2. ACKNOLEDGEMENT
I would like to express my special thanks of gratitude to my teacher
Ms. Preetika Arya who gave me the golden opportunity to do this
wonderful project on the topic “Auditing Procedure & Internal
Control System” which also helped me in doing a lot of Research and
I came to know about so many new things I am really thankful to
them.
Secondly I would also like to thank my parents and friends who
helped me a lot in finalizing this project within the limited time frame
3. What is Audit Procedures?
Audit Procedures are steps performed by auditors to get all the information
regarding the quality of the financials provided by the company, which enable
them to form an opinion on financial statement whether they reflect the true and
fair view of organization’s financial position. They are identified and applied at
the planning stage of the audit after determining audit objective, scope,
approach, and risk involved.
4. AUDIT PROCEDURE METHODS
During the process of the preliminary assessment, an auditor is required to identify and ascertain the amount
of risk involved and accordingly develop an audit plan. The audit plans should define these steps which will
be applied by the auditor to obtain audit evidence.
1. Substantive Audit Procedures: Substantive procedures are processes, steps, tests performed by auditors
which creates conclusive evidence regarding accuracy, completeness, existence, disclosure, rights, or
valuation of assets/ liability, books of accounts or on financial statements. For any procedure to be
concluded, the auditor should collect enough audit evidence so that another competent auditor when
applies the same procedure on the same documents, makes the same conclusion. It can be regarded as
complete checking. Auditor usually uses this procedure when he is of opinion audit area includes a high
frequency of risk.
2. Analytical Audit Procedures : Analytical procedures can be defined
as tests/ study/ evaluations of financial information through analysis
of plausible relationships among both financial and non-financial
data. In simple language, certain checks/tests conducted by auditor
based on study/ knowledge/ previous year figures to check and form
an opinion on financial statements. Depending on the audit area, the
analytical audit procedure may differ. For example, the auditor may
compare two sets of financial statement of same entity pertaining to
two different financial years or sometimes may compare two
different entity’s financial data for obtaining audit evidence
5. TYPES OF AUDIT PROCEDURES
i. Inspection: Inspection is the most commonly used method. Under this auditor
checks every transaction/ document as against written steps, procedures so as to
ensure accuracy.
ii. Observation: Under this technique of audit, the auditor usually tries to inspect
others doing/ performing a particular process. For e.g. An auditor may observe
steps followed in processing GRN against goods purchased.
iii. Confirmation: This type is applied to ensure the correctness of financial statement
either from internal sources within auditee organization or from external sources.
iv. Recalculation: Under this audit method, the auditor usually crosses checks
information presented by the client. This is
generally used in case of checking
mathematical accuracy.
v. Reperformance: Using this procedure,
the auditor re-perform entire process is
performed by the client so as to find out
gaps, audit findings, etc.
6. ADVANTAGES
Some advantages are as follows
• It helps an auditor to obtain conclusive and substantial audit evidence for forming an
opinion on financial statements .
• Well defined procedures define the quantum of time and energy which needs to be
deployed for finding audit evidence.
• Pre-established procedures help an auditor to follow a defined set of steps which
needs to be followed for finding audit evidence .
• They also help and auditor to well plan in advance areas which need to be focused
and deciding the type of audit procedure which needs to be applied.
7. DISADVANTAGES
Despite several audit procedures applied by an auditor, he/she cannot conclude whether financial
statements prepared presents a true and correct view. An auditor expresses an opinion which is
always subjected to inherent limitations of audit which are described as follows:
• Human Error: Despite checking at thorough level, there are chances of being expressed an
inadequate opinion due to human errors and omissions. Since there is always a person present
behind any machine.
• Absence of Clear Instructions in Accounting: Auditing standards do prescribe series of
steps to be followed while conducting an audit but there are situations which are still
undefined. Treatment needs presumptions in these cases.
• Existence of Management Fraud: There may be chances of fraud committed at high-level
management or by collusion of the group of employees. Since auditor forms an opinion based
on data shared by the auditee, the auditee may not be in a position to detect such fraud.
• Judgements: In preparing financial statement there are situations where management needs to
make a judgement which may differ from one to another. With this change in judgements, an
auditor may not depict the exact position of that business.
8. MEANING OF INTERNAL CONTROL
Internal control, as defined in accounting and auditing, is a process for
assuring achievement of an organization's objectives in operational
effectiveness and efficiency, reliable financial reporting, and compliance with
laws, regulations and policies. A broad concept, internal control involves
everything that controls risks to an organization.
It is a means by which an organization's resources are directed, monitored,
and measured. It plays an important role in detecting and preventing fraud and
protecting the organization's resources, both physical (e.g., machinery and
property) and intangible (e.g., reputation or intellectual property such as
trademarks).
9. FEATURES OF INTERNAL CONTROL
i. Controls Environment: The control environment is a necessary condition for effective internal
control, because even the best-designed systems can be let down if management overrules the
controls that are in place. Management is also responsible for establishing controls for a public
company.
ii. Risk Assessment: It is the identification of points in the company's business processes where
internal control is important. The internal control system reduces accounting errors and lessens the
risks of intentional irregularities.
iii. Information and Communication: The information and communication component of internal
control involves the process of gathering and disseminating information throughout the
organization .
iv. Monitoring: It is the ongoing feedback mechanism that ensures that internal control systems that
are effectively designed remain the same way. Effective monitoring includes ongoing testing of
existing control activities and procedures to follow when business processes change.
v. Control Activities: These are the specific activities performed by company personnel to ensure
that internal control is effective. These activities are designed to address issues found in the
company's risk assessment, then implemented and tested for operating effectiveness as part of the
monitoring function.
10. OBJECTIVES OF INTERNAL CONTROL
i. Orderly and Efficient Conduct of Business: To ensure the orderly and efficient conduct
of business in respect of systems being in place and fully implemented. Implementation of
a control means that the control exists and the entity is using it.
ii. To Safeguard the Assets of the Business: Assets include tangibles and intangibles, and
controls are necessary to ensure they are optimally utilized and protected from misuse,
fraud, misappropriation or theft.
iii. To Prevent Fraud: Controls are necessary to show up any operational or financial
disagreements that might be the result of theft or fraud.
iv. Ensure the Completeness and Accuracy of Accounting Records: To ensure that all
accounting transactions are fully and accurately recorded, that assets and liabilities are
correctly identified and valued, and that all costs and revenues can be fully accounted for.
v. To Prevent Omissions in Accounting: The aim of this system is to bring about discipline
in accounting so that no transaction is omitted from being recorded in the books of
accounts.
vi. To Increase the Efficiency of Employees: The aim of the internal control system is to
divide the work into various parts and assigning it to those employees who are efficient in
doing such work.
11. PRINCIPLES OF GOOD INTERNAL CONTROL
i. Record and Books: Books should be kept upto date and at regular intervals these should be
balanced. Handling of cash transactions should be made by the different persons.
ii. Independent Checking: Work performed by one person should be independently and
automatically checked by another person.
iii. Clear Staff Duties: Duties of each staff member should be clear and there should be no
confusion and doubt in this regard. In case of any staff member absence duties arrangements
should be made in advance.
iv. Chance of Fraud: It is also an important principle that no one should handle the transaction
from beginning to end. Because most of the frauds are committed due to this reason.
v. Clear Rules: All those rules relating to cash, stock, receipts and issuance of goods should be
very clear and well-defined. It should be also checked that there rules should be followed by the
employees properly.
vi. Instructions in Writing: For the effective internal control, it is necessary that all the
instructions should be in writing in the form of accounting manuals.
12. vii. Qualified and Competent Staff: For effective control system, there is also a need of
qualified and competent staff. Every staff member should be properly placed according to his
skill and qualification.
viii. Double System of Accounting: For internal control double accounting system must be
used.
ix. Use of Machines: For tabulation and keeping the
accuracy of the record various mechanical instruments
like calculators and computers must be introduced.
x. Record of Goods and Assets: All the companies'
assets and records should be maintained properly.
There should be also the security measures for the
recording of goods and assets.
13. TYPES OF INTERNAL CONTROL
1. Preventive Controls: These are designed to discourage errors Irregularities from occurring.
They are proactive controls that help to ensure departmental objectives are being met. Examples
of preventive controls are:
i). Segregation of Duties: Duties are segregated among different people to reduce the risk of error
or inappropriate action.
ii) Approvals, Authorizations and Verifications: Management authorizes employees to perform
certain activities and to execute certain transactions within limited parameters. In addition,
management specifies those activities or transactions that need supervisory approval before they
are performed or executed by employees. A supervisor's approval (manual or electronic) implies
that he or she has verified and validated that the activity transaction conforms to established
policies and procedures.
iii) Security of Assets (Preventive and Detective): Access to equipment, inventories, securities,
cash and other assets is restricted; assets are periodically counted and compared to amounts shown
on control records.
14. 2. Detective Controls: These are designed to find errors or irregularities after they have
occurred. Examples of detective controls are:
i) Reviews of Performance: Management compares information about current performance to
budgets, forecasts, prior periods, or other benchmarks to measure the extent to which goals and
objectives are being achieved.
ii) Reconciliation: An employee relates different sets of data to one another, identifies and
investigates differences, and takes corrective action, when necessary.
iii) Physical Inventories: The physical inventory count does not safeguard the inventory from
theft or loss; it prevents a material misstatement of the financial statements if performed
effectively and timely.
iv) Audits: It is an unbiased examination and evaluation
of the financial statements of an organization.
15. ADVANTAGES OF INTERNAL CONTROL
i. Protect the Assets: Internal control helps to protect the assets of the business from
misuse, theft, accident, etc. Advantages of Internal Control
ii. Implement Management Policies: Internal control helps to implement
management policies to attain corporate goals.
iii. Detects Errors and Frauds: Internal control helps the auditor in his/her work
detecting all the errors and frauds which are committed in the books of accounts.
An auditor may compensate for a weakness in internal control by increasing the
extent of substantive tests of details.
iv. Increases the Accuracy and Reliability: Internal control helps to increase the
accuracy and reliability of financial statement and books of accounts.
v. Regulate the Work of Staffs: Internal control helps to regulate the work of staffs
through division of work among the staffs in a scientific manner which helps to
make the daily works of staffs effective.
vi. Control Environment: The overall attitude and awareness of an entity's board of
directors concerning the importance of internal control is reflected in control
environment.
16. DISADVANTAGES OF INTERNAL CONTROL
i. Expensive: A key disadvantage of internal controls is that they are expensive, and therefore
may not be worth putting into place.
ii. Human Element: Internal controls can never be considered as absolutely effective because
their effectiveness is limited by the competency and dependability of the human elements
(employees). In obtaining an understanding of internal control relevant to the audit, an
auditor is required to obtain knowledge about the design of the controls pertaining to
internal control components.
iii. Technology: Management is often unwilling to implement an ideal system of internal
controls because sufficient technology does not exist to afford an ideal system.
iv. Unusual Transactions: An unusual transaction may occur which does not fit into the
normal routines, in this case standard controls may not be relevant to the unusual
transaction, and hence mistakes may be made in relation to that unusual transaction.
v. Reasonable Assurance: A high, but not absolute, level of assurance. The level of
assurance can depends on the evidence that can be obtained by the practitioner. If he only
access to part of the building, he can only provide limited assurance.
17. Important Points
With the change in the business environment, business models, the auditor needs to
ensure changes in predefined audit procedures. since with the change in environment,
these procedures also become obsolete. For example, with the increased automation, an
auditor needs to implement audit procedures keeping in mind computerized
environment involved. An audit without system audit may be incomplete and may
result in forming the wrong audit opinion.
Conclusion
Audit Productizes are a series of steps/processes/ methods applied by an auditor for
obtaining sufficient audit evidence for forming an opinion on financial statement
whether they reflect the true and fair view of organization financial position. It is
mainly of two types – substantive and analytical procedure. depending on risk
assessment, auditor applies audit procedures. These helps an auditor to plan audit and
accordingly invest time for obtaining audit evidences. Audit opinion, still, is subjected
to inherent limitations of an audit.