SlideShare a Scribd company logo

Audit Methodology

Rahul Bhan (CA, CIA, MBA)
Rahul Bhan (CA, CIA, MBA)

Mehrotra and Mehrotra is an audit firm based in India that uses a risk-based audit methodology. Their methodology focuses on understanding the client's business, assessing risks, developing an audit strategy and plan, performing audit fieldwork, dealing with critical issues, and reporting findings. They aim to provide assurance on operations and identify compliance issues. Their audits are tailored to each client and focus on high-risk areas. They also incorporate IT auditing and use technology to enhance their methodology. The firm ensures legal compliance with various Indian labor, environmental, and tax laws across different stages of the compliance audit process.

1 of 23
Download to read offline
Audit Methodology at Mehrotra and Mehrotra Chartered Accountants Riskpro, India (Mehrotra and Mehrotra Chartered Accountants) 1
Make Decisions…… Take Risks……....... Experience Success! Your partner in risk management |governance |compliance |audit 2
Contents About Riskpro, India 4 About Mehrotra and Mehrotra 6 (see attached detailed profile of Mehrotra and Mehrotra) Our Philosophy 7 Quality Assured 8 Clear and Continuous Communication 9 Annexure I - Our Audit Methodology 10 Annexure II – Legal Compliance 18 Contact details 23 3
About Riskpro, India Riskpro is India’s first national practice dedicated to risk management services and training, corporate governance, and global regulatory compliances Risk can be defined as a prospect of loss or reduced gain that can adversely affect the achievement of an organisation’s objectives When greed overtakes need, it spells trouble. Manifested as ‘bankruptcy’ in much of the developed world and ‘corruption’ closer to home, greed has clearly disrupted some major industrialised economies and enhanced the risks of doing business In today’s world, risks are not few. The reason companies so often fail to systematically manage their key risks is rooted in the way they define the risks they face. Risks are manageable and the answer to untapped business opportunities that lie dormant waiting for risk factors to turn favourable Riskpro was founded in 2009 with offices in Mumbai, Delhi, and Bangalore and it has already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad, Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and staffed with qualified professionals viz. CA, CWA, CS, CPA, CISA, CFA, and MBA Riskpro’s founders are qualified risk management specialists with extensive work experience in Europe and USA in several industries and financial institutions 4
About Riskpro India (cont…) RISKPRO SERVICES Our four major practice specialisations /service lines are: • Risk: Enterprise Risk Management (services and training & recruitment) • Governance: Corporate Governance and Transparency • Compliance: Global and Indian Regulatory Compliances • Training: in all of the above service lines; and Recruitment The Risk Practice deals with all classes of risks and processes viz. governance, strategic, systemic /infrastructure, compliance, reporting, and financial reporting. Processes require that key risks are properly identified, measured, monitored, controlled, and reported. Processes may also require tools like risk based internal audit, information security testing, and fraud investigations, to be employed The Governance Practice deals with corporate oversight and risk governance issues within an organization including business continuity planning, compliance with SEBI guidelines by listed companies, regulations relating to independent directors, investor expectation and protection, Clause-49 on corporate governance, etc The Compliance Practice covers a wide range of regulatory and environmental compliances including Sox, IFRS, Solvency II, Basel II /III, Corporate Laws & Direct Tax Code etc The Training Practice comprises of a variety of structured and /or industry specific training programs and modules designed and conducted by Riskpro experts and trainers at onsite (client or other offices) and offsite (Riskpro Training Centre) training facilities 5
About Mehrotra and Mehrotra, Chartered Accountants Mehrotra & Mehrotra is a firm of Chartered Accountants based at New Delhi. It is also having offices at Mumbai and Kanpur. The firm was established in the year 1962 by Mr. M.P. Mehrotra, now a very senior member of the Institute of Chartered Accountants of India. It is managed and headed by proficient and veteran chartered accountants. Our team of professionals including Chartered Accountants, Certified Internal Auditors, Lawyers, Solicitors, Engineers and MBA's are engaged in developing and refining new processes and methodologies to offer excellent quality services to our esteemed clients. The firm in its existence of over 48 years has provided a wide gamut of services like Accounting Services, Auditing Services, Taxation Services to the clients both within and outside India. We provide complete range for any kind of financial accounting services, business process outsourcing, direct and indirect tax consultancy etc., in India. We offer the most authentic professional services like income tax, service tax, value added tax etc., which can easily accelerate for the clients. Mehrotra & Mehrotra is professionally managed organization, which is wholeheartedly engaged in providing most reliable services. 6
Our Philosophy ● We will understand your business needs completely and deliver a service that adds value ● We dedicate the best resouces with relevant sector experience, and provide a state-of-the art quality service at an affordable fee ● We are always accessible and our approach to work is: supportive and collaborative, flexible and responsive, open and honest communication. We hold hands, not shake hands ● We provide constructive suggestions on improving business processes and cost controls ● We adhere to timelines and deadlines ● We keep you informed about significant changes in regulatory, compliance, and accounting matters on an ongoing basis 7
Quality Assured We place great emphasis on quality control and quality management. Our quality process Direction and supervision Our Quality Process is designed to provide a quality The firm provides for appropriate direction and culture, to analyze the processes used to hire, train and supervision at all levels, together with appropriate retain staff, to develop and deliver services to our clients consultation procedures, to give reasonable assurance and to administer our own business. that the work performed meets the highest standards. We: CONTINUOUS IMPROVEMENT  employ and retain only those persons with the intelligence, education, character and diligence Human necessary to assume professional responsibility; Leaders Informatio Resourc Measure hip and n e Service Client  assign engagement responsibility to only those Quality Analysis Processe External Deliver Satisfacti persons sufficiently trained and supervised to ` s Culture and Service y on and discharge those responsibilities; Planning Processe Business s Business Results  not accept or continue a client relationship in Processe circumstances incompatible with the firm’s s integrity;  adopt promptly policies necessary to realise the Skills and competence objective of professional standards and applicable Personnel in the firm adhere to the standards of regulatory requirements; independence, integrity, objectivity and confidentiality.  maintain policies to ensure that the firm and its The firm is staffed by personnel who have attained, and professionals are free of conflicts of interest and who maintain, the skills and competence required to that professional excellence is achieved; enable them to fulfil their responsibilities. To assist in maintaining these skills the firm has procedures for:  not tolerate any act that can damage the firm’s  training of staff at all levels, through both formal credibility. courses and on-the-job experience;  continuing professional education;  assigning work to personnel who have the degree Confidentiality of technical training and proficiency required in the We are well aware of the importance that you place on circumstances; and confidentiality requirements and we have a proven  evaluating the performance of staff and counseling record of maintaining a strict code of confidentiality. staff as to their progress and career opportunities. Our firm policy requires that affairs of clients be confidentially kept at all times. 8
Clear and Continuous Communication At Riskpro India, open and honest communication is a Core Value. Our experience leaves us in no doubt that a successful relationship is based on trust and candid, proactive communication. Regular and open two-way communication is fundamental to all aspects of our service to you. As an initial priority, we will agree with you an annual Communication Plan for all our key meetings. This will help ensure there are formal and informal opportunities for all key stakeholders to be kept informed of the issues that matter, and that there will be “no surprises”. Meeting/stakeholders Key objectives Bi-annual meetings (or as requested) with the  Present annual audit plan Board / Audit Committee  Report key findings  Updated assessments of key risks, including emerging risks  Discuss new regulatory and corporate governance requirements Quarterly meetings with the Chief Executive  Discuss strategy Officer  Discuss operational matters and performance  Raise and consider emerging issues Regular meetings with Head of Financial  Discuss operational matters and financial performance Control  Discuss implications of changes to the reporting and internal control framework Meetings with operational management  Discuss operational and business matters 9
ANNEXURE I - Our Audit Methodology 10
Our Audit Methodology Our audit methodology is risk-based and systematic which focuses on the organizational objectives and any impediment to achieving those objectives. We recognise fully the need to provide assurance on your business operations. Equally, we recognise the importance of managing compliance issues, particularly in today’s evolving regulatory environment. Understanding of Business The key benefits of our audit approach are: ●Risk-based, & systematic approach; Risk Assessment ●Focus on areas considered as potentially & most likely to lead to material errors in financial statements; Audit Strategy / Planning ●Our audit control procedures are based on project planning techniques, including the use of automated processes and document templates, and the agreement of objectives, Fieldwork timetables, responsibilities and careful resource planning; ●The focus of our reports are to generate constructive and value added advice; and Dealing with critical issues ●Identifies performance improvement and cost reduction opportunities. Reporting 11
Our Audit Methodology - Risk Based Internal Audit How we Do Internal Auditing helps an organization accomplish its objectives by bringing a Enterprise Risk systematic, disciplined approach to evaluate Assessment and improve the effectiveness of risk management, control and governance processes. Risk Need of Organizations Source: The Institute of Internal Auditors 1999 (IIA) Assessment Process Reviews Fraud Benefits of Risk based Audit Mitigation • Traditional audit view value added Control techniques Reviews •Risk profile of Businesses •Internal Controls & Ops Risk reviews Transaction •Cost reductions recommendations Audit •Review of Fraud Risk Controls Increasing Enterprise Risk Focus 12
Our Audit Methodology (cont..) UNDERSTANDING THE BUSINESS Our top-down risk-based approach ensures that the audit focus is on the issues that are of greatest importance to you and that we are in the most appropriate position to respond to them. Our audit starts with a detailed understanding of your industry and business. Our approach is based on a top-down examination of the key drivers of your business. The output is a balanced picture of how the company interacts with customers and external industry forces. We consider the audit implications of this analysis and use it to identify significant audit risks. We use industry specific business models to gain information on: • industry background including major players, regulatory changes and trends, • risks and drivers, • geographic issues, • descriptions of business processes, • benchmarks and best practice and • audit risks. 13
Our Audit Methodology (cont..) RISK ASSESSMENT In order to run your business, you develop processes to manage the factors that drive performance and help control internal and external risks that could prevent you from meeting your objectives. We focus on those processes where significant risks have been identified and discuss with management its perception of how these risks are controlled. This phase of our work enables us to obtain information on the processes supporting the achievement of the company’s goals. AUDIT STRATEGY AND PLANNING Based on the understanding of business and risk assessment we devise the audit strategy. We then develop detailed audit programs to test the transactions, processes and balances. AUDIT FIELD WORK The audit test work flows from strategic planning and risk assessment. The key element is to review and test the high level controls embedded in your processes, as significant weaknesses in your key processes could cost, both in terms of financial impact and reputational damage. We also carry out necessary substantive audit procedures. DEALING WITH CRITICAL ISSUES AND REPORTING We identify and discuss all critical issues with management. We then determine whether the Company’s financial statements and related disclosures meet our expectations. We provide the audit report, management letter and any other deliverables and formally present these to the Audit Committee / Board. 14
Our Audit Methodology (cont..) IT AUDIT PROCESSES AND METHODOLOGY We see IT as an enabler of the operational and financial processes and we incorporate IT audit professionals into our audit to facilitate the identification and testing of IT controls. We use our focused IT audit methodologies and tools as part of our core audit process to evaluate and test whether the Company’s information systems are configured for data integrity, are secure and are effectively managing the business needs. We work with key business and IT management to identify aspects of IT that pose the highest risk to the Company. We then conduct a systematic, detailed review of those areas in which we: • identify appropriate IT control objectives that map to key business processes; • identify relevant IT policies and procedures and/or industry IT standards; and • evaluate the design of controls and test whether they are in place and operating effectively. 15
Our Audit Methodology (cont..) We use the following types of IT methodologies: IT AUDIT METHODOLOGIES  Continuity management  Process Documentation  System capacity and availability  Control Risk Analysis  Back up and recovery  Control Design & Implementation  Data storage  Network penetration testing  Project risk assessment  Information security assessment  Quality Assurance  Enterprise security architecture and  Project management methodology integration  Programme management  Ongoing monitoring processes 16
Our Audit Methodology (cont..) INTELLIGENT USE OF TECHNOLOGY Technology is only one component of an integrated approach that combines methodology, knowledge and technology into our tailored service to you. We deliver our external audit services using a fully automated audit software. This software is designed specifically to integrate knowledge management into the audit process. Technology can never be a substitute for face-to-face communications and we continue to rely on meetings with management to identify, resolve and communicate issues. Know ledge Technology M ethodology 17
ANNEXURE II - Legal Compliance 18
Legal compliance Stage 1 – CAC  Preparation of Compliance Audit Checklist (CAC) covering all relevant laws applicable to the target unit. Stage 2 - Visit to location  Verification of relevant records and documents available.  Compilation of draft report based upon findings and observations of the audit team  Review meeting with the unit head / work directors to discussion on the finding of audit. Stage 3 – Report  Submission of detailed Non Compliance (NC) report to the company (Board of Directors or Compliance Head)  Follow up with the unit to verify action taken 19
Legal compliance (Acts covered - HR) Factories Act, 1948 Shop & Establishment Act (state acts) Payment of Wages Act, 1936 Maternity Benefits Act, 1961 Minimum Wages Act, 1948 Gratuity Act, 1972 Equal Remuneration Act, 1976 ESI Act, 1948 Payment of Bonus Act, 1965 Apprentices Act, 1961 Provident Fund & Misc Provisions Act, Employment Exchanges (Compulsory 1952 Notification of Vacancies Act), 1959 Contract Labour (Regulation & Abolition) act, Trade Unions Act, 1926 1970 Private Security Agencies Regulation Workmen Compensation Act, 1923 Act, 2005 Prevention of Sexual Harassment Industrial Disputes Act, 1947 (Guidelines) Labour Welfare Act (state acts) 20
Legal compliance (Acts covered - Engg.) Electricity Act, 2003 Environment Protection Act, 1986 Water (Prevention and Control of Petroleum Act, 1934 Pollution) Act, 1981 Air (Prevention and Control of Explosives Act, 1884 Pollution) Act, 1981 Boilers Act, 1923 Water Cess Rules, 1977 Hazardous Waste Handling & Legal Meteorology Act, 2011 Management Rules, 1989 Essential Commodity Act, 1945 21
Legal compliance (Acts covered – Tax & Misc) Micro, Small & Medium Central Excise Act, 1944 Enterprises Devel. Act, 2006 Central Sales Tax Act, 1956 State VAT Acts Customs Act, 1962 (export and import Service Tax Act, 1955 documentation) Income Tax Act (payment of Tax, TDS) Foreign Exchange Management Act Industries (Development & Negotiable Instruments Act, 1881 Regulation) Act, 1951 Information Technology Act, 2000 Motor Vehicles Act, 1988 Competition Act, 2002 22
Contacts and Office Locations Corporate Mumbai Delhi Bangalore Riskpro India Manoj Jain Rahul Bhan Casper Abraham Ventures (P) Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in info@riskpro.in www.riskpro.in Shriram Gokte Hemant Seigell Principal - Information Risk VP – Risk Management C 561, Defence colony M- 98209 94063 M- 99536-97905 New Delhi 110024 shriram.gokte@riskpro.in hemant.seigell@riskpro.in Ahmedabad Pune Agra Gurgaon Maulik Manakiwala M.L. Jain Alok Kumar Agarwal Nilesh Bhatia Associate Firm Principal – Strategy Risk Associate Firm Head – Human Capital M - 91 9825640046 M- 9822011987 M- 99971 65253 Consulting mljain@riskpro.in M- 98182 93434 Gourav Ladha nilesh.bhatia@riskpro.in Sap Risk Advisory M- 97129 52955 THANKS 23

Recommended

Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Anant Gautam
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Ibrahim Jimalle
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptx
HeldaMaryA
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
Metafrique group
 
Lecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsLecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reports
Sazzad Hossain, ITP, MBA, CSCA™
 
Audit Evidence Presentation
Audit Evidence PresentationAudit Evidence Presentation
Audit Evidence Presentation
Sheikh Ali Asghar
 
Audit procedures
Audit proceduresAudit procedures
Audit proceduresDarryl Woolley
 
Internal controls in auditing
Internal controls in auditingInternal controls in auditing
Internal controls in auditingHardik Shah
 

Recommended

Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Introduction to Audit & Assurance - Chapter 1 ACCA F8 (AA)
Anant Gautam
 
Internal audit ppt
Internal audit pptInternal audit ppt
Internal audit ppt
Ibrahim Jimalle
 
INTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptxINTERNAL CONTROL-PPT.pptx
INTERNAL CONTROL-PPT.pptx
HeldaMaryA
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
Metafrique group
 
Lecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsLecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reports
Sazzad Hossain, ITP, MBA, CSCA™
 
Audit Evidence Presentation
Audit Evidence PresentationAudit Evidence Presentation
Audit Evidence Presentation
Sheikh Ali Asghar
 
Audit procedures
Audit proceduresAudit procedures
Audit proceduresDarryl Woolley
 
Internal controls in auditing
Internal controls in auditingInternal controls in auditing
Internal controls in auditingHardik Shah
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
David Griffiths
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
Ahmad Tariq Bhatti
 
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Anant Gautam
 
Audit & Assurance
Audit & Assurance Audit & Assurance
Audit & Assurance
Md. Mehadi Hassan Bappy
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
Neha Kothari
 
Auditing-definition & objective of auditing
Auditing-definition & objective of auditingAuditing-definition & objective of auditing
Auditing-definition & objective of auditing
Ravi kumar
 
Audit process
Audit processAudit process
Audit process
Next Generation Security Agency
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bank
Mohammad Halim Stanikzai
 
Risk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptxRisk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptx
RansfordArmahACCAMSc
 
Internal audit
Internal auditInternal audit
Internal auditRahul Mithia
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
Manoj Agarwal
 
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIREINTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
SREENIVAS IYER
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
Sazzad Hossain, ITP, MBA, CSCA™
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
Ahmad Tariq Bhatti
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit ppt
KunalPatel257
 
ISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality controlISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality control
Kim Hung Teoh
 
New ISO 37301:2021
New ISO 37301:2021New ISO 37301:2021
New ISO 37301:2021
Hernan Huwyler, MBA CPA
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
Astri Stiawaty
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
Surajit Datta
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
Manoj Agarwal
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
Salih Islam
 
Assessment methodology and approach
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approach
Blueinfy Solutions
 

More Related Content

What's hot

Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
David Griffiths
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
Ahmad Tariq Bhatti
 
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Anant Gautam
 
Audit & Assurance
Audit & Assurance Audit & Assurance
Audit & Assurance
Md. Mehadi Hassan Bappy
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
Neha Kothari
 
Auditing-definition & objective of auditing
Auditing-definition & objective of auditingAuditing-definition & objective of auditing
Auditing-definition & objective of auditing
Ravi kumar
 
Audit process
Audit processAudit process
Audit process
Next Generation Security Agency
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bank
Mohammad Halim Stanikzai
 
Risk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptxRisk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptx
RansfordArmahACCAMSc
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
Manoj Agarwal
 
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIREINTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
SREENIVAS IYER
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
Sazzad Hossain, ITP, MBA, CSCA™
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
Ahmad Tariq Bhatti
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit ppt
KunalPatel257
 
ISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality controlISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality control
Kim Hung Teoh
 
New ISO 37301:2021
New ISO 37301:2021New ISO 37301:2021
New ISO 37301:2021
Hernan Huwyler, MBA CPA
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
Astri Stiawaty
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
Surajit Datta
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
Manoj Agarwal
 

What's hot (20)

Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
 
Internal Audit
Internal AuditInternal Audit
Internal Audit
 
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)Chapter 2 -Rules and regulation- Audit & Assurance (F8)
Chapter 2 -Rules and regulation- Audit & Assurance (F8)
 
Audit & Assurance
Audit & Assurance Audit & Assurance
Audit & Assurance
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writing
 
Auditing-definition & objective of auditing
Auditing-definition & objective of auditingAuditing-definition & objective of auditing
Auditing-definition & objective of auditing
 
Audit process
Audit processAudit process
Audit process
 
Internal control and internal audit presentation for bank
Internal control and internal audit presentation for bankInternal control and internal audit presentation for bank
Internal control and internal audit presentation for bank
 
Risk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptxRisk-Based Financial Statements Auditing.pptx
Risk-Based Financial Statements Auditing.pptx
 
Internal audit
Internal auditInternal audit
Internal audit
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIREINTERNAL CONTROL SYSTEM -QUESTIONNAIRE
INTERNAL CONTROL SYSTEM -QUESTIONNAIRE
 
Chapter 11, Tests of Controls
Chapter 11, Tests of ControlsChapter 11, Tests of Controls
Chapter 11, Tests of Controls
 
The Internal Audit Framework
The Internal Audit FrameworkThe Internal Audit Framework
The Internal Audit Framework
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit ppt
 
ISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality controlISQC 1 / ISA 220 Quality control
ISQC 1 / ISA 220 Quality control
 
New ISO 37301:2021
New ISO 37301:2021New ISO 37301:2021
New ISO 37301:2021
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
 
Common internal audit findings & how to avoid them
Common internal audit findings & how to avoid themCommon internal audit findings & how to avoid them
Common internal audit findings & how to avoid them
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
 

Viewers also liked

Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
Salih Islam
 
Assessment methodology and approach
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approach
Blueinfy Solutions
 
Application Security TRENDS – Lessons Learnt- Firosh Ummer
Application Security TRENDS – Lessons Learnt- Firosh UmmerApplication Security TRENDS – Lessons Learnt- Firosh Ummer
Application Security TRENDS – Lessons Learnt- Firosh UmmerOWASP-Qatar Chapter
 
Mazars Model Audit Methodology
Mazars Model Audit MethodologyMazars Model Audit Methodology
Mazars Model Audit MethodologyJerome Brice
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!
espheresecurity
 
Pump Audit Presentation
Pump Audit PresentationPump Audit Presentation
Pump Audit PresentationAnderson Cruz
 
Corporate Governance class 5
Corporate Governance class 5Corporate Governance class 5
Corporate Governance class 5
VJ KC
 
Best practices and future challenges in Corporate Reputation management
Best practices and future challenges in Corporate Reputation managementBest practices and future challenges in Corporate Reputation management
Best practices and future challenges in Corporate Reputation management
Corporate Excellence - Centre for Reputation Leadership
 
5.energy audit of pumps
5.energy audit of pumps5.energy audit of pumps
5.energy audit of pumpsPadmadhar PD
 
001 conservation-Energy Audit -Methods
001 conservation-Energy Audit -Methods 001 conservation-Energy Audit -Methods
001 conservation-Energy Audit -Methods
Anil Palamwar
 
Corporate Governance - Realities and Emerging Scenario
Corporate Governance - Realities and Emerging ScenarioCorporate Governance - Realities and Emerging Scenario
Corporate Governance - Realities and Emerging Scenario
Corporate Professionals
 
Challenges Of Corporate Social Responsibility
Challenges Of Corporate Social ResponsibilityChallenges Of Corporate Social Responsibility
Challenges Of Corporate Social Responsibility
Elijah Ezendu
 
Corporate governance
Corporate governanceCorporate governance
Corporate governanceSarath Nair
 
Issues of corporate governance presented by Dushyant Maheshwari
Issues of corporate governance presented by Dushyant MaheshwariIssues of corporate governance presented by Dushyant Maheshwari
Issues of corporate governance presented by Dushyant MaheshwariDUSHYANT MAHESHWARI
 
6. audit techniques
6. audit techniques6. audit techniques
6. audit techniques
Syed Osama Rizvi
 

Viewers also liked (17)

Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit Methodology
 
Assessment methodology and approach
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approach
 
Application Security TRENDS – Lessons Learnt- Firosh Ummer
Application Security TRENDS – Lessons Learnt- Firosh UmmerApplication Security TRENDS – Lessons Learnt- Firosh Ummer
Application Security TRENDS – Lessons Learnt- Firosh Ummer
 
Mazars Model Audit Methodology
Mazars Model Audit MethodologyMazars Model Audit Methodology
Mazars Model Audit Methodology
 
Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!Mobile Application Security – Effective methodology, efficient testing!
Mobile Application Security – Effective methodology, efficient testing!
 
Pump Audit Presentation
Pump Audit PresentationPump Audit Presentation
Pump Audit Presentation
 
Corporate Governance class 5
Corporate Governance class 5Corporate Governance class 5
Corporate Governance class 5
 
Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...Presentation 5, System based audit approach - what is it about?, Workshop on ...
Presentation 5, System based audit approach - what is it about?, Workshop on ...
 
Best practices and future challenges in Corporate Reputation management
Best practices and future challenges in Corporate Reputation managementBest practices and future challenges in Corporate Reputation management
Best practices and future challenges in Corporate Reputation management
 
5.energy audit of pumps
5.energy audit of pumps5.energy audit of pumps
5.energy audit of pumps
 
001 conservation-Energy Audit -Methods
001 conservation-Energy Audit -Methods 001 conservation-Energy Audit -Methods
001 conservation-Energy Audit -Methods
 
Corporate Governance - Realities and Emerging Scenario
Corporate Governance - Realities and Emerging ScenarioCorporate Governance - Realities and Emerging Scenario
Corporate Governance - Realities and Emerging Scenario
 
Challenges Of Corporate Social Responsibility
Challenges Of Corporate Social ResponsibilityChallenges Of Corporate Social Responsibility
Challenges Of Corporate Social Responsibility
 
Corporate governance
Corporate governanceCorporate governance
Corporate governance
 
Customer satisfaction
Customer satisfactionCustomer satisfaction
Customer satisfaction
 
Issues of corporate governance presented by Dushyant Maheshwari
Issues of corporate governance presented by Dushyant MaheshwariIssues of corporate governance presented by Dushyant Maheshwari
Issues of corporate governance presented by Dushyant Maheshwari
 
6. audit techniques
6. audit techniques6. audit techniques
6. audit techniques
 

Similar to Audit Methodology

Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013
Rahul Bhan (CA, CIA, MBA)
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013Nidhi Gupta
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013Nidhi Gupta
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
Acheron partners corporate presentation 2013 english
Acheron partners corporate presentation 2013 englishAcheron partners corporate presentation 2013 english
Acheron partners corporate presentation 2013 englishjuantorroba
 
Acheron Partners corporate presentation
Acheron Partners corporate presentationAcheron Partners corporate presentation
Acheron Partners corporate presentationsporiol
 
Human Capital Services , Consulting and Advisory
Human Capital Services , Consulting and AdvisoryHuman Capital Services , Consulting and Advisory
Human Capital Services , Consulting and Advisoryraviktalentus
 
Qrc company profile v 2.0
Qrc company profile v 2.0Qrc company profile v 2.0
Qrc company profile v 2.0
Vamsi Krishna Maramganti
 
Riskpro india human capital consulting and recruitments empanelment proposal
Riskpro india human capital consulting and recruitments empanelment proposalRiskpro india human capital consulting and recruitments empanelment proposal
Riskpro india human capital consulting and recruitments empanelment proposal
Rahul Bhan (CA, CIA, MBA)
 
Riskpro India Human Capital Consulting And Recruitments Empanelment Proposal
Riskpro India Human Capital Consulting And Recruitments Empanelment ProposalRiskpro India Human Capital Consulting And Recruitments Empanelment Proposal
Riskpro India Human Capital Consulting And Recruitments Empanelment Proposal
Rahul Bhan (CA, CIA, MBA)
 
BEI brochure-final
BEI brochure-finalBEI brochure-final
BEI brochure-final
Sharad Sharma
 
Sarvagnya Corporate Presentation
Sarvagnya Corporate PresentationSarvagnya Corporate Presentation
Sarvagnya Corporate Presentationsarvagnya
 
Presentacion GD Human Capital (eng)
Presentacion GD Human Capital (eng)Presentacion GD Human Capital (eng)
Presentacion GD Human Capital (eng)GD Human Capital
 
Orek Professional Services - Short Profile
Orek Professional Services - Short ProfileOrek Professional Services - Short Profile
Orek Professional Services - Short Profile
Rehman Rasheed
 

Similar to Audit Methodology (20)

Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013
 
Proposal Audit Risk And Compliance
Proposal Audit Risk And ComplianceProposal Audit Risk And Compliance
Proposal Audit Risk And Compliance
 
Proposal audit risk and compliance
Proposal audit risk and complianceProposal audit risk and compliance
Proposal audit risk and compliance
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013
 
Audit methodology 2013
Audit methodology 2013Audit methodology 2013
Audit methodology 2013
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013
 
In o' vative profile
In o' vative profileIn o' vative profile
In o' vative profile
 
Acheron partners corporate presentation 2013 english
Acheron partners corporate presentation 2013 englishAcheron partners corporate presentation 2013 english
Acheron partners corporate presentation 2013 english
 
Acheron Partners corporate presentation
Acheron Partners corporate presentationAcheron Partners corporate presentation
Acheron Partners corporate presentation
 
q
qq
q
 
Human Capital Services , Consulting and Advisory
Human Capital Services , Consulting and AdvisoryHuman Capital Services , Consulting and Advisory
Human Capital Services , Consulting and Advisory
 
Sarvagnya Corporate Presentation
Sarvagnya Corporate PresentationSarvagnya Corporate Presentation
Sarvagnya Corporate Presentation
 
Qrc company profile v 2.0
Qrc company profile v 2.0Qrc company profile v 2.0
Qrc company profile v 2.0
 
Riskpro india human capital consulting and recruitments empanelment proposal
Riskpro india human capital consulting and recruitments empanelment proposalRiskpro india human capital consulting and recruitments empanelment proposal
Riskpro india human capital consulting and recruitments empanelment proposal
 
Riskpro India Human Capital Consulting And Recruitments Empanelment Proposal
Riskpro India Human Capital Consulting And Recruitments Empanelment ProposalRiskpro India Human Capital Consulting And Recruitments Empanelment Proposal
Riskpro India Human Capital Consulting And Recruitments Empanelment Proposal
 
HeadHunters Presentation
HeadHunters PresentationHeadHunters Presentation
HeadHunters Presentation
 
BEI brochure-final
BEI brochure-finalBEI brochure-final
BEI brochure-final
 
Sarvagnya Corporate Presentation
Sarvagnya Corporate PresentationSarvagnya Corporate Presentation
Sarvagnya Corporate Presentation
 
Presentacion GD Human Capital (eng)
Presentacion GD Human Capital (eng)Presentacion GD Human Capital (eng)
Presentacion GD Human Capital (eng)
 
Orek Professional Services - Short Profile
Orek Professional Services - Short ProfileOrek Professional Services - Short Profile
Orek Professional Services - Short Profile
 

More from Rahul Bhan (CA, CIA, MBA)

India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproRahul Bhan (CA, CIA, MBA)
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Rahul Bhan (CA, CIA, MBA)
 

More from Rahul Bhan (CA, CIA, MBA) (20)

CIA degree
CIA degreeCIA degree
CIA degree
 
MBA Nyenrode degree
MBA Nyenrode degreeMBA Nyenrode degree
MBA Nyenrode degree
 
CA final certificate
CA final certificateCA final certificate
CA final certificate
 
B.Com Degree
B.Com DegreeB.Com Degree
B.Com Degree
 
Code of conduct completion certificate
Code of conduct completion certificateCode of conduct completion certificate
Code of conduct completion certificate
 
Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013Marketing risk advisory brochure 2013
Marketing risk advisory brochure 2013
 
Legal risk advisory services 2013
Legal risk advisory services 2013Legal risk advisory services 2013
Legal risk advisory services 2013
 
Lean six sigma training services 2013
Lean six sigma training services 2013Lean six sigma training services 2013
Lean six sigma training services 2013
 
It risk advisory brochure 2013
It risk advisory brochure 2013It risk advisory brochure 2013
It risk advisory brochure 2013
 
Insurance fraud risk management service
Insurance fraud risk management serviceInsurance fraud risk management service
Insurance fraud risk management service
 
India entry strategy brochure 2013
India entry strategy brochure 2013India entry strategy brochure 2013
India entry strategy brochure 2013
 
India and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskproIndia and sweden strategy brochure 2013 riskpro
India and sweden strategy brochure 2013 riskpro
 
Independent director sme services 2013
Independent director sme services 2013Independent director sme services 2013
Independent director sme services 2013
 
Fraud risk services 2013
Fraud risk services 2013Fraud risk services 2013
Fraud risk services 2013
 
Fatca compliance brochure riskpro 2013
Fatca compliance brochure riskpro 2013Fatca compliance brochure riskpro 2013
Fatca compliance brochure riskpro 2013
 
Bpo risk management 2013
Bpo risk management 2013Bpo risk management 2013
Bpo risk management 2013
 
Bi risk services 2013
Bi risk services 2013Bi risk services 2013
Bi risk services 2013
 
Aml training
Aml trainingAml training
Aml training
 
Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013Accounting payroll outsourcing services 2013
Accounting payroll outsourcing services 2013
 
Vendor risk management 2013
Vendor risk management 2013Vendor risk management 2013
Vendor risk management 2013
 

Audit Methodology

  • 1. Audit Methodology at Mehrotra and Mehrotra Chartered Accountants Riskpro, India (Mehrotra and Mehrotra Chartered Accountants) 1
  • 2. Make Decisions…… Take Risks……....... Experience Success! Your partner in risk management |governance |compliance |audit 2
  • 3. Contents About Riskpro, India 4 About Mehrotra and Mehrotra 6 (see attached detailed profile of Mehrotra and Mehrotra) Our Philosophy 7 Quality Assured 8 Clear and Continuous Communication 9 Annexure I - Our Audit Methodology 10 Annexure II – Legal Compliance 18 Contact details 23 3
  • 4. About Riskpro, India Riskpro is India’s first national practice dedicated to risk management services and training, corporate governance, and global regulatory compliances Risk can be defined as a prospect of loss or reduced gain that can adversely affect the achievement of an organisation’s objectives When greed overtakes need, it spells trouble. Manifested as ‘bankruptcy’ in much of the developed world and ‘corruption’ closer to home, greed has clearly disrupted some major industrialised economies and enhanced the risks of doing business In today’s world, risks are not few. The reason companies so often fail to systematically manage their key risks is rooted in the way they define the risks they face. Risks are manageable and the answer to untapped business opportunities that lie dormant waiting for risk factors to turn favourable Riskpro was founded in 2009 with offices in Mumbai, Delhi, and Bangalore and it has already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad, Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and staffed with qualified professionals viz. CA, CWA, CS, CPA, CISA, CFA, and MBA Riskpro’s founders are qualified risk management specialists with extensive work experience in Europe and USA in several industries and financial institutions 4
  • 5. About Riskpro India (cont…) RISKPRO SERVICES Our four major practice specialisations /service lines are: • Risk: Enterprise Risk Management (services and training & recruitment) • Governance: Corporate Governance and Transparency • Compliance: Global and Indian Regulatory Compliances • Training: in all of the above service lines; and Recruitment The Risk Practice deals with all classes of risks and processes viz. governance, strategic, systemic /infrastructure, compliance, reporting, and financial reporting. Processes require that key risks are properly identified, measured, monitored, controlled, and reported. Processes may also require tools like risk based internal audit, information security testing, and fraud investigations, to be employed The Governance Practice deals with corporate oversight and risk governance issues within an organization including business continuity planning, compliance with SEBI guidelines by listed companies, regulations relating to independent directors, investor expectation and protection, Clause-49 on corporate governance, etc The Compliance Practice covers a wide range of regulatory and environmental compliances including Sox, IFRS, Solvency II, Basel II /III, Corporate Laws & Direct Tax Code etc The Training Practice comprises of a variety of structured and /or industry specific training programs and modules designed and conducted by Riskpro experts and trainers at onsite (client or other offices) and offsite (Riskpro Training Centre) training facilities 5
  • 6. About Mehrotra and Mehrotra, Chartered Accountants Mehrotra & Mehrotra is a firm of Chartered Accountants based at New Delhi. It is also having offices at Mumbai and Kanpur. The firm was established in the year 1962 by Mr. M.P. Mehrotra, now a very senior member of the Institute of Chartered Accountants of India. It is managed and headed by proficient and veteran chartered accountants. Our team of professionals including Chartered Accountants, Certified Internal Auditors, Lawyers, Solicitors, Engineers and MBA's are engaged in developing and refining new processes and methodologies to offer excellent quality services to our esteemed clients. The firm in its existence of over 48 years has provided a wide gamut of services like Accounting Services, Auditing Services, Taxation Services to the clients both within and outside India. We provide complete range for any kind of financial accounting services, business process outsourcing, direct and indirect tax consultancy etc., in India. We offer the most authentic professional services like income tax, service tax, value added tax etc., which can easily accelerate for the clients. Mehrotra & Mehrotra is professionally managed organization, which is wholeheartedly engaged in providing most reliable services. 6
  • 7. Our Philosophy ● We will understand your business needs completely and deliver a service that adds value ● We dedicate the best resouces with relevant sector experience, and provide a state-of-the art quality service at an affordable fee ● We are always accessible and our approach to work is: supportive and collaborative, flexible and responsive, open and honest communication. We hold hands, not shake hands ● We provide constructive suggestions on improving business processes and cost controls ● We adhere to timelines and deadlines ● We keep you informed about significant changes in regulatory, compliance, and accounting matters on an ongoing basis 7
  • 8. Quality Assured We place great emphasis on quality control and quality management. Our quality process Direction and supervision Our Quality Process is designed to provide a quality The firm provides for appropriate direction and culture, to analyze the processes used to hire, train and supervision at all levels, together with appropriate retain staff, to develop and deliver services to our clients consultation procedures, to give reasonable assurance and to administer our own business. that the work performed meets the highest standards. We: CONTINUOUS IMPROVEMENT  employ and retain only those persons with the intelligence, education, character and diligence Human necessary to assume professional responsibility; Leaders Informatio Resourc Measure hip and n e Service Client  assign engagement responsibility to only those Quality Analysis Processe External Deliver Satisfacti persons sufficiently trained and supervised to ` s Culture and Service y on and discharge those responsibilities; Planning Processe Business s Business Results  not accept or continue a client relationship in Processe circumstances incompatible with the firm’s s integrity;  adopt promptly policies necessary to realise the Skills and competence objective of professional standards and applicable Personnel in the firm adhere to the standards of regulatory requirements; independence, integrity, objectivity and confidentiality.  maintain policies to ensure that the firm and its The firm is staffed by personnel who have attained, and professionals are free of conflicts of interest and who maintain, the skills and competence required to that professional excellence is achieved; enable them to fulfil their responsibilities. To assist in maintaining these skills the firm has procedures for:  not tolerate any act that can damage the firm’s  training of staff at all levels, through both formal credibility. courses and on-the-job experience;  continuing professional education;  assigning work to personnel who have the degree Confidentiality of technical training and proficiency required in the We are well aware of the importance that you place on circumstances; and confidentiality requirements and we have a proven  evaluating the performance of staff and counseling record of maintaining a strict code of confidentiality. staff as to their progress and career opportunities. Our firm policy requires that affairs of clients be confidentially kept at all times. 8
  • 9. Clear and Continuous Communication At Riskpro India, open and honest communication is a Core Value. Our experience leaves us in no doubt that a successful relationship is based on trust and candid, proactive communication. Regular and open two-way communication is fundamental to all aspects of our service to you. As an initial priority, we will agree with you an annual Communication Plan for all our key meetings. This will help ensure there are formal and informal opportunities for all key stakeholders to be kept informed of the issues that matter, and that there will be “no surprises”. Meeting/stakeholders Key objectives Bi-annual meetings (or as requested) with the  Present annual audit plan Board / Audit Committee  Report key findings  Updated assessments of key risks, including emerging risks  Discuss new regulatory and corporate governance requirements Quarterly meetings with the Chief Executive  Discuss strategy Officer  Discuss operational matters and performance  Raise and consider emerging issues Regular meetings with Head of Financial  Discuss operational matters and financial performance Control  Discuss implications of changes to the reporting and internal control framework Meetings with operational management  Discuss operational and business matters 9
  • 10. ANNEXURE I - Our Audit Methodology 10
  • 11. Our Audit Methodology Our audit methodology is risk-based and systematic which focuses on the organizational objectives and any impediment to achieving those objectives. We recognise fully the need to provide assurance on your business operations. Equally, we recognise the importance of managing compliance issues, particularly in today’s evolving regulatory environment. Understanding of Business The key benefits of our audit approach are: ●Risk-based, & systematic approach; Risk Assessment ●Focus on areas considered as potentially & most likely to lead to material errors in financial statements; Audit Strategy / Planning ●Our audit control procedures are based on project planning techniques, including the use of automated processes and document templates, and the agreement of objectives, Fieldwork timetables, responsibilities and careful resource planning; ●The focus of our reports are to generate constructive and value added advice; and Dealing with critical issues ●Identifies performance improvement and cost reduction opportunities. Reporting 11
  • 12. Our Audit Methodology - Risk Based Internal Audit How we Do Internal Auditing helps an organization accomplish its objectives by bringing a Enterprise Risk systematic, disciplined approach to evaluate Assessment and improve the effectiveness of risk management, control and governance processes. Risk Need of Organizations Source: The Institute of Internal Auditors 1999 (IIA) Assessment Process Reviews Fraud Benefits of Risk based Audit Mitigation • Traditional audit view value added Control techniques Reviews •Risk profile of Businesses •Internal Controls & Ops Risk reviews Transaction •Cost reductions recommendations Audit •Review of Fraud Risk Controls Increasing Enterprise Risk Focus 12
  • 13. Our Audit Methodology (cont..) UNDERSTANDING THE BUSINESS Our top-down risk-based approach ensures that the audit focus is on the issues that are of greatest importance to you and that we are in the most appropriate position to respond to them. Our audit starts with a detailed understanding of your industry and business. Our approach is based on a top-down examination of the key drivers of your business. The output is a balanced picture of how the company interacts with customers and external industry forces. We consider the audit implications of this analysis and use it to identify significant audit risks. We use industry specific business models to gain information on: • industry background including major players, regulatory changes and trends, • risks and drivers, • geographic issues, • descriptions of business processes, • benchmarks and best practice and • audit risks. 13
  • 14. Our Audit Methodology (cont..) RISK ASSESSMENT In order to run your business, you develop processes to manage the factors that drive performance and help control internal and external risks that could prevent you from meeting your objectives. We focus on those processes where significant risks have been identified and discuss with management its perception of how these risks are controlled. This phase of our work enables us to obtain information on the processes supporting the achievement of the company’s goals. AUDIT STRATEGY AND PLANNING Based on the understanding of business and risk assessment we devise the audit strategy. We then develop detailed audit programs to test the transactions, processes and balances. AUDIT FIELD WORK The audit test work flows from strategic planning and risk assessment. The key element is to review and test the high level controls embedded in your processes, as significant weaknesses in your key processes could cost, both in terms of financial impact and reputational damage. We also carry out necessary substantive audit procedures. DEALING WITH CRITICAL ISSUES AND REPORTING We identify and discuss all critical issues with management. We then determine whether the Company’s financial statements and related disclosures meet our expectations. We provide the audit report, management letter and any other deliverables and formally present these to the Audit Committee / Board. 14
  • 15. Our Audit Methodology (cont..) IT AUDIT PROCESSES AND METHODOLOGY We see IT as an enabler of the operational and financial processes and we incorporate IT audit professionals into our audit to facilitate the identification and testing of IT controls. We use our focused IT audit methodologies and tools as part of our core audit process to evaluate and test whether the Company’s information systems are configured for data integrity, are secure and are effectively managing the business needs. We work with key business and IT management to identify aspects of IT that pose the highest risk to the Company. We then conduct a systematic, detailed review of those areas in which we: • identify appropriate IT control objectives that map to key business processes; • identify relevant IT policies and procedures and/or industry IT standards; and • evaluate the design of controls and test whether they are in place and operating effectively. 15
  • 16. Our Audit Methodology (cont..) We use the following types of IT methodologies: IT AUDIT METHODOLOGIES  Continuity management  Process Documentation  System capacity and availability  Control Risk Analysis  Back up and recovery  Control Design & Implementation  Data storage  Network penetration testing  Project risk assessment  Information security assessment  Quality Assurance  Enterprise security architecture and  Project management methodology integration  Programme management  Ongoing monitoring processes 16
  • 17. Our Audit Methodology (cont..) INTELLIGENT USE OF TECHNOLOGY Technology is only one component of an integrated approach that combines methodology, knowledge and technology into our tailored service to you. We deliver our external audit services using a fully automated audit software. This software is designed specifically to integrate knowledge management into the audit process. Technology can never be a substitute for face-to-face communications and we continue to rely on meetings with management to identify, resolve and communicate issues. Know ledge Technology M ethodology 17
  • 18. ANNEXURE II - Legal Compliance 18
  • 19. Legal compliance Stage 1 – CAC  Preparation of Compliance Audit Checklist (CAC) covering all relevant laws applicable to the target unit. Stage 2 - Visit to location  Verification of relevant records and documents available.  Compilation of draft report based upon findings and observations of the audit team  Review meeting with the unit head / work directors to discussion on the finding of audit. Stage 3 – Report  Submission of detailed Non Compliance (NC) report to the company (Board of Directors or Compliance Head)  Follow up with the unit to verify action taken 19
  • 20. Legal compliance (Acts covered - HR) Factories Act, 1948 Shop & Establishment Act (state acts) Payment of Wages Act, 1936 Maternity Benefits Act, 1961 Minimum Wages Act, 1948 Gratuity Act, 1972 Equal Remuneration Act, 1976 ESI Act, 1948 Payment of Bonus Act, 1965 Apprentices Act, 1961 Provident Fund & Misc Provisions Act, Employment Exchanges (Compulsory 1952 Notification of Vacancies Act), 1959 Contract Labour (Regulation & Abolition) act, Trade Unions Act, 1926 1970 Private Security Agencies Regulation Workmen Compensation Act, 1923 Act, 2005 Prevention of Sexual Harassment Industrial Disputes Act, 1947 (Guidelines) Labour Welfare Act (state acts) 20
  • 21. Legal compliance (Acts covered - Engg.) Electricity Act, 2003 Environment Protection Act, 1986 Water (Prevention and Control of Petroleum Act, 1934 Pollution) Act, 1981 Air (Prevention and Control of Explosives Act, 1884 Pollution) Act, 1981 Boilers Act, 1923 Water Cess Rules, 1977 Hazardous Waste Handling & Legal Meteorology Act, 2011 Management Rules, 1989 Essential Commodity Act, 1945 21
  • 22. Legal compliance (Acts covered – Tax & Misc) Micro, Small & Medium Central Excise Act, 1944 Enterprises Devel. Act, 2006 Central Sales Tax Act, 1956 State VAT Acts Customs Act, 1962 (export and import Service Tax Act, 1955 documentation) Income Tax Act (payment of Tax, TDS) Foreign Exchange Management Act Industries (Development & Negotiable Instruments Act, 1881 Regulation) Act, 1951 Information Technology Act, 2000 Motor Vehicles Act, 1988 Competition Act, 2002 22
  • 23. Contacts and Office Locations Corporate Mumbai Delhi Bangalore Riskpro India Manoj Jain Rahul Bhan Casper Abraham Ventures (P) Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in info@riskpro.in www.riskpro.in Shriram Gokte Hemant Seigell Principal - Information Risk VP – Risk Management C 561, Defence colony M- 98209 94063 M- 99536-97905 New Delhi 110024 shriram.gokte@riskpro.in hemant.seigell@riskpro.in Ahmedabad Pune Agra Gurgaon Maulik Manakiwala M.L. Jain Alok Kumar Agarwal Nilesh Bhatia Associate Firm Principal – Strategy Risk Associate Firm Head – Human Capital M - 91 9825640046 M- 9822011987 M- 99971 65253 Consulting mljain@riskpro.in M- 98182 93434 Gourav Ladha nilesh.bhatia@riskpro.in Sap Risk Advisory M- 97129 52955 THANKS 23