Mehrotra and Mehrotra is an audit firm based in India that uses a risk-based audit methodology. Their methodology focuses on understanding the client's business, assessing risks, developing an audit strategy and plan, performing audit fieldwork, dealing with critical issues, and reporting findings. They aim to provide assurance on operations and identify compliance issues. Their audits are tailored to each client and focus on high-risk areas. They also incorporate IT auditing and use technology to enhance their methodology. The firm ensures legal compliance with various Indian labor, environmental, and tax laws across different stages of the compliance audit process.
What is the purpose of internal auditing? How important is it to the business? How are internal audits planned and carried out? These slides show the relevance of internal audit to the business, how internal audits relate to the objectives and risks of the business, how they are planned and the work involved in an internal audit. Further advice is available from www.internalaudit.biz
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
This is a theoretical presentation describes the history of audit and assurance, definition, process of auditing, objectives, responsibilities, expectation gap, audit evidence and how to report the audit paper. This is mainly the vast knowledge about how an auditor performs audit and how the reporting of audit is done.
Internal audit means a continuous critical review of financial and operating matters of a business. In other words, we can say that the audit of a business conducted by the business for a continuous basis. Internal audit is done by the internal staff appointed particularly for the audit purposes. These are called internal auditors.
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
Practical implications of the new ISO 37301 on compliance management systems
Implicaciones prácticas de la nueva ISO 37301 sobre los sistemas de gestión del cumplimiento
What is the purpose of internal auditing? How important is it to the business? How are internal audits planned and carried out? These slides show the relevance of internal audit to the business, how internal audits relate to the objectives and risks of the business, how they are planned and the work involved in an internal audit. Further advice is available from www.internalaudit.biz
An internal audit is designed to review what a company is doing in order to identify potential threats to the organization's financial health and profitability and to make suggestions for mitigating the risk associated with those threats.
This is a theoretical presentation describes the history of audit and assurance, definition, process of auditing, objectives, responsibilities, expectation gap, audit evidence and how to report the audit paper. This is mainly the vast knowledge about how an auditor performs audit and how the reporting of audit is done.
Internal audit means a continuous critical review of financial and operating matters of a business. In other words, we can say that the audit of a business conducted by the business for a continuous basis. Internal audit is done by the internal staff appointed particularly for the audit purposes. These are called internal auditors.
The most comprehensive definition of internal audit is given by the IIA, USA. It is,
"Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes."
The purpose of the presentation is to provide clarification for a better understanding of what internal audit definition, objectives, functions, stages and reporting are all about? What difference does it make in the presence of an external audit? How different is its scope from that of the external audit? How internal audit standards contribute to better performance of internal audit work and its reporting to the Board or Audit Committee?
Practical implications of the new ISO 37301 on compliance management systems
Implicaciones prácticas de la nueva ISO 37301 sobre los sistemas de gestión del cumplimiento
Most of the efforts aimed at improving corporate reputation today are focused on the impact that reputation has on business, gauging this impact and obtaining the information necessary for defining reputational strategy and placing intangibles in the centre of the overall business strategy, overcoming divisional barriers.
Currently, brand experiences are related to different stakeholders: customers, employees, investors, shareholders, etc. Thus, it is useful to develop a detailed segmentation of these groups to be able to capture the demands of each one and effectively answer their needs.
Another important aspect of reputation management in companies that are developing reputational strategies and corporate intangibles management is the need to develop an internal culture based on reputation, considering the directions and the obstacles for building reputation.
Iberdrola, for example, defines five axes of its process: product, culture, segmentation, experience and feedback. It also takes into account non-financial indicators, which place highlight those aspects that have to do with the company’s behaviour towards its stakeholders and how they response to it.
Vestas, a company who works in the power generating sector, organized its business strategy around a clear goal: becoming the world’s most recognized company by contribution to the positive environmental change achieved though intelligent use of the wind energy.
Vestas defines four key stakeholders, whose cooperation is fundamental for creation of shared value, strengthening the company’s competitive position and achieving better business results.
.
After passing the initial stages of its journey (preliminary analysis aiming to define the strategy), reputation arrived to the next stage, characterized by measurement and showing its true impact on the business.
Kasper Nielsen from Reputation Institute believes that there are several features that characterize best companies in the area of reputation management and that determine the key challenges that companies will face in the near future. Those are classified in four groups: business logic, intelligence and analysis, management and control and implementation.
Companies willing to make progress in the reputation journey need to relate to their stakeholders and be aware of their reputation at every point of their strategic decision-making process.
This document was prepared by Corporate Excellence – Centre for Reputation Leadership and among other sources contains references to the statements made by Carlos Martínez Lozoya, Iberdrola’s Director for Corporate Reputation, Morten Albaek, Vestas Global Vice President for Marketing, Communication and Corporate Relations and Kasper Nielsen, Partner and Director of Reputation Institute Denmark, made during the 17th International Conference on Corporate Reputation, Identity and Brand Competitiveness: The Reputation Journey, organized by Reputation Institute in
The presentation discusses various aspects of Corporate Governance and involved issues, keeping in view the recent developments and controversies arose in conglomerates such as Tata and Infosys. It aims at portraying the extant position in filed of Corporate Governance vis-a-vis a pragmatic view of what it would be.
Challenges Of Corporate Social ResponsibilityElijah Ezendu
Issues in development of workable corporate social responsibility strategy and resolution of awe-inspiring stance for championing effective governance.
I am writing to you to introduce my company to your organisation and also see if there is a need for risk based internal audit which can be outsourced to Riskpro India
Riskpro-India is a specialized Risk Management Consulting firm based in Mumbai, India and with offices at Delhi and Bangalore.
Our Internal Audit includes
• Risk assessment and development of risk based audit plan
• Full scope audits (across various sourcing options)
• Assessing the effectiveness of risk management & internal audit
• Authenticating monitoring functions and governance practices
• Appropriately assessing the security, integrity, availability and reliability of critical information – financial & operational
• Audit of compliance with laws and regulations.
Helping companies achieve their stated objectives through an enhanced understanding and management of risks
How we can help
Our internal audit services enhance processes and controls in our clients’ businesses by focusing on key value drivers. Through multiple sourcing options (co-source, out-source, staff augmentation) and flexible delivery platforms (onsite, offshore, combination) we offer our clients cross-spectrum internal audit services that are tailored to their specific requirements.
Brief description of our firm is mentioned below:-
RISKPRO INDIA
• Riskpro is India’s first national practice dedicated to risk management services and training, corporate governance, and global regulatory compliances.
• Risk can be defined as a prospect of loss or reduced gain that can adversely affect the achievement of an organisation’s objectives.
• When greed overtakes need, it spells trouble. Manifested as ‘bankruptcy’ in much of the developed world and ‘corruption’ closer to home, greed has clearly disrupted some major industrialised economies and enhanced the risks of doing business
• In today’s world, risks are not few. The reason companies so often fail to systematically manage their key risks is rooted in the way they define the risks they face. Risks are manageable and the answer to untapped business opportunities that lie dormant waiting for risk factors to turn favourable
• Riskpro was founded in 2009 with offices in Mumbai, Delhi, and Bangalore and it has already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad, Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and staffed with qualified professionals viz. CA, CWA, CS, CPA, CIA, CISA, CFA, and MBA
• Riskpro’s founders are qualified risk management specialists with extensive work experience in India, Middle East, Europe and USA in several industries and financial institutions
• Riskpro aims to be the preferred service provider for large and medium enterprises on risk protection, corporate governance, and global regulatory issues; delivering state-of-the-art quality and timely services at viable rates
QRC is the optimal consultancy to deal with your Quality, Risks and Compliance concerns.
We have a multitude of tailored programs and assessment methodologies that will ensure your Quality, Risk and Compliance goals are achieved.
Our analysis is delivered across all facets of your business including but not limited to people, process and technology to ensure a balanced risk based approach is delivered effectively across your business in a consistent and cost effective manner.
Riskpro india human capital consulting and recruitments empanelment proposalRahul Bhan (CA, CIA, MBA)
Dear Sir,
We would like to introduce our firm Riskpro-India – a specialized Risk Management Consulting firm based in Mumbai, India and with offices at Delhi and Bangalore.
We would like to get empaneled with your organisation for all your recruitment requirements. We are India’s fastest growing recruitment and risk management consulting firm. Please see attached our profile for more information.
Human Capital Management Services (HCMS) – a division of Risk-pro, is a professionally run organization focused to provide customized HCM solutions to the corporates to bring un-matched value for them. HCMS inter-alia includes niche, complex and time-bound talent acquisition at all levels, complete employee payments outsourcing solutions, technical, behavioral and cultural trainings, employee retention strategy, employee satisfaction surveys, HR policy drafting and documentation, sharing industry-best practices etc.
Risk-pro also provides highly specialized services in the field of risk management, internal audits, forensic accounting, investigations, prevention of fraud, process reviews etc.
We take pride in saying that we are among the fastest growing consulting companies in India. Today, we have offices in Mumbai, Delhi, and Bangalore and it has already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad, Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and staffed with qualified professionals into HR management and consulting. We have plans that will help us sustain this growth. Our presence in almost all states of India and beyond by 2014, is almost certain.
In talent acquisition, a fine blend of technology and professional human touch has given us an edge over others where talent and profile matching is left to technology. We have a team that not only brings years of professional and rich experience in varied industries, but are passionate to make hitherto impossible things possible for the client. However, words do not have enough strength to reflect our true potential, and though, to get a sneak peek, we strongly urge you to visit our website and go through the attached document, but we would be delighted to have a face to face meeting with you/your HR / Corporate Heads.
We are confident, our approach, methodology and professionalism along with commitment towards long-term sustainable relationships, will impress you to pave the way for our alliance that will be mutually beneficial to both the organizations. Experience Risk-pro HCMS, experience the difference.
Please do suggest a convenient time and date for us to call on you so that we can discuss this proposal.
Regards
Rahul Bhan
CA (India), MBA (Netherlands), CIA (USA)
Director - RiskPro India Ventures (P) Limited)
M +91-996800 5042 |E rahul.bhan@riskpro.in | W www.riskpro.in
C 561 Defence colony
New Delhi 110024
India
Riskpro India Human Capital Consulting And Recruitments Empanelment ProposalRahul Bhan (CA, CIA, MBA)
We would like to introduce our firm Riskpro-India – a specialized Risk Management Consulting firm based in Mumbai, India and with offices at Delhi and Bangalore.
We would like to get empaneled with your organisation for all your recruitment requirements. We are India’s fastest growing recruitment and risk management consulting firm. Please see attached our profile for more information.
Human Capital Management Services (HCMS) – a division of Risk-pro, is a professionally run organization focused to provide customized HCM solutions to the corporates to bring un-matched value for them. HCMS inter-alia includes niche, complex and time-bound talent acquisition at all levels, complete employee payments outsourcing solutions, technical, behavioral and cultural trainings, employee retention strategy, employee satisfaction surveys, HR policy drafting and documentation, sharing industry-best practices etc.
Orek Professional Services - Short ProfileRehman Rasheed
A professional services firm delivering consultancy, training services, auditing services and technology solutions in Pakistan and GCC market.
www.orekgroup.com
3. Contents
About Riskpro, India 4
About Mehrotra and Mehrotra 6
(see attached detailed profile of Mehrotra and Mehrotra)
Our Philosophy 7
Quality Assured 8
Clear and Continuous Communication 9
Annexure I - Our Audit Methodology 10
Annexure II – Legal Compliance 18
Contact details 23
3
4. About Riskpro, India
Riskpro is India’s first national practice dedicated to risk management services and
training, corporate governance, and global regulatory compliances
Risk can be defined as a prospect of loss or reduced gain that can adversely affect the
achievement of an organisation’s objectives
When greed overtakes need, it spells trouble. Manifested as ‘bankruptcy’ in much of the
developed world and ‘corruption’ closer to home, greed has clearly disrupted some major
industrialised economies and enhanced the risks of doing business
In today’s world, risks are not few. The reason companies so often fail to systematically
manage their key risks is rooted in the way they define the risks they face. Risks are
manageable and the answer to untapped business opportunities that lie dormant waiting
for risk factors to turn favourable
Riskpro was founded in 2009 with offices in Mumbai, Delhi, and Bangalore and it has
already added eight member firms in Ahmedabad, Agra, Chennai, Gurgaon, Hyderabad,
Jaipur, Ludhiana, and Pune. All our offices and member firms are well equipped and
staffed with qualified professionals viz. CA, CWA, CS, CPA, CISA, CFA, and MBA
Riskpro’s founders are qualified risk management specialists with extensive work
experience in Europe and USA in several industries and financial institutions
4
5. About Riskpro India (cont…)
RISKPRO SERVICES
Our four major practice specialisations /service lines are:
• Risk: Enterprise Risk Management (services and training & recruitment)
• Governance: Corporate Governance and Transparency
• Compliance: Global and Indian Regulatory Compliances
• Training: in all of the above service lines; and Recruitment
The Risk Practice deals with all classes of risks and processes viz. governance, strategic,
systemic /infrastructure, compliance, reporting, and financial reporting. Processes require
that key risks are properly identified, measured, monitored, controlled, and reported.
Processes may also require tools like risk based internal audit, information security testing,
and fraud investigations, to be employed
The Governance Practice deals with corporate oversight and risk governance issues within an
organization including business continuity planning, compliance with SEBI guidelines by
listed companies, regulations relating to independent directors, investor expectation and
protection, Clause-49 on corporate governance, etc
The Compliance Practice covers a wide range of regulatory and environmental compliances
including Sox, IFRS, Solvency II, Basel II /III, Corporate Laws & Direct Tax Code etc
The Training Practice comprises of a variety of structured and /or industry specific training
programs and modules designed and conducted by Riskpro experts and trainers at onsite
(client or other offices) and offsite (Riskpro Training Centre) training facilities
5
6. About Mehrotra and Mehrotra, Chartered Accountants
Mehrotra & Mehrotra is a firm of Chartered Accountants based at New Delhi.
It is also having offices at Mumbai and Kanpur. The firm was established in
the year 1962 by Mr. M.P. Mehrotra, now a very senior member of the
Institute of Chartered Accountants of India. It is managed and headed by
proficient and veteran chartered accountants. Our team of professionals
including Chartered Accountants, Certified Internal Auditors, Lawyers,
Solicitors, Engineers and MBA's are engaged in developing and refining
new processes and methodologies to offer excellent quality services to our
esteemed clients.
The firm in its existence of over 48 years has provided a wide gamut of
services like Accounting Services, Auditing Services, Taxation Services to
the clients both within and outside India. We provide complete range for
any kind of financial accounting services, business process outsourcing,
direct and indirect tax consultancy etc., in India. We offer the most
authentic professional services like income tax, service tax, value added tax
etc., which can easily accelerate for the clients. Mehrotra & Mehrotra is
professionally managed organization, which is wholeheartedly engaged in
providing most reliable services.
6
7. Our Philosophy
● We will understand your business needs completely and deliver a
service that adds value
● We dedicate the best resouces with relevant sector experience, and
provide a state-of-the art quality service at an affordable fee
● We are always accessible and our approach to work is:
supportive and collaborative, flexible and responsive, open and
honest communication. We hold hands, not shake hands
● We provide constructive suggestions on improving business
processes and cost controls
● We adhere to timelines and deadlines
● We keep you informed about significant changes in regulatory,
compliance, and accounting matters on an ongoing basis
7
8. Quality Assured
We place great emphasis on quality control and quality management.
Our quality process Direction and supervision
Our Quality Process is designed to provide a quality The firm provides for appropriate direction and
culture, to analyze the processes used to hire, train and supervision at all levels, together with appropriate
retain staff, to develop and deliver services to our clients
consultation procedures, to give reasonable assurance
and to administer our own business.
that the work performed meets the highest standards.
We:
CONTINUOUS IMPROVEMENT employ and retain only those persons with the
intelligence, education, character and diligence
Human necessary to assume professional responsibility;
Leaders Informatio Resourc
Measure
hip and n e Service Client
assign engagement responsibility to only those
Quality Analysis Processe
External Deliver Satisfacti persons sufficiently trained and supervised to
`
s
Culture and Service y on and discharge those responsibilities;
Planning Processe
Business
s
Business Results not accept or continue a client relationship in
Processe circumstances incompatible with the firm’s
s
integrity;
adopt promptly policies necessary to realise the
Skills and competence objective of professional standards and applicable
Personnel in the firm adhere to the standards of regulatory requirements;
independence, integrity, objectivity and confidentiality. maintain policies to ensure that the firm and its
The firm is staffed by personnel who have attained, and professionals are free of conflicts of interest and
who maintain, the skills and competence required to
that professional excellence is achieved;
enable them to fulfil their responsibilities. To assist in
maintaining these skills the firm has procedures for: not tolerate any act that can damage the firm’s
training of staff at all levels, through both formal credibility.
courses and on-the-job experience;
continuing professional education;
assigning work to personnel who have the degree Confidentiality
of technical training and proficiency required in the We are well aware of the importance that you place on
circumstances; and confidentiality requirements and we have a proven
evaluating the performance of staff and counseling record of maintaining a strict code of confidentiality.
staff as to their progress and career opportunities. Our firm policy requires that affairs of clients be
confidentially kept at all times.
8
9. Clear and Continuous Communication
At Riskpro India, open and honest communication is a Core Value. Our experience
leaves us in no doubt that a successful relationship is based on trust and candid,
proactive communication.
Regular and open two-way communication is fundamental to all aspects of our service
to you. As an initial priority, we will agree with you an annual Communication Plan for
all our key meetings. This will help ensure there are formal and informal opportunities
for all key stakeholders to be kept informed of the issues that matter, and that there will
be “no surprises”.
Meeting/stakeholders Key objectives
Bi-annual meetings (or as requested) with the Present annual audit plan
Board / Audit Committee Report key findings
Updated assessments of key risks, including emerging risks
Discuss new regulatory and corporate governance requirements
Quarterly meetings with the Chief Executive Discuss strategy
Officer Discuss operational matters and performance
Raise and consider emerging issues
Regular meetings with Head of Financial Discuss operational matters and financial performance
Control Discuss implications of changes to the reporting and internal control framework
Meetings with operational management Discuss operational and business matters
9
11. Our Audit Methodology
Our audit methodology is risk-based and systematic which focuses on the organizational
objectives and any impediment to achieving those objectives. We recognise fully the need to
provide assurance on your business operations. Equally, we recognise the importance of
managing compliance issues, particularly in today’s evolving regulatory environment.
Understanding of Business
The key benefits of our audit approach are:
●Risk-based, & systematic approach; Risk Assessment
●Focus on areas considered as potentially & most likely to
lead to material errors in financial statements;
Audit Strategy / Planning
●Our audit control procedures are based on project planning
techniques, including the use of automated processes and
document templates, and the agreement of objectives, Fieldwork
timetables, responsibilities and careful resource planning;
●The focus of our reports are to generate constructive and
value added advice; and Dealing with critical issues
●Identifies performance improvement and cost reduction
opportunities.
Reporting
11
12. Our Audit Methodology - Risk Based Internal Audit How we Do
Internal Auditing helps an organization
accomplish its objectives by bringing a Enterprise Risk
systematic, disciplined approach to evaluate Assessment
and improve the effectiveness of risk
management, control and governance
processes. Risk
Need of Organizations
Source: The Institute of Internal Auditors 1999 (IIA) Assessment
Process
Reviews
Fraud Benefits of Risk based Audit
Mitigation
• Traditional audit view value added
Control techniques
Reviews •Risk profile of Businesses
•Internal Controls & Ops Risk reviews
Transaction •Cost reductions recommendations
Audit •Review of Fraud Risk Controls
Increasing Enterprise Risk Focus
12
13. Our Audit Methodology (cont..)
UNDERSTANDING THE BUSINESS
Our top-down risk-based approach ensures that the audit focus is on the issues that
are of greatest importance to you and that we are in the most appropriate position to
respond to them. Our audit starts with a detailed understanding of your industry and
business.
Our approach is based on a top-down examination of the key drivers of your business.
The output is a balanced picture of how the company interacts with customers and
external industry forces. We consider the audit implications of this analysis and use it
to identify significant audit risks.
We use industry specific business models to gain information on:
• industry background including major players, regulatory changes and trends,
• risks and drivers,
• geographic issues,
• descriptions of business processes,
• benchmarks and best practice and
• audit risks. 13
14. Our Audit Methodology (cont..)
RISK ASSESSMENT
In order to run your business, you develop processes to manage the factors that drive
performance and help control internal and external risks that could prevent you from meeting
your objectives. We focus on those processes where significant risks have been identified and
discuss with management its perception of how these risks are controlled. This phase of our
work enables us to obtain information on the processes supporting the achievement of the
company’s goals.
AUDIT STRATEGY AND PLANNING
Based on the understanding of business and risk assessment we devise the audit strategy. We
then develop detailed audit programs to test the transactions, processes and balances.
AUDIT FIELD WORK
The audit test work flows from strategic planning and risk assessment. The key element is to
review and test the high level controls embedded in your processes, as significant weaknesses
in your key processes could cost, both in terms of financial impact and reputational damage. We
also carry out necessary substantive audit procedures.
DEALING WITH CRITICAL ISSUES AND REPORTING
We identify and discuss all critical issues with management. We then determine whether the
Company’s financial statements and related disclosures meet our expectations.
We provide the audit report, management letter and any other deliverables and formally present
these to the Audit Committee / Board.
14
15. Our Audit Methodology (cont..)
IT AUDIT PROCESSES AND METHODOLOGY
We see IT as an enabler of the operational and financial processes and we
incorporate IT audit professionals into our audit to facilitate the identification and
testing of IT controls.
We use our focused IT audit methodologies and tools as part of our core audit
process to evaluate and test whether the Company’s information systems are
configured for data integrity, are secure and are effectively managing the business
needs. We work with key business and IT management to identify aspects of IT
that pose the highest risk to the Company. We then conduct a systematic, detailed
review of those areas in which we:
• identify appropriate IT control objectives that map to key business
processes;
• identify relevant IT policies and procedures and/or industry IT standards;
and
• evaluate the design of controls and test whether they are in place and
operating effectively.
15
16. Our Audit Methodology (cont..)
We use the following types of IT methodologies:
IT AUDIT METHODOLOGIES
Continuity management Process Documentation
System capacity and availability Control Risk Analysis
Back up and recovery Control Design & Implementation
Data storage
Network penetration testing Project risk assessment
Information security assessment Quality Assurance
Enterprise security architecture and Project management methodology
integration Programme management
Ongoing monitoring processes
16
17. Our Audit Methodology (cont..)
INTELLIGENT USE OF TECHNOLOGY
Technology is only one component of an integrated approach that combines
methodology, knowledge and technology into our tailored service to you.
We deliver our external audit services using a fully automated audit software. This
software is designed specifically to integrate knowledge management into the audit
process. Technology can never be a substitute for face-to-face communications and
we continue to rely on meetings with management to identify, resolve and
communicate issues.
Know ledge
Technology M ethodology
17
19. Legal compliance
Stage 1 – CAC
Preparation of Compliance Audit Checklist (CAC) covering all relevant laws
applicable to the target unit.
Stage 2 - Visit to location
Verification of relevant records and documents available.
Compilation of draft report based upon findings and observations of the audit
team
Review meeting with the unit head / work directors to discussion on the
finding of audit.
Stage 3 – Report
Submission of detailed Non Compliance (NC) report to the company (Board
of Directors or Compliance Head)
Follow up with the unit to verify action taken
19