellation or
modification. System should not allow to delete and overwrite the voucher.
• The reason why the change has been made. Drop-down list.
• Data should be reviewed in the format in which they are collected, should not be
modified or deleted and must be retained in must suitable read-only credentials
• Minimum requirement:- Initial entry; who performed action & when; Updated entry;
who updated/edited entry & when; reason
Management Responsibility
Auditor Responsibility:-
Advantages (Pros)
• Improves security
Disadvantages (Cons)