The document outlines the evolving role of internal auditing in enhancing organizational operations through value addition and effective risk management practices. It emphasizes the importance of continuous improvement, professional standards, and collaboration with management to achieve operational excellence, efficiency, and compliance. Additionally, the document highlights the challenges faced by internal audit functions and the need for a proactive, consultative approach to fulfill their objectives effectively.

1. Value Adding Internal Audit

2. “ This changed world is demanding New and Better things. The Quality which you should possess to Win is definiteness of Purpose, the Knowledge of what you want and a burning Desire to possess it” Quality to Win

3. Excerpts from ‘Internal Auditor’ Oct 2000 “ My first impression on internal auditing was totally wrong. I thought its only purpose was to catch management making mistakes, and I looked at it as intrusive. But I’m living proof that internal auditors can affect how they’re perceived. In my first five to eight years at Bon Secours Health System, I began to learn what can happen if you use an internal audit program effectively. My appreciation and awareness of the internal audit profession has only grown over time. Internal Auditors are a valuable part of any complex organisation, THEY ARE ONE OF THE MOST IMPORTANT COMPONENTS OF AN ORGANISATION CRITICAL TO SUCCESS….” Chris Carney, Chief Executive Officer, Bon Secours Health Systems Inc.

4. “ We are what we repeatedly do. Excellence, then, is not an act but a habit” Philosoper Aristotle Internal Audit Practices

5. What is habit? Habit is a result of our thoughts and repeated actions influenced by our desire, our knowledge and skill. Internal Audit Practices

6. ” Sow a thought, a right thought, reap an action, reap a habit - sow a habit, reap a character - reap the destiny of excellence”. Route Map: Thoughts --> Words --> Actions --> Habits --> Character --> Destiny Internal Audit Practices

7. Internal Audit Practices also need to follow the same route Thoughts - Be convinced that IA is value adding Words - Commit to Management/colleagues/Profession Actions - Practice, share, develop Habits - Repeat & Repeat Destiny of Excellence - Stand out & reach excellence Internal Audit Practices

8. Professional Requirements Internal Auditors’ conviction Management philosophy ISO – Quality Standards Internal Audit Perspectives

9. Internal Audit redefined (by the Institute of Internal Auditors, Inc, USA – the International Body promoting the profession of Internal Auditing) “ Internal Auditing is an Independent and Objective Assurance and Consulting Activity that is Guided by a Philosophy of Adding Value to Improve the Operations of the Organisation. It Assists an Organisation in Accomplishing the Objectives by Bringing a Systematic and Disciplined Approach to Evaluate and Improve the Effectiveness of the Organisation’s Risk Management, Control, and Governing Processes.”

10. Internal Auditing Professional Practices Framework Code of Ethics Practice Advisories Professional Guidelines

11. Strong and effective Audit Committees Post Enron-World Sarbanes Oxley Act / Naresh Chandra Committee Corporate Governance Focus Internal Control Framework - COSO, COCO, COBIT etc. Enterprise Risk Assessment focus Changes taking place around Internal Audit - External

12. Annual one time audit methodologies redundant - Effective Audit cycle determination Continuous auditee feed back mechanism for effective & frequent reporting Ensuring involvement of Senior Business Group Managers in the Audit Process Challenges facing Internal Auditing Profession - Internal

13. Audit Team constitution - skill profile management Holistic approach rather than an isolated unit specific approach - Audit by different Audit Teams Frequent interaction, effective discussion of repeated audit features - lead to aiming at perfection ie. From Repeated deficiencies to zero’ defect situation - convincing ability and working together with auditees Challenges facing Internal Auditing Profession - Internal

14. Our Vision “ PROVIDE WORLD CLASS INTERNAL AUDIT SERVICES”

15. Mission Management audit team will play an effective role in the organisation as internal consultants, guided by the philosophy of adding value to improve the operations of the organisation. Management audit will, on a continuous basis evaluate the internal controls operating in various business operations of the organisation based on proper risk analysis and also review the effectiveness of the governing processes.

16. Mission Management audit will assist the line management in translating the agreed recommendations into results by extending support through collaborative efforts. Management audit will endeavour to continuously assess and improve the quality of people, process and deliverables to achieve its objectives.

17. Quality Policy "WE, AT MANAGEMENT AUDIT DIVISION OF E I D PARRY (INDIA) LIMITED ARE COMMITTED TO PROVIDE TOTAL CUSTOMER SATISFACTION THROUGH OUR QUALITY SERVICES BY CONTINUOUS UPGRADATION OF ACTIVITIES, KNOWLEDGE AND SKILLS”

18. 'Value Addition & Quality' (Management Audit Division's Motto) Value Addition & Quality" are customer focused concepts and meant to satisfy the customers. For the Management Audit Service provider, there are more than one customer. Operating Management, Business Group Management, Corporate Executive Management, Board Audit Sub-Committee and Statutory Auditors as customers of the Management Audit Division do expect a value added and quality service from the Internal Auditors.

19. The term 'Value' can be viewed from different dimensions. Adding value to the 'bottom line' through Audit recommendations that save cost or augment revenue is of prime importance. Audit Contributions can also add value through suggestions for improvements in the Business Processes or through putting in place a sound and effective Internal Control systems based on proper risk assessment which will lead to achieving the Objectives of the operating Units. 'Value Addition & Quality' (Management Audit Division's Motto)

20. The term 'Quality' refers to the 3 Ps. That is People, Process and the Product. The quality of people employed in the Management Audit Function, the quality of various Audit Processes that are being followed by them and the quality of the final product delivered (viz, the Audit Report) by them to their customers determines the success of the Division. Achievement of this Value Addition and Quality is facilitated by a proactive approach to Audit and by exhibiting high standard of professionalism by the Members of the Management Audit Team in their work. 'Value Addition & Quality' (Management Audit Division's Motto )

21. Charter The Chief Audit Executive (CAE) who reports to the Board Audit Sub-Committee functionally manages the Management Audit Function. The Management Audit Function has the following primary objectives: Financial Integrity - Provides the Board of Directors with a means to assure that financial information is credible.

22. Charter Internal Control - Provides management with an independent means to monitor and evaluate the Company's internal control environment. Cost Savings - Evaluates Company operations to identify cost savings opportunities for management action, and assists in communicating and implementing such cost savings ideas within and between operating divisions.

23. Charter Operational Performance - Evaluates the effectiveness and efficiency of operational performance. To satisfy these responsibilities, the Management Audit Function has free and unrestricted access to all financial and operating information within the Company.

24. Internal audits are performed at all the company’s locations according to an annual audit plan which is approved by the Audit Committee. Audit reports are issued to Business Group Management / Corporate Senior Management. Resolutions to audit findings are sought during the performance of the audit, or timely follow-up audit procedures are performed to determine that audit findings are resolved. Charter

25. Management and the Audit Committee believe that professional, independent Internal Audit Function is essential to the most economical, effective and efficient functioning of the Company. Purpose

26. This charter summarizes the purpose and objectives of the Management Audit Function and delegates to the CAE the authority necessary to achieve these objectives. The following policy applies to all employees of E I D Parry (India) Limited. Purpose

27. "The Internal Audit is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. ” Policy

28. The objective of the Management Audit Function is to assist members of the organization, especially management and the Board of Directors, in the effective discharge of their responsibilities. To this end, the Management Policy

29. Audit Function furnishes them with analyses, appraisals, recommendations, opinions, counsel, and information concerning the activities reviewed. The information furnished to each may differ in format and detail, depending upon their requirements and requests. Policy

30. The Management Audit Function examines and evaluates the adequacy and effectiveness of the system of internal control provided by the Company. The objective is to provide all levels of management with sufficient, competent, relevant and useful information which will help them assure: Policy

31. The reliability and integrity of corporate information compliance with policies, plans, procedures, laws and regulations. the safeguarding of corporate assets. the economical and efficient use of resources. the accomplishment of established objectives and goals for operations or programs. Policy

32. From the objective of 'adding value through consulting activity' of Internal Audit function as stated above, certain specific areas are also covered in the scope of audit and suggestions given for the improvement of organisation operation. Policy

33. Example: 1. Marketing & Sales 2 . Human Resources 3. T echnical Operations 4. Research & Development 5. T reasury Management 6. Non-performing Assets etc. Policy

34. Board grants and Management acknowledges to the Management Audit Function full and complete access to all records, personnel, physical properties or information of the organistion deemed necessary in accomplishing its audit activities. Documents and information given to Internal Auditors during a review are handled in the same prudent manner as by those employees normally accountable for them. Authority

35. Audit staff have no direct responsibility for or any authority over the activities that they review. Recommendations by Management Audit are implemented by Operating Functions. The CAE reports directly to the Audit Committee. Authority

36. The CAE is responsible for providing overall direction and control of the Management audit program to assure that: The Management Audit Function is staffed and operated in accordance with the requirements from time to time. Responsibility

37. Audit planning provides for functions within the organisation to be reviewed at appropriate intervals to determine whether they are carrying out their functions economically, efficiently, effectively and in accordance with Company policies and procedures Responsibility

38. The results of the examinations made by the auditors, the opinions which they form, and the recommendations which they make are promptly reported to the management personnel who should be informed or who should take appropriate action. Copies of audit reports are normally distributed to the audited area's chain of command up to and including the Head of the audited area. Periodically, the CAE meets Senior Management. Responsibility

39. At the Audit sub-Committee Meetings the CAE provides the summary of significant observations, actions committed and the status on implementation. Periodically, the CAE provides written reports on its activities to the Audit Committee and Senior Management. Responsibility

40. Any plans or actions taken to correct reported conditions are evaluated to determine whether the corrective action taken is achieving desired results, or that management has assumed the risk of not taking corrective action. Responsibility

41. The Management Audit Function is a staff Function and does not have the authority or responsibility to implement its recommendations. During each audit the manager to whom the audit report is directed is asked to respond to recommendations and outline plans for action. At an appropriate period following the audit, the manager may be asked to respond in writing regarding action which has been taken. Responsibility

42. Determination of areas or functions to be audited is made by the CAE in consultation with the Business Group Heads and as per the direction of the Audit Sub- Committee. An officer or manager of the company may also request an audit in their area of responsibility. Responsibility

43. Quality Audit Systems - ISO 9001 : 2000 Internal Audit Practices

44. Internal Audit Practices

45. Internal Audit Practices

46. Internal Audit Practices

47. Internal Audit Practices

48. Consultancy Focus (Technical Audit as an effective Wheel) Partnership with Customers Support / Guidance from External Specialists MEASURE BENEFIT EXPLORE, STUDY & RECOMMEND FACILITATE IMPLEMENTATION INNOVATE CREATE AWARENESS

49. Assurance Focus (General / Operational Audit Wheel) Best Practices / Manuals Standards & Audit Tools Provide Education & training to people Review Risks, Controls & Governing Processes Provide Continuous Assurance to Management Create Awareness and facilitate putting systems & controls Facilitate Self Audits, Review effectiveness

50. Systems Focus Information Systems Audit & Control Global Best Practices ‘ COBIT’, IS Standards, ‘CAATS’ Review IS Policies on Security / Controls & Practices Review Risks, Controls & recommended measures to address control weaknesses Continuous feedback to Management on IS Status Create Awareness and facilitate institutionalising IS Control Systems Review IS Resource Utilisation & facilitate optimising IS Potentials

51. Effectiveness & Efficiency of operations Cost Saving Potentials Achievement of Business Plan Objectives Effectiveness of Internal Controls & Systems Transactional discrepancies having material financial impact Effectiveness of Financial reporting Processes Safe guarding of Company Assets Effectiveness of Compliances (Internal / External) Management Audit Focus Eight elements of effective Audit Apply to all Operational areas - Projects, Procurement, Production Processes, Despatch, Marketing & Selling & Support Services (Inbound -- Operations --Outbound)

52. CUSTOMER OPERATING MANAGEMENT BUSINESS GROUP HEADS EXPECTATIONS COST CONTROLS / PROFIT IMPROVEMENT NEWER WAY OF DOING THINGS IMPROVEMENTS IN OPERATIONS / BUSINESS PROCESSES ASSURANCE THAT EVERY THING IS ‘ OK’ AT THE UNIT Audit Customers & Their Expectations

53. CUSTOMER CORPORATE EXECUTIVE MANAGEMENT EXPECTATIONS PROPER RESOURCE UTILISATION ARE CORPORATE GUIDELINES EFFECTIVELY FOLLOWED STATUTORY COMPLIANCE ASSURANCE THAT THINGS ARE IN ORDER Audit Customers & Their Expectations

54. CUSTOMER BOARD AUDIT SUB-COMMITTEE STATUTORY AUDITORS EXPECTATIONS CORPORATE GOVERNANCE REQUIREMENTS EFFECTIVENESS OF AUDIT FUNCTION SCOPE & COVERAGE OF INTERNAL AUDIT SYSTEM COMMENSURATE WITH SIZE OF BUSINESS Audit Customers & Their Expectations

56. “ Management Audit the Driving Force” Visible Top Management Support Effective Business Group Management Support Co-operative Operating Team Efficient & Contributing Suport Audit Teams Structured Audit Administration Well informed Audit Sub-Committee Management Audit – the driving force

59. Effective Use of Computers Automated Audit Administration WEBMARS Features Screenshots Internal Audit Practices

60. Deployment of Automated Audit Management tools for effective functioning  “ WEBMARS 99” Web based Management Audit Reports Repository, Retrieval & Monitoring System  “ MAP-EMS 01” Management Audit Planning and Engagement Monitoring System  “ Energy Auditing System” Energy Auditing data collection & analysis tool

61. v Methodware Diagnostic Audit Software Tools Ø Audit Ranking Advisor Risk based Audit Planning Tool where Risk Assessment Criteria is pre-defined Ø Management Advisor Application of COSO Internal Control Frame Work – [Internationally recognized Control parameters] to all the Business Processes Deployment of Automated Audit Management tools for effective functioning

62.  Pro Audit Advisor Risk based Audit Execution based on COSO [Reports on Internal Controls and Governing Processes] and Cadbury Report with automated working papers Ø COBIT Advisor Evaluation of IT processes against the COBIT Frame work. [Control objectives under IT environment] Ø Risk Advisor Capturing Risk Management Standards and developing centralized Risk Register Deployment of Automated Audit Management tools for effective functioning

63. Tracing the Achievements  Frame shift from a narrowly viewed routine audit environment to a proactive Management level consulting / facilitating role  Introduction of Technical Audit Reviews to focus on Cost Savings / Operational improvements – Achievement of cultural break through  Multiplication of audit benefits by organizing focused Workshops / Seminars on different Technical Audit areas  Introduction of a more effective role by Internal Audit in the Audit Sub-Committee proceedings and involvement of Business Unit Heads

64. Tracing the Achievements  Action oriented facilitating role in the area of documentation of structured Systems / Procedures / Internal Controls  Conceptualisation & implementation of a unique Web based Report Monitoring System using information technology advancements (“WEBMARS”)  Structured Audit documentation system leading to achievement of ISO 9002 Certification for the Audit Processes  Taking a lead in constituting a forum for the Group Internal Auditors under the banner “GIAF”

65. Tracing the Achievements  Among one of the first few Divisions to host a Home Page on the EID Intranet  Introduction of Audit Tools for making the Audit Processes more scientific and data based  Development of inhouse Audit Planning / Execution System – “MAP-EMS”  Recognition of the need for a more collaborative association with Support Auditors and organizing regular Support Auditors’ Meet to bring them into EID Management Audit Culture

66. Tracing the Achievements  Shift towards a more structured Training Plan for the Audit Team Members  Team members active involvement in related Professional Associations to get benefit of latest developments in the areas of audit (ENFUSE, Institute of Internal Auditors Inc., ISACA etc.) Secretary, Ms B K Seethalakshmi got the distinction as Winner of the All India - Best Administrative Practice Award from IASAP (Indian Association of Secretaries and Administrative Professionals) jointly with Blue Dart for the year 2002-03 Head of Audit, Mr M Rajeshwaron assumed the Office of President of Madras Chapter of The Institute of Internal Auditors Inc. USA for the year 2003-04

67. Some of the Best Practices in Management Audit  Innovative and high visual presentations on Audit Issues / Recommendations / Reports Presentation  Joint control Assessments – partnering with Business Managers on Internal Control concepts  Cost Savings and Revenue improvement goals  Web Based Audit Activities (Automated Follow up Audits)  Internal Audit Web Sites  Technical Audit Experience sharing & effective involvement of operating Executives in all exercises.  Internal ‘Balance Score Card System’ for Management Audit Function

68. Successful IA Team Effective Communication Appropriate Skill sourcing / Competency Resource Centre [ Knowledge Management System ]

69. ACTION PLAN PLAN DO CHECK ACT 1. ORGANISE YOURSELF 2. PLAN CLEAR OBJECTIVES, PRIORITISE 3. CLEAR DIRECTION FOR EFFECTIVE EXECUTION 4. MONITOR PROGRESS CLOSELY 5. COMPARE RESULTS WITH PLAN 6. TAKE CORRECTIVE ACTION “ P D C A CYCLE ”

70. Thank You