INTERNAL AUDIT SERVICES

The objectives of Internal Audit:

The objective of Internal Audit is to evaluate and improve the effectiveness of governance, risk management, and control process. The overall objective of internal auditing is to assist all members of the management in exuding their responsibilities. Also, to help them with objective analysis, recommendations, and relevant comments concerning any phase of business activity wherein they can be of service to management. In short, Internal Audit will help the management for:

• Assessing the Risk involved
• Assisting management in the evaluation of internal controls
• To bridge the gaps by strengthening the internal controls and to accomplish organizational objectives
• Evaluating process performance and managing risk effectively
• Help to find the deviations from KPI and to get proper recommendation/ suggestion for improvement
• To verify the fulfilment of plans and sound business requirements and also to focus on objectives
• To evaluate evidence in connection with the situation and issues

Methodology Used in Internal Audit:

1. Defining the Scope of Internal Audit

2. Drafting the Risk Assessment Matrix

Risk Assessment Matrix (RAM) is used to define the risk category of each process and sub-processes or areas under the scope of Audit. The level of risk is defined considering the likelihood or probability against the category of consequence severity.

3. Risk-based Internal Audit Plan

A detailed Audit plan will be drafted in discussion with the Management and areas to be prioritized depending upon the risk category & also the nature of the function. Broad areas to be Covered (Can vary depending on the industry and choice of Management)

• Revenue
• Procurement of Goods/ Services
• Inventory
• Logistics
• Information Technology Infrastructure.
• Finance
• Fixed Assets
• Statutory Compliance
• Admin & general Operations, etc.

4. Execution of the approved Internal Audit Plan

On Approval of the Audit plan, fieldwork is executed by performing a walk-through, enquiry, questionnaire, etc. Clients are kept informed of the audit process and the status of the audit.

5. Submission of Draft/ Final Reports to highlight the issues with risk rating and reporting to the management

Once the execution stage is completed, all the observations are collated in a draft report. The risk rating is allotted to all observations with the responsibility of the concerned function. This report is discussed with the Management or Authorised personnel to highlight the issues, concerns, and deviations.

6. Follow-up and Action Taken Report

As it will be a continuous process, the scope does not end with the submission of reports. The follow-up action taken report (ATR) will be represented to the management on the status of observations and its closure status. Any long-pending observations critical to the business will be bought to the notice of the management to set a further course of action.

Independent review and appraisal of the organization’s financial and relevant operational activities will be better when the internal auditor is not part of the organization and is independent.