Professional Documents
Culture Documents
CA Inter Audit Addendum
CA Inter Audit Addendum
Note: Both SA & SRE apply to engagements involving historical financial info.
• Compilation Engg: Practitioner may be called upon to assist mgt with preparation & presentation
of historical financial info. without obtaining assurance on that info. Such type of compilation engg
fall in the category of related services & practitioner issues a report clearly stating that it is not
an assurance engg & no opinion is being expressed.
• Examples:
ü SRS 4400 Engagements to perform agreed-upon procedures regarding financial info.
ü SRS 4410 (Revised) Compilation engg.
CA Shubham Keswani 1
Inter Audit Addendum
Standards on Quality Control (SQCs)
• Establish standards & provide guidance regarding a firm’s responsibilities for its system of quality
control for conduct of engagements.
• SQC 1 has been issued in this regard.
• Requires auditors/practitioners
ü to establish system of quality control
ü so that firm & its personnel comply with professional standards & regulatory & legal
requirements &
ü reports issued are appropriate.
Scope of Audit
Inclusions:
1. All Aspects of Entity: Audit should cover all aspects of entity relevant to FS being audited.
Summarise: Ensuring that FS properly summarize transactions & events recorded, considering
judgments made by mgt in preparation of FS.
Historical Financial Info: Understand that FS are prepared on historical financial info. basis. For eg,
when purchases & sales are reflected in FS, these are eg of historical financial info. Transactions
which have occurred in past.
CA Shubham Keswani 2
Inter Audit Addendum
What is doesn’t Include?
Ethics
“Ethics” means moral principles which govern a person’s behaviour or his conducting of an activity.
SA 210
If Auditor doesn’t agree with change in terms & mgt doesn’t permit to continue original audit engg?
Auditor shall:
a) Withdraw from audit engg. where possible under applicable law or regulation and
b) Determine whether any obligation to report other parties, such as TCWG, owners or regulators.
SQC-1/SA 220
Engg Performance
Consultation should take place in difficult or contentious matters pertaining to an engg.
• It includes discussion, at appropriate professional level, with individuals within or outside the
firm who have specialized expertise, to resolve a difficult or contentious matter.
CA Shubham Keswani 3
Inter Audit Addendum
Ch-2 Audit Planning
Extract of Sample audit programme pertaining to sales of an entity
Summary: Trace invoices with Copies/Accounts (Co./Buyers) /Stock records/E way bills
B. Creditors
1. (a) Are suppliers’ invoices routed direct to Accounts Department?
CA Shubham Keswani 4
Inter Audit Addendum
(b) Are they entered in a Bill register before submitting them to other departments for check
and/or approval?
(c) Are advance & partial payments entered on the invoices before they are submitted to other
departments?
2. Does the system ensure that all invoices are duly processed?
3. In respect of raw material & supplies, are reconciliations made of quantities and/or values
received as shown by purchase invoices with receipt into stock records?
4. Does Accounts Department match invoices with Goods Received Notes & POs?
5. Do all invoices bear evidence of being checked for prices, freight, terms etc.?
6. Are all advance payments duly authorized by persons competent to authorize such payments?
7. Are duplicate invoices marked immediately on receipt to avoid payment against them?
8. Are all supplier’s statements compared with ledger accounts?
9. Is there any follow-up action to investigate difference, if any, between suppliers’ statements &
ledger accounts?
10. Is a list of unpaid creditors prepared & reconciled periodically?
C. Inventories
1. Are stocks stored in assigned areas?
2. Are stocks insured comprehensively against different risks? If some risk is not insured,
whether it is due to specific decision taken by a senior official?
3. Is a record maintained for the insurance policies?
4. Is the record reviewed periodically?
5. Is there an official who decides on the value for which stocks are to be insured?
6. Is the adequacy of insurance cover reviewed periodically?
7. Are perpetual stock records kept for raw materials, work-in-progress, finished goods and
stores?
8. Are stock records periodically reconciled with accounting records?
D. Fixed Assets
1. Are budgets for capital expenditure approved?
2. Is authority to incur capital expenditure restricted to specified officials?
3. Are purchases of capital expenditure subject to same controls as applicable to purchases of
raw materials, stores etc.?
4. Is there proper check to see that amounts expended do not exceed the amount authorized?
5. Are fixed assets verified periodically?
6. Is there a written procedure for such verification?
7. Are reports prepared on such verification?
8. Do such reports indicate damaged/obsolete items of fixed assets?
CA Shubham Keswani 5
Inter Audit Addendum
Internal Controls over Financial Reporting
Provision of Nature of Responsibility
Companies Act
Sec 134(5)(e) For listed Cos, Directors’ responsibility statement shall state that Directors had
laid down IFCs to be followed by Co. & such IFCs are adequate & operating
effectively.
Sec 143(3)(i) Auditor’s report shall state whether Co. has adequate IFCs system in place & also
on operating effectiveness of such controls.
This requirement shall not apply to–
(i) is OPC or Small Co. or
(ii) Pvt ltd Co. (T/o < ₹50 Cr (last audited FS) & Borrowings from Banks/FI (during
FY) < 25 Cr )
Sec 177(4)(vii) Every audit Committee shall act as per terms of reference specified in writing by
Board which shall, inter alia, include - evaluation of IFCs & risk mgt systems.
Sec 149(8) Co. & independent directors shall abide by Schedule IV which lays down Code for
independent Directors.
Independent directors shall satisfy themselves on integrity of financial info. &
that financial controls & systems of risk mgt are robust & defensible.
Ch-6 Sampling
Selecting Items for Testing to Obtain Audit Evidence
When designing TOCs & TODs, auditor shall determine means of selecting items for testing that are
effective in meeting purpose of audit procedure.
Means available to the auditor for selecting items for testing are:
a) Selecting all items (100% examination);
b) Selecting specific items; and
c) Audit sampling.
Application of any one or combination of these means may be appropriate depending on the auditors’
judgement to obtain audit evidence.
CA Shubham Keswani 7
Inter Audit Addendum
When evaluating results of individual confirmation requests, may categorise such results as follows:
a) A response by appropriate confirming party indicating agreement with info. provided in
confirmation request, or providing requested info. without exception
b) A response deemed unreliable
c) A non-response or
d) A response indicating an exception.
Auditor’s evaluation, when taken into account with other audit procedures may assist in concluding
whether SAAE been obtained or performing FAP is necessary, as per SA 330.
SA 550
Considerations specific to smaller entities by auditor
Control environment in smaller entities is likely to be different from larger entities.
• TCWG may not include an outside member & governance directly by owner-manager where no other
owner exists.
• Control activities shall be less formal & no documented processes for dealing with related party
relationships & transactions.
• An owner-manager may mitigate risks arising from RPTs, or potentially increase risks through
active involvement in all main aspects of transactions.
Conducting an Audit
Audit of banks or their branches involves following stages –
ii) Internal Assignments in Banks by Statutory Auditors: Audit firms shouldn’t undertake statutory
audit assignment while they are associated with internal assignments in bank during same year, like
Concurrent audits (Internal Audit of Banks conducted monthly during the year)
CA Shubham Keswani 8
Inter Audit Addendum
iii) Planning: SA 300 requires auditor to undertake following prior to starting an initial audit:
a) Performing procedures as per SA 220 regarding acceptance of client relationship & specific
audit engagement and
b) Establish understanding of terms of engg. as per SA 210.
iv) Communication with Previous Auditor: As per Clause (8) of Part I of First Schedule to CA Act,
1949, a CA in practice can’t accept position as auditor previously held by another CA without first
communicating with him in writing. He should get a NO Objection Certificate (NOC) from previous
auditor to know whether he has any objections to such appointment, for any valid reasons.
v) Terms of Audit Engagements: SA 210 requires that for each period to be audited, auditor should
agree on terms of audit engg. with bank before beginning significant portions of fieldwork.
vi) Initial Engagements: Auditor perform audit procedures as per SA 510 & if concludes that opening
balances contain misstatements which materially affect FS for current period & effect is not
properly accounted & disclosed, express a qualified or adverse opinion.
vii) Assessment of Engg Risk: Critical part of audit & done prior to acceptance of audit engg since it
affects decision of accepting engg & planning if audit is accepted.
viii) Establish the Engg Team: Assignment of qualified & experienced professionals is important
component of managing engg risk.
ix) Understanding Bank and its Environment: SA 315 lays down that auditor should obtain
understanding of entity & its environment, including internal control, to identify & assess RoMM
whether due to fraud/error & design & perform further audit procedures.
2. Identifying and Assessing the RoMM: SA 315 auditor to identify & assess RoMM at FS & assertion
level for ABCD to provide basis for designing & performing FAP.
3. Understanding Bank & Its Environment including Internal Control: Understanding of bank & its
environment, including internal control, enables auditor:
• to identify & assess risk;
• to develop an audit plan determine operating effectiveness of controls and
• to address the specific risks.
4. Understanding Bank’s Accounting Process: Accounting process produces financial & operational info.
for mgt’s use & also contributes to bank’s internal control. Thus, understanding of accounting process
is necessary to identify & assess RoMM & design & perform FAP.
6. Engg Team Discussions: To gain better understanding of banks & its environment, including IC, &
also assess RoMM.
9. Audit Planning Memorandum: Auditor should summarise audit plan by preparing an audit planning
memorandum in order to:
• Describe expected scope & extent of audit procedures to be performed by auditor.
• Highlight all significant issues & risks identified during planning & risk assessment activities, &
decisions concerning reliance on controls.
• Provide evidence that they have planned audit engg & responded to engg risk, pervasive risks,
specific risks, & other matters affecting audit engg.
10. Determine Audit Materiality: It’s a matter of professional judgment & depends upon knowledge of
bank, assessment of engg risk & reporting requirements for FS.
12. Assess the Risk of Fraud including Money Laundering: As per SA 240 “Auditor’s Responsibilities
Relating to Fraud in an Audit of FS”, auditor’s objective is to identify & assess RoMM in FS due to
fraud, to obtain SAAE on those identified misstatements & respond appropriately.
• Attitude of professional skepticism should be maintained by auditor to recognise possibility of
misstatements due to fraud.
• RBI has framed guidelines dealing with prevention of money laundering & “Know Your Customer
(KYC)” norms.
• Requiring banks to establish policies, procedures & controls to deter & recognise & report money
laundering activities.
13. Assess Specific Risks: Auditors should identify & assess RoMM at FS level which refers to risks
that relate pervasively to FS as whole & potentially affect many assertions.
14. Risk Associated with Outsourcing of Activities: Modern day banks use outsourcing as means of both
reducing costs & making use of services of an expert not available internally. No. of risks associated
with outsourcing of activities by banks & therefore banks should effectively manage those risks.
15. Response to Assessed Risks: SA 330 requires auditor to design & implement overall responses to
address assessed RoMM at FS level. Auditor should design & perform FAP whose NTE depend on
assessed RoMM at assertion level.
CA Shubham Keswani 10
Inter Audit Addendum
16. Stress Testing: It’s a software testing activity that determines robustness of software by testing
beyond the limits of normal operation.
• Particularly important for "mission critical" software, but is used for all types of software.
• RBI requires commercial banks to have a Board approved ‘Stress Testing framework’ which would
integrate into their risk mgt systems.
17. BASEL III framework: Basel norms or accords are International Banking regulations issued by
BCBS. Basel Committee on Banking Supervision (BCBS) & Financial Stability Board (FSB) has undertaken
an extensive review of regulatory framework in the wake of sub-prime crisis.
In document titled ‘Basel III: A global regulatory framework for more resilient banks & banking
systems’, released by the BCBS in December 2010, it has inter alia proposed certain minimum set of
criteria for inclusion of instruments in new definition of regulatory capital. Set of agreement by BCBS,
which mainly focuses on risks to banks & financial system are called Basel accord.
Ch-17
Audit of Sole Proprietor (SP)
• No legal obligation to accounts audited.
• Auditors shall be appointed by sole proprietor himself.
• In case of change of auditor à duty of incoming auditor to communicate with previous auditor.
CA Shubham Keswani 11