VIJAY B KUMAR & Co

Internal Audit - An Overview

An Overview

Internal audit in India refers to the independent assessment and evaluation of an organization's internal control systems, risk management processes, and governance practices. Internal auditing in India is a critical function that provides assurance to the organization's management and stakeholders that the business is operating efficiently and effectively.

Internal audit in India is regulated by various laws and regulations, including the Companies Act, 2013, and the Institute of Chartered Accountants of India (ICAI). The ICAI sets standards for the internal audit profession in India, and its members are responsible for conducting internal audits in accordance with these standards.

The primary objective of internal audit in India is to assist organizations in achieving their strategic objectives by providing them with insights and recommendations to improve their operations. Internal auditors in India are also responsible for identifying potential risks and control deficiencies that could impact the organization's ability to achieve its goals.

Internal audit in India has become increasingly important in recent years, as companies are under greater pressure to comply with regulatory requirements and maintain good corporate governance practices. As a result, there has been a growing demand for qualified and experienced internal auditors in India, and many companies are investing in building robust internal audit functions to manage their risks effectively.

Objectives of an Internal Audit

The primary objectives of internal audit are:

Evaluating and improving the effectiveness of internal control systems: Internal audit ensures that an organization's internal control systems are effective in managing and mitigating risks. It evaluates the design and implementation of control procedures and makes recommendations for improvements.
Ensuring compliance with laws and regulations: Internal audit reviews the organization's operations to ensure compliance with applicable laws and regulations. It identifies areas where the organization is not complying with legal requirements and recommends corrective actions.
Detecting and preventing fraud: Internal audit helps to detect and prevent fraudulent activities within an organization. It reviews financial transactions and identifies any irregularities, suspicious activities or potential fraud risks.
Assessing and managing risk: Internal audit evaluates an organization's risk management processes and provides recommendations to manage risks effectively. It identifies areas of potential risk and recommends actions to mitigate them.
Providing assurance to management and stakeholders: Internal audit provides assurance to the management and stakeholders that the organization's operations are being carried out efficiently, effectively, and in compliance with applicable laws and regulations. It provides independent and objective assessments of an organization's operations, processes, and controls.
Improving operational efficiency and effectiveness: Internal audit helps to identify areas where an organization can improve its operations, processes, and controls. It provides recommendations to improve efficiency and effectiveness, reduce costs, and enhance performance.
Supporting strategic decision-making: Internal audit provides insights and recommendations that can help management to make informed and strategic decisions. It helps management to understand the risks and opportunities associated with various strategic options and to make decisions that are in the best interests of the organization.

Internal audit Under Companies Act,2013

Section 138 of the Companies Act, 2013, specifies the provisions related to internal audit in India. Some of the key provisions are:

Mandatory Internal Audit: Every company that meets the prescribed threshold for turnover, paid-up share capital or outstanding loans or borrowings must conduct internal audit on a regular basis. The Central Government may prescribe the threshold limits for different classes of companies.
Appointment of Internal Auditor: The Board of Directors of the company must appoint an internal auditor or a firm of internal auditors to conduct the internal audit. The internal auditor should not be an employee of the company.
Scope of Internal Audit: The scope of internal audit must be determined by the Audit Committee or the Board of Directors of the company. The internal auditor must evaluate the adequacy and effectiveness of the company's internal controls, risk management systems, and governance processes.
Reporting: The internal auditor must submit a report to the Audit Committee or the Board of Directors of the company on the findings of the internal audit, along with recommendations for improvement. The internal auditor must also report any fraud or suspected fraud to the Audit Committee and the Board of Directors of the company.
Compliance: The internal auditor must ensure compliance with applicable laws and regulations, including the Companies Act, 2013, and other laws relevant to the business of the company.
Qualifications and Remuneration: The qualifications, experience, and remuneration of the internal auditor must be decided by the Audit Committee or the Board of Directors of the company.

It is important to note that the provisions of internal audit under the Companies Act, 2013, apply to all companies in India, irrespective of their size or nature of business.

Frequently Asked Questions

Who conducts internal audit?

Internal audit may be conducted by an internal auditor or a team of internal auditors within the organization, or by an external auditor or a firm of auditors hired by the organization.

What is the difference between internal audit and external audit?

Internal audit is conducted by the organization's own employees or a team of internal auditors, while external audit is conducted by an independent auditor or a firm of auditors that is not part of the organization. Internal audit focuses on providing assurance on the adequacy and effectiveness of the organization's risk management, control, and governance processes, while external audit focuses on providing an independent opinion on the fairness and accuracy of the organization's financial statements.

What is the scope of internal audit?

The scope of internal audit may vary depending on the nature, size, and complexity of the organization's operations, as well as the specific requirements of the organization's management or board of directors. The scope of internal audit may include evaluating the adequacy and effectiveness of the organization's internal controls, risk management systems, and governance processes.

What are the benefits of internal audit?

The benefits of internal audit include identifying and managing risks, improving operational efficiency and effectiveness, ensuring compliance with laws and regulations, enhancing stakeholder confidence in the organization, and providing insights and recommendations for improvement.

How often should internal audit be conducted?

The frequency of internal audit may vary depending on the size and complexity of the organization's operations, as well as the specific requirements of the organization's management or board of directors. Generally, internal audit should be conducted on a regular basis to provide ongoing assurance on the adequacy and effectiveness of the organization's risk management, control, and governance processes.

What are the qualifications required for an internal auditor?

The qualifications required for an internal auditor may vary depending on the organization's requirements. Generally, an internal auditor should have a degree in accounting, finance, or a related field, and relevant professional certifications such as Certified Internal Auditor (CIA) or Chartered Accountant (CA). Additionally, an internal auditor should have relevant work experience and knowledge of the organization's industry and business operations.

What are the applicable limits for internal audit?

According to Section 138 of the Companies Act, 2013, every company that meets the prescribed threshold for turnover, paid-up share capital, or outstanding loans or borrowings must conduct internal audit on a regular basis. However, the Central Government has the power to prescribe the threshold limits for different classes of companies.
As of now, the threshold limits for mandatory internal audit under the Companies Act, 2013, are as follows:

Turnover: If the turnover of the company during the previous financial year is more than Rs. 100 crores, the company must conduct internal audit.
Paid-up Share Capital: If the paid-up share capital of the company is more than Rs. 50 crores, the company must conduct internal audit.
Outstanding Loans or Borrowings: If the outstanding loans or borrowings of the company are more than Rs. 25 crores at any time during the previous financial year, the company must conduct internal audit.

It is important to note that these thresholds may be revised by the Central Government from time to time. Additionally, companies may also choose to conduct internal audit voluntarily, even if they do not meet the prescribed threshold limits.