Вы находитесь на странице: 1из 39






Ms./ Mr./ Dr./ Prof. __________
Assistant Professor/ Associate Professor/ Professor, RDIAS

Name of the Student
Enrollment No._______
BBA, Semester ______
Batch 2017– 2020


An ISO 9001:2015 Certified Institute

NAAC Accredited: A+Grade (2nd Cycle), Category A+ Institution (by SFRC, Govt. of NCT
(Approved by AICTE, HRD Ministry, Govt. of India)
Affiliated to Guru Gobind Singh Indraprastha University, Delhi
2A & 2B, MadhubanChowk, Outer Ring Road, Phase-1, Delhi-110085

Page No.

Student Declaration……………………………………………………………………………i
Certificate from Company ……………………………………....…..........................ii
Certificate from Faculty Guide……………………………………....…....................iii


Executive Summary…………………………………………………………………………...v

List of Tables……………………………………………………………………………………vi

List of Graphs………………………………………………………………………………….vii

List of Charts……………………………………………………………………………..……viii

List of Abbreviations, if any………………………………………………………………….ix


1.1 About the Topic

1.2 About the Industry or About the Company
1.3 Literature Review


2.1 Purpose of the study

2.2 Research Objectives of the study
2.3 Research Methodology of the study
2. 3.1 Research Design
2.3.2 Method of Data Collection
2.3.3 Sample Design Sample Unit Sample Size Sampling Method
2.3.4 Designing Questionnaire
2.4 Limitations


3.1 Analysis & Interpretation


4.1 Findings
4.2 Suggestions


5.1 Conclusion
5.2 Scope for future research


ANNEXURES (if any)

Student’s Declaration

This is to certify that I have completed the Project titled “----------------------------” under
the guidance of “---------------------------” in the partial fulfillment of the requirement for
the award of the degree of “Bachelors in Business Administration” from “Rukmini Devi
Institute of Advanced Studies, New Delhi.”

It is also certified that the project of mine is an original work and the same has not been
submitted earlier elsewhere.

Name of the Student

Enrollment No.
Class & Section
Certificate from Faculty Guide

This is to certify that the project titled “---------------” is an academic work done by “------
-------” submitted in the partial fulfillment of the requirement for the award of the degree
of “Bachelors in Business Administration” from “Rukmini Devi Institute of Advanced
Studies, New Delhi.” under my guidance and direction.

To the best of my knowledge and belief the data and information presented by him / her
in the project has not been submitted earlier elsewhere.

Name of the Faculty

Designation of the Faculty

Has to be made by student.

Name of the Student

Enrollment No.
Class & Section
(For Example Only)
(Only brief summary of Project Report maximum of two paragraphs)

Executive summary should include the below mentioned steps in paragraph form:
1. Overview and project aim
2. Planning of the project
3. Outline of the Research Methodology and Techniques used for Data Analysis
4. Findings of the study
5. Conclusion

(Structure of chapters)
The general definition of an audit is a planned and documented activity performed by
qualified personnel to determine by investigation, examination, or evaluation of objective
evidence, the adequacy and compliance with established procedures, or applicable
documents, and the effectiveness of implementation. The term may refer to audits in
accounting, internal controls, quality management, project management, water management,
and energy conservation.

Auditing is defined as a systematic and independent examination of data, statements, records,

operations and performances (financial or otherwise) of an enterprise for a stated purpose. In
any auditing the auditor perceives and recognizes the propositions before him for
examination, collects evidence, evaluates the same and on this basis formulates his judgment
which is communicated through his audit report. The purpose is then to give an opinion on
the adequacy of controls (financial and otherwise) within an environment they audit, to
evaluate and improve the effectiveness of risk management, control, and governance

A commonly used definition for internal audit is:

‘An independent, objective assurance and consulting activity designed to add value and
improve an organization’s operations. It helps an organization accomplish its objectives by
bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk
management, control and governance processes’.
This definition recognises two roles for internal audit:
• to provide an independent assurance service to the board, audit committee and management,
focusing on reviewing the effectiveness of the governance, risk management and control
processes that management has put into place.
• to provide advice to management on governance risks and controls, for example, the
controls that will be needed when undertaking new business ventures.

Professional guidance is available from a number of sources. Building on the definition

above, the Institute of Internal Auditors (IIA) has issued professional standards for both
assurance and consulting work. Public sector organizationsare likely to follow internal
auditing standards and guidance set by HM Treasuryand other public sector related bodies
such as the Chartered Institute of Public
Finance and Accountancy (CIPFA).

Internal audit
Staffing internal audit is a joint exercise that includes input from the audit committee and
management. Several factors — such as an organization’s size, complexity, level of risk and
geographic diversity — can influence decisions regarding the level of internal audit
certification that may be desired.

Selection criteria
Audit committees and management might consider the following factors in stafing an internal
audit function:
• A strong leader — Internal audit leaders (often called chief audit executives or directors of
internal audit) must not be afraid to bring potential problems to light.
• Reporting relationships — Regardless of its defined reporting relationship to management
and the board,1 internal audit should have frequent, open and direct lines of communication
with the audit committee, and the freedom to address meaningful organizational risks.
• Need for specialists to deal with complex or difficult transactions.
• Geographic diversity — Organizations with wide geographic reach may benefit from
having internal audit personnel located near significant operations.
• Form of compensation fosters appropriate focus on audit quality.
• Objectivity or “independence” — Internal auditors should be familiar with the subject
matter, but should not be so closely tied to the area that their neutrality is impaired.
Audit committee considerations
To ensure that the organizational framework for the internal auditing function is
comprehensive and balanced, the audit committee should consider the following three areas.

Internal audit philosophy

Corporate accountability and governance necessitate an ongoing appraisal of the entity’s
auditing philosophy. Some internal audit functions focus exclusively or primarily on
operations, while others extend their focus to financial reporting. The audit committee and
management should:
• understand and agree with the operating philosophy, and
• be confident that internal audit has appropriately skilled resources to execute
on the chosen philosophy.

Internal audit independence

Appropriate levels of independence enable internal audit to design and execute audit
procedures in all necessary areas and fully support findings and recommendations to
management and the audit committee or the full board.

COSO’s Guidance on Monitoring Internal Control Systems contains some helpful direction
regarding the broad concept of objectivity. Objectivity refers to the extent to which
evaluators and information sources can be expected to perform an evaluation or provide
information with no concern about possible personal consequences and no vested interest in
manipulating the results for personal benefit or self-preservation. Personal integrity is a
primary consideration in assessing objectivity, but other, more easily observed factors
include compensation incentives, reporting responsibilities, personal relationships and the
degree to which individuals might be otherwise affected by the results of monitoring.

Structure and logistics

Organizations, depending largely on their nature, size and complexity, have different internal
auditing needs. The audit committee should review the plans and budgets of the internal
auditors in relation to the entity’s auditing needs and potential auditing benefits. Equally
important, the committee should review the organization chart of the internal auditing
function to determine that it is balanced in accordance with the audit plan. An illustrative
organization chart shows how the internal audit function of a multinational enterprise might
be organized on a centralized basis.
Monitoring the internal audit function
The audit committee’s routine oversight of internal audit is beneficial for the following
reasons. First, it enhances the audit staff’s independence and strengthens its image in the
corporate structure. Second, the audit committee can help coordinate internal and external
audit activity, thus improving the efficiency of both. Third, an effective internal audit
function assists the audit committee in discharging its responsibilities in light of its limited
time and oversight capacity.

Appraising the quality of internal auditing staff

Chief audit executives (CAEs) should be able to articulate to the audit committee how they
meet the standards set forth by the IIA.4 Criteria for which the audit committee should look
include the following:
• Proficiency
• Due professional care
• Continuing professional development
• Internal and external quality assessments
• Reporting on the quality assurance and improvement program

The audit committee also should inquire of the independent auditor regarding the quality of
internal auditing personnel in relation to:
• the professional qualifications and educational backgrounds of the staff,
• the use of professional training and development programs for the corporate audit staff, and
• the performance appraisal and evaluation system.

Finally, while each audit committee may develop its own approach to monitoring the
activities of the internal audit function, the following summary thoughts should be helpful. In
general audit committees should:
1. assist in the overall internal auditing policy determination and approve such policies to
ensure that the staff has authority commensurate with its responsibilities;
2. review the scope of the internal and external auditing plans in order to maximize the
resources allocated to the audit function and minimize the outside auditing fees;
3. review copies of the internal auditing reports and critically evaluate findings,
recommendations, management’s response and courses of action taken, and review the
disposition of the recommendations in the independent auditor’s management letter;
4. review and appraise the staff’s organization regarding its auditing philosophy,
independence and logistical operations;
5. assess the quality of the auditing personnel and training to ensure that the internal auditing
function is adequately staffed;
6. assure the CAE that the audit committee supports his function in the corporate structure
and the director has access to the committee and the functional areas within the entity, and
obtain assurance that the staff is receiving the proper cooperation from management; and
7. determine the need for specialists, such as in complex areas of accounting or
evaluation of computer security.

Status of internal audit

Where there is an internal audit function, its status and remit derives from the needs of the
organization and should be set at the top of the organization, i.e. by the board and the audit
committee. There is no single model for internal auditand each organization will determine
what is appropriate to suit its requirements.
In general, internal audit could, if agreed by the audit committee, seek assurance
• The organization has a formal governance process which is operating as intended: values
and goals are established and communicated, the accomplishment of goals is monitored,
accountability is ensured and values are preserved.
• Significant risks within the organization are being managed and controlled to an acceptable
level as determined by the board. In addition, internal audit can be used to facilitate the
strengthening of the governance and risk framework within the organization.

Terms of reference
The overall status and remit of internal audit should be formalized in terms of reference, often
referred to as an audit charter, and approved by the board, normally through the audit
committee. These should then be communicated to relevant people within the organization.
Internal audit’s terms of reference or charter should provide clarity about its:
• Strategy and objectives;
• Role and responsibilities within the organization;
• Scope of work;
• Accountability to the audit committee;
• Reporting lines for line management purposes;
• Accessibility to the board and the audit committee; and
• Unfettered access to all information, people and records across the organization. The terms
of reference should make it clear that internal audit should not be put in a position where it
has to review its own work.

Audit approach
The audit approach taken by internal audit will largely depend on its remit and the objective
assurance that the board requires.

Audit plans
Internal audit should, on at least an annual basis, develop a plan of work that it will cover to
provide the required assurance to the audit committee and the board. This plan should retain
some flexibility to enable internal audit to respond to new issues as they arise. The audit plan
should identify how internal audit will:
• Obtain assurance on the effectiveness of the governance and risk management
• Support the development and maintenance of governance and risk management processes;
• Challenge the board’s assessment of risk and the controls in place to manage the identified
• Evaluate and test the effectiveness of controls in place to manage the identified risks; and
• Co-ordinate with other sources of assurance, e.g. health and safety, external auditors, etc.

In setting the audit plan, there should be effective dialogue between the audit committee,
management, internal audit and external auditors to ensure that there is adequate assurance
from all sources to cover all key business risks. Audit committees need to make clear their
expectations that both internal and external auditors will communicate effectively with each
other about how their respective audit plans and objectives will cover these key business
risks. The IIA’s Performance Standard 2201, Planning Considerations, states that internal
auditors, in planning their work, should consider the objectives of the activity being
reviewed, the risks related to that activity, the adequacy and effectiveness of the activity’s
risk management and control systems and the opportunities for making significant
improvements to those systems.

Skills and resources

Internal audit needs to have adequate budget and resources to complete its work plan and
fulfil its remit. In achieving appropriate coverage of the agreed risk areas, it will need to have
staff with the right skills and expertise. It may also require access to specialist resources
which might include using staff from elsewhere in the organisation or external resources.

Sourcing of internal audit

There is no requirement for internal audit to be provided by an organisation’s own
employees. The organisation may choose to have the service provided fully from within, may
outsource it entirely to an external provider or may consider a mixture of internal and
external sourcing. However the service is provided, it needs to fit into the overall remit and
scope that has been set and its effectiveness needs to be monitored and reviewed on a regular
basis by the audit committee.

Performing the audit work

In order to perform its work efficiently and effectively, internal audit will need tohave
unfettered access to necessary information, people, records and outsourced operations across
the organisation. IIA Performance Standard 2300, Performing the Engagement, states that
internal auditors should identify, analyse, evaluate and record sufficient information to
achieve the engagement’s objectives. The head of internal audit will need to determine how
internal auditors carry out their work and the level of evidence required to support their

Evaluation of findings
Internal auditors will normally evaluate the findings of each engagement. They should assess
whether the actions adopted by management address risks in the manner and to the extent
intended and identify and report any weaknesses.

Communication of results
Under the IIA’s Performance Standard 2400, Communicating Results, it is recommended that
internal auditors report internally to the board, the audit committee and management on a
regular basis. Internal audit’s reports, opinions and any recommended management actions
need to be communicated in a clear, concise, reliable and constructive way. They should
demonstrate a clear understanding of the organization and its objectives. All significant
actions need to be communicated to the audit committee regularly, together with dates of
implementation. Where key agreed actions are not appropriately implemented by
management, there needs to be a mechanism for internal audit to investigate the reasons why
and, if necessary, escalate matters to the audit committee. It is important for both internal and
external auditors to co-operate, communicate and share their evaluations and the results of
their audit work when relevant and subject to any confidentiality requirements. This dialogue
should take place regularly throughout the year.

External audit

Selecting and evaluating the external auditor

Few decisions that audit committees make are more important than the recommendation or
selection of external auditors.5 Audit committee members should, therefore, be diligent in
selecting the right auditor and in evaluating the auditor’s performance throughout the
engagement. Exhibit 2 includes some selection criteria for audit committee consideration.
These same criteria also can be used to evaluate the auditor’s performance during or at the
end of an audit.
External auditor selection/evaluation criteria

Industry experience
Audit committees of large, complex organizations, and those that venture into complicated
industries like software or finance, need to ensure the external auditors have an appropriate
level of industry experience.

Support network available within the external auditing firm

Audit committees should be confident that the external auditor has access to specialized
technical resources — whether in a national office or spread around its geographic footprint.
Ask the prospective auditor to describe the process for answering a technical question that
cannot be handled solely by the engagement team.

Audit committees should be confident that the external auditor has appropriately evaluated
and reported the firm’s independence, considering family relationships, investment holdings
or other business relationships. Independence requirements apply to the engagement team, to
the firm’s local office, and in most public company situations, to the firm as a whole.

Reasonableness of audit plan

The audit committee should be confident that the prospective auditor’s audit scope is
reasonable and adequate, and that it includes locations that, on their own, are material to the
financial statements. Smaller locations may be included on a rotating or limited-scope basis.
Audit committees should heed unusually low competitive bids, which may signal that the
auditor doesn’t understand the scope required or that he plans to make up the difference
through special billing. Require proposing firms to quote both hours and fees by major audit
area to evaluate differences in hourly rates (which may reflect the personnel
level planned for the work)and number of hours (which may reflect audit planadequacy

Ability to toe the line

Audit committees should be confident that the audit partner has the fortitude to deliver
constructive criticism. Over time — in executive session — ask open-ended questions about
management’s and/or internal audit’s performance, and evaluate the partner’s demeanor and
response. To evaluate how well a prospective auditor communicates difficult information, ask
references or the audit partner for examples of issues he has reported. Confidentiality
may rightly prevent full disclosure of such issues, but the audit committee should be able to
get a sense of the auditor’s candor.

Form and frequency of communications

• With management
• With internal audit
• With the audit committee
The audit committee should expect frequent, open auditor communication with management
and internal audit, and may reasonably expect the auditor to spend time talking to managers
and employees outside of the executive suite. Auditing standards require the auditor to have
certain types of communications with the audit committee.
At a high level the audit committee should expect:
• An audit planning discussion early in the year describing what the auditor plans to do,
where he plans to do it and how much effort he expects it to take
• Interim updates measuring progress against the plan
• Immediate communication of issues like suspected fraud, major internal control problems or
indication of a prior-period material error

Lack of surprises
Audit surprises, in this context, come in two forms:
• Those related to last-minute audit adjustments
• Those related to last-minute cost overruns
Both can be caused either by the company’s failure to provide necessary information to the
auditor by the agreed-upon date, or by the auditor’s failure to perform necessary procedures
early enough to detect a particular problem. Proper interim communication and routine audit
committee/auditorexchanges about the status of requestedinformation usually prevent auditor
downtime, overruns and rushed audit procedures.

Partner and manager

A typical audit includes 20 to 30 percent

Partner/manager time, but audit complexity can raise or lower those percentages. The mix of
partner and manager time also varies based on the number of audit managers staffed and their
level of experience. The quality of the hours spent, especially by the partner, is more
important than the number of hours spent. The partner’s early involvement in the planning
process, frequent interim reviews of the audit work, and adequate review time in the field
translate into an effective and efficient audit.

Quality control procedures

Auditors of public companies are required to have concurring or second partner reviews,6
often called “engagement quality reviews.” The audit committee should inquire about the
skills and involvement of the concurring partner, who should have appropriate industry
experience and be available to the engagement team as needed.

Using the work of others

The audit committee should be confident that the external auditor is making appropriate but
not excessive use of the internal control testing performed by others, including internal audit.

Usefulness of recommendations
External auditors are uniquely positioned to add value beyond the assurance provided in the
audit opinion, and audit committees should be confident that the auditors they select have a
continual improvement mindset. With unprecedented access to business operations and
related books and records, and valuable knowledge gained from other companies’ best

Team chemistry — Balancing clientrelationships with duty to

financial statement users
Audit committees should expect the audit team to be courteous, respectful and reliable, and at
thesame time, to maintain a “healthy skepticism.”8Committee members should ask
management periodically about the auditor relationship — looking equally for signs of
excessive tension and excessive collegiality9 — and should ask the auditor about the
nature of management’s interactions.

External auditor reporting

Auditing standards require the external auditor to communicate certain things to “those
charged with governance,” which usually includes management and the board (through the
audit committee).12 In general, the audit committee should expect the auditor to
• The auditor’s responsibilities in relation to the financial statement audit,
• Planned scope and timing of the audit,
• Significant findings from the audit, and
• Auditor independence.


Auditing is a vital part of accounting. Traditionally, audits were mainly associated with
gaining information about financial systems and the financial records of a company or a

Financial audits are performed to ascertain the validity and reliability of information, as well
as to provide an assessment of a system's internal control. The goal of an audit is to express
an opinion of the person / organization / system (etc.) in question, under evaluation based on
work done on a test basis.

Due to constraints, an audit seeks to provide only reasonable assurance that the statements
are free from material error. Hence, statistical sampling is often adopted in audits. In the case
of financial audits, a set of financial statements are said to be true and fair when they are free
of material misstatements – a concept influenced by both quantitative(numerical) and
qualitative factors. But recently, the argument that auditing should go beyond just true and
fair is gainingmomentum. And the US Public Company Accounting Oversight Board
hascome out with a concept release on the same.

Cost accounting is a process for verifying the cost of manufacturing or producing of any
article, on the basis of accounts measuring the use of material, labor or other items of cost. In
simple words, the term, cost audit means a systematic and accurate verification of the cost
accounts and records, and checking for adherence to the cost accounting objectives.
According to the Institute of Cost and Management Accountants of Pakistan, a cost audit is
"an examination of cost accounting records and verification of facts to ascertain that the cost
of the product has been arrived at, in accordance with principles of cost accounting.

An audit must adhere to generally accepted standards established by governing bodies. These
standards assure third parties or external users that they can rely upon the auditor's opinion on
the fairness of financial statements, or other subjects on which the auditor expresses an

The definition for Audit and Assurance Standard AAS-1 by the Institute of Chartered
Accountants of India (ICAI): “Auditing is defined as a systematic andindependent
examination of data, statements, records, operations andperformance (financial or otherwise)
of an enterprise for a stated purpose. In anyauditing situation, the auditor perceives and
recognizes the proposition beforehim for examination, collects evidence, evaluates the same
and on this basisformulates a judgment which is communicated through an audit report. An
auditis an independent examination of financial information of an entity, irrespective ofits
size and form, when such examination is conducted with a view of expressingan opinion

Integrated audits

In US audits of publicly traded companies are governed by rules laid down by the Public
Company Accounting Oversight Board (PCAOB), which was established by Section 404 of
the Sarbanes–Oxley Act of 2002. Such an audit is called an integrated audit, where auditors,
in addition to an opinion on the financial statements, must also express an opinion on the
effectiveness of a company's internal control over financial reporting, in accordance with
Auditing Standard No. 5.
There are also new types of integrated auditing becoming available that use unified
compliance material (see the unified compliance section in Regulatory compliance. Due to
the increasing number of regulations and need for operational transparency, organizations are
adopting risk-based audits that can cover multiple regulations and standards from a single
audit event. This is a very new but necessary approach in some sectors to ensure that all the
necessary governance requirements can be met without duplicating effort from
both audit and audit hosting resources.


The purpose of an assessment is to measure something or calculate a value for it. Although
the process of producing an assessment may involve an audit by an independent professional,
its purpose is to provide a measurement rather than to express an opinion about the fairness of
statements or quality of performance.


Auditors of financial statements can be classified into two categories:

External auditor / Statutory auditor is an independent firm engaged by the client subject to
the audit, to express an opinion on whether the company's financial statements are free of
material misstatements, whether due to fraud or error. For publicly traded companies,
external auditors may also be required to express an opinion over the effectiveness of internal
controls over financial reporting. External auditors may also be engaged to perform other
agreed-upon procedures, related or unrelated to financial statements. Most importantly,
external auditors, though engaged and paid by the company being audited, are regarded as
independent auditors.
Cost auditor / Statutory Cost auditor is an independent firm engaged by the client subject
to the Cost audit, to express an opinion on whether thecompany's Cost statements and Cost
Sheet are free of material misstatements, whether due to fraud or error. For publicly traded
companies, external auditors may also be required to express an opinion over the
effectiveness of internal controls over Cost reporting. These are Specialized Person called
Cost Accountants in India & CMA globally either Cost &management Accountant or
Certified management Accountants.

The most used external audit standards are the US GAAS of the American Institute of
Certified Public Accountants; and the ISA International Standards on Auditing developed by
theInternational Auditing and Assurance Standards Board of the International Federation of

Internal auditors are employed by the organizations they audit. They work for government
agencies (federal, state and local); for publicly traded companies; and for non-profit
companies across all industries. The internationally recognized standard setting body for the
profession is the Institute of Internal Auditors - IIA (www.theiia.org). The IIA has defined
internal auditing as follows: "Internal auditing is an independent, objective assurance and
consulting activity designed to add value and improve an organization's operations. It helps
an organization accomplish its objectives by bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control, and governance
processes".[5] Thus professional internal auditors provide independent and objective audit
and consulting services focused on evaluating whether the board of directors, shareholders,
stakeholders, and corporate executives have reasonable assurance that the organization's
governance, risk management, and control processes are designed adequately and function
effectively. Internal audit professionals (Certified Internal Auditors - CIAs) are governed by
the international professional standards and code of conduct of the Institute of Internal
Auditors.[6] While internal auditors are not independent of the companies that employ them,
independence and objectivity are a cornerstone of the IIA professional standards; and are
discussed at length in the standards and the supporting practice guides and practice
advisories. Professional internal auditors are mandated by the IIA standards to be
independent of the business activities they audit. This independence and objectivity are
achieved through the organizational placement and reporting lines of the internal audit
department. Internal auditors of publicly traded companies in the United States are required
to report functionally to the board of directors directly, or a sub-committee of the board of
directors (typically the audit committee), andnot to management except for administrative
purposes. As described often in the professional literature for the practice of internal auditing
(such as Internal Auditor, the journal of the IIA) or other similar and generally recognized
frameworks for management control when evaluating an entity's governance and control
practices; and apply COSO's "Enterprise Risk Management Integrated Framework" or other
similar and generally recognized frameworks for entity-wide risk management when
evaluating an organization's entitywide risk management practices. Professional internal
auditors also use Control Self-Assessment (CSA) as an effective process for performing their

Consultant auditors are external personnel contracted by the firm to perform an audit
following the firm's auditing standards. This differs from the external auditor, who follows
their own auditing standards. The level of independence is therefore somewhere between the
internal auditor and the external auditor. The consultant auditor may work independently, or
as part of the audit team that includes internal auditors. Consultant auditors are used when the
firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when
staff are not available. Risk is inherent in the decisions that an organization takes to manage
and run its business and in the business processes established to assist in the achievement of
its business objectives. Changes in the way organizations carry out their normal activities
resulting from, for example, expansion of the business or changes in the regulatory
framework, can place enormous strain on an organization’s control mechanisms and become
major sources of risk. That is why establishing, implementing and embedding effective risk
and control elements of the overall corporate governance framework are of fundamental
importance to all organizations. Internal audit can play an important assurance role in an
organization’sgovernance processes, particularly in the area of risk management and control.
In many organizations, the expectations placed upon internal audit have increased and the
function is being relied on to make a significant contribution. With the introduction of the
revised Combined Code and the Smith Guidance, audit committees are expected to take a
more focused oversight role in respect of risk management and internal control. They need
assurance from management and independently that good internal controls are in place and
operating effectively. Internal audit can contribute to independent assurance on the overall
risk management, control and corporate governance processes. It can also be a useful catalyst
for change and improvement within the organization. It is important therefore for the audit
committee to distinguish between the role of management and that of internal audit.
Management hasprimary day-to-day responsibility for managing risk and for the operation
ofinternal controls within an organization. Internal audit’s role is separate and independent
from management. ‘Independence’ has a different meaning for internal audit than it does for
external audit.(1) The internal audit function is generally considered independent when it can
carry out its work freely and objectively.

Performance Audit

Safety, security, information systems performance, and environmental concerns are

increasingly the subject of audits. There are now audit professionals who specialize in
security audits and information systems audits. With nonprofit organizations and government
agencies, there has been an increasing need for performance audits, examining their success
in satisfying mission objectives.

Quality Audits

Quality audits are performed to verify conformance to standards through review of objective
evidence. A system of quality audits may verify the effectiveness of a quality management
system. This is part of certifications such as ISO 9001. Quality audits are essential to verify
the existence of objective evidence showing conformance to required processes, to assess
how successfully processes have been implemented, and to judge the effectiveness of
achieving any defined target levels. Quality audits are also necessary to provide evidence
concerning reduction and elimination of problem areas, and they are a hands-on Management
tool for achieving continual improvement in an organization.To benefit the organization,
quality auditing should not only report nonconformance and corrective actions but also
highlight areas of good practice and provide evidence of conformance. In this way, other
departments may share information and amend their working practices as a result, also
enhancing continual improvement.

Project Management

Projects can undergo 2 types of Project audits:

Regular Health Check Audits: The aim of a regular health check audit is to understand
the current state of a project in order to increase project success.

Regulatory Audits: The aim of a regulatory audit is to verify that a project is compliant
with regulations and standards. Best practices of NEMEA Compliance Center describe that,
the regulatory audit must be accurate, objective, and independent while providing oversight
and assurance to the organization.

Energy Audits

An energy audit is an inspection, survey and analysis of energy flows for energy conservation
in a building, process or system to reduce the amount of energy input into the system without
negatively affecting the output(s).

Operation Audit

An operations audit is an examination of the operations of the client's business. In this audit
the auditor thoroughly examines the efficiency, effectiveness and economy of the operations
with which the management of the entity (client) is achieving its objective. The operational
audit goes beyond the internal controls issues since management does not achieve its
objectives merely by compliance of satisfactory system of internal controls. Operational
audits cover any matters which may be commercially unsound. The objective of operational
audit is to examine Three E's, namely Effectiveness – doing the right things with least\
wastage of resources. Efficiency – performing work in least possible time. Economy –
balance between benefits and costs to run the operations

Firm is rendering comprehensive professional services in the areas of Direct Tax, Audits -
Statutory, Internal, Tax Audits and Indirect Taxes and other Regulatory Compliances. The
firm's offices are fully equipped with modern facilities and are located in National Capital
Region Delhi. We offer initial consultation to prospective Clients who wish to discuss their
requirements in detail and consider it our privilege to be of service to you and to assist you to
add value to your portfolio.

M/s Jain &Malhotra established by CA Adesh Kumar Jain and CA Deepak Malhotra in the
year 1982, the Firms constant endeavor is to craft a premier focused professional practice
providing high quality services and integrating value added knowledge, for its people, clients
and society as a whole. Our significant experience and deep expertise ensures optimal service
delivery to our clients. Our professional approach blended with personal touch has earned the
Chartered Accountancy Firm enormous confidence of all its clients, which is reflected in an
enduring business relationship that it enjoys with them and also in the consistent growth in
portfolio of its services. We provide the clients a single window service by partners,
specializing in different subjects. We are empanelled with Comptroller & Auditor General of
India for Audit of Public Sector undertakings and with RBI for Bank audit.


Broadly, Audit involves the following :

• Indepth study of existing systems, procedures and controls for proper understanding.
Suggestions for improvement and strengthening.
• Ensuring compliance with policies, procedures and statutes.
• Comprehensive review to ensure that the accounts are prepared in accordance with
Generally Accepted Accounting Policies and applicable Accounting Standards/IFRS.
• Checking the genuineness of the expenses booked in accounts.
• Reporting inefficiencies at any operational level.
• Detection and prevention of leakages of income and suggesting corrective measures
to prevent recurrence.
• Certification of the books of account being in agreement with the Balance Sheet and
Profit and Loss Account.
• Issue of Audit Reports under various laws.

Types of Audits conducted

• Statutory Audit of Companies.
• Tax Audit under Section 44AB of the Income Tax Act, 1961.
• Audit under other sections of the Income Tax Act, 1961 such as 80HHC, 80-IA, etc.
• Concurrent Audits.
• Revenue Audit of Banks.
• Branch Audits of Banks.
• Audit of PF Trusts, Charitable Trusts, Schools, etc.
• Audit of Co-operative Socities.
• Information System Audit .
• Internal Audits.


• Accounting System Design & Implementation.

• Financial Accounting.
• Budgeting.
• Financial Reporting.
• MIS Reports.
• Financial Analysis.
• Asset Accounting Management.
• Depreciation and Amortization Schedules.

• Consultancy on various intricate matters pertaining to Income tax.

• Effective tax management, tax structuring and advisory services.
• Tax Planning for Corporates and others.
• Designing / restructuring salary structure to minimise tax burden.
• Obtaining Advance tax Rulings.
• Obtaining No Objection Certificates from Income tax department.
• Obtaining PAN for assessees, employees etc.
• Advance tax estimation and deposit.
• Assessing the liability towards deferred taxes.
• Providing regular updates on amendments, circulars, notifications & judgments.
• Filing Income Tax and Wealth Tax returns for all kinds of assessees.
• Filing Income tax returns for employees of corporate clients.
• Liaison with Income tax department for rectification, assessment, obtaining refunds
• Expertise in complicated direct tax assessments.
• Filing and pleading appeals under various provisions of IT Act.
• Special expertise in search, seizure and prosecution litigation.
• Advice on future tax implications in respect of the potential acquisition.
• Opinions on the various Double Tax Avoidance Agreement related issues.
• Settlement of various issues raised under FEMA.
Literature review

 According to (Joe Christopher , A critical analysis of the independence of the

internal audit function: evidence from Australia )

With respect to the internal audit function’s relationship with management, threats
identified include: using the internal audit function as a stepping stone to other
positions; having the chief executive officer (CEO) or chief finance officer (CFO)
approve the internal audit function’s budget and provide input for the internal audit
plan; and considering the internal auditor to be a “partner”, especially when combined
with other indirect threats. With respect to the relationship with the audit committee,
significant threats identified include CAEs not reporting functionally to the audit
committee; the audit committee not having sole responsibility for appointing,
dismissing and evaluating the CAE; and not having all audit committee members or at
least one member qualified in accounting.

 According to (Dr. Ahmad A. Abu-Musa , Information Technology and Its

Implications for Internal Auditing: An Empirical Study on Saudi Organizations)

It investigates empirically the impact of emerging information technology (IT) for the
internal auditors' activities, and to examine whether the IT evaluations performed in
Saudi organizations vary, based on evaluation objectives and/or organizational
characteristics. A survey, using a self-administered questionnaire, is conducted to
achieve these objectives. Seven hundred questionnaires were randomly distributed on
a sample of Saudi organizations located in five main Saudi cities. Two hundreds and
eighteen valid and usable questionnaires – representing 30.7% response rate – were
collected and analyzed using SPSS version 15. The results of the study revealed that
internal auditors need to enhance their knowledge and skills of computerized
information systems (CIS) for the purpose of planning, directing, supervising and
reviewing the work performed. The results of study are consistent with Hermanson et
al. (2000) that internal auditors focus primarily on traditional IT risks and controls,
such as IT data integrity, privacy, and security, asset safeguarding, and application
processing. Less attention has been directed to system development and acquisition
activities. The internal auditors' performance of IT evaluations is associated with
several factors including: the audit objective, industry type, the number of IT audit
specialists on the internal audit staff, and the existence of new CIS. The findings of
this study have important implications for managers and internal auditors. It will
enable them to better understanding and evaluating their computerized accounting

 According to (Miklos A. Vasarhelyi, The Acceptance and Adoption of Continuous

Auditing by Internal Auditors: A Micro Analysis)

The umbrella of “advanced technology” covers a range of techniques widely used in

the U.S. to provide strategic advantage in a very competitive business environment.
There is an enormous amount of information contained within current-generation
information systems, some of which is even processed on a real-time basis. More
importantly, the same holds true for actual business transactions. Having accurate and
reliable information is vital and advantageous to businesses, especially in the wake of
the recent recession. Therefore, the need for ongoing, timely assurance of information
utilizing continuous auditing and continuous control monitoring methodologies is
becoming more apparent. To that end, we have conducted interviews with 22 internal
audit managers and 16 internal audit staff members at 9 leading internal audit
organizations to examine the status of technology adoption, to evaluate the
development of continuous auditing, and to assess the use of continuous control
monitoring. We found that several companies in our study were already involved in
some form of continuous auditing or control monitoring while others are attempting to
adopt more advanced audit technologies. We also made a large number of surprising
observations on managerial, technology training and absorption, and other issues.
Within the According to the audit maturity model (Vasarhelyi et al, 2009), all of the
companies were classified between the “traditional audit” stage and the “emerging
stage”, not having yet reached the “continuous audit” stage. This paper, to our
knowledge, is the first to study CA technology adoption in a micro level by an
interview approach

 According to (MahbubZaman , Informal interactions between audit committees and

internal audit functions )

The paper finds evidence of audit committees and internal audit functions engaging in
informal interactions in addition to formal pre-scheduled regular meetings. Informal
interactions complement formal meetings with the audit committee and as such
represent additional opportunities for the audit committees to monitor internal audit
functions. Audit committees’ informal interactions are significantly and positively
associated with audit committee independence, audit chair’s knowledge and
experience, and internal audit quality.The results demonstrate the importance of the
background of the audit committee chair for the effectiveness of the governance
process. This is possibly the first paper to examine the relationship between audit
committee quality and internal audit, on the existence and driver of informal
interactions. Policy makers should recognize that in addition to formal mechanisms,
informal processes, such as communication outside of formal pre-scheduled meetings,
play a significant role in corporate governance.

 According to (Roszaini Haniffa and Mohammad Hudaib, Episodes in the

Malaysian auditing saga )

The paper concludes that the function of auditing in Malaysian society responded to
political-economic pressures over time viz. changing from maintaining the economic
policy to serve Western investors to accommodating ethnic relations, and to
strengthening the bond between local and global corporate elites and the political
leaders.Since, little is known of the professionalization process in Malaysia, our
analysis of the structural conditions during the 40 years from the achievement of
independence from the British in 1957 to just before the onset of the Asian Financial
Crisis in 1997 and our assessment of their implications for auditing contributes to
knowledge in this area. Based on documentary analysis, the paper offers a historical
account of the development of the auditing profession with reference to the dynamic
changes in its political and socio-economic environment.
 According to (Jinming Lai, Study on Innovative Mode of Accounting Talents
Training Based on “Internet Plus”)

The “Internet plus” era has provided unprecedented changes for the development of
various industries. Under the impact of “Internet”, many deficiencies in the traditional
accounting education and teaching have gradually emerged, which brings about both
opportunities and challenges for the cultivation of accounting talents in higher
vocational colleges. This paper deeply analyzes the changes of the environment for
training accounting skilled talents and the transformation of teaching mode of higher
vocational colleges. Combined with the requirements of the development of the
Internet age, we will foster the accounting talents who meet the requirements of
informatization, and gradually cultivate and form a new training mode for accounting
skilled talents.

 According to (Zehong Li , The Impact of Artificial Intelligence on Accounting )

With the rapid development of economy, science and technology, the era of artificial
intelligence has come, which has exerted a great influence on all aspects of life.
Whether the situation of accountants facing elimination is widely concerned. This
article will be focusing on how to use artificial intelligence to avoid accounting fraud
and to generate positive impact on accounting information quality, this article will
analyze how artificial intelligence will effect the accounting personnel, but decisions
can’t be made by machine, so it won’t cause a mass unemployment. The end of the
article will underline that in the big picture of artificial intelligence, accounting
personnel should improve its own seven aspects of abilities and become a
comprehensive qualified personnel.

 According to (Nuno Castanheira, Factors associated with the adoption of risk-based

internal auditing)

In planning an annual schedule of audits, the adoption of a risk-based approach is

statistically significant in international firms (p # 0.05) and companies listed on the
Portuguese stock market (p # 0.10). There is a strong (but not significant) association
between risk-based annual audit planning and entities which are private, in the finance
sector, and large. In planning each audit engagement, adoption of a risk-based
approach is correlated positively with entity size. Internal auditing is more proactive
in the implementation of ERM in smaller organizations, and is more important in the
finance industry and the private sector. A better understanding emerges of factors
associated with the adoption of risk-based auditing, together with an enhanced
appreciation of the role of internal auditing in ERM. Originality/value – The paper
reveals the specific characteristics of companies that are associated with the adoption
of risk-based approaches in the internal audit process. It is the first paper published
about risk-based internal auditing in Portugal.

 According to ( NawalKasim, ZuraidahMohdSanusi, Emerging issues for auditing

in Islamic Financial Institutions: Empirical evidence from Malaysian )
The study examines the perspective of practitioners who are involved directly and/or
indirectly with the process of shariah compliance/auditing from Islamic financial
institutions (IFIs) in Malaysia on the issues of standards for shariah auditing, auditors
qualifications and independence. The paper examines 77 self-developed
questionnaires applicable to the main issues focused by this study. The survey
questionnaires are distributed by mail or delivered in person to 85 respondents in 21
Malaysian Islamic financial institutions. It is found that Malaysian IFIs are in need of
properly guided shariah standards for shariah auditing practices. The scarce
resourceful auditors with both shariah and accounting/auditing qualifications and the
issue of self-review threat to independence may affect the reputable image of Islamic
financial institutions. The findings reinforce the importance of auditors’ qualification
and independence as currently there is no mandatory regulated professional shariah
auditor code to be in tandem with drastic growth of the IFIs. The paper offers
practical implication to regulators in providing a direction to revise the existing
standards for shariah auditing practices and to formulate a mandatory professional
governance structure for shariah auditors.

 According to (Claire Dambrin and Caroline Lambert,Mothering or auditing? The

case of two Big Four in France )

It is argued that, throughout their careers, they are confronted with a dilemma that
often leads to their being excluded and excluding themselves from the group of “those
who may become partners”. It is shown that public accounting firms place both
implicit and explicit obstacles in their way, tied to a desire to neutralise the effects,
deemed costly, of motherhood. Moreover, the expectations of the organization and
society as a whole conflict on many points and confront female auditors with a
dilemma: how to be a good mother and have a bright career? It appears that women
who want to better manage this dilemma shape working practices imposed on the
whole team and implement tactics to adapt their work-life balance (specialisation and
lateral move to staff departments). This leads to individual trajectories that break out
of the organisational model and account for the scarcity of women in the upper
management levels in audit firms.

 According to (Simon S. Gao and Jane J. Zhang , Stakeholder engagement, social

auditing and corporate sustainability)

This paper identifies a “match” between corporate sustainability and social auditing,
as both aim at improving the social, environmental and economic performance of an
organization, considering the well-being of a wider range of stakeholders and
requiring the engagement of stakeholders in the process. This paper suggests that
social auditing through engaging stakeholders via dialogue could be applied to build
trusts, identify commitment and promote co-operation amongst stakeholders and

 According to ( David Hay , The Frontiers of Auditing Research )

The introduction of independent regulation, increasing levels of globalization and

increased attention to research by regulatory bodies have drawn attention to some
research issues, especially auditors providing non-audit services; rotation of audit
firms; joint audits; and ways to provide increased competition. In addition, there are a
number of areas in which there seems to be an obvious need for auditing research, but
surprisingly little research is being done. These topics include the impact of higher-
quality auditing in developing economies, and assurance for other entities such as
charities and small companies. As more attention is now being given to auditing
research, there are opportunities in established areas of research as well.. After the
global financial crisis and the earlier round of reforms, there are many opportunities
for research, some driven by current proposals for reforms and some by fundamental
research issues. Research can contribute to the development of policy in response to
current issues. Research can also be valuable in exploring issues raised in past

 According to ( M. Krishna Moorthy , The impact of information technology on

internal auditing )

This paper evaluates the role of information technology and how it affects internal
audit process in the organization. The study also stresses on the global trend of
adopting IT system (software/ hardware) in producing a more controlled environment
in delivering the auditing process. It also constitutes on how IT affects internal control
(control environment, risk assessment, control activities, information and
communication and monitoring) and provides guidelines and best practices in
evaluating techniques available to effectively perform auditing tasks internally. It also
addresses how technology, Information system (IS) and electronic data processing
(EDP) have changed the way organizations conduct its business, promoting
operational efficiency and aid decision-making. It also spotlights many aspects of IT
risks and controls and highlights whether the right people are overseeing IT risks to
the degree they should. It demonstrates the impact of technology convergence on the
internal control mechanism of an enterprise. It emphasizes that the auditor also has a
responsibility to assure that the governance level of management (the audit committee
and board of directors) understand risks accepted by management and the liabilities
potentially transferred to board members.

 According to ( Priscilla A. Burnaby , Usage of Internal Auditing Standards by

companies in the United States and select European countries )

This paper shows the differences among Belgium, Italy, The Netherlands, the UK and
Ireland, and the USA with respect to the level of use of the Standards and compliance
with the Standards by respondents’ IAAs. There are significant levels of variation in
responses by country. For Standards 1300, Quality Assurance and Improvement
Program, and 2600, Resolution of Management’s Acceptance of Risks, respondents
indicate high levels of non-compliance. Originality/value – This study compares the
status of the use of the IIA Standards in five countries to determine if there is any
difference in application in different parts of the world.

The auditor has a responsibility to plan and perform the audit to obtain reasonable
assurance about whether the financial statements are free of material misstatement,
whether caused by error or fraud. Because of the nature of audit evidence and the
characteristics of fraud, the auditor is able to obtain reasonable, but not
absolute, assurance that material misstatements are detected. The auditor has no
responsibility to plan and perform the audit to obtain reasonable assurance that
misstatement, whether caused by errors or fraud, that are not material to the financial
statements are detected.

* The sample size is not universal , some part of other cities remained uncovered
* Unavailability of some information due of lack of awareness of retailers
* Time and expenses were major constraints
* Personal basis may be existing as the dealer of varied nature elicits the information

The project was a great experience for me in order to study the marketing aspects in
the world. It was a great opportunity for me to express what I have studied.

This industry is a place where two major players are there in the world.