Volume II Part B - Audit Checklists ASHISH

Download as pdf or txt
Download as pdf or txt
You are on page 1of 470

Audit Checklist

Audit Manual
m March 2015March
2015

Volume II
(Part-B)
Audit Checklists

52
Audit Checklist

Contents
Volume II
Part B - Audit Checklists

Guidelines for Audit Checklist ............................................................................................................... 56


Internal Audit ....................................................................................................................................... 57
1. Administration – Internal Audit .......................................................................................................... 58
2. BP Coach–Internal Audit ................................................................................................................... 65
3. Chemical – Internal Audit .................................................................................................................. 69
4. Civil – Internal Audit .......................................................................................................................... 72
5. Contracts – Internal Audit.................................................................................................................. 79
6. Crisis Management Team – Internal Audit........................................................................................ 90
7.Drilling ................................................................................................................................................ 94
7a. Technical Services (Drilling) – Internal Audit .................................................................................. 99
8.Electrical – Internal Audit ................................................................................................................. 102
9. Employee Relations – Internal Audit ............................................................................................... 106
10.ERP – Internal Audit ....................................................................................................................... 123
11. Exploration & Development (ED) – Internal Audit ......................................................................... 125
12. Field Communication – Internal Audit ........................................................................................... 130
13. Field Engineering – Internal Audit ................................................................................................. 132
14. Finance & Accounts ...................................................................................................................... 134
14.IA.1 Finance & Accounts – Asset Management ............................................................................ 134
14.IA.2 Finance & Accounts - Costing ................................................................................................ 139
14.IA.3 Finance & Accounts - Payables .............................................................................................. 142
14.IA.4 Finance & Accounts – Taxation .............................................................................................. 146
14.IA.5 Finance & Accounts – Treasury ............................................................................................. 149
14.IA.6 Finance & Accounts – Financial Planning & Analysis ............................................................ 156
14.IA.7 Finance & Accounts – JV Operated ....................................................................................... 161
14.IA.8 Finance & Accounts – JV Non Operated ................................................................................ 166
14.IA.9 Finance & Accounts – Financial Reporting ............................................................................ 171
14.IA.10 Finance & Accounts – Payroll ............................................................................................... 175
14.IA.11 Finance & Accounts – Receivables ...................................................................................... 178
14.IA.12 Finance & Accounts – Insurance .......................................................................................... 182
15. Geology & Reservoir – Internal Audit............................................................................................ 185
16. Geophysics – Internal Audit .......................................................................................................... 187
17. Human Resources ........................................................................................................................ 189

53
Audit Checklist

18. Information Technology …………………………………………………..........................................206

19. Instrumentation – Internal Audit .................................................................................................... 210


20. Land – Internal Audit ..................................................................................................................... 212
21. Learning & Development – Internal Audit ..................................................................................... 219
22. Legal – Internal Audit .................................................................................................................... 223
23. LPG Plant - Internal Audit ............................................................................................................. 227
24. Materials Management – Internal Audit ........................................................................................ 229
25. Medical – Internal Audit................................................................................................................. 249
26. Pipe Line Fields – Internal Audit ................................................................................................... 255
27. Planning – Internal Audit ............................................................................................................... 257
28. Production Gas – Internal Audit .................................................................................................... 260
29. Production Oil – Internal Audit ...................................................................................................... 265
30. Production Projects – Internal Audit .............................................................................................. 269
31. Projects – Internal Audit ................................................................................................................ 272
32. Public Relations and Corporate Communication – Internal Audit ................................................. 277
33. Research Development – Internal Audit ....................................................................................... 282
34. Safety Environment – Internal Audit ............................................................................................. 284
35. Security – Internal Audit ................................................................................................................ 286
36. Transport – Internal Audit.............................................................................................................. 292
37. Well logging – Internal Audit ......................................................................................................... 297
38. Business Development – Internal Audit ........................................................................................ 299
39. Corporate affairs – Internal Audit .................................................................................................. 302
40. Secretarial – Internal Audit ............................................................................................................ 306
41. Centre of Excellence – Internal Audit............................................................................................ 309
42. PHQ OIL Movement – Internal Audit ............................................................................................ 312
43. PHQ Pipeline – Internal Audit ....................................................................................................... 315
44. PHQ – Pump Stations – Internal Audit.......................................................................................... 318
45. Kolkata Shipping Office – Internal Audit ....................................................................................... 321
46. Wind Energy – Internal Audit ........................................................................................................ 327

Technical Audit ................................................................................................................................. 329


3. Chemical – Technical Audit............................................................................................................. 330
4. Civil – Technical Audit ..................................................................................................................... 335
5. Contracts – Technical Audit ............................................................................................................ 339
7. Drilling – Technical Audit................................................................................................................. 343
7a. Technical Services (Drilling) – Technical Audit ............................................................................. 350
8. Electrical – Technical Audit ............................................................................................................. 354
11. Exploration & Development (ED) – Technical Audit ..................................................................... 359
12. Field Communication – Technical Audit........................................................................................ 366

54
Audit Checklist

13. Field Engineering – Technical Audit ............................................................................................. 370


15. Geology & Reservoir – Technical Audit ........................................................................................ 376
16. Geophysics – Technical Audit ....................................................................................................... 386
19. Instrumentation – Technical Audit ................................................................................................. 391
20. Land – Technical Audit.................................................................................................................. 395
23. LPG Plant - Technical Audit .......................................................................................................... 397
24. Materials Management- Technical Audit....................................................................................... 406
26. Pipe Line Fields – Technical Audit ................................................................................................ 411
27. Planning – Technical Audit............................................................................................................ 418
28. Production Gas – Technical Audit ................................................................................................. 421
29. Production Oil – Technical Audit ................................................................................................... 442
30. Production Projects – Technical Audit .......................................................................................... 459
31. Projects – Technical Audit............................................................................................................. 467
33. Research Development – Technical Audit .................................................................................... 472
34. Safety Environment – Technical Audit .......................................................................................... 476
36. Transport – Technical Audit .......................................................................................................... 481
37. Well logging – Technical Audit ...................................................................................................... 484
38. Business Development – Technical Audit..................................................................................... 490
42. PHQ OIL Movement – Technical Audit ......................................................................................... 492
43. PHQ Pipeline – Technical Audit .................................................................................................... 496
44. PHQ – Pump Stations – Technical Audit ...................................................................................... 501
46. Wind Energy – Technical Audit ..................................................................................................... 505

ERP ..................................................................................................................................................... 507


10. ERP – ERP ................................................................................................................................... 508
18. Information Technology – ERP ..................................................................................................... 512
24. Materials Management- ERP ........................................................................................................ 519

Part C - Risk Control Matrices 522-555

55
Audit Checklist

Guidelines for Audit Checklist


1. The checklists are guidelines and should be used after analyzing the applicability of the same
during audits. In case a department has multiple sections, the relevant steps from the checklists
have to be used for all sections.
2. SAP T-codes provided are standard. In case of any SAP customization, customized T-codes to be
used after discussion and understanding with process owners.
3. Audit should be conducted by utilizing SAP data and functionality. However, in case manual
controls are present, then manual checks should be reviewed.

Sampling Methodology

Minimum sample size


Frequency of control activity Example
Risk of failure
Lower Higher
Annual Physical Verification of
Annual 1 1
Inventory
Quarterly (including period- end,
1+1 1+1
i.e., +1)
Monthly provisioning of
Monthly 2 3
expenses
Weekly 5 8
Daily 15 25 Daily closing of cash book
Recurring manual control
25 40 Vouching
(multiple times per day)

Note: Sample sizes stated above may be increased in following scenarios:


1 Failure by more than 10% in existing sample selected.
2 An increase in the internal auditor’s assessment of the risk of material misstatement
3 An increase in the amount of error which the internal auditor expects to find in the population
4 An increase in the internal auditor’s required confidence level

56
Audit Checklist

Internal Audit

57
Audit Checklist

1. Administration – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
Equipment/ vehicle/ Company owned flats management
2 and maintenance
3 Regulatory and statutory compliance
Contracts monitoring
1. Vehicle contracts
2. Civil & Electrical, Security and Labor Contracts
4 3. Any other contracts
5 Accommodation
6 Administration activities
7 Hospitality services such as hotels, car vendors etc.
8 Loans and benefits
9 Medical benefits
10 Logistics & stay
11 Liaison and boundary management
12 Complaints management
13 PR tracking
14 Creation of Service Entry Sheet (SES)
15 Manpower planning

58
Audit Checklist

1. IA.1 Planning, Budgeting & Monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Automated/Manual
1. Check whether the annual plan of administration department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview such as accommodation,
maintenance of guest house, medical facilities, vehicles, housekeeping, security, holiday homes
etc.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments.
b. Inclusive of all the related costs
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

1. IA.2.1 Equipment / vehicle / Company owned flat management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Verification
Risk Low utilization
Nature of Control Automated / Manual
1. Check whether the utilization of equipment/ vehicle/ company owned flat is reviewed regularly.
Use T-Code IE03 and enter equipment number for equipment/vehicle and manually check the
records for company owned flats.
2. Check whether there is a maintenance schedule (preventive/regular) for equipment/vehicle/
company owned flat and its compliance. Use T-Code IP24 and enter equipment number to get
maintenance schedule for equipment/vehicle and manually check the records for company owned
flats.
3. Check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment/ vehicle/ company owned flat is done.
4. Check whether monitoring is done for compliance to OEM guidelines.

1. IA.2.2 Equipment / vehicle / Company owned flat management and maintenance


Control Objective Ensure adequate and timely building maintenance
Nature of Work Step Verification
Risk No maintenance or delays in maintenance.
Nature of Control Automated/ Manual
1. Check whether CPWD maintenance manual is used for reference for miscellaneous maintenance.
2. Check whether a control is maintained on the AMCs that exist with different vendors for
maintenance of other air conditioning systems (other than indoor Acs). Use T-Code ME2S/ME3N
to verify AMC using AMC number.
3. Check if there is inadequate maintenance or high cost of maintenance.
4. Check whether AMC is done and renewed as and when due.

59
Audit Checklist

1.IA.2.3 Equipment / vehicle / Company owned flat management and maintenance


Control Objective Preventive maintenance of vehicles is scheduled to avoid excessive
breakdowns
Nature of Work Step Verification
Risk Excessive breakdowns.
Nature of Control Manual / Automated
1. To check whether periodic servicing is performed. Use T-Code IP24 and enter equipment
number to see maintenance schedule.
2. Check whether management’s approval is taken and quotations are obtained so as to maintain
the proprietary vendor’s servicing schedule.
3. Check that the preparation time taken by civil department is not exceeding defined time limit.
4. To understand the process of stacking of location and identify gaps.
5. Check whether G&R department is timely intimated in case, the specified coordinates cannot be
stacked.
6. Check whether LAF-2 is timely approved and sent to the G&R department along with the
required estimate for civil job.
7. Check whether cost estimate is prepared by the department before submission of LAF-2.

1.IA.3 Regulatory and statutory compliance


Control Objective Adherence to applicable Rules and Regulationss
Nature of Work Step Verification
Risk Initiation of penal action by concerned authorities.
Nature of Control Manual
1. Check whether there is compliance framework to monitor or track compliance required under
various law/Acts applicable to the Company.
2. Verify whether compliance of applicable rules/provisions e.g. Minimum Wages Act 1948,
Employees' State Insurance Act 1948 are monitored periodically.
3. Check whether non compliance to the requirements is reported to the management periodically
for further action.
4. Check whether there is compliance of statutory requirements by contractors.
5. Check whether statutory compliance reports are submitted.

1.IA.3.1 Compliance to contracts


Control Objective Completeness of PR raised and Timely renewal of contracts
Nature of Work Step Verification / Analysis
Risk 1.IA.Incomplete PR.
2. Delays in renewal.
Nature of Control Manual / Automated
1. Check whether the PR is raised as per the process mentioned in Contracts Manual/JOA/PSC with
appropriate approvals. Use T-Code ME5A and enter plant code and period to generate list of
service related PR created during the audit period.
2. Check whether PR is accompanied with minimum details as required by Contract Manual such as
detailed of scope, amount of approved estimated cost, budget provisions & management
approvals, detailed technical specifications, Schedule of quantities, the approved BRC/BEC,
nature (revenue or capital or special revenue), date by which the award of contract is required
and time for completion of work are specified in the PR. Use T-Code ME53N and enter PR
number to view details pertaining to specific PR.
3. For renewal cases check timeliness for raising the PR.

60
Audit Checklist

1.IA.3.2 Compliance to contracts


Control Objective Compliance to contract is ensured
Nature of Work Step Verification/Analysis
Risk Non-compliance to contractual terms.
Nature of Control Manual/ Automated
1. Use T-Code ME23N or ME2S to view details of the contracts issued by entering PO number or
contract number respectively.
2. Check the adherence to different contractual terms.
3. Take samples to cover Vehicle Contracts, Civil & Electrical, Security and Labor Contracts or any
other contracts entered by administration department.
4. Check whether all contractor's bills have been certified as per the contractual terms.
5. Check Service Entry Sheets (SES) have been created in SAP for the services received -
Timeliness and Accuracy.

1.IA.5 Accommodation
Control Objective To verify that allotment of quarters are made according to eligibility criteria.
Nature of Work Step Verification
Risk Non compliance to internal policy and procedure may lead to employee
dissatisfaction.
Nature of Control Manual
1. Obtain a list of flats allotted during the audit period. For a sample, check the eligibility criteria.
2. Check compliance to laid down Policies Application form for allotment of colony quarters.
3. Obtain Designation, date of joining OIL, date of joining region / Project and check whether
allotment of accommodation is as per the eligibility criteria.
4. Obtain the waiting list of people awaiting allotment and review aging of the same.
5. Check that no out of turn allotments have been made without approval of competent authority.
6. Compare the waiting list with the list of vacant flats available to check whether any allotments
could have been made.
7. Report discrepancies found, if any.

1.IA.6 Administration Activities


Control Objective Effective implementation of activities (in-house/outsourced)
Nature of Work Step Verification
Risk Inefficiency in implementation.
Nature of Control Manual
1. Check whether checklists are available to monitor the in-house/outsourced activities.
2. Check whether there is efficiency in the services provided by the contractors is as per the
contractual terms.
3. Check whether control is kept on the cost of services.
4. Check whether the cost of running and maintenance of DG sets or any other administration
utilities are monitored.

61
Audit Checklist

1.IA.7 Hospitality services such as hotels, car vendors etc.


Control Objective Effective implementation of activities
Nature of Work Step Analysis / Verification
Risk Inefficiency in implementation.
Nature of Control Automated / Manual
1. Check whether the processing of vendor bills is correct. MIR4 can be used to display the posted
invoice and the same will be reflected in purchase order history of a purchase order which can
be referred via T-Code ME23N.
2. Check whether there is payment to vendors is equivalent to the amount due, to ensure there is
no overpayment / duplicate payment. Use T-Code FBL1N and enter vendor code.
3. Check that selection of vendor with higher rates does not take place.

1.IA.8 Loans and benefits


Control Objective Compliance to the policies
Nature of Work Step Verification
Risk Non compliance to internal policy and procedure may lead to employee
dissatisfaction.
Nature of Control Manual
1. Check the processing of authorized loans / allowances.
2. Check that applications received are complete and as per eligibility criteria.
3. Check that application received is supported by required documents.
4. Check whether a formal checklist is maintained for all the steps during processing of loans.
5. Check the process of receiving application, its processing and review of pending applications.
6. Check whether all documentation is maintained in loan file as required by policy, subsequent to
disbursement.
7. Check the incidents wherein non recovery of loans has taken place.
8. Check whether timely Management approval is taken.

1.IA.9 Medical benefits


Control Objective Compliance to the policies
Nature of Work Step Verification
Risk Non compliance to internal policy and procedure may lead to employee
dissatisfaction.
Nature of Control Manual
1. Check whether processing of bills is as per the defined policy and criteria.
2. Check the processing time taken and if measures are undertaken to minimize it.
3. Check that applications received are correct and supported by required documents.
4. Ensure that application is not misplaced during transit of correspondence.
5. Check whether proper follow up is done with employee's parent department and medical
department.
6. Check whether the payment of charges is covered by Company's policy.
7. Check whether confirmation from the concerned hospital is obtained timely.
8. Check whether management approval is taken timely.

62
Audit Checklist

1.IA.10 Logistics and stay


Control Objective Compliance to the policies
Nature of Work Step Verification
Risk Non compliance to internal policy and procedure may lead to employee
dissatisfaction.
Nature of Control Manual
1. Check that no ticket of higher cost has been booked and appropriate process exists for
comparing fares and obtaining approvals as per policy.
2. Check whether refundable tickets are booked wherever possible.
3. Check whether there is a policy for accommodation/ car rental etc.
4. Ensure that hotels/guest houses/cabs booked are as per the policy and within the allocated
price band.
5. Ensure that all requisitions for logistics and stay are raised as per policy and approved as per
DOP.
6. Check the number of incidents where cancellation charges have been paid and whether these
incidents are monitored and controlled.

1.IA.11 Liaison and boundary management


Control Objective Timely liasoning with authorities for VIP movement and public functions at
OIL.
Nature of Work Step Verification
Risk Disputes / incidents.
Nature of Control Manual
1. Check whether information is timely received.
2. Check if there is adequate intra-departmental correspondence.
3. Check whether timely liasoning is done with District and Police Administration.
4. Check whether management approval is obtained timely.

1.IA.12 Complaints management


Control Objective Effective complaints resolution and handling
Nature of Work Step Verification
Risk Employee dissatisfaction.
Nature of Control Manual
1. Check whether steps are undertaken to minimize grievances.
2. Check whether grievances are addressed properly.
3. Check whether timely action is taken for Grievance disposal.
4. Check whether timeline is set for every stage of grievance process.
5. Analyze open complaints and reasons of their delays.

63
Audit Checklist

1.IA.13 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.IA.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

1.IA.14 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

1.IA.15 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

64
Audit Checklist

2. BP Coach–Internal Audit
Scope
Audit Areas
1 Need identification
2 Trainings - planning & execution
3 Planning & administration
4 PR tracking
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

65
Audit Checklist

2.IA.1 Need Identification


Control Objective To ensure employees and organizational development
Nature of Work Step Verification
Risk Gap in employees and organizational development.
Nature of Control Manual
1. Check the periodicity of conducting BP Coach training and whether schedule has been developed
as per the training requirements.
2. Check whether option of self nomination is provided to employees for trainings and the same is
being used effectively for skill upgradation.
3. Check if the nominations for training is based on the need assessment and duly approved by
HOD.

2.IA.2 Training – planning and execution


Control Objective To develop employee soft skills and all around development
Nature of Work Step Verification / Analysis
Risk Untrained Employees.
Nature of Control Automated / Manual
1. Check whether training calendar have been formulated for the year / quarter.
2. Check whether training calendar is prepared on the basis of need identification and organizational
requirements considering the long term goals.
3. Check if the training calendar is approved as per the DOA.
4. Check whether the training plan is communicated and circulated well in advance.
5. Check whether all the trainings are conducted as per the plan.
6. Check any deviations from the defined calendar are approved and communicated in advance.
7. Check whether the training feedback is obtained, analyzed and considered for future planning.
8. Check if process of evaluating the training benefits is followed.
9. Check the list of actual participants with the registered participants. Use T-Code S_PH9_46000433.
10. Check if there are employees who have not been nominated for training for long period and
conduct reason analysis for same.
11. Check if the absences from training are properly documented and required approvals are obtained
by the employee for not attending the training. Use T-Code S_AHR_61016216.
12. Check whether any root cause analysis is being carried out for low participation level in the
trainings.
13. Check the process of identification, selection and payment to trainers. Use T-Code MIR4, FBL3N.
14. Check if the training feedback is used to rate the trainer and use it effectively for future planning.

66
Audit Checklist

2.IA.3 Planning and administration


Control Objective To ensure appropriate cost of the Trainings.
Nature of Work Step Verification / Analysis
Risk Difference in Planned Vs Actual
Nature of Control Automated/ Manual
1. Verify the actual vs. budgeted amount sanctioned for the trainings. Use T-Code
S_ALR_87011761.
2. Analyze the root cause for any significant variation in the budget Vs actual.
3. Check whether the expenses incurred by the department are in adherence to the documented
company policy. Use T-Code MIR4, FBL3N.
4. Check on sample basis if the expenses are supported with adequate approvals and evidences.
Use T-Code MIR4, FBL3N.
5. Analyze the root cause for excess fund utilization than sanction for trainings.
6. Check whether the succession planning has been done for Coaches.

2.IA.4 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

67
Audit Checklist

2.IA.5 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

2.IA.6 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

68
Audit Checklist

3. Chemical – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Planning, preparation and maintenance of drilling fluid
3 Sampling and testing of mud/cement
4 Sampling and testing of chemicals
5 Environment, health and safety compliance
6 Creation and release of purchase requisition
7 Issuance of chemicals/spares items/storage
8 Equipment management and maintenance
9 Buy vis a vis hiring of chemicals/ equipments
10 Creation of Service Entry Sheet (SES)
11 Certification of bills of vendor
12 Manpower planning

69
Audit Checklist

3.IA.1 Planning, Budgeting & Monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check whether the annual plan of chemical department is complete and all-
inclusive to cover the requirements of equipment and manpower.
2. Check whether annual plan is timely prepared and approved by competent authority as per DOP.
3. Use T-Code KSBL (version management feature) to check whether any amendment in annual
plan is approved by competent authority as per DOP.
4. Use T-Code S_ALR_87013558 to check whether budget is made as per the annual plan and is
inclusive of all the related costs.
5. Check whether the budget is timely prepared and approved as per DOP.
6. Use T-Code S_ALR_87013558 to check whether all the supporting w.r.t budget approvals are
uploaded in SAP.
7. Check whether the budget is sufficiently adequate i.e. correct budgeting is being done.
8. Use T-code S_ALR_87013532 to obtain the overall budgeted and actual figures and use T-code
CJ31, CJ33 to obtain the project specific details. Check whether actual expenses are monitored /
compared with planned expenses on periodic basis.
9. To check whether there is adequate monitoring and supervision of activities.

3. IA.2 Creation and release of purchase requisition


Control Objective Timely procurement of chemicals/spares
Nature of Work Step Verification / Analysis
Risk 1. Raising of PRs without routing through SAP.
2. Non-reviewing of pending and open PRs in the SAP.
Nature of Control Manual / Automated
1. Use T-code ME5A/ME53N to check whether PR is raised as per Purchase/Contract policy
manual.
2. Use T-code ME53N to check whether the PR for spares/materials/jobs is raised timely.
3. To check whether proper specifications are mentioned while creating a PR.
4. To check whether approvals for PR, issue of spares/materials and conducting jobs is taken as per
DOP.
5. To conduct lead time analysis between PR initiation and its release. Ensure there is reasoning
analysis done for delays.
6. To check whether there is a process of reviewing pending PRs and its follow up process with
Contracts/Material Management.
7. To check whether all PRs are raised through SAP.
8. To verify month wise trend for consumption.

70
Audit Checklist

3.IA.3 Buy vis a vis hiring of equipment's / Buying of chemicals


Control Objective Exploring the best option available
Nature of Work Step Verification / Analysis
Risk 1. Inappropriate documentation.
2. No formal contract for chemicals.
Nature of Control Manual / Automated
1. Use T-Code ME2N/ME2L/ME2M to check whether PO exists for chemicals.
2. To check whether adequate documentation exists w.r.t cost benefit analysis.
3. To check whether specifications exists for chemicals / equipment for floating tender and
competitive bidding.
4. To check whether cost benefit analysis is done for buying vis a vis hiring of equipment.

71
Audit Checklist

4. Civil – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 EHS Compliance
3 Creation and release of purchase requisition
4 Survey (Fields and Projects)
5 Cost estimate
6 Design plan
7 Operations
8 Contracting of civil services
9 Field activities
10 Escalation
11 Issuance of equipment/spares items and storage
12 Equipment management and maintenance
13 Buy vis a vis hiring of civil equipment or tools
14 Creation of Service Entry Sheets (SES)
15 Certification of RA bills of vendor
16 Complaints (Township)
17 Miscellaneous activities
18 PR tracking
19 Manpower planning

72
Audit Checklist

4. IA.1 Planning, Budgeting & Monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check whether the annual plan of fields/township/projects section is
complete and all-inclusive to cover the requirements of equipment and manpower. Review the
process for financial closing in line with documented procedures.
2. Check whether annual plan is timely prepared and approved by competent authority as per DOP.
3. Check whether line plan preparation has been done adequately (letter from planning
department, formation of siting committee etc.).
4. Use T-Code KSBL to check whether any amendments in annual plan are approved by competent
authority as per DOP.
5. Use T-Code S_ALR_87013558 to check whether budget is made as per the annual plan and is
inclusive of all the related costs.
6. Check whether the budget is timely prepared and approved as per DOP.
7. Use T-Code S_ALR_87013558 to check whether all the supporting w.r.t budget approvals are
uploaded in SAP.
8. Check whether the budget is sufficiently adequate i.e. correct budgeting is being done.
9. Use T-code S_ALR_87013532 to obtain the overall budgeted and actual figures and use T-code
CJ31, CJ33 to obtain the project specific details. Check whether actual expenses are monitored /
compared with planned expenses on periodic basis.
10. Check whether there is adequate monitoring and supervision of activities.

4. IA.2 EHS Compliance


Control Objective Statutory Compliance
Nature of Work Step Verification
Risk 1. Non-compliance to statutory laws leading to legal hurdles.
2. Non- adherence to government rulings creating a risk on market reputation.
Nature of Control Manual
1. Check whether all the environmental clearances, if applicable (forest land, tea garden land etc.)
are applied for timely.
2. Check whether there is a follow up mechanism for internal/external approvals to ensure
timeliness.
3. Check whether civil work is initiated only after the EC has been obtained.
4. Check whether statutory safety procedures are complied with at the site by conducting surprise
visit.
5. Check whether SOP procedures as per Company policy are complied by conducting surprise
checks.
6. Check whether there is a process of monitoring compliance to SOP and statutory safety and
environmental requirements.
7. Check whether there is exists a documented review for monitoring of EHS compliance and the
same is approved as per DOP.
8. Check whether there is statutory compliance by the contractors.

73
Audit Checklist

4. IA.3 Creation and release of purchase requisition


Control Objective Timely procurement of stores/spares
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Non-completion of PR raised in various aspects.
3. Inadequate monitoring of Open PRs.
Nature of Control Automated/ Manual
1. Use T-code ME5A for list of PRs and ME53N for checking the details of PR. Check whether PR is
raised as per Purchase/Contract policy manual.
2. Check whether PR is raised as per the estimations of the approved drawings/ adoption of
approved schedule of rates (SOR).
3. Check whether inventory levels for stock items are monitored and intimation is sent timely to
the Materials department for procurement.
4. Check whether the PR raised is aligned with the design/plan approved for the particular job.
5. Check whether the PR for spares/materials/jobs is raised timely.
6. Check whether approvals for PR, issue of spares/materials (MB23) and conducting jobs is taken
as per DOP.
7. Conduct lead time analysis between PR initiation and its release. Ensure there is reasoning
analysis done for delays.
8. Check whether there is a process of reviewing pending PRs and its follow up process with
Contracts/Material Management.
9. Check whether proper specifications are mentioned while creating a PR.
10. Check whether market rate analysis is conducted for items and is duly vetted by the competent
authority.
11. Check whether all PRs are raised through SAP.
12. Check whether PRs are raised within the budgetary limits allocated to the department and
approvals on PRs are obtained as per DOP. Use T-Code S_ALR_87013558 to view the budget.
13. Check whether there is a maker checker control for preparation and release of PR.
14. Check whether the survey of the land coordinates for prospective drilling area as defined by
G&R, in LAF-1, is carried out timely.

74
Audit Checklist

4. IA.4 Cost Estimate


Control Objective Appropriate cost of services, adequate approvals
Nature of Work Step Verification
Risk 1. Inappropriate approvals.
2. Incorrect cost estimate calculation.
Nature of Control Manual
1. Check whether estimate received by LAF 2 is released to LAF 3 and geology department for
budget approval.
2. Check whether cost estimate is all-inclusive to cover the requirements of equipment and
manpower and are aligned with the approved plan and designs.
3. Check whether approvals on cost estimates are obtained as per DOP.
4. Check whether actual expenses are monitored / compared with planned expenses on periodic
basis.
5. Check whether root cause analysis is performed in case of cost overrun and is approved as per
DOP.
6. Check whether the cost estimated is timely amended and approved as per DOP, in case of any
changes in the civil plan.
7. Check whether quotations are obtained and analyzed while doing cost estimation.
8. Check whether the design/plan for preparation of site is exhaustively prepared including all
timelines and details like composition of materials, specifications w.r.t area, width and height,
foundation type, torsion reinforcement etc.
4. IA.5 Operations
Control Objective Effective execution of civil activities, adequate monitoring
Nature of Work Step Verification/Analysis
Risk 1. Inadequate monitoring.
2. Non effective execution of Civil Activities.
Nature of Control Manual/ Automated
1. Use T-code ME5A for list of PRs and ME53N for checking the details of PR. Check whether
requisition raised by the user department for initiation of civil work at identified location is
raised timely.
2. Check whether the requisition raised by the user department is approved as per DOP.
3. Check whether all the requests for civil work are made through SAP.
4. Check whether there is a process of recording the manual/verbal requests received from
departments/residents.
5. Check whether the manual/verbal requests are completed as per the timelines mentioned in
the requisitions.
6. Check whether root cause analysis is performed for any delays w.r.t completion of work and
steps for improvement are initiated.
7. Check whether there is a process of monitoring the date of requisition as against date of
initiation of civil activity.
8. Check whether root cause analysis is performed for any delays in initiation of civil activities.
9. Check whether the execution of work is monitored regularly and any delay are reported to the
concerned authority.
10. Check whether timelines are monitored in carrying out each defined activities of civil plan.
11. Ensure that there is timely processing of PR.
12. Ensure that project completion monitoring is done.
13. Ensure that planning of work is done to avail fair weather conditions.
14. Check whether adequate quality control testing is done for civil jobs as defined in the contract.
Ensure testing and quality certificates are submitted along with SES.

75
Audit Checklist

4. IA.6 Contracting of civil services


Control Objective Quality of work, timely completion
Nature of Work Step Verification / Analysis
Risk 1. Late completion of project.
2. Non-compliance to contractual/Statutory requirements.
Nature of Control Automated / Manual
1. Use T-code ME5A for list of PRs and ME53N for checking the details of PR. Check whether
purchase requisition for procurement of service is done post release of estimation from LAF 3.
2. Check whether the efficiency and quality of work carried out by the sub-contractor is timely
monitored.
3. Ensure that there is timely availability of skilled workforce.
4. Check whether a progress report is prepared for the same and submitted to appropriate
authority.
5. Check whether permits to mobilize labor are timely available and any delays are substantiated
sufficiently.
6. Check that there is adherence to planned schedule.
7. Check whether the consumption of materials issued to contractors are monitored.
8. Check whether deductions are made from contractor’s payment in case of any breach of
compliances or wastage of material issued to him. Use T-Code FBL1N.
9. Check whether the compliance of statutory requirements as applicable on the contractor are
monitored periodically as defined in the contract.
10. Conduct a walkthrough of certification of Running Account (RA) bills of vendor. Use T-Code
FBL1N.
11. Check that allocation of work to contractors is without bias (Misc. civil contracts).
12. Ensure that there is compliance to contractual terms.
13. Ensure that awarding of contracts is routed through contracts department.

4. IA.7 Field Activities


Control Objective Timelines
Nature of Work Step Verification
Risk 1. Delay in preparation and handing over of site.
2. Delay in awarding and finalization of contracts.
Nature of Control Manual
1. To ensure that there are no delays in preparation and handing over of site.
2. To ensure that there are no delays in processing tenders, awarding and finalization of contracts.

76
Audit Checklist

4. IA.8 Escalation
Control Objective Tracking of escalation clause, applying accounting principles
Nature of Work Step Analysis / Verification
Risk 1. Non-adherence to escalation clause.
2. Non-adherence to applicable Generally accepted accounting principles
(GAAPs).
Nature of Control Automated / Manual
1. Check whether the escalation in price of materials, in case on inclusive contracts is as per the
terms mentioned in the Contract and as per the defined procedures of the Contracts Manual.
2. Check whether escalation invoice is raised separately or a separate component in invoice is
created and the same is approved as per DOP.
3. Use T-code ME2S to check whether provisions on account of escalation clause is made in the
books of account and necessary amendment is carried out in the contract, duly approved as per
DOP.

4. IA.9 Buy vis a vis hiring of civil equipment or tools


Control Objective Exploiting the best option available
Nature of Work Step Verification
Risk Extra cost to the Company.
Nature of Control Manual
1. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or tools.

4.IA.10 Certification of RA bills of vendor


Control Objective Authorized payment, no duplicity payments
Nature of Work Step Analysis / Verification
Risk 1. Unauthorized payments.
2. Duplicate payments.
Nature of Control Automated/Manual
1. Conduct a walkthrough of certification of Running Account bills of vendor.
2. Check whether vendor's RA invoices are paid only after proper supporting documents have been
verified and approval is taken as per DOP. Use T-Codes FBL1N to view vendor ledger.
3. Check whether deductions are made from contractor’s payment in case of material issuance for
inclusive contracts.
4. Check whether the certification of bills is correct. Ensure that there is no over payment/
duplicate payment/ unauthorized payment to the vendors. Use T-Codes FBL1N.
5. Check whether advance payment made to the vendor is adjusted while making payment of
invoice, if applicable. Use T-Codes FBL1N, MIR4.
6. Check whether payment is made only against liability created in SAP.

77
Audit Checklist

4.IA.11 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

4. IA.12 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

78
Audit Checklist

5. Contracts – Internal Audit


Scope
Audit Areas
1 Purchase requisition and budget
2 Procurement
3 Cost estimate
4 Invitation for Bidding (IFB) in case of open bidding
5 Sale of bidding document
6 Pre-bid conference
7 Bidding process
8 Relaxation of standard terms and conditions
9 Open bidding
10 Limited bidding/ Single bidding
11 Receipt of bid
12 Opening of bid
13 Preliminary examination and comparison of bids
Evaluation of bids, preparation of Tender Committee Resolution
14 (TCR) and award & signing of the contract
Commencement of work and issue of work order and monitoring of
15 work
16 Liquidated damages
17 Retention money
18 Extension of contract period
19 Variation in contract
20 Extra / Substituted items
21 Escalation
22 Payment
23 Closure of contract
24 Performance appraisal
25 Bid security
26 Performance guarantee
27 Monitoring of lead times from PR to awarding of contract
28 PR tracking
29 Creation of Service Entry Sheet (SES)
30 Manpower planning

79
Audit Checklist

5.IA.1 Purchase requisition and budget


Control Objective Budgetary monitoring, adequate information readily available for
procurement, accuracy in accounting, compliance to DOP.
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Non compliance to DOP.
Nature of Control Automated/Manual
1. Check whether the PR is raised as per the process mentioned in Contracts Manual. Use T-Code
ME5A to view the list of PRs and use ME53N and enter the PR number to view the PR in SAP.
2. Check whether receipt of purchase requisitions from user departments is done through SAP,
SRM & Hard Copy. The relevant T-code in SAP- ME53N, ME5A.
3. Check whether requisite approvals (BEC/BRC approval) are obtained. The relevant T-code in
SAP- ME53N, ME5A.
4. Use T-Code S_ALR_87013558 to see the sanctioned budget and check whether PRs are raised
within the budgetary limits allocated to the department and approvals on PRs are obtained as
per DOP. The relevant T-code in SAP- ME53N, ME5A.
5. Check whether PR is accompanied with minimum details as required by Contract Manual such as
detailed of scope, amount of approved estimated cost, budget provisions & management
approvals, detailed technical specifications, Schedule of quantities, the approved BRC/BEC. The
relevant T-code in SAP- ME53N, ME5A.
6. Check whether nature (revenue or capital or special revenue), date by which the award of
contract is required and time for completion of work are specified in the PR. The relevant T-code
in SAP- ME53N, ME5A.
7. If invitation of bid is to be done on limited bid/single bid/proprietary single bid /emergency bid
basis, Check PR is approved accordingly as per defined DOP. The relevant T-code in SAP- ME53N,
ME5A.
8. Check whether PRs raised are completed in order to avoid delays due to incompleteness /
incorrectness of PR. The relevant T-code in SAP- ME53N, ME5A.
9. Check whether there is a maker checker control for preparation and release of PR. The relevant
T-code in SAP- ME53N, ME5A.
10. Check whether pending purchase requests are reviewed and necessary actions/follow ups are
done internally or externally. The relevant T-code in SAP- ME53N, ME5A.
11. Use T-Code S_ALR_87013558 Check whether technical/budget sanction is as per the Contract
Manual and approved as per the defined DOP.

5.IA.2.1 Procurement
Control Objective Procurement in done as per Purchase and Contracts Manual
Nature of Work Step Verification
Risk 1. Unauthorized procurement.
2. Delays in procurement.
Nature of Control Manual / Automated
1. Check whether procurement is within the defined budgetary limits. Use T-Code ME2N to view
the list of Contract/Work Orders and use T-Code ME33K,ME23N, and enter the Contract/Work
Order Number to view the sample Contract/Work Order. Ensure that Contract/Work Order
raised have a PR against it and are approved as per DOP.
2. Ensure that there is no unauthorized procurement due to processing of unapproved
Contract/Work Order. The relevant T-code in SAP- ME2N, ME33K, ME2S.
3. Ensure that there is a process of monitoring of emergency Contract/Work Order's. The relevant
T-code in SAP- ME2N, ME33K, ME2S.
4. Ensure that procurement of materials/ services is routed through contracting department. Use T-

80
Audit Checklist

Code ME5A to view the list of PRs and check whether they are routed correctly. Use T-Code
ME2S Check the services received against Contract/Work Order.
5. Ensure that there is no delay in contracting of urgent requirements. The relevant T-code in SAP-
ME23N, ME2N.
6. Check whether there is delay in procurement due to processing of incomplete/unapproved
indents. The relevant T-code in SAP- ME5A, ME23N.

5.IA.2.2 Procurement
Control Objective Materials / services are not procured on piece-meal basis to avoid a tendering
process.
Nature of Work Step Verification
Risk 1.Finalization of order on uncompetitive terms & conditions.
2. Unauthorized procurement of material / services.
Nature of Control Manual
1. Obtain list of purchase orders / service orders released during the review period. ME2N/ME3N.
2. Analyze and check if there is repetitive procurement of any material / service with a short span
of time.
3. Obtain the reason for not clubbing the requirements to achieve economy of scale.

5.IA.2.3 Procurement
Control Objective Any work order/contract is not awarded to any black listed vendor
Nature of Work Step Verification
Risk 1. Finalization of order on uncompetitive terms & conditions.
2. Delay in procurement of material / services which may result in disruption
of operations.
3. Procurement of material / services which do not match the requirement.
Nature of Control Automated / Manual
1. Obtain the list of black listed vendors. Use SAP T-Code SE16N (LFA1 Table) to get list of vendors
for posting block and purchasing block.
2. Generate a report ME2N,ME3N, ME33K for the period giving list of work orders / contract
awarded during the review period.
3. Analyze these reports to verify if any work orders / contract is given to any blacklisted vendor,
after the date of blacklisting.

5.IA.2.4 Procurement
Control Objective Adequate taxes have been paid on the procurement of goods / services
Nature of Work Step Verification
Risk Statutory non compliance leading to penal consequences.
Nature of Control Automated / Manual
1. Use Transaction ME2N /ME3N to see the list of work orders/contracts.
2. Check the work orders/contracts for correct taxes as per the applicable rates.
3. Check if any taxes have been put in line items of the contract/work order. Report deviations if
any.
4. Obtain the reason for exceptions and report the same.

81
Audit Checklist

5.IA.3 Cost Estimate


Control Objective Appropriate cost of services, adequate approvals
Nature of Work Step Verification
Risk Inadequate approvals.
Nature of Control Manual
1. Check whether cost estimate is prepared by the user department before raising a PR. Use T-
Code KSBL to view the cost estimate if maintained in SAP.
2. Check whether approvals on cost estimates are obtained as per DOP. The relevant T-code in
SAP- KSBL.
3. Check whether cost estimate prepared by user department is vetted by Vetting Committee or
by the concerned L-4 officer as required by Contract Manual. The relevant T-code in SAP- KSBL.

5.IA.4 Invitation for Bidding (IFB) in case of open bidding


Control Objective Competitive bidding, completeness of tender document, safeguarding
interest of the Company.
Nature of Work Step Verification
Risk 1. Unfair bidding process.
2. Legal Implication.
Nature of Control Manual
1. Check whether invitation for bidding is floated in local/state/national newspapers as per nature
and value of the contract defined in Contract Manual.
2. To ensure the issue of NIT in Press / Float Limited Tender / E-Tender.
3. Check whether copies of newspaper are documented in contract file.
4. Use T-Code ME43/ME4L (By vendor)/ME4M (By material) /ME4S (By Tender number) to check
whether completeness of the tender document inviting bids (whichever applicable) is ensured
in terms of its content e.g. serial numbering of tender documents, BEC/BRC criteria, standard
terms and conditions, brief description of the requirement, bid sale closing date, date for pre-
bid conference, IFB No. and date, the cost of the bid document, hosted website security
amount to be paid etc. as mentioned in the Contracts Manual.
5. Check whether for open bidding, advertisement is published on OIL notice board, vernacular
daily or national daily as per the value of the contract as mentioned in the Contracts Manual.

5.IA.5 Sale of bidding document


Control Objective Accuracy in amount received through sale of bid document
Nature of Work Step Verification
Risk Inadequate process of collection of money raised through bid document.
Nature of Control Automated / Manual
1. Check whether a bid document fee is charged for the sale of bid documents as per the Contracts
Manual.
2. Verify that the sale of bid document is recorded in the bid register along with their address,
cheque number and whether the bidder is a Government Department or registered with NSIC.
The SAP T/Codes for checking tender fee amount and tender received is ZMMTENFEE3 /
ZMMTENDER3.
3. Check whether appropriate supporting are taken from the bidders exempted from paying the
bid document fee i.e. Government Department or registered with NSIC.
4. Check whether the total amount collected from sale is reconciled with the total number of bid
documents sold.
5. Verify that the proper accounting of the tenders sold and unsold is done. Use T-Code FBL3N and
enter the GL where the tender sale amount is booked. Check whether the amount booked is

82
Audit Checklist

reconciled with the number of bid documents sold.


6. Verify that no sale of bid document is done after last day of tendering.
7. Check whether there is a process of monitoring the collections made through sale of bid
document w.r.t the bid documents sold.
8. Check whether reconciliation between money collected and total number of bid documents
sold is done.

5.IA.6 Bidding Process


Control Objective Competitive bidding, compliance to contract manual
Nature of Work Step Verification
Risk 1. Non-compliance to Purchase manual.
2. Inappropriate approvals.
Nature of Control Manual
1. Check whether two part-bid system (Un-priced Technical Bid and Price Bid separately) is used as
required in Contract manual (for all the works/services costing more than Rs. 100 Lakhs / as
mentioned in Contracts Manual or any addendums).
2. Check whether in the two bid system, the price envelope is opened only after opening of
technical bid and opening of price bid is approved as per DOP.
3. Check whether only the bids that have been quoted within the time period as specified in the
bid document are considered as valid.

5.IA.7 Open bidding


Control Objective Timely bidding, allowing eligible vendors for bidding, time bound bidding
Nature of Work Step Verification
Risk 1. Delay in contract finalization leading to operational delays.
2. Finalizing order on non-competitive terms.
Nature of Control Automated / Manual
1. Check whether open bidding is done as per the guideline in the Contract Manual.
2. Check whether adequate vendor selection has been done in compliance to procurement
policies and procedures (incl. tendering). Ensure that quotations are received from at least 2
vendors or more as per Contracts Manual. For a single quotation, ensure that proper policy
guideline like bid extension etc. mentioned in Contracts Manual is followed.
3. Check for delay from the date of PR release, with the date of manual tender / e-tender and
reasons are recorded for delay. The relevant T-code in SAP- ME53N, ME5A.
4. Check whether the bidders are allowed to bid on SRM server only after receipt of tender fee, if
applicable.
5. Check whether the bidding process is open only till the time period mentioned as per the
Contracts Manual.
6. Other relevant T-codes are ZMMTENDER3, ME43, ME4L and ME4M.

5.IA.8 Limited Bidding / Single Bidding


Control Objective Compliance to DOP, availing emergency services, time bound bidding
Nature of Work Step Verification
Risk Non adherence to purchase manual
Nature of Control Automated/Manual
IA / TA IA
1. Check whether there is a process to maintain a database with details of all the contracts made
through single tender contract and reasons are provided for the same.
2. Check whether approvals are obtained as per DOP for entering into the selected method of
bidding.

83
Audit Checklist

3. Check whether for single bid, either the certificate for emergency approved by DOP or the
proprietary certificate is present.
4. Check whether the bidding process is open only till the time period mentioned as per the
Contracts Manual.
5. Check whether the emergency services are regularized timely and as per the process mentioned
in Contracts Manual. The relevant T-code in SAP- ME23N, ME2S, ME33K.

5.IA.9.1 Receipt of Bid


Control Objective Segregation of duties, Bids in lock in key
Nature of Work Step Verification
Risk Insecurity of bids.
Nature of Control Manual
1. Check whether the bids are deposited by the bidders in the Tender Box kept at the designated
office of OIL, or handing them over to the officer in charge of receiving the bids in case the
numbers of bids are voluminous.
2. Check whether tender box is always kept locked by two locks and key of one lock is under
custody of Head-Contracts and key of other lock is with the designated officer of F&A
department.
3. Check whether bids received by ordinary/Regd. Post/personally are handed over to receiving
Section and recorded in a register maintained at receiving section.
4. Check whether E-mail / fax / telex / telegraphic/telephonic bids are accepted in cases other than
OEM/Proprietary cases on single bidding.
(The steps will have to be modified as per the nature of tender.)

5.IA.9.2 Receipt of bids


Control Objective Segregation of duties, Bids in lock in key
Nature of Work Step Verification
Risk Insecurity of bids.
Nature of Control Manual
E-tender (for tenders above 25 lakhs or the limit defined / revised time to time)
1. Check whether access rights to e-tender portal are given to bidder only on receipt of tender fees
(whether online payment or DD payment). Check whether tender fees details are recorded in a
register. In e-tender portal, tender can be searched using SAP tender no. in strategic sourcing in
e-portal.
2. Check only authorized personnel of contract department have access to allot access rights to e-
tender portal.
3. Check whether any bids have been submitted after the last date of bid submission.
4. Ensure that bids cannot be opened before the designated dates. User ids and password of two
personnel (example- one person from contract department and another from finance) should
be required for opening the bid.
5. Check availability of log for activities performed in the portal.

5.IA.10 Opening of bid


Control Objective Tracking of bid documents
Nature of Work Step Verification
Risk Inadequate documentation.
Nature of Control Manual
1. Check whether the attendees presented at the time of opening the bids are only bidders /
authorized representative of bidders and their signature is taken against the bidder's name in a
proper format as per contract manual.

84
Audit Checklist

2. Check whether the bids received are serially numbered and envelops are preserved.
3. Check whether the officers present at the time of opening of Bid have signed against the name
of firms whose bid has been received.
4. Check whether Certificate of compliance and bid security are furnished by the bidders.

5.IA.11 Preliminary examination and comparison of bids


Control Objective Implementation of maker checker control
Nature of Work Step Analysis / Verification
Risk Non-implementation of maker checker control.
Nature of Control Automated / Manual
1. Check whether the particulars of the bids are recorded in a bid opening register.
2. Check whether both the technical and commercial evaluations reports submitted by Indenting
and Contract department respectively, are vetted by Finance. The relevant T-code in SAP-
ME49, ZMMTCRENTRY3, ZMMTCR & ZMMME49.
3. To ensure that the cost of procurement is controlled due to effective negotiation/ accurate
comparison of commercial bid submitted.
4. Check whether final evaluation report is prepared by bid evaluation committee.

5.IA.12 Evaluation of bids, preparation of Tender Committee Resolution (TCR) and award &
signing of the contract
Control Objective Selection of competent contractor
Nature of Work Step Verification
Risk Non-adherence to the set process.
Nature of Control Manual
1. Check whether the bid evaluation committee has completed the evaluation of the bids as per
evaluation criteria, technical and commercial evaluation reports, BEC/BRC including bidder’s
qualification requirements and cost compensating the deviations taken by the bidders with
proper data support.
2. Check whether evaluation report of the bid evaluation committee is placed before the
competent authority within the defined date as per Contracts Manual.
3. Check whether completeness of the award proposal prepared as per the terms mentioned in
the Contracts Manual.
4. Check whether the same is approved and communicated to the bid winner within the bid
validity period. The relevant T-code in SAP- ME23N, ME33K. For further analysis, one can use T-
Code ME2L to view all the contracts with a specific vendor.
5. Ensure that appropriate commercial terms are agreed in the contract, which are in the best
interest of OIL. The relevant T-code in SAP- ME23N, ME2L, ME33K.
6. Ensure that ratification of the contract is done by the legal department.
7. Check whether the detailed contract is signed within defined date as per Contracts Manual. The
relevant T-code in SAP- ME23N, ME2L, ME33K.

5.IA.13 Liquidated Damages


Control Objective Safeguard interest of the Company
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Automated / Manual
1. Check whether LD (liquated damage) has been charged as per the contract terms. The relevant
T-code in SAP- ME23N, ME2S, ME33K.
2. Use T-Code FBL1N to see vendor ledger for which details are required. Thereafter, filter the
lines relevant for analysis.

85
Audit Checklist

3. In case LD was not levied, check for necessary approvals.

5.IA.14 Retention Money


Control Objective Safeguard interest of the Company
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Automated / Manual
1. Check whether the retention money is retained / released as per terms of the Contract. The
relevant T-code in SAP- FBL1N, ME33K.
2. Check whether adequate approvals are obtained as per DOP before release of retention money.

5.IA.15 Extension of contract period


Control Objective Recording of justification in case of extension and approval as per DOP
Nature of Work Step Verification
Risk 1. Inadequate justification.
2. Non-compliance to DOP.
Nature of Control Automated / Manual
1. Check whether the extension of the contract period and waiver of liquidated damage are
approved as per DOP. The relevant T-code in SAP- ME23N, ME2S,ME33K.
2. Check whether reasons for extension of contract period are recorded and any further actions
are taken as required.
3. Check whether in case any Approving committee finds it necessary to revise its own earlier
decision of imposing liquidated damages and to waive recovery thereof, ensure approval of the
next higher authority is obtained as per DOP.

5.IA.16 Variation
Control Objective Appropriate payment on account of variations
Nature of Work Step Analysis / Verification
Risk Inappropriate payments.
Nature of Control Automated / Manual
1. Check whether variation of the stipulated quantities of individual items in the contract is
approved by Competent Authority preferably before allowing such variation but in exceptional
case within a period not later than the time specified in Contracts Manual. The relevant T-code
in SAP- ME23N, ME33K.2. Check whether the rates payable in respect of individual items in the
contract are as per the contract rates/OIL Schedule of rates (SOR). The relevant T-code in SAP-
ME23N, ME33K, FBL1N. Use T-Code MIR4 to view logistics vendor invoice.

5.IA.17 Escalation
Control Objective Tracking of escalation clause, Applying accounting principles
Nature of Work Step Analysis / Verification
Risk 1. Non-compliance to escalation clause.
2. Non-compliance to Generally accepted accounting principles (GAAP).
Nature of Control Automated / Manual
1. Check whether the escalation is as per the terms mentioned in the Contract and as per the
defined procedures of the Contracts Manual. The relevant T-code in SAP- ME23N, ME33K,
FBL1N, MIR4.
2. Check whether escalation invoice is raised separately or a separate component in invoice is
created and the same is approved as per DOP. The relevant T-code in SAP- ME23N, ME33K,
FBL1N, MIR4.

86
Audit Checklist

3. Check whether provisions on account of escalation clause are made in the books of account.
The relevant T-code in SAP- FBL3N.

5.IA.18 Payment
Control Objective Accuracy in payment, avoiding any duplicate payment
Nature of Work Step Analysis / Verification
Risk 1. Duplicity of payments.
2. Inaccurate payments.
Nature of Control Automated / Manual
1. Check whether the payment is made as per the payment terms mentioned in the Contract and
approved as per DOP. The relevant T-code in SAP- FBL1N.
2. Check whether the Contractor submits invoice(s) as per the contract, with all required
supporting documents and details of the said work. The relevant T-code in SAP- ME23N, ME33K,
FBL1N, MIR4.
3. Check whether the user department takes approval for the invoice as per DOP within 15 days of
receipt of invoice. In case of any discrepancies, user department must inform the contractor
within 15 days else the invoice is considered fit for payment processing. The relevant T-code in
SAP- ME23N, ME33K, FBL1N, MIR4.
4. Check whether payment of invoice within 30 days of its receipt is released after deducting
statutory taxes/liquidated damages, etc. The relevant T-code in SAP- FBL1N.
5. Check whether the payment is made only against SAP liability created. The relevant T-code in
SAP- FBL1N.
6. Check whether accurate reporting/ processing of information w.r.t to tender fee, bid security,
PBG is done. The relevant T-code in SAP- FBL1N, MIR4, ME23N,ME33K, ZMMTENFEE3.
7. Check whether the payment is remitted to the Contractor's bank account and the details of the
same are communicated to the Contractor.

5.IA.19 Closure of contract


Control Objective Full and final settlement before closure of contract
Nature of Work Step Verification
Risk Closure before full & final settlement.
Nature of Control Automated / Manual
1. Check whether before closing of a Contract the following has been ensured:
a. Satisfactory completion of the work.
b. Payment reconciliation, Stores reconciliation, No dues/claims certificate from the Heads of
Department concerned and payment of final bill for the work.
c. Satisfactory completion of defects liability period, return of Security Deposit/Retention
Money/ performance Security. The relevant T-code in SAP- ME3N, ME33K, ME23N, MB5S,
FBL1N, ML84.

5.IA.20 Bid Security


Control Objective Assuring collection or return of bid security as per Contract Manual
Nature of Work Step Verification
Risk Non compliance to Contract Manual.
Nature of Control Automated / Manual
1. Check whether Bid security is obtained as specified in the bid document. The relevant T-code in
SAP- FBL1N, FBL3N & ZMMTENDER3, AMM_TEND2PR
2. Check whether reconciliation is done between the bid documents sold with the amount
received for sale. The relevant T-code in SAP- FBL5N, FBL3N.
3. Check whether bid security is only received in the form bank guarantee, bank draft or banker's

87
Audit Checklist

cheque. The relevant T-code in SAP- FBL1N, FBL3N.


4. Check whether exemption of bid security has been made in compliance to the Contract Manual.
5. Check whether bid security is returned to the bid winner only after performance security has
been received. The relevant T-code in SAP- FBL1N, FBL3N.

5.IA.21 Performance guarantee


Control Objective Assuring collection or return of performance guarantee as per Contract
Manual
Nature of Work Step Verification
Risk Non compliance to Contract Manual.
Nature of Control Automated / Manual
1. Check whether the performance bank guarantee is collected timely from the bidder as per the
Contract & validity is as per the contract. The relevant T-code in SAP- FBL1N, FBL3N.
2. Check whether the performance guarantee is returned only after NOC is received from the user
department and warranty obligations have been fulfilled. The relevant T-code in SAP- FBL1N,
FBL3N, ME33K.
3. Check whether in case of invocation of performance security, proper reasoning is done and
approval is taken as per DOP.
4. To ensure that non performance due to non receipt of required bid/performance guarantees
has not occurred. The relevant T-code in SAP- FBL1N, FBL3N, ME33K.
5. Check whether performance security is not returned if order for invocation is passed. The
relevant T-code in SAP- FBL1N, FBL3N.
6. Check that where contract validity has been extended, validity of the PBG has been accordingly
extended or not.

5.IA.22 Monitoring of lead times from PR to awarding of contract


Control Objective Timely award of contracts
Nature of Work Step Analysis / Verification
Risk Delays in finalizing contracts.
Nature of Control Automated / Manual
1. Check whether the time taken in converting PR to Contract for each stage is being monitored by
Contracts Department.
2. Analyze the lead time taken for each stage from PR to contract and report the cases of
exceptional delays.

5.IA.23 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

88
Audit Checklist

5.IA.24 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

89
Audit Checklist

6. Crisis Management Team – Internal Audit


Scope
Audit Areas
1 Planning
2 Budgeting
3 Incident recording
4 Acquisition of assets
5 Operations
6 PR tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower planning

90
Audit Checklist

6.IA.1 Planning
Control Objective Adequate planning, Effective monitoring over plan, Compliance to DOP
Nature of Work Step Analysis / Verification
Risk Inadequate planning.
Nature of Control Automated/Manual
1. Check whether the crisis management plan, incident management plan and blowout
management plan is complete.
2. Check whether such plan is approved by competent authority as per DOP KSBL.
3. Check whether any amendments in such plan are approved by competent authority as per DOP.
4. Check whether actual expenses are monitored / compared with planned expenses on periodic
basis against such plan. The T-code reference for reports/verification is S_ALR_87013532.

6.IA.2 Budgeting
Control Objective Adequate budget planning, effective monitoring over expenses, compliance
to DOP
Nature of Work Step Verification / Analysis
Risk Inadequate budget planning.
Nature of Control Automated / Manual
1. Check whether the annual budget is complete and all-inclusive Cover the requirements of
equipment and infrastructure.
2. Check whether annual budget is approved by competent authority as per DOP. The T-code
reference for reports/verification is CJ31, CJ33, S_ALR_87013558.
3. Check whether any amendments in annual budget are approved by competent authority as per
DOP. The T-code reference for reports/verification is CJ31, CJ33, S_ALR_87013558.
4. Check whether actual expenses are monitored / compared with planned budget on periodic
basis. The T-code reference for reports/verification is S_ALR_87013532.

6.IA.3 Incident recording


Control Objective Crisis identification
Nature of Work Step Verification
Risk Non identification of crisis.
Nature of Control Manual
1. Check how many incidents have been termed as 'Crisis'.
2. Check whether the meeting is called by Resident Chief Executive (RCE) in case a situation is
identified to be out of control by operation in charge.
3. Check whether authority lies with RCE to declare the situation as crisis.

6.IA.4 Acquisition of assets


Control Objective Purchase of equipment, timeliness, manpower
Nature of Work Step Verification
Risk Assets are not acquired as per the requirement.
Nature of Control Manual / Automated
1. Check whether equipment have been acquired for the purpose of crisis management. The T-
code reference for reports/verification is IH08.
2. Check whether there is adequate equipment and manpower to handle crisis situation.
3. Check that equipment have been acquired post requisite approvals.

91
Audit Checklist

6.IA.5 Operations
Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Ineffective implementation of activities.
Nature of Control Manual
1. Check whether timeliness is observed while arranging equipment from outer agency like ONGC.
2. Check support from external sources (e.g. ONGC etc.) is received on time.
3. Check whether readiness testing has been done for the CMT scenario.
4. Check the frequency of visit of CMT team at site.
5. Check whether there is timely response to crisis.

6.IA.6 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

6.IA.7 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

92
Audit Checklist

6.IA.8 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

93
Audit Checklist

7. Drilling
Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Inter-location movement
3 Drilling operations
4 Creation and release of purchase requisition (PR)
5 Issuance of materials/spares items
6 Certification of bills of vendor
7 Environment, health and safety compliance
8 Buy vis a vis hiring of well equipment/rigs
9 Equipment management and maintenance
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

94
Audit Checklist

7.IA.1.1 Planning, Budgeting & Monitoring


Control Objective Adequate planning, Effective monitoring over annual plan, Compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inadequate planning and budgeting.
2. Inappropriate approvals.
3. Over expenditure and utilization.
Nature of Control Automated/Manual
1. Use T-Code KSBL to run the cost center planning report and create a planning overview for all the
cost centers.
2. Check whether the annual plan of drilling department is complete and all-inclusive to cover the
requirements of equipment, manpower etc.
3. Ensure that there is alignment of the drilling plan with the overall work program.
4. Check whether annual plan is approved by competent authority as per DOP.
5. Check whether any amendment in annual plan is approved by competent authority as per DOP.
6. Check whether there are frequent changes in testing plan by production department leading to
ineffective rig time utilization.
7. Ensure that appropriate inputs are received for cost allocation process and well cost
reconciliation process.
8. Use T-code S_ALR_87013558 for budgeted figures and Check that there is planning and
monitoring of cost & effort involved in drilling of wells (recording and monitoring against
standards in SOP).
9. Use T-code S_ALR_87013532 to obtain the overall budgeted and actual figures and use T-code
CJ31, CJ33 to obtain the project specific details. Check whether actual expenses are monitored /
compared with planned expenses on periodic basis.
10. Check whether adequate manpower planning is done and request is sent to HR.
11. Check whether timely follow-up is done with HR for ensuring availability of required manpower.

7.IA.1.2 Planning, Budgeting & Monitoring


Control Objective To ensure that a 5 year, annual and TDP (tentative) drilling plan is prepared in
advance.
Nature of Work Step Verification
Risk Long term plan preparation in absence of adequate approvals.
Nature of Control Manual
1. Obtain the 5 year plan for field and projects.
2. To validate that the following have been approved and considered by the concerned process
owners prior to finalization of the 5 year plan:-
a. Fixed Development plan for the next 5 years
b. Approved feasibility reports
c. Expected feasibility reports in the next 5 years.
3. Verify that the planned v/s actual are being tracked.
4. Report deviations if any.

95
Audit Checklist

7.IA.1.3 Planning, Budgeting & Monitoring


Control Objective To verify the presence of an approved drilling plan
Nature of Work Step Verification
Risk Absence of comprehensive drilling plan which may impact planned
operations.
Nature of Control Manual
1. Obtain and review the 5 year plan.
2. Verify if adequate drilling resource planning and requirement is being done in line with the 5
year plan in advance.
3. Obtain and review the annual drilling plan for the field and projects.
4. Verify that adequate approvals are in place prior to finalization of the annual drilling plan.
5. Review the approved criteria for prioritizing the wells.
6. Verify that the wells shortlisted in the approved annual drilling plan are high priority wells.

7.IA.1.4 Planning, Budgeting & Monitoring


Control Objective To verify the adherence of drilling plan.
Nature of Work Step Analysis / Verification
Risk Lack of planned v/s actual tracking and root cause analysis leading to delay in
production and loss of revenue.
Nature of Control Manual / Automated
1. Obtain the annual drilling plan.
2. Verify whether the tracking of planned v/s actual drilling is being done.
a. Check Drilling Activity (Plan vs. Actual) for Fiscal Year, OR
3. b. Wells completed till date during the fiscal year.
4. Review approvals for deviations if any.
5. Verify that a root cause analysis is conducted and approved.
6. Review the action taken post root cause analysis and validate that adequate changes have been
made to the plan.

7.IA.1.5 Planning, Budgeting & Monitoring


Control Objective To verify if the Well Completion Report is duly approved and the same is
prepared as per guidelines
Nature of Work Step Verification
Risk Well completion report prepared in the absence of adequate approvals and
guidelines.
Nature of Control Manual
1. Obtain a sample of WCRs for different wells and verify if the WCRs are approved by the
concerned departmental heads and prepared as per approved guidelines.

7.IA.1.6 Planning, Budgeting & Monitoring


Control Objective To verify that a process of cost benefit analysis is carried out before hiring of
rigs
Nature of Work Step Verification
Risk Risk of financial loss and non-achievement of targets.
Nature of Control Manual
1. Obtain the list of Chartered hired rigs.
2. Understand the process of rig chartering.
3. Verify that chartering of rig is supported by detailed cost benefit analysis considering all
prospective costs that will be incurred.

96
Audit Checklist

4. Ensure that a detailed comparative has been done do justify chartered hiring of rigs.
5. Verify that the sanctioning for charter hiring of rigs has been obtained as per DOP.

7.IA.1.7 Planning, Budgeting & Monitoring


Control Objective To verify that the rig hiring contracts are complete in terms of various
specifications and terms & conditions as required by rigs in order to perform
required operations.
Nature of Work Step Verification
Risk Risk of dispute and non-performance by supplier.
Nature of Control Manual
1. Refer to signed hard copy of rig contracts.Refer to signed hard copy of rig contracts.
2. Check that the contracts are complete and include the following aspects:
a. Bid evaluation criterion.
b. Facilities to be provided either free of cost or on chargeable basis.
c. Optimum mix of manpower.
d. Type of rig required.
e. Optimum selection of scheduled rates of payment (either meterage or rig day basis).

7.IA.1.8 Planning, Budgeting & Monitoring


Control Objective To verify whether a constant monitoring and evaluation is carried out for the
outsourced rigs.
Nature of Work Step Verification
Risk Non performance of chartered hired rigs leading to higher costs.
Nature of Control Manual
1. Obtain the contract documents for chartered hired rigs.
2. Check if the performance of the external contractor is being measured in line with the agreed
benchmarks set for them.
3. Document and report on the inefficiencies in the operations/ services, if any and check whether
such inefficiencies are adjusted in subsequent payments through keeping proper record of the
operations.

7.IA.2 Creation and release of purchase requisition (PR)


Control Objective Timely procurement of stores/spares.
Nature of Work Step Analysis / Verification
Risk 1. Delay in procurement.
2. Unauthorized request for procurement.
Nature of Control Automated / Manual
1. Use T-code ME5A for list of PRs and ME53N for checking the details of PR. Check whether PR is
raised as per Purchase/Contract policy manual.
2. Check whether the PR for spares/materials/jobs is raised timely.
3. Check whether approvals for PR, issue of spares/materials and conducting jobs is taken as per
DOP.
4. Conduct lead time analysis between PR initiation and its release. Ensure there is reasoning
analysis done for delays.
5. Check whether there is a process of reviewing pending PRs and its follow up process with
Contracts/Material Management.
6. Check whether proper specifications are mentioned while creating a PR.
7. Check whether all PRs are raised through SAP.

97
Audit Checklist

7.IA.3 Buy vis a vis hiring of well equipment/Rigs


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk Financial loss.
Nature of Control Automated / Manual
1. Use T-code KSBL for running the cost center planning report and create a planning overview for
all the cost centers.
2. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment / rigs.
3. Check whether laid down procedures are followed while hiring of equipment/rigs.
4. Use T-code IE03,IK07, IK17 for displaying equipment and equipment status, list of measure
points and corresponding measuring documents searching by maintenance plant respectively.
Check whether constant monitoring and evaluation is carried out for the outsourced
equipment/Rigs.
5. Ensure that there is compliance of the terms of the contract with the rig leasing company.
6. Use T-code ML84 for obtaining the list of service entry sheets. Check whether terms and
conditions agreed in contract are followed by the contractors while execution of drilling
activities.

7.IA.4 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

98
Audit Checklist

7a. Technical Services (Drilling) – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 TS drilling operations
3 Creation and release of purchase requisition (PR)
4 Issuance of materials/spares items
5 Certification of bills of vendor
6 Environment, health and safety compliance
7 Buy vis a vis hiring of servicing equipment
8 Equipment management and maintenance
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

99
Audit Checklist

7a.IA.1 Planning, Budgeting & Monitoring


Control Objective Adequate planning, Effective monitoring over annual plan, Compliance to DOP
Nature of Work Step Analysis / Verification
Risk Inadequate planning and monitoring.
Nature of Control Automated/Manual
1. Check whether the annual budget of TS drilling department is complete and all-inclusive to cover
the requirements of equipment, manpower etc. Use T-codes KSBL.
2. Check whether annual budget is approved by competent authority as per DOP. Use SAP T-code
KSBL.
3. Check whether any amendment in annual budget is approved by competent authority as per
DOP. Use T-code KSBL.
4. Check whether actual expenses are monitored / compared with planned expenses on periodic
basis. Use T-code KSBL.

7a.IA.2 Creation and release of purchase requisition (PR)


Control Objective Timely procurement of stores/spares
Nature of Work Step Verification / Analysis
Risk Delay in procurement of stores and spares.
Nature of Control Automated/ Manual
1. Check whether PR is raised as per Purchase/Contract policy manual. SAP T-codes ME5A to obtain
the list of PR generated, ME53N to see the specific sample PR and ME5J to view PRs for projects.
2. Check whether the PR for spares/materials/jobs is raised timely. SAP T-codes ME5A, ME53N,
ME5J.
3. Check whether approvals for PR, issue of spares/materials and conducting jobs is taken as per
DOP. SAP T-codes ME5A, ME53N, ME5J to be used.
4. To conduct lead time analysis between PR initiation and its release. Ensure there is reasoning
analysis done for delays. T-codes ME5A, ME53N, ME5J.
5. Check whether there is a process of reviewing pending PRs and its follow up process with
Contracts/Material Management. Use T-codes ME5A, ME53N, ME5J.
6. Check whether proper specifications are mentioned while creating a PR. Use T-codes ME5A,
ME53N, ME5J.
7. Check whether all PRs are raised through SAP. Use T-codes ME5A, ME53N, ME5J.

7a.IA.3Buy vis a vis hiring of servicing equipment


Control Objective Exploiting the best option available
Nature of Work Step Verification/Analysis
Risk Inefficient Monitoring and utilization of Equipment.
Nature of Control Manual/ Automated
1. Check whether cost benefit analysis is done for buying vis a vis hiring of servicing equipment.
Use T-codes KSBL.
2. Check whether laid down procedures are followed while hiring of servicing equipment. Use T-
codes IW33, IW39.
3. Check whether constant monitoring and evaluation is carried out for the outsourced servicing
equipment. Use T-codes IW39 and IW73.
4. Check whether terms and conditions agreed in contract are followed by the contractors while
execution of servicing of drilling/work over equipment. Use SAP T-codes ME5A, ME53N.

100
Audit Checklist

7a.IA.4 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.
5. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
6. Ensure manpower requisition forms are raised timely and approved as per DOP.
7. Check whether there is a follow up process in place to ensure timely conversion of MPR.

101
Audit Checklist

8. Electrical – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory compliances
3 PR tracking
4 Creation of Service Entry Sheet (SES)
5 Manpower planning
6 Statutory compliances
7 Distribution
8 Operations
9 Maintenance
10 SOP compliance
11 Services - Operations
12 Safety
13 Training to workers
14 Security
15 Statutory compliances
16 Tools, spares and other expenses
17 HSE compliances

102
Audit Checklist

8.IA.1 P&A - Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of electrical department is complete and all-inclusive to cover
the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments.
b. Inclusive of all the related costs
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering WBS element / cost center to check whether actual
expenses are monitored / compared with planned expenses on periodic basis.

8.IA.2 P&A - Statutory Compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Non Compliance to various Statutory requirements.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

8.IA.3 P&A - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

103
Audit Checklist

8.IA.4 P&A - Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

8.IA.5 Distribution - Statutory compliances


Control Objective To ensure compliance to various statutory requirements.
Nature of Work Step Analysis / Verification
Risk Statutory Non-Compliance.
Nature of Control Manual
1. Check that a checklist is maintained for all statuary compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.
5. Report needs to be viewed manually as there is no checklist available in SAP as a standard
solution.

8.IA.6 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - SOP compliance
Control Objective Compliance of SOP
Nature of Work Step Analysis / Verification
Risk Non compliance to SOP.
Nature of Control Manual
1. Check that company has a well-defined SOP for servicing.
2. Check that all process is being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same. Analyze its
reasonability and quote.
4. Check that ISO standards have been met with.

8.IA.7 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - Security
Control Objective To minimize risk of thefts and prevent financial losses
Nature of Work Step Verification
Risk 1. Theft
2.Financial Losses
Nature of Control Manual
1. Check that management has identified critical areas in terms of thefts.
2. Check the management has a plan of action to stop any theft.
3. Check that CCTV's are in place to track any such case and is monitored by a security person.
4. Check any major theft reported during the audit period.

104
Audit Checklist

8.IA.8 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - Statutory Compliances
Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory Non Compliance.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

8.IA.9 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - HSE compliances
Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non Compliance to HSE Laws.
Nature of Control Manual
1. Check that all HSE norms are complied with.
2. Check that health of workers is not compromised on any count.
3. Check that adequate safety measures are available within the premise and workers are adhere
to the same.

105
Audit Checklist

9. Employee Relations – Internal Audit


Scope
Audit Areas
1 Appraisal policy and process
2 Appraisal process
3 Eligibility and approvals
4 Written examination
5 Recent promotions
6 Employee interaction and communication
7 Raising requisitions
8 Mode of recruitment
9 Recruitment notice
10 Evaluation process
11 Finalization of selection and pre-joining formalities
12 Contract employees
13 Joining process
14 Recruitment expenses
15 Legal/ Vigilance/ RTI
16 Planning and administration
17 Contracting for services
18 Quality of services
19 Allotment of company quarters & maintenance
20 Manpower planning
21 Budgeting
22 Reimbursements for expenses
23 Loans & advances
24 PF Loan / Withdrawal
25 Maternity Leave / Special Leave
Final settlement of dues to nominees of deceased
26
employee
27 Payroll - processing and disbursement
28 Statutory compliance
29 Grievance management system
30 Employee separation
31 Job rotation and transfer
32 Labor union
33 PR tracking
34 Creation of Service Entry Sheet (SES)

106
Audit Checklist

9.IA.1 Appraisal Process - Appraisal Policy and Process


Control Objective Clearly defined policy and process to be followed
Nature of Work Step Analysis / Verification
Risk Non Compliance to policy
Nature of Control Manual/ Automated
1. Check that policy for Promotion is available and duly authorized. Check whether annual plan is
timely prepared and approved by competent authority as per DOP.
2. Check if there exists a Company policy for Performance Management System (PMS)/ Appraisal in
the Company.
3. Use T-Code APPSEARCH to view the Reporting Options for Appraisals. Check if the process of
Performance Management System (PMS) clearly defines the timelines, authority and protocols
to be followed for PMS.
4. Use APPSEARCH to check the eligibility criteria's defined for promotions for all grades.

9.IA.2 Appraisal Process


Control Objective Adherence to defined and transparent appraisal process
Nature of Work Step Analysis / Verification
Risk Biased appraisal process.
Nature of Control Manual/ Automated
1. Check if the appraisal is conducted in accordance to the defined policy and process.
2. Check if the self-appraisal is adequately documented and then reviewed by the appraiser with
feedback on strengths and improvement areas.
3. Check if the compilation of initial ratings are done by ER department and reviewed in line with
policy.
4. Check if adequate process is followed for normalization and approved as per DOP.
5. Check if the final rating on the basis of following parameters are accurately calculated and then
finalized.
6. Check if the improvement areas are communicated to L&D for planning of required trainings.
7. Check if standard Performance Related Pay (PRP) have been decided by the Company and
informed to all employees.
8. Check if the final incentive and increments are accurately decided and circulated in accordance
to the Performance Related Pay (PRP) ratings as decided by the Company.

9.IA.3.1 Appraisal Process - Eligibility and Approvals


Control Objective Eligible employees are promoted only
Nature of Work Step Analysis / Verification
Risk 1. Biased appraisal process.
2. Unauthorized appraisal.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61016356 to check that list of persons eligible for promotion is prepared at
each level and cross check it from eligibility criteria.
2. Use T-Code S_AHR_61016356, S_L9C_94000095 to check the number of eligible candidates
against the total number of vacant seats.
3. Use T-Code APPSEARCH, PA40 to check if all promotions are adequately approved as per defined
DOP.
4. Use T-Code PA40, APPSEARCH to check if promotion is decided after considering all the
parameters according to the policy (e.g. experience, seniority etc.)

107
Audit Checklist

9.IA.3.2 Appraisal Process - Eligibility and Approvals


Control Objective Only department approved candidates are promoted
Nature of Work Step Analysis / Verification
Risk 1. Biased appraisal process.
2. Unauthorized appraisal.
Nature of Control Manual/ Automated
1. Use APPSEARCH to check that the list of employees eligible for promotion was vetted by
concerned departments.
2. Check the time taken in sending documents to department for approval and time taken by
department for approving the same.
3. Check whether applications received in this regard have been forwarded to the concerned
department for scrutiny of final details.

9.IA.4 Appraisal Process - Written Examination


Control Objective Fair and timely examination for promotion
Nature of Work Step Analysis / Verification
Risk 1. Biased appraisal process.
2. Unauthorized appraisal.
Nature of Control Manual/ Automated
1. To check whether selection committee was constituted before conducting the exam.
2. Use T-Code S_AHR_61015517, S_AHR_61015518, to check whether all eligible candidates were
issued call letters clearly specifying the date and venue for examination.
3. Use T-Code PA30, PA40, S_AHR_61015514, to check that medical examination was conducted
for all shortlisted candidates.
4. Use T-Code S_AHR_61016503 to check the time taken in issuing promotion letters from final
selection.

9.IA.5 Appraisal Process - Recent Promotions


Control Objective Recent Promotions
Nature of Work Step Analysis / Verification
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61016503 to review the APR marks / merit list with the promotions
announced.
2. Use T-Code PA30 to check whether employee master is updated with new salary structure and
grades immediately after announcement.
3. Use T-Code S_AHR_61016356, S_L9C_94000095 to check the total number of employees
promoted against the total number of vacant seats.

9.IA.6 Appraisal Process -Employee interaction and communication


Control Objective Employee Interaction and Communication
Nature of Work Step Analysis / Verification
Risk Employee dissatisfaction may lead to attrition.
Nature of Control Manual
1. Check the process of intimation and communicating with employees on performance.
2. Check the controls over issue of promotion letter to the employees like authorized person to
issue the same and mode of giving.

108
Audit Checklist

9.IA.7 Contract Labour & Recruitment - Raising Requisitions


Control Objective All recruitments are done based on requisitions
Nature of Work Step Analysis / Verification
Risk Late and unauthorized hiring of manpower.
Nature of Control Manual / Automated
1. Use T-Code S_AHR_61015508, S_AHR_6105512 to check the process of raising the manpower
requisition for all recruitment is followed (except pre-planned mass hiring of fresher or as per
business expansion plan).
2. Check if the manpower requisition is raised on timely basis.
3. Check if manpower requisition is complete in all respect and contains all the required
information about the position to be filled by HR.
4. Check if the manpower requisition is approved as per DOP.
5. Use T-Code PA40, PA30 to check the time lag after raising the requisition to finally hiring the
person.
6. Use T-Code S_AHR_61015514, S_L9C_94000095 to check the mode of recruitment is same as
planned as per the defined policy.
7. Use T-Code S_AHR_61016499 to check that all requisitions contain clear job descriptions and
experience of individuals to be recruited.

9.IA.8 Contract Labor& Recruitment - Mode of recruitment


Control Objective Selection of mode of requirement based on cost and other factors
Nature of Work Step Analysis / Verification
Risk 1. Excess recruitment cost.
2. Fair recruitment process
3. Statutory Compliance.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61015516 to check that last date of application is mentioned on the notice
of vacancy.
2. Use T-Code S_AHR_61015516 to check recruitment plan is prepared in advance and approved
by HOD for recruitments to be done during the period so that timely recruitment is done
considering the mode of recruitment.
3. Use T-Code S_AHR_61015515, CV03N to check if proper documentation is available to
substantiate that recruitment is conducted from the same mode in which it is planned.
4. To check if all the required guidelines issued from time to time are followed for recruitment
considering equal opportunity to all eligible candidates.
5. Use T-Code S_AHR_61015515, PA20 to check all statutory compliances like reserved seats have
been fulfilled.
6. Use T-Code PT03, PT_DSH20 to check the policy and processes are in line with new statutory
laws and regulations like the working hours requirements.

9.IA.9 Contract Labor& Recruitment - Recruitment notice


Control Objective Selection based on defined process
Nature of Work Step Analysis / Verification
Risk Unfair recruitment process.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61015516, PB40 to check if recruitment process is started according to the
basis of defined plan.
2. Use T-Code S_AHR_61015517 to check if proper notice/ advertisement is issued for all the
vacancies defining the following:
a. Job requirement and responsibilities

109
Audit Checklist

b. Eligibility criteria
c. Educational qualifications
d. Experience criteria
e. e. Evaluation criteria etc.
3. Use T-Code S_AHR_61015518 to check if the advertisement is published at all the required
places (e.g. newspaper and websites etc.).
4. In case of campus recruitments, use T-Code S_AHR_61015518 to check if the recruitment is
done from the pre-approved institution.
5. Use T-Code S_AHR_61015510,S_AHR_61015513 to check the list of candidates shortlisted for
interview and their experience papers.
6. Use T-Code S_AHR_61015510,S_AHR_61015513 to check that no application has been accepted
which has been received after the last date unless approved.
7. Use T-Code S_AHR_61015510,S_AHR_61015513 to check if adequate tracking and monitoring
process is in place to ensure completion of recruitment process in time.

9.IA.10.1 Contract Labor& Recruitment - Evaluation Process


Control Objective Screening
Nature of Work Step Verification
Risk 1. Unfair recruitment process.
2. Unauthorized hiring.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61015510, S_AHR_61015513 to check if timely and adequate screening is
done to identify the eligible candidates for proceeding with the recruitment process.
2. Use T-Code PA20, PA30 to check if the screening is done by the authorized and independent
person to objective screening of the candidates.
3. Check if the final list of eligible candidates is prepared and approved by HOD to process for
further process.
4. Verify sample cases to check if all the candidates are eligible as per the requirement posted in
advertisement.
5. Use PA30 to check if adequate mix is maintained to adhere to the various regulation and quotas
(e.g. SC/ST vacancies).

9.IA.10.2 Contract Labor& Recruitment - Evaluation Process


Control Objective Initial screening of documents
Nature of Work Step Verification
Risk 1. Incomplete documentation.
2. Possibility of fraudulent documents.
Nature of Control Manual/ Automated
1. Check if the copies and original of the required documents are verified to ensure
appropriateness of the details mentioned in the application form.
2. Use T-Code S_AHR_61015513 to check if results are adequately documented and then on
eligible candidates are selected.

110
Audit Checklist

9.IA.10.3 Contract Labor& Recruitment - Evaluation Process


Control Objective Written Test
Nature of Work Step Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61015513 to check whether written test was conducted according the
timelines mentioned in the advertisement or communicated thereafter.
2. Use T-Code S_AHR_61015513, S_AHR_61015517 to check if any change in the date of test is
communicated well in advance to the eligible candidates.
3. Use T-Code S_AHR_61015513 to check if process is in place to ensure that written test is given
by the candidate himself.
4. Use T-Code PBAF to check if adequate evaluation of the written test is conducted in time for
selection of candidates. Check whether proper technical survey/inspection is carried out for
quality assurance before creation of SES.

9.IA.10.4 Contract Labor& Recruitment - Evaluation Process


Control Objective Interview
Nature of Work Step Verification
Risk Transparent selection process.
Nature of Control Manual/ Automated
1. Check if the interview panel is finalized and approved in advance as per DOP.
2. Check if adequate mix of the interview panel is maintained in line with the required policy (e.g.
if recruitment involves SC/ST candidate, then 1 member must be SC/ST category).
3. Use T-Code S_AHR_61015513 to check all interview processes are completed within specified
time.
4. Use T-Code S_AHR_61015513, PB10 to check if the interview evaluation sheet is prepared and
the rating of each candidate (for all rejected/ selected candidates).
5. Post the interview; use T-Code S_AHR_61015513 to check if a report is prepared by the
interview panel which is put to competent authority for approval stating result of the
recruitment process.

9.IA.10.4 Contract Labor& Recruitment - Evaluation Process


Control Objective Medical Examination
Nature of Work Step Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. Use T-Code S_AHR_61015513 to check if upon approval, the final candidates are called for
medical examination. On clearance of the same, offer letter is sent to the candidate for joining.

9.IA.11.1 Contract Labor& Recruitment - Finalization of Selection and Pre-Joining


Formalities
Control Objective Proper approvals and selection
Nature of Work Step Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. Use T-Code PB30 to check if adequate documentation is maintained for all the evaluation
conducted for finalizing the candidates.
2. To check whether medical examination was conducted for all shortlisted candidates.
3. To check whether all conditions like selection of quota candidates has been adhered to.

111
Audit Checklist

4. To check that all offer letters are issued as per standard format as per the HR policies of the
Company.
5. Use T-Code S_AHR_61015513 to check if the offer letter clearly defines the documents which
the candidate need to submit before joining.
6. Use T-Code S_AHR_61015513 to check if the offer letter clearly defines other requirements (if
any) which the candidate need to fulfill before joining.
7. Use T-Code S_AHR_61015513 to check if the offer letter is issued based on approval from
authorized person as per DOA.

9.IA.11.1 Contract Labor& Recruitment - Finalization of Selection and Pre-Joining


Formalities
Control Objective Pre Joining Formalities
Nature of Work Step Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. To check that all rejoining formalities like maintenance of employee files, medical checks have
been done.
2. Use T-Code S_AHR_61015513 to check whether employee files are properly maintained and
contain necessary documents like blood group report.
3. To check the reference check and background check forms have been documented in employee
files.
4. Use T-Code S_AHR_61015513 to check whether offer letter clearly states the last date of joining
unless approved by concerned authority.

9.IA.12.1 Contract Labor & Recruitment - Contract Employees


Control Objective Contract Employees - Recruitment
Nature of Work Step Analysis / Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. Check if recruitment on contract basis is done in case of urgency which could not be planned in
the manpower plan.
2. Check if the contractual recruitment is initiated on the basis of approved manpower requisition
by competent authority stating the justification of such recruitment.
3. Use T-Code S_AHR_61015513 to check if the adequate evaluation process from screening to
finalization is followed for contracted employees.
4. Use T-Code S_AHR_61015513 to check if the contract with the employee is duly approved by
legal and for the limited period of requirement.
5. Use T-Code S_AHR_61015513 to check the process of renewal of candidate is followed after
ensuring equal opportunity to all prospective candidates unless approved by the competent
authority as per DOP.
6. Use T-Code S_AHR_61015513 to check if the entire documentation requirement is completed
for the contracted employee before joining.

112
Audit Checklist

9.IA.12.2 Contract Labor & Recruitment - Contract Employees


Control Objective Contract Employees - Statutory Compliance
Nature of Work Step Analysis / Verification
Risk Non-Compliance to policy.
Nature of Control Manual/ Automated
1. Check if the process is in place to ensure the statutory compliance in relation to the contract
employees.
2. Use T-Code PA30, PA40 to check if the compliance checklist is in place describing the
compliances need to be ensured, including various labor and PF laws.
3. Use T-Code PA30, PA40 to check if the compliances are ensured and non-compliances are
tracked with action plan for compliance.

9.IA.13 Contract Labor & Recruitment - Joining Process


Control Objective Collection and documentation of mandatory documents in employee
personnel file,
To smoothen the entry of newly joined executives in the organization
Nature of Work Step Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual/ Automated
1. Use T-Code PA30, PA40 to check the periodicity for conducting the induction for the newly
joined employees.
2. Check whether the data specified in the induction template / document have been updated
from time to time.
3. Use T-Code S_AHR_61016494 to check whether Job responsibilities/ descriptions (JDs) are
adequately defined for all positions and communicated to employees at the time of joining.
4. Use T-Code PA30, PA40, CV03N to check whether copy of all the mandatory certificates and
photo ID cards have been collected from the employee.
5. Use T-Code SUIM -->PA30 and PA40 to check employee master data and personal files are
accessible by authorized personnel only.
6. Use T-Code S_AHR_61015513, PA40 to check the time lag (if any) in generation of the joining
report for the new employees.
7. Use T-Code S_AHR_61015513 to check the dates of sign off on the appointment letters issued
to the employees.
8. Use T-Code PA30, PA40 to check if the employee file is updated with all the records and
documents w.r.t. to the new employee.

9.IA.14 Contract Labor& Recruitment - Recruitment Expenses


Control Objective Ensure adequate control over expenses incurred for recruitment
Nature of Work Step Analysis / Verification
Risk Weak control over expenses.
Nature of Control Manual/ Automated
1. Use T-Code KSBL to check if adequate budget is in place for incurring the recruitment expenses.
2. Use T-Code S_ALR_87013611 to check if Budget Vs. actual is monitored for all recruitment
expenses.
3. Check if all expenses are incurred with prior approval according to DOP.
4. Use T-Code PA30, PA40, PC00_M40_REMS to check if re-imbursement to candidates is made
based on eligibility and with adequate approval as per DOP.
5. Use T-Code S_ALR_87013611 to check if recruitment expenses are properly accounted and

113
Audit Checklist

monitored.

9.IA.15.1 Contract Labor& Recruitment - Legal/ Vigilance/ RTI


Control Objective Legal/ Vigilance
Nature of Work Step Analysis / Verification
Risk Legal non-compliance.
Nature of Control Manual/ Automated
1. Check the maintenance of a tracker of the active and resolved legal cases in timely manner.
2. Check if the checklist if maintained for the required documentation to be maintained for each
legal case.
3. Check the maintenance of documentary proof and witness for the cases.
4. Use T-Code S_ALR_87014259 to check if settlement of employee full and final post solvation of
the dispute.
5. Check if the past cases are reviewed and analyzed for common reasons with action plan to
prevent such cases in future.
6. Check if there is adequate tracking and documentation of the cases initiated by vigilance.

9.IA.15.2 Contract Labor& Recruitment - Legal/ Vigilance/ RTI


Control Objective RTI cases
Nature of Work Step Analysis / Verification
Risk Legal non-compliance.
Nature of Control Manual/ Automated
1. Check the maintenance of a tracker to monitoring and ensuring reply for all RTI cases in timely
manner.
2. Check if the dedicated persons are identified for handling the RTI cases.
3. Check if all replies to RTI are properly verified and supported with adequate documentation to
ensure accuracy of reply.
4. Use T-Code CV03N to check if proper evidence is maintained ensuring date of receipt of RTI and
reply to RTI.

9.IA.16 Welfare & Sports - Planning and Administration


Control Objective To ensure appropriate cost of the Trainings
Nature of Work Step Analysis / Verification
Risk 1. Weak budgetary control over expenses.
2. Unauthorized expenses.
Nature of Control Manual/ Automated
1. Use T-Code S_ALR_87013611 to verify the actual vs. budgeted amount sanctioned for the
Welfare and sports.
2. Use T-Code S_ALR_87013611 to analyze the root cause for any significant variation in the
budget vs. actual.
3. Check whether the expenses incurred by the department are in adherence to the documented
company policy.
4. Check on sample basis if the expenses are supported with adequate approvals and evidences.
5. Analyze the root cause for excess fund utilization than sanction for trainings.

114
Audit Checklist

9.IA.17 Welfare & Sports - Contracting for Services


Control Objective To ensure adherence to company policy and procedures
Nature of Work Step Analysis / Verification
Risk Non-Compliance to Company Policy.
Nature of Control Manual/ Automated
1. Use T-Code ME23N, ME2S to check if the services obtained on contract are in accordance to the
company policy.
2. Use T-Code KSBL to check if the all procurement is done on the basis of approved plan and
requirement.
3. Use T-Code ME49, ME4L, and ME80AN to check if the adequate evaluation of quotations and
services is done prior to engagement of service provider.
4. Use T-Code FBL1N to check if all the payments processed are in accordance to the contract.
5. Use T-Code FBL1N to check if adequate retention is made or LD levied for any shortcomings in
the services.

9.IA.18 Welfare & Sports - Quality of Services


Control Objective To ensure adequate quality of welfare and services for workmen
Nature of Work Step Verification
Risk Employee dissatisfaction.
Nature of Control Manual/ Automated
1. Use T-Code ME23N, ME2S to check whether the services planned to be provided and required
for welfare and motivation of the workmen are provided (e.g. Gym facility, market etc.).
2. Check whether management encourages employees to participate in physical activities by
hosting Championships within or outside the company.
3. To check physically the condition of the services and facilities (e.g. sports equipment).
4. Check if adequate process is in place to ensure upkeep of the all the facilities.
5. Conduct physical verification on sample basis for the facilities and equipment provided to
workmen.
6. To check if all the safety and regulatory requirements are adhered while provisioning of the
facilities.
7. To check if process of recording complaint and feedback from workmen is in place.
8. Check if all the complaints and feedback are reviewed and action is planned for improvement.

9.IA.19 Welfare & Sports - Allotment of Company Quarters & Maintenance


Control Objective To ensure adherence to company policy and procedures
Nature of Work Step Analysis / Verification
Risk Non-Compliance to Company Policy.
Nature of Control Manual/ Automated
1. Check if accommodation is provided to eligible candidates only in accordance to the defined
policy.
2. Use T-Code PA30 to check if timely updation is done in the payroll master to stop HRA and
related allowances, after allotment of official quarters.
3. Check if adequate maintenance is ensured for all the units.

115
Audit Checklist

9.IA.20 Others - Manpower Planning


Control Objective To ensure right number of persons are available at the right time and at the
right place
Nature of Work Step Analysis / Verification
Risk Overstaffing/under staffing in the department.
Nature of Control Manual
1. Check if there is defined process for assessing manpower requirement of a function or a
department.
2. Check if the planning process is initiated and completed on timely basis as per the defined
procedure.
3. Check if the departmental requirement as assessed, compiled and consolidated to assess the
overall requirement of the company.
4. Check that manpower plan has been made for each department separately.
5. Check whether the process of monitoring the budgeted manpower strength and the actual
manpower strength against the same is followed.
6. Check if all the manpower requirements are approved as per the defined DOP.

9.IA.21 Others - Budgeting


Control Objective Control expenditure
Nature of Work Step Analysis / Verification
Risk Cost overrun.
Nature of Control Manual/ Automated
1. Use T-Code S_ALR_87013611 to check the current year budgeted expenditure of manpower
cost and compare the same with actual cost for current year as well as previous year budgeted
expenditure.

9.IA.22 Others - Reimbursements for expenses


Control Objective To facilitate processing of timely reimbursement to work persons for medical
treatment
Nature of Work Step Analysis / Verification
Risk 1. Employee dissatisfaction.
2. Non-compliance to Company policy.
Nature of Control Manual/ Automated
1. Use T-Code S_PH9_46000172 to check the adherence to the policy and procedure for
reimbursement of the bills of employees.
2. Check whether process of maker checker and adequate verification of all the bills is in place.
3. Check whether proper serial controlled tracking is done for all the claims submitted.
4. Use T-Code S_PH9_46000172 to check whether there was any time lag in submission of medical
expenses for scrutiny & recommendation to Medical Dept. and disbursement of
reimbursement.

116
Audit Checklist

9.IA.23 Others - Loans & advances


Control Objective To facilitate loans and advances to the work persons (e.g. HBL, Car, appliance
etc.)
Nature of Work Step Analysis / Verification
Risk 1. Employee dissatisfaction.
2. Non-compliance to Company policy.
Nature of Control Manual/ Automated
1. Use T-Code S_PH9_46000172 to check the amount and approval of various loans and advances
granted to work persons.
2. Use T-Code PA30, PA40 to check whether F&A department has checked the eligibility &
repaying capacity.
3. Use T-Code FBL1N to check whether any personnel has scrutinize and verified application and
documents / previous utility loan records.
4. Use T-Code FBL1N to check if process is in place to ensure timely recovery of the loan and
advance as per the policy.
5. Use T-Code FBL1N to check ageing of various such loans and advances and do reason analysis
for old outstanding.
6. Check if adequate follow-up is done for old pending recoveries.
7. Use T-Code FBL1N to check if any loans and advance is pending from left employees.

9.IA.24 Others - PF Loan / Withdrawal


Control Objective To facilitate loans and advances to the work persons
Nature of Work Step Analysis / Verification
Risk 1. Employee dissatisfaction.
2. Non-compliance to Company policy.
Nature of Control Manual/ Automated
1. Use T-Code S_PH9_46000172 to check whether application form / employees’ particulars and
dependent record have been verified.
2. Use T-Code S_PH9_46000172 to check whether PF loan register has been updated within
specified time frame.

9.IA.25 Others - Maternity Leave / Special Leave


Control Objective To facilitate leaves to the work persons
Nature of Work Step Analysis / Verification
Risk 1. Employee dissatisfaction.
2. Non-compliance to Company policy.
Nature of Control Manual/ Automated
1. Use T-Code PA30, PA40 to check the applications of employee for leave with recommendation
from HOD and in case of maternity leaves a recommendation by Head of Medical.
2. Use T-Code PA30, PA40 to check whether approval of ER/ authorized officer is obtained for
leaves sanctioned.

117
Audit Checklist

9.IA.26 Others - Final settlement of Dues to Nominees of Deceased Employee


Control Objective To facilitate timely settlement of dues
Nature of Work Step Analysis / Verification
Risk 1. Employee dissatisfaction.
2. Non-compliance to Company policy.
Nature of Control Manual/ Automated

1. Use T-Code PC00_M99_CWTR to verify the payment advice of Social Security System (SSS) &
Employees Deposit Linked Insurance Scheme (EDLI) and approval by concerned officer along
with Form 7(PF) and Form L&I (Labor and Industries).

9.IA.27.1 Others - Payroll - Processing and Disbursement


Control Objective Employee Master Maintenance
Nature of Work Step Analysis / Verification
Risk Unauthorized changes in employee master.
Nature of Control Manual/ Automated
1. Use T-Code SUIM to check if the access to add or modify the employee master is restricted to
authorize persons only.
2. Use T-Code S_AHR_61016360 to check whether all the changes in the audit period are duly
authorized as per the defined policy and DOP.
3. Use T-Code SM20 to check whether audit logs are maintained and reviewed for the changes to
employee masters.

9.IA.27.2 Others - Payroll - Processing and Disbursement


Control Objective Leave & Attendance records
Nature of Work Step Analysis / Verification
Risk 1. Unauthorized changes in attendance and leave records.
2. Incorrect attendance may lead to incorrect payroll processing.
Nature of Control Manual/ Automated
1. Use T-Code PTMW, PT40 to review the attendance monitoring process and ensure that office
timings are communicated to all employees and correctly mapped in the attendance recording
system.
2. Use T-Code PT64, PT62 to check if the attendance is duly recorded and monitored.
3. Use T-Code PT64, PT62 to verify whether attendance records are maintained and cross checked
by an independent personnel.
4. Use T-Code PT64 to ensure that leave balances are correctly recorded and carried forward to
the next year.
5. Use T-Code SUIM to examine the access rights to attendance and leave recording system and
ascertain whether access rights are in line with the roles and responsibilities defined.
6. Use T-Code PT62, PC00_M99_PA03_check to ensure that the attendance and leave records are
approved/authorized as per the process before considered for monthly payroll.
7. Use T-Code SUIM to check whether logs of access/ changes to the attendance and leave records
are prepared and reviewed.

118
Audit Checklist

9.IA.27.3 Others - Payroll - Processing and Disbursement


Control Objective Payroll - Processing and Disbursement
Nature of Work Step Analysis / Verification
Risk Financial loss to the Company.
Nature of Control Manual/ Automated
1. Use T-Code PT62, PC00_M99_PA03_check to check if correct leave records are used for
processing of salary and the same tally with the attendance records maintained by the
company.
2. Use T-Code PA30 to check the logs generated for changes in the employee master data after
payroll processing.
3. Use T-Code PA30 to test check salary computations for employees. Ensure the salary processed
is as per the Offer/Appointment letter of the employee or as per increment letter in case of
increment given.
4. Use T-Code PA30 to check if any arrears to salary are accurately processed and duly approved
before disbursement.
5. Use T-Code PA30, PC00_M99_PA03_check to ensure that leave encashment, overtime etc. are
computed accurately and in accordance to the company policy.
6. Obtain and understand policies and procedures defining entitlement, time of submitting claim,
approvals etc.
7. Examine the process of submission of reimbursements by the employee.
8. Use T-Code FBL1N to check for any advances or loans paid to the employees, and if deductions
are paid for the same from the salary.
9. Use T-Code FBL1N to review the disbursement of payroll is in accordance to the approval payroll
processed.
10. Use T-Code FBL1N to review and analyze the payment disbursement for current month with last
two months (employee wise).
11. Use T-Code FBL3N, PC00_M99_PA03_check to check the payroll variance report and investigate
instances wherein there is a huge variance between the salaries paid during the months.
12. Use T-Code FBCJ to examine the cases where disbursement of salary was made through cash (if
any).

9.IA.28 Others - Statutory compliance


Control Objective To ensure timely and accurate compliance to all statutory requirements.
Nature of Work Step Analysis / Verification
Risk Statutory non-compliance.
Nature of Control Manual/ Automated
1. Check whether any checklist for tracking and ensuring the compliance to all statutory
requirements is maintained.
2. Use T-Code FBL3N to check if the department is ensuring the compliance to all statutory
requirements. E.g.
a. PF
b. ESI
c. Gratuity
d. Other labor laws.

119
Audit Checklist

9.IA.29 Others - Grievance Management System


Control Objective Employee satisfaction and timely redressal of employee grievances
Nature of Work Step Analysis / Verification
Risk Employee dissatisfaction.
Nature of Control Manual
1. Check the system of receiving employee grievances.
2. Check the time taken to address the employee grievance.
3. Check steps taken to ensure employee satisfaction.

9.IA.30.1 Others - Employee Separation


Control Objective Resignations
Nature of Work Step Analysis / Verification
Risk 1. Non-compliance to Company policy.
2. High attrition may lead to low efficiency in the Company.
Nature of Control Manual/ Automated
1. Use T-Code PA30 to check the adherence to the Company policy guidelines for employee
separation.
2. Use T-Code S_L9C_94000095 to check and analyze the attrition rate at the various management
level.
3. Use T-Code PA30, PA40 to check if the employee resignation is documented and accepted by
HOD before relieving.
4. Check if intimation is send to the ER department and payroll team by HOD on receipt of
resignation.
5. Use T-Code PA30, PC00_M99_PA03_check to check if payroll is put on hold (in line with the
policy requirement) on receipt of employee resignation.
6. Check if employee is communicated to all the requirements need to be completed by him
before leaving the organization:
a. No due to be cleared
b. Assets to be returned
c. Guarantee/ bond amount to be paid if any
d. Notice to be served etc.
7. Check if ER department initiates the retirement process in advance in case of retiring employee.
8. Check whether data backup have been obtained from the employee before his relieving.

9.IA.30.2 Others - Employee Separation


Control Objective Clearance Procedure
Nature of Work Step Analysis / Verification
Risk 1. Non-compliance to Company policy.
2. Data loss.
Nature of Control Manual/ Automated
1. Check if clearance/ no due form is defined containing the authorities who need to give no due
clearance to all separating employees.
2. Use T-Code PA30, FBL1N to check if all the receivables/recoverable are mentioned on the
clearance form before by the authorized person.
3. Use T-Code SUIM to check if all the following access are removed at the time of clearance:
a. Physical access card (if any)
b. SAP Access by ERP team
c. Oil Network Access by IT team
d. Access to any other IT application by IT team.

120
Audit Checklist

4. Use T-Code PA40 to check if all the authorizations to the individual (if any) are removed:
a. Bank Account
b. Dealing with third parties
c. Representing company
d. Power of Attorney etc.

9.IA.31 Others - Job Rotation and Transfer


Control Objective Job transfers within or outside the department for personal growth and
avoiding monotonous jobs
Nature of Work Step Analysis / Verification
Risk 1. Non-compliance to Company policy.
2. Low efficiency due to untrained employees.
3. Incorrect payroll processing for overlapping period.
Nature of Control Manual/ Automated
1. Use T-Code PA30 to check the adherence to annual job rotation plan.
2. Use T-Code PA30 to check whether the person transferred has been transferred on the basis of
transfer policy.
3. Use T-Code PA30 to check if the company policy w.r.t to mandatory transfers is followed for all
employees unless specific approval is obtained from the competent authority.
4. Check if in case of extension in transfer / job rotation, approval from competent authority have
been obtained.
5. Use T-Code PSV2 to check that proper training has been imparted in case new job
responsibilities are to be performed after transfer.
6. Use T-Code PA30 to check the time lag in processing the transfer requests.
7. Use T-Code PA30 to check whether the SAP has been updated with revised transfer details.
8. Use T-Code PC00_M99_PA03_check to check accuracy of the payroll process for the overlapping
period.

9.IA.32 Others - Labor Union


Control Objective To ensure timely and effective settlement with labor unions
Nature of Work Step Analysis / Verification
Risk Operational delays.
Nature of Control Manual
1. Check if there is defined responsibility to handle the labor unions.
2. Check if the settlements with labor union are adequately documented, approved and
implemented.
3. Check if there is defined procedure to handle the matter in relation to the labor union.
4. Check if there is defined process for addressing labor unrest and negotiating with labor unions.

9.IA.33 Others - PR Tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/ Manual

121
Audit Checklist

1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

9.IA.34 Others - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/ Manual
1. To check whether status of work completion in manual records is updated as per contract
terms. Use T-code ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

122
Audit Checklist

10. ERP – Internal Audit


Scope
Audit Areas
1 SAP change management
2 Access controls
3 SAP users and license controls
4 Master data maintenance
5 Audit logs
6 SAP budget and related expenses
7 User training and SAP usage
8 PR tracking
9 Contract monitoring
10 Manpower planning
11 Creation of Service Entry Sheet (SES)

123
Audit Checklist

10.IA.1 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

10.IA.2 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

124
Audit Checklist

11. Exploration & Development (ED) – Internal Audit


Scope
Audit Areas
1 Acquisition of blocks
2 Monitoring of blocks
3 PR Tracking
4 Manpower Planning
5 Creation of Service Entry Sheet (SES)
6 Technical Support
7 Financial Review
8 IT Infrastructure
9 Legal Aspects
10 PR Tracking
11 Manpower Planning
12 Creation of Service Entry Sheet (SES)
13 Monitoring of Operator function and financial probity

125
Audit Checklist

11.IA.1 ED - PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

11.IA.2 ED - Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

11.IA.3.1 CEMG - Financial Review


Control Objective Financial support to bid evaluation group
Nature of Work Step Verification / Analysis
Risk Incorrect evaluation.
Nature of Control Manual
1. Check the adequacy of financial support services provided by CEMG to bid evaluation group
including financial data validation.

11.IA.3.2 CEMG - Financial Review


Control Objective Financial support for JOA finalization
Nature of Work Step Verification / Analysis
Risk Negotiation of unfavorable terms.
Nature of Control Manual
1. Check the adequacy of process of JOA negotiation/discussion with partners and finalization of
the same before submission.

11.IA.3.3 CEMG - Financial Review


Control Objective Regular audit of financial statements of the Joint Venture by the audit firm
defined in the PSC/JOA.
Nature of Work Step Analysis
Risk Non compliance to internal policies.
Nature of Control Manual
1. Check the process of appointment of auditor and whether the same has been followed.
2. Take audited reports and check the same with PSC and JOA figures.

126
Audit Checklist

11.IA.3.4 CEMG - Financial Review


Control Objective Adequate monitoring of cash calls
Nature of Work Step Verification / Analysis
Risk Incorrect cash calls.
Nature of Control Automated / Manual
1. Review the process of monitoring of cash calls including exceptional reporting. Use T Codes
GJ03, GJ04,GJ06 for JV / Non-JV cash call accounting in SAP.

11.IA.3.5 CEMG - Financial Review


Control Objective Timely evaluation of performance of blocks
Nature of Work Step Verification / Analysis
Risk Delays in evaluation.
Nature of Control Automated / Manual
1. Check whether there is adequate process of collection of data from all spheres, analysis of data
for monitoring the financial performance of JV/NELP blocks. Use T code GJ_GD13.

11.IA.3.6 CEMG - Financial Review


Control Objective Monitoring of BG & LD
Nature of Work Step Verification / Analysis
Risk Expired BG.
Nature of Control Automated / Manual
1. Check the process of preparation and monitoring of BG & LD documents as per PSC/JOA for
onward submission to DGH/MOP&NG. Use T code FBL1N.

11.IA.3.7 CEMG - Financial Review


Control Objective To verify whether the operator has obtained adequate Insurance coverage.
Nature of Work Step Verification / Analysis
Risk Inadequate cover against risk for assets.
Nature of Control Manual
1. Check the Insurance chapter of the PSC & JOA and detail out the requirements to be met by the
operator.
2. Check item by item compliance for the insurance coverage and report on the under-insurance/
over-insurance / co-insurance/ non-insurance.
3. Check provision of Insurance made in the budget.

11.IA.4.1 CEMG - Legal Aspects


Control Objective Compliance with legal aspects of projects
Nature of Work Step Verification / Analysis
Risk Legal non-compliances.
Nature of Control Manual
1. Check adherence to legal aspects of projects. Review the system of composite checklist for
sample projects to ensure compliance to statutory norms and its synchronization with MWP.

11.IA.4.2 CEMG - Legal Aspects


Control Objective Monitoring of legal and company affairs in relation to block PSCs, JOAs etc.
Nature of Work Step Verification / Analysis
Risk Legal non-compliances.
Nature of Control Manual
1. Check the process followed for monitoring and addressable of legal and regulatory aspects.

127
Audit Checklist

11.IA.4.3 CEMG - Legal Aspects


Control Objective To review the compliance of a) Production Sharing Contracts (PSC)b)Joint
Operating Agreement (JOA) and draw out the salient features and conditions
that the operator needs to comply with
Nature of Work Step Verification / Analysis
Risk Non compliance to PSC and JOA may lead to:
a. Dis qualification of JV
b. Heavy penalty to JVc. Cancelation of exploration license.
Nature of Control Manual
1. Prepare detail list of compliances under PSC and JOA:
A. Compliance of JOA / PSC will include following
a. Requirements of the operating / Management committee
b. Approvals in budgeting process
c. Compliance to reporting to DGH & JV partners
d. Basis of computation of various reporting's to DGH & JV partners
e. Measurement of Petroleum
f. Recovery of cost for Oil and Gas
g. Production sharing of Oil and Gas
h. Valuation of petroleum
i. Assignment of interest
j. Payment of fee to Government
k. Bank Guarantee submission (Basis & Timely submission)
l. Cost allocation basis
m. Approvals thereof
B. Compliance to JOA / PSC accounting procedures
a. Government / License and assistance
b. Certificates and notices
2. Use transaction code GJ54 for JOA details.
a. Enter company code ‘JV’
b. Execute
c. This report will display of the details of the Joint Operating Agreements for the company code
JV.
3. Compare with the physical documents maintained.
4. Document and report on anomalies observed in reporting and compliance.

11.IA.5 CEMG - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

128
Audit Checklist

11.IA.6 CEMG - Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR

129
Audit Checklist

12. Field Communication – Internal Audit


Scope
Audit Areas
1 Planning, preparation and maintenance
2 Field communication
3 Technical up gradation
4 Equipment management and maintenance
5 Issuance of spare items
6 PR tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower planning

130
Audit Checklist

12.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk Inadequate Planning and Non Compliance to DOP.
Nature of Control Automated/Manual
1. To check whether the plan of field communication department is complete.
2. To check whether such plan is approved by competent authority as per DOP. Use T-code KSBL for
reports / verification. Version Management can be used to track changes.
3. To check whether any amendments in such plan is approved by competent authority as per DOP.
Use T-code KSBL.
4. To check whether actual expenses are monitored / compared with planned expenses on periodic
basis against such plan. Use T-codeS_ALR_87013532.
5. To check whether there are laid down procedures for preparation of the plan and maintenance
of equipment used.
6. To check whether such laid down procedures for preparation and maintenance are complied
with.

12.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.

12.IA.3 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

131
Audit Checklist

13. Field Engineering – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory Compliances
3 PR tracking
4 Creation of Service Entry Sheet (SES)
5 Manpower planning
6 SOP Compliance
7 Services - Operations
8 Preventive maintenance
9 Breakdown maintenance
10 Cost control analysis
11 New project and achievements
12 Safety
13 Training to workers
14 Security
15 Statutory Compliances
16 Tools, spares and other Expenses
17 HSE Compliances
18 Projects

132
Audit Checklist

13.IA.1 P&A - Planning, Budgeting & Monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Automated/Manual
1. Check whether the annual plan of Field Engineering department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

13.IA.2 P&A - Statutory Compliances


Control Objective Adhere to regulatory and statutory compliances
Nature of Work Step Verification
Risk Non-compliance to statutory requirements.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

13.IA.3 P&A - PR Tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

133
Audit Checklist

14. Finance & Accounts

14.IA.1 Finance & Accounts – Asset Management


Scope
Audit Areas
1 Acquisition of assets
2 Capitalization of assets
3 Depreciation
4 Physical verification of fixed assets
5 Disposal of fixed assets
6 Ownership documents
7 Accounting policies

134
Audit Checklist

14.IA.1.1.1 Acquisition of Assets


Control Objective Annual operating plans are prepared and circulated in advance to all the
respective departments, and
Budgetary controls have been defined in SAP
Nature of Work Step Verification
Risk Exceeding the capital budget.
Nature of Control Automated / Manual
1. Use T-codes CJ31, CJ36 and CJ37 to check if budgets for capital expenditure are approved by the
competent authority. (Check manual files in case authorizations are maintained outside SAP).
2. Check if the approved budgets are communicated in writing to the Purchase Department,
Accounts Department and the department originating the request.
3. Check if written authorizations are required for incurring capital expenditure for items included
in the budget.
4. Use T-code SUIM to check if the authority to incur capital expenditure is restricted to specified
officials.
5. Use T-code S_ALRS_ALR_87013558 to ensure that there are proper checks to make sure that
amounts expended do not exceed the amount authorized.
6. Use T-code SUIM to check authorizations required for excess expenditures.
7. Check whether supplementary budget has been authorized.
8. T-code S_ALR_87013558 may be used to check budget.

14.IA.1.1.2 Acquisition of Assets


Control Objective Adequate gate/stores controls are in place
Nature of Work Step Verification/Analysis
Risk 1. Unauthorized material entry in the plant.
2. Possibility of loss to the material due to security lapses.
3. Possibility of issue of material directly to user.
Nature of Control Manual
1. Check availability of controls in purchase or availing of services.
2. Check if purchase of capital items is subject to same controls as applicable to purchase of raw
materials, stores, etc.
3. Check if receipt of capital items are subject to same procedures as applicable to receipt of raw
materials, stores, etc.

14.IA.1.1.3 Acquisition of Assets


Control Objective Review whether procurement assets is done as per requirement
Nature of Work Step Verification/Analysis
Risk 1. Blockage of funds.
2. Deterioration of asset.
3. Underutilization of resources.
Nature of Control Manual / Automated
1. Perform aging analysis of capital items in stock (MB5B).
2. On a sample basis review whether utilization of material is being done as per plan contribution.

14.IA.1.2.1 Capitalization of assets


Control Objective Full cost incurred to bring the asset to the current condition capitalized
Nature of Work Step Verification
Risk Incorrect capitalization of fixed assets.
Nature of Control Manual / Automated

135
Audit Checklist

1. For project related capitalizations, review that the capitalization is performed on the basis of
completion certificate and review that the completion certification has been appropriately
approved.
2. Use T-code AR01 to check if all the cost incurred to bring the capital assets in the current form
have been capitalized along with the capital assets.
3. Use T-code CJI3/KSB1 to check if all expenditure on wages, materials and stores have been
charged to capital account on reasonable basis.
4. Check if there is any official responsible for ensuring that allocation of expenditure between
capital and revenue is in accordance with the company's accounting policy.
5. To check all cost to bring asset in current form can be checked with ME2N and CJI3 and can be
confirm with capitalize amount from AR01/AS03.
6. Check that Exploratory Wells in progress (EWIP) requiring artificial lift are not capitalized
7. Check that exploratory well-in-progress, which are ready to commence commercial production,
but have been capped for want of Customers, have been capitalized
8. Check that expenditure incurred on exploratory wells, which has been written off in past is not
written back even though, the well has started producing subsequently. Only the
additional/subsequent portion of the expenditure on the well is to be capitalized.(Revised
Guidance Note on Oil and Gas Accounting)
9. Check that expenditure incurred on a dry well in development area is capitalized.
10. Check for correct classification and disclosure of Computer software as Intangible assets as per
AS 26 or fixed assets as per AS 10.
11. Check for correct classification of fixed assets as per AS 10.

14.IA.1.2.2 Capitalization of assets


Control Objective Timely capitalization of assets
Nature of Work Step Analysis / Verification
Risk Delay in capitalization of asset.
Nature of Control Manual / Automated
1. Review CWIP register (manual/ in SAP - T-Code: ZCWIP_REP) and check
i) Any balances in CWIP for projects completed
ii) Any long pending balances in CWIP.
2. Review whether developed wells are timely capitalized.

14.IA.1.3.1 Depreciation
Control Objective Correct computation of depreciation
Nature of Work Step Verification / Analysis
Risk Impact on financial statements of Company.
Nature of Control Manual / Automated
1. Use T-code AR01/AS03 to check whether the rates given in the Schedule XIV of Companies Act
have been considered for depreciation.
2. Check whether the depreciation keys have been updated T-Code: SPRO as per latest legislations.
(E.g.: Companies Act, 2013).
3. Use T-code AR01 to check if the rates of depreciation applied are justified based on the useful
life of asset.
4. Use T-code FBL3N to check depreciation for a sample of assets.
5. To check all cost to bring asset in current form can be checked with ME23N and CJI3 and can be
confirm with capitalize amount from AR01/AS03.

136
Audit Checklist

14.IA.1.3.2 Depreciation
Control Objective Disclosure of depreciation policy
Nature of Work Step Verification / Analysis
Risk Non-compliance to statutory regulation
Nature of Control Manual
1. Check if there is any changes in depreciation policy.
2. Check if there is appropriate disclosure of depreciation policy in the notes to accounts.

14.IA.1.3.3 Depreciation
Control Objective Review depreciation for low value assets
Nature of Work Step Verification / Analysis
Risk Non-compliance to accounting policies.
Nature of Control Automated
1. Generate a list of assets using AR01/AS03.
2. Review whether assets valuing less than Rs.5000 have been charged off as per the accounting
policy.
3. Review whether 100% depreciation is charged for low value items as defined in the Accounting
policies.

14.IA.1.4 Physical verification of fixed assets


Control Objective 1. Physical verification is done on periodic basis as per the company policy
2. Appropriate approvals are in place for the adjustments made
Nature of Work Step Verification
Risk Incorrect inventory records.
Nature of Control Automated / Manual
1. Review whether physical verification policy exists.
2. Check if fixed assets are verified periodically as per the policy. Verify whether policy has been
complied. Review whether tagging of assets is done as per the Fixed Asset Register.
3. Check if the procedure provides for verification of compliance with the warranties and
conditions in the relevant insurance policies.
4. Use T-codes AR01/ AS03 to check if the procedure provides for verification/ confirmation of
fixed assets with the third parties.
5. Check if reports regarding such verification are prepared.
6. Check if damaged/ obsolete items are disclosed by such reports, and removed from the records
and financial accounts with proper authority.
7. Check if discrepancies disclosed by such reports are investigated.
8. Use T-code FBL3N to check if records and financial accounts are corrected with proper
authority.
9. Conduct a sample physical count to check whether the location for assets is updated correctly in
FAR.
10. Ensure that for all inter/intra unit transfer of assets, the FAR is updated timely. Check whether
approvals have been taken as per DOP for transfer of assets.
11. For assets procured for JV, ensure that the assets are accounted appropriately in FAR

14.IA.1.5.1 Disposal of fixed assets


Control Objective Adequate controls over disposal of fixed assets
Nature of Work Step Analysis / Verification
Risk Potential value of fixed asset not realized.
Nature of Control Automated / Manual
1. Use T-code SUIM to check whether disposals are approved as per the DOP matrix.

137
Audit Checklist

2. Use T-code VA25 to ensure that quotations are obtained for all fixed assets sold and best
quoting customer is selected.
3. Ensure that after approval of disposal whether the asset has been taken out from Asset register.
4. Use T-code AR01 to ensure that WDV of the asset is correctly computed to ensure accuracy of
the profit/ loss accounted. Ensure that approved assets for disposal are stocked in yard
properly.

14.IA.1.5.2 Disposal of fixed assets


Control Objective Timely condemnation of unserviceable items
Nature of Work Step Verification
Risk 1. Loss of value of asset.
2. Fund blockage.
Nature of Control Manual
1. Conduct a review of offices /plant area, and identify any items which were not timely
condemned to Scrap Management Department.
2. Discuss with process owner and discuss any cases where assets are not in use and have not
been declared as inactive.
3. Review Fixed Asset Register and cross verify existence of those items in FAR.

14.IA.1.6 Ownership documents


Control Objective Safe custody of ownership documents
Nature of Work Step Verification
Risk Fraudulent use of ownership documents.
Nature of Control Manual
1. Check if there is a list of title deeds for land, properties and buildings.
2. Check if title deeds of properties are kept in a safe place.
3. Check if certificates are obtained periodically if they are lodged as security.
4. Check if registration books of vehicles are periodically verified.

14.IA.1.7.1 Accounting policies


Control Objective Adherence to accounting policies
Nature of Work Step Verification
Risk 1. Non compliance to accounting policies.
2. Misstatements in financial statements.
Nature of Control Manual
1. Obtain a list of accounting policies pertaining to area.
2. Also take reference from annual report / financial statements.
3. Review compliance of the policies.

14.IA.1.7.2 Accounting policies


Control Objective CARO Compliances
Nature of Work Step Verification
Risk Non compliance to CARO.
Nature of Control Manual
1. Check whether the CARO requirements for fixed assets, physical verification, disposal of fixed
assets, inventory etc. are being followed and disclosures are made timely as per requirements.

138
Audit Checklist

14.IA.2 Finance & Accounts - Costing


Scope
Audit Areas
1 Costing records
2 COGS analysis
3 Variance analysis
4 Reconciliation of costing records with financial records
5 MIS reporting

139
Audit Checklist

14.IA.2.1.1 Costing records


Control Objective Adequacy of cost audit
Nature of Work Step Analysis / Verification
Risk Non compliance of The Companies Act, 2013.
Nature of Control Manual
1. Review whether cost audit has been conducted and completed as per the requirements of The
Companies Act, 2013.

14.IA.2.1.2 Costing records


Control Objective Adequacy of cost audit and records
Nature of Work Step Verification/Analysis
Risk Non compliance of The Companies Act, 2013.
Nature of Control Manual
1. Review whether the cost records have been maintained as per the requirements of Cost
Accounting Record (Petroleum Industry) Rules, 2002.
2. Review whether compliance to the Companies (cost records and audit) Rules, 2014 (and any
amendments thereon) has been ensured.
3. Review whether the cost records have been maintained as per the requirements of Cost
Accounting Records (Telecommunication Industry) Rules, 2011.
4. Review whether the cost records have been maintained as per the requirements of e Cost
Accounting Records (Electricity Industry) Rules, 2001.

14.IA.2.1.3 Costing records


Control Objective Periodic analysis of cost of goods / services sold
Nature of Work Step Verification/Analysis
Risk Calculation of incorrect cost.
Nature of Control Manual / Automated
1. Use T-code CK13N to check standard costs and examine the basis of arriving at costs as
standards. Check whether there has been any change in standard costing and is approved as per
DOP.
2. Check the overheads allocation to respective products and to what extent variation in terms of
interest on working capital, marketing costs, and promotional costs has been considered in
product contribution.

14.IA.2.2 COGS analysis


Control Objective TDS compliance
Nature of Work Step Verification
Risk Non compliance to TDS regulations.
Nature of Control Manual / Automated
1. On a sample basis review whether TDS has been deducted on payments made for services.
2. Review whether TDS deducted is as per prevailing rates.

14.IA.2.3 Variance analysis


Control Objective Timely variance analysis
Nature of Work Step Analysis / Verification
Risk Non-identification of trend of cost movement.
Nature of Control Manual / Automated
1. Use T-code KKS2 to review the variance analysis done on periodic basis.

140
Audit Checklist

14.IA.2.4 Reconciliation of costing records with financial records


Control Objective Periodic Reconciliation
Nature of Work Step Verification
Risk Non-reconciliation of costing and financial records.
Nature of Control Manual / Automated
1. Use T-code KSB5 to check the periodic reconciliation of costing records with financial records.

14.IA.2.5 MIS Reporting


Control Objective Adequacy of information reported
Nature of Work Step Verification / Analysis
Risk Unavailability of documented basis for fixing cost.
Nature of Control Manual
1. Understand the process followed for preparation of costing MIS.
2. Check whether MIS reports are adequately reviewed before circulation.
3. Check the accuracy and adequacy of information reported in MIS.

141
Audit Checklist

14.IA.3 Finance & Accounts - Payables


Scope
Audit Areas
1 Vendor master
2 Matching PO
3 Posting to payables
4 Vendor balances
5 Debit/ Credit notes
6 Legal case by vendors
7 Accounting policies
8 Bank guarantee

142
Audit Checklist

14.IA.3.1 Vendor master


Control Objective Review of changes to vendor master
Nature of Work Step Verification
Risk 1. Incorrect billing to vendors.
2. Non availability of required information.
3. Inability to comply with regulations.
Nature of Control Automated/ Manual
1. Use T-code XK99/XK03 to check if the changes/ updations to vendor master are made on the
basis of approval by management.
2. Use T-codes XK03/S_ALR_87012086 and SE16N to review of vendor master for identification of:
a. Incompleteness in the details entered
b. Wrong details captured.
3. Use T-codes XK03 and SE16N to check if more than one account exists for a single vendor on the
basis of following criteria:
a. Vendor name
b. Vendor registered address
c. Bank Account number
d. PAN/TIN number.

14.IA.3.2 Matching PO
Control Objective Terms of PO matching with Invoices
Nature of Work Step Verification/Analysis
Risk Incorrect payment due to erroneous billing.
Nature of Control Manual / Automated
1. Check whether system is configured to restrict direct booking of invoice without PO. (SPRO ->
Materials Management -> Logistics Invoice Verification -> Incoming Invoice -> Direct Posting to
G/L Accounts and Material Accounts).
2. For instances, use T-code MIR5 to generate list of invoices. Check whether each payment is
against a Purchase Order / Service Order. This can be done by verifying mapping of PO number
with invoices - vendor ledgers.
3. Check the terms mentioned on Invoices are in confirmation with the PO.
4. Attempt PO creation / release on basis of unapproved PR.
5. Use T-code ME2N/ME5A to check that requisition number has been mentioned on every PO.
6. Use T-code ME2N/ME23N to check that any change in terms of PO has been authorized, and that
rate differences have not been accepted unless adequate reason for same has been provided.
Check release strategy.
7. Check the mapping of authorization in ERP for release of payment is to be checked whether it is in
line with the DOP. Use T-Code SUIM.

143
Audit Checklist

14.IA.3.3.1 Posting to payables


Control Objective Correct application of payments
Nature of Work Step Verification/Analysis
Risk Payment to wrong vendor.
Nature of Control Automated/ Manual
1. Use T-code ME2N to check that posting to payables has only been made after receipt of goods or
when goods are in transit and the ownership has been transferred to the Company. Re-perform
the three-way match performed by finance team for the sample payments.
2. Verify whether all documents required for payment of the bill have been received before release
of payment.
3. Verify that no duplicate payments are made.
4. On a sample basis. Use T-code ME2N to confirm the amount posted in SAP with the invoice
amount (Physical invoice vs. SAP entry).
5. Use T-code FBL1N to check for debit and credit balances appearing for the same vendor because
of duplication of vendor code.
6. Use T-code FBL1N to check that any payment made was not applied against incorrect invoice.
(Sample basis- Physical vs. SAP).
7. Use T-code FBL1N to ensure any amount paid to any vendor was posted in the correct vendor
name by reconciling against balance appearing in SAP.

14.IA.3.3.2 Posting to payables


Control Objective TDS compliance
Nature of Work Step Verification
Risk Non compliance to TDS regulations.
Nature of Control Manual / Automated
1. On a sample basis review whether TDS has been deducted on payments made for services.
2. Review whether TDS deducted is as per prevailing rates.

14.IA.3.4 Vendor balances


Control Objective Vendor ageing analysis
Nature of Work Step Analysis / Verification
Risk Non-recovery of dues
Nature of Control Manual / Automated
1. Check that vendor aging is available with the department.
2. Review on a sample basis, whether correct payment due date is being recorded in SAP, in
accordance with contract terms.
3. Use T-code FBL1N to check for balances which are overdue and take case wise response.
4. Check whether any reconciliation sheet is made and updated regularly.
5. In case of major parties, take second party confirmations for balance pending.
6. Use T-code MB5S to check for controls present in SAP to track invoices which are pending to be
paid.

144
Audit Checklist

14.IA.3.5 Debit/ Credit notes


Control Objective Timely monitoring of debit/credit notes
Nature of Work Step Analysis / Verification
Risk 1. Non-recovery of dues.
2. Payment of interest due to delayed payment.
Nature of Control Manual / Automated
1. Analyze the reasons for raising of debit/credit notes issued to vendors.
2. Use T-code FBL1N to check if these debit notes/ credit notes were duly authorized and
supported by adequate workings and documents.

14.IA.3.6 Legal case by vendor


Control Objective Analysis of legal cases filed by vendors
Nature of Work Step Verification
Risk 1. Non-recovery of dues.
2. Decreased reputation of Company.
Nature of Control Manual
1. Check for any legal case filed by the vendors.
2. Check the steps taken by the Company against such notice or the progress of the suit.
3. Check the reason for stopping the payment and whether adequate provision has been made or
contingent liability has been shown.

14.IA.3.7 Accounting policies


Control Objective Adherence to accounting policies
Nature of Work Step Verification
Risk 1. Non compliance to accounting policies.
2. Misstatements in financial statements.
Nature of Control Manual
1. Obtain a list of accounting policies pertaining to area.
2. Also take reference from Annual Report / financial statements.
3. Review compliance of the policies.

14.IA.3.8 Bank guarantee


Control Objective Monitoring of Bank Guarantee / Letter of Credits
Nature of Work Step Verification
Risk Unavailability of recourse against non performing vendor.
Nature of Control Manual
1. Obtain Bank Guarantee Register / list of LC. Use T-code ZFIBG.
2. Verify SAP records with manual records. Check accuracy and completeness.
3. Check adequacy/ validity as per the respective contract / Purchase Order/ Work Order.
4. Whether all BG / LC have been verified with respective banks.
5. Whether any expired BG have been kept.

145
Audit Checklist

14.IA.4 Finance & Accounts – Taxation


Scope
Audit Areas
1 Checklist of statutory requirements
2 System updates
3 Return filing
4 Tax payments
5 Availing exemptions and taking credits
6 Pending demands and assessments
7 Deferred Tax

146
Audit Checklist

14.IA.4.1 Checklist of statutory requirements


Control Objective Comprehensive tax compliances checklist
Nature of Work Step Analysis / Verification
Risk Delayed/ incorrect tax payment.
Nature of Control Automated/ Manual
1. Check whether a checklist is available with the Company regarding all applicable tax
compliances.
2. Check whether the list is regularly updated and amended as per the amendment in tax laws.
3. Check if all return dates and tax deposit dates have been recorded in the checklist and complied.
The compliance can be checked on a sample basis.
4. Enquire about the internal team and/or external consultants who ensure timely statutory
compliances.
5. Check that all the taxes have been paid and return filed timely as per relevant applicable tax
laws.

14.IA.4.2 System updates


Control Objective Timely updation of tax rates and due dates in ERP
Nature of Work Step Verification
Risk Delayed/ incorrect tax payment.
Nature of Control Automated / Manual
1. Use T-code SE16N to check if correct tax rates have been entered in SAP like prevailing TDS
rates, excise duty rate, service tax rate etc.
2. Use T-code FBL3N to check if correct return dates and tax payment dates have been entered in
SAP for filing of returns like PF return, ESI return, TDS return etc.

14.IA.4.3 Return Filling


Control Objective Timely filing of returns
Nature of Work Step Verification/Analysis
Risk Interest/ penalty charges for delay.
Nature of Control Automated/ Manual
1. Use T-code J1INMIS to check for any delay in filing of returns resulting in imposition of penalties.
2. Check the control measures taken by tax team to avoid any delay in filing of returns.

14.IA.4.4 Tax payments


Control Objective Timely payment of tax
Nature of Work Step Analysis / Verification
Risk Interest/ penalty charges for delay.
Nature of Control Manual / Automated
1. Use T-code J1INMIS to check the tax deposit challans and note any delays in depositing the
same.
2. Use T-code FBL3N to check the total interest or penalty paid by Company due to late deposit of
tax.
3. Check what measures have been taken by Company to avoid any delay in payment of tax.

147
Audit Checklist

14.IA.4.5 Availing exemptions, taking credits


Control Objective Adequate control over exemptions and tax credits
Nature of Work Step Analysis / Verification
Risk Excess tax payment.
Nature of Control Automated / Manual
1. Check which tax exemptions are available for the Company.
2. Check whether all exemptions have been availed by the company like excise duty and custom
duty exemptions.
3. Use T-code FBl3N to ensure that credit has been taken against all duty paid.
4. Verify that appropriate deductions U/S 80-IA & 80-IB of Income Tax Act has been taken by the
company.

14.IA.4.6.1 Pending demands and assessments


Control Objective Monitoring of demands and tax assessments
Nature of Work Step Analysis / Verification
Risk Possibility of legal action against Company.
Nature of Control Manual
1. Examine all pending demands and assessments initiated against the company by the tax
department.
2. Check the actions taken by the Company against such assessments.

14.IA.4.6.2 Pending demands and assessments


Control Objective Scrutiny of Income Tax Notices, if any
Nature of Work Step Verification
Risk Financial Risk with Penalty.
Nature of Control Manual
1. Check whether the Company has a mechanism to ensure that all Income Tax notices received
are stored in a central location (scanned document in shared folder with limited access) and
recording is done in a file mentioning the date on which the notice was received, status and
action taken.
2. Check whether the Company has any open Income Tax notices. Ensure that the same are
reported to the requisite authority periodically with the status.

14.IA.4.7 Deferred tax


Control Objective Treatment for timing difference
Nature of Work Step Verification / Analysis
Risk Incorrect accounting.
Nature of Control Automated/Manual
1. Check whether timing differences have been correctly differentiated into temporary and
permanent timing difference.
2. Check whether correct treatment as per AS 22 has been done.

148
Audit Checklist

14.IA.5 Finance & Accounts – Treasury


Scope
Audit Areas
1 Working capital management
2 Treasury Policy/Guidelines
3 Borrowings
4 RBI Guidelines
5 Hedging
6 Interest & finance charges
7 MIS
8 Investment of surplus fund
9 Bank guarantees(BGs) and Letter of Credits(LCs)
10 Control over cash

149
Audit Checklist

14.IA.5.1.1 Working capital management


Control Objective Adequate working capital management
Nature of Work Step Analysis / Verification
Risk Inadequate working capital.
Nature of Control Automated/ Manual
1. Use T-code FBL3N, FF7A and FF7B - Cash Position to check if cash flow requirements are
evaluated on an ongoing basis.
2. Use T-code FF7A and FF7B - Cash Position to check if the budgeted funds flow and cash flow is
prepared to ensure adequate funds and effective utilization of funds.
3. Check if various indicators to monitor adequate working capital are defined and monitored (e.g.
NP ratio, CA ratio, Debtor/ Creditor turnover ratio).
4. Identify slow moving/ non moving and areas of blockage of funds and see if adequate action is
taken by management over such cases.
5. Check if cost-benefit analysis is carried out for deciding proportion between domestic / foreign
currency and long term / short term borrowings.

14.IA.5.1.2 Working capital management


Control Objective Opening, monitoring and closing of bank accounts
Nature of Work Step Verification/Analysis
Risk 1. Unauthorized opening and closing of bank accounts.
2. Cash Operations
Nature of Control Manual
1. Obtain the list of bank accounts opened and closed during the audit period.
2. Identify the reasons for opening and closure of the bank accounts.
3. Check whether any new account opening was done with due approvals.
4. Check whether account closure (if any) has been duly authorized.
5. Check Idle cash balance in hand (No. of days cash hold Vis a Vis average expenses and maximum
expense per month).
6. Check whether cash payments/ withdrawals were duly approved.
7. Check appropriateness of payments made in cash. Check if the same could be availed through
credit.
8. Perform surprise physical cash verification.
9. Check if any process exist for physical verification and surprise physical verification.
10. Check process of cash hand over.
11. Check controls over keys handover and in hands
12. Check whether cash balance has exceeded the amount of cash Insurance policy.
13. On sample basis, verify the reconciliation for cash collection during the day and deposited to
bank.

150
Audit Checklist

14.IA.5.1.3 Working capital management


Control Objective Bank Reconciliation Statements
Nature of Work Step Verification/Analysis
Risk 1. Reconciled balance in bank account may lead to fraudulent bank
transactions.
2. Non monitoring of bank transactions leading to duplicate payments to
vendors.
Nature of Control Automated/ Manual
1. Obtain the list of Bank accounts (both operative and inoperative).
2. Check for sample months, whether the BRS is prepared timely and is authenticated as per DOP.
3. Check the Inter – bank transfer of funds with the relevant supporting's / advices.
4. Ensure that the stale cheques outstanding in the Bank Reconciliation transferred to Stale
Cheques Account. Check in the bank statement if there is any debit for stale cheques. Check
whether any non CTS stationery is being kept.
5. Obtain the balance confirmation/statement from the bank for the selected month of verification.
6. For long outstanding reconciling items, review the reasons thereof and check for subsequent
clearance.
7. Check if there are cheques collected not cleared by bank for beyond 3-4 days.
8. Check whether adjustment entries are passed timely and accurately.
9. Perform bank reconciliation for latest month and reconcile with BRS prepared by the process
owner.

14.IA.5.1.4 Working capital management


Control Objective Banking Controls
Nature of Work Step Analysis / Verification
Risk 1. Financial loss on the idle funds.
2. Inadequate maintenance of cheque stationery
3. Fund transfer not duly authorized
Nature of Control Manual / Automated
1. Identify non operative bank accounts from Trial Balance and Bank statements.
2. Check policies and documentation related to closing of dormant bank accounts.
3. Verify whether non operative bank accounts were dealt as per the policy.
4. Check whether there are any unutilized funds lying in the bank accounts and the same are not
being transferred to the interest bearing accounts.
5. Verify controls of the company for safeguarding and preventing the misuse of cheque stationary.
6. Review whether fund transfers are duly authorized as per DOP.
7. Scrutinize ledgers/ bank statements and analyze whether payment has been made in parts to
the same party on the same day so as to avoid DOP.

151
Audit Checklist

14.IA.5.1.5 Working capital management


Control Objective Interest & Finance Charges
Nature of Work Step Analysis / Verification
Risk 1. Incorrect computation of interest.
2. Delay in accounting of interest accrued.
3. Loss of interest due to idle funds.
Nature of Control Manual
1. Check whether the charges levied by banks are adequately supported by documents.
2. Check whether interest has been accounted timely.
3. Check whether interest has been computed correctly.
4. Ensure periodic forecast is done pertaining to funds requirement and ensure that minimum cash
credit limit is utilized.

14.IA.5.1.6 Working capital management


Control Objective Annual Rating Exercise
Nature of Work Step Analysis / Verification
Risk Delay/Degradation in credit rating may lead to loss of Company's credit
worthiness.
Nature of Control Manual

1. Understand the process of credit rating exercise.


2. Ensure that credit rating has been acquired from authorized agencies timely.

14.IA.5.2 Treasury Policy / Guidelines


Control Objective Treasury exposure is adequately monitored
Nature of Work Step Analysis / Verification
Risk Excessive treasury exposure.
Nature of Control Automated / Automated
1. Check if a policy has been defined for mitigating treasury exposure.
2. Check that compliance with Treasury Policy is ensured.
3. Use T-code TBLB to check if limits have been defined for taking exposure in different types of
borrowings. If not available in SAP, obtain manual documents.

14.IA.5.3.1 Borrowings
Control Objective Borrowings are within the authorized limits
Nature of Work Step Verification
Risk Unauthorized borrowings.
Nature of Control Automated/Manual
1. Use T-code F.01 / TBLB to check that borrowings have been made within the borrowing power
defined by the management.
2. Use T-code TM_53 or TM03 to check if borrowings are duly authorized as per DOA and
Company Law requirements.
3. If not available in SAP, obtain manual documents.

14.IA.5.3.2 Borrowings
Control Objective Monitoring of long terms and short term borrowing costs
Nature of Work Step Analysis / Verification
Risk Variance in borrowing costs.
Nature of Control Automated / Manual

152
Audit Checklist

1. Use T-code F.01 to obtain list of borrowings.


2. TPM13 to check if the effective cost of borrowing including one time charges, fees etc. is
reported to the management for each long term and short term facility. Also perform
comparison of effective cost versus budgeted cost.

14.IA.5.3.3 Borrowings
Control Objective Timely repayment of borrowings
Nature of Work Step Verification
Risk Penalty/ interest charges upon delay of repayments.
Nature of Control Manual / Automated
1. Use T-code F.01 to obtain list of borrowings.
2. TPM13 or SE16N or S_ALR_87015205 to check if repayments have been made as per schedule
and are in compliance to the terms of borrowings.

14.IA.5.4 RBI Guidelines


Control Objective Compliance with RBI Guidelines for ECBs and other foreign currency loans
Nature of Work Step Verification
Risk Penalty/ charges upon non-compliance with RBI guidelines.
Nature of Control Manual / Automated
1. Check that company has a checklist of guidelines issued by RBI which relates to the Company.
2. Ensure that checklist is periodically reviewed and updated.
3. Ensure compliance with all applicable RBI guidelines.

14.IA.5.5 Hedging
Control Objective Forward Covers
Nature of Work Step Verification
Risk Non-compliance with Company Policy.
Nature of Control Manual / Automated
1. Check the compliance with Forex and Interest Rate Risk Management policy.
2. Use T-codes TX03, 06 and TPM12 to check if the Company has taken forward the contract to
hedge exchange rate risk.
3. Obtain the list of forward covers taken during the period and check whether forward covers are
taken are in line with the company policy or not.

14.IA.5.6 Interest & finance charges


Control Objective Adequate monitoring of interest and finance charges
Nature of Work Step Verification / Analysis
Risk Over-payment of interest and finance charges.
Nature of Control Manual / Automated
1. Check whether the charges levied by banks were adequately reviewed and compared with
calculations. Ensure that the short term borrowings are repaid as per schedule with interest
2. Use T-codes SE16N and TPM13/FBL3N to check whether interest was accounted timely.
3. Check whether there are any unutilized funds lying in the bank accounts and the same are not
being transferred to the interest bearing accounts and check whether forward covers are taken
are in line with the company policy or not.

14.IA.5.7 MIS
Control Objective Completeness and accuracy of MIS
Nature of Work Step Verification

153
Audit Checklist

Risk 1. Incomplete MIS.


2. Inaccurate MIS.
Nature of Control Manual
1. Check whether MIS format has been defined.
2. Check compliance with Foreign Exchange Risk Management Policy.
3. Check if the MIS has been prepared correctly with complete details.
4. Check whether any material information has been left out from MIS format.

14.IA.5.8.1 Investment of surplus fund


Control Objective Monitoring of investment
Nature of Work Step Verification
Risk Ineffective utilization of investments.
Nature of Control Manual
1. To ensure that investment records are accurately maintained in investment register & SAP.
2. To ensure that Renewal/ extension/ enhancement of Cash Credit and other credit facilities is
duly authorized.
3. To ensure that short term surplus funds of the company are invested in accordance with the
guidelines
4. Ensure that investments are re-analyzed at periodic intervals to decide whether investments
should still be held or sold off. (On the basis of returns generated and current market scenario).
5. Obtain a list of investments, and check whether there are any overdue investments.
6. In case of matured investment, check whether full amount has been received and accounted
for.

14.IA.5.8.2 Investment of surplus fund


Control Objective Investment in FDRs with proper authorizations
Nature of Work Step Verification
Risk Unauthorized investments in FDRs.
Nature of Control Manual / Automated
1. Check whether investments in FDRs have been made as per investment policy and procedure
approved by the Board read with DPE (Department of Public Enterprises) guidelines.
2. Use T-code TPM13 to obtain list of investments made in FDRs and check whether proper
approval was obtained before making investments.
3. Also perform physical verification of term deposits (FDR)/ bonds / other receipts.
4. Review adequacy of physical controls over receipts/ notes/ bonds.

14.IA.5.8.3 Investment of surplus fund


Control Objective Investment in mutual funds with proper authorizations
Nature of Work Step Verification / Analysis
Risk Unauthorized investments in mutual funds.
Nature of Control Manual / Automated
1. Use T-code TS01 to check whether investments in mutual funds have been made as per
investment policy / DPE guidelines.
2. Check the basis of investment decision in a particular mutual fund.
3. Check whether there are mutual funds providing higher return but not considered by the
Company, obtain reasoning for same.

154
Audit Checklist

14.IA.5.8.4 Investment of surplus fund


Control Objective Interest and dividend receivable
Nature of Work Step Verification / Analysis
Risk Loss of income.
Nature of Control Manual / Automated
1. Whether timely and accurate accounting of income is done.
2. Whether income is received on a timely basis.
3. Review on a sample basis whether the interest received is accurately calculated.
4. Use FBL3N for GL review. Check whether income as well as tax deducted thereon have been
duly accounted in SAP.

14.IA.5.9 Bank guarantees(BGs) and Letter of Credits(LCs)


Control Objective Periodic monitoring of Bank Guarantees and LCs
Nature of Work Step Verification / Analysis
Risk Non-adherence to terms of Bank Guarantees and LCs, and possible legal
action.
Nature of Control Manual / Automated
1. Check that all Bank Guarantees and Letter of Credit(s) are closed within the timeframe defined
or on completion of transaction.
2. Check the rate of BG's and LCs as per the associated contracts.
3. Use T-code TM_60 to check if non-fund limit is tracked so as to ensure effective utilization of
available limits.
4. Check whether the BG's are encashed only by the authorised personnel.

14.IA.5.10 Control over cash


Control Objective Control over cash
Nature of Work Step Verification / Analysis
Risk 1. Inadequate control over cash.
2. Fraudulent use of cash
Nature of Control Manual
1. Evaluate the controls prescribed by management over cash.
2. Check whether adequate cash insurance policy has been taken.
3. Ensure that unnecessary premium for cash policy is not being paid.
4. Check if the Company has lodged refund claim with the insurance company in case it was not
able to utilize the entire policy amount, and if the claim has been filed within reasonable time of
completion of policy period.
5. Check whether cash available on any day exceeds the insured amount.
6. Perform a surprise physical verification of cash and compare with the ledger amount.
7. Review whether process for periodic physical verification of cash exists and implemented. Check
records for same.
8. Review whether cash maintained exceeds prescribed limits.

155
Audit Checklist

14.IA.6 Finance & Accounts – Financial Planning & Analysis


Scope
Audit Areas
1 Budget preparation
2 Measuring the actuals
3 Comparison with the budget
4 Comparison with last year
5 Interim comparisons
6 Control steps taken
7 PR tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower planning

156
Audit Checklist

14.IA.6.1 Budget preparation


Control Objective Adequate budget planning
Nature of Work Step Analysis / Verification
Risk Excess CAPEX and OPEX expenditure.
Nature of Control Automated/ Manual
1. Check that budget was prepared as per the defined timelines.
2. Check that current annual plan along with five year plan is available with the management.
3. Check the basis of budget and analyze its reasonableness and compare the same with previous
years' budget.
4. To check the assumptions and basis used to define the budget.
5. To check whether all the departments have been submitted to budget as per the format and
within the timeframe.
6. To check all documents related to budget and assumptions are available and documented
properly.
7. Use T-code S_ALR_87013558 to check that CAPEX and OPEX have been separately defined in the
budget.
8. Verify periodic review of budget utilization is done.
9. Verify re-appropriation of funds is authorized.
10. Verify whether budgets are fully utilized and non utilisation of budget are monitored and
reported.
11. If, budgets are utilized on pro-rata basis then the same is properly monitored.
12. Verify that timely concurrence is provided by appropriate finance authority for sanction of
expenditure.

14.IA.6.2 Measuring the actuals


Control Objective Ensure the correctness of actual expenses
Nature of Work Step Verification/Analysis
Risk Incorrect accounting of expenditure.
Nature of Control Automated / Manual
1. Use T-code CJI3 to check the actual spending in terms of CAPEX and OPEX.
2. Use T-code KSB5 to check that expenses have been correctly classified as revenue expenses or
capital expenses. Alternatively, GL review for OPEX / review of purchase orders using ME2N can be
done, and detailed review may be done on a sample basis.

157
Audit Checklist

14.IA.6.3 Comparison with the budget


Control Objective Comparing Actual v/s the budget and analyzing the reason for differences
Nature of Work Step Verification/Analysis
Risk Non-adherence to budget.
Nature of Control Automated/ Manual
1. Use T-code S_ALR_87013558 to compare the budgets with actual expenses and analyze the
reason for deviations, if any.
2. Check whether the deviation was avoidable or unavoidable e.g. due to change in government
policy which is an unavoidable deviation.
3. Check the steps taken by management to curb the deviation and its reasonableness. In case of
any new expenditure which is not planned, use T-code CJ31 to check whether proper
authorization from management was taken before incurring the same.
4. Check whether each department is aware of its allocated budgets and is complying with the
same.
5. Check that the budget is communicated to each department on regular intervals and that any
deviation in the budget is communicated on time.
6. Check whether any deviations are duly approved as per DOP.

14.IA.6.4 Comparison with last year


Control Objective Comparing Actual v/s the last year figures and analyzing the reason for
differences.
Nature of Work Step Analysis / Verification
Risk Non-identification of trend of expenditure.
Nature of Control Automated / Manual
1. Use T-code S_ALR_87013545 to check the current year actual figures with last year's figures.c. A
list of parked documents, if any will be displayed.
2. Use T-code S_ALR_87013545 to check current year expenses ratio and compare the same with
last year. Analyze the reasons for major changes.
3. Use T-code S_ALR_87013532 to check whether management is doing cost-benefit analysis
before making CAPEX expenditure.

14.IA.6.5Interim comparisons
Control Objective Comparing actual during a year and revising the budgets.
Nature of Work Step Verification / Analysis
Risk Non-adherence to budget.
Nature of Control Manual/ Automated
1. Use T-code S_ALR_87013557 to check whether management is doing interim comparisons and
revising the budgets if required.
2. Check whether budget revisions are reasonable and in line with companies policies. 3. Check
whether the reports on Austerity Measures as per Govt./Ministry Circular are being published
and put up to higher management on regular interval.

158
Audit Checklist

14.IA.6.6.1 Control steps taken


Control Objective Reasonability of control steps and output achieved with the revision
Nature of Work Step Analysis / Verification
Risk Non-adherence to budget.
Nature of Control Automated / Manual
1. Use T-code S_ALR_87013558 to check the deviation from budget.
2. Check what steps have been taken to control the deviations and also check their
reasonableness.
3. Check the actuals and check whether the management has been able to control the deviations.
4. Check what plans the management has in place in case deviations still exist.

14.IA.6.6.2 Control steps taken


Control Objective SAP control over expenses budget accounting principles
Nature of Work Step Verification
Risk Inability to control excess PR /PO.
Nature of Control Automated
1. Review whether budget is linked with Purchase Requisition / Purchase Order.

14.IA.6.7 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

159
Audit Checklist

14.IA.6.8 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

14.IA.6.9 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

160
Audit Checklist

14.IA.7 Finance & Accounts – JV Operated


Scope
Audit Areas
1 JV contract
2 PSC and JOA compliance
3 Revenue sharing
4 Cash calls
5 Budget preparation
6 Recording of expenses and accounting
7 Insurance
8 Cost allocation

161
Audit Checklist

14.IA.7.1 JV contract
Control Objective Guidelines specified, reasonable conditions.
Nature of Work Step Analysis / Verification
Risk Possibility of legal action against Company.
Nature of Control Manual
1. Check that a contract has been made and all terms and conditions have been clearly specified
and no important condition has been missed.
2. Check whether legal vetting has been done.
3. Check whether any MOU or Joint Bidding Agreement(JBA) has been signed between the partners
before bidding and if so, whether all the conditions have been clearly spelt out.
4. Check that major operating rights are with the company like making calls.
5. Ensure all conditions are reasonable and not adverse to the company.
6. Check whether any time has been specified for which JV has been entered. If yes, then if the
period has exceeded then, any new contract has been entered or not.

14.IA.7.2.1 PSC and JOA compliance


Control Objective To review the compliance of:
a) Production Sharing Contracts (PSC)
b)Joint Operating Agreement (JOA)
and draw out the salient features and conditions that the operator needs
to comply with
c) Any other agreements between partners
Nature of Work Step Analysis
Risk Non compliance to PSC and JOA by the Operator may lead to:
a. Disqualification of JV
b. Heavy penalty/ Liquidated Damages(LD) to JV
c. Cancelation of exploration license by Govt.
Nature of Control Manual
1. Check whether a detail list of compliances under PSC, JOA or any other agreement is available:
Compliance will include following:
a. Requirements of the operating / Management committee
b. Approvals in budgeting process
c. Compliance to reporting to DGH & JV partners
d. Basis of computation of various reporting's to DGH & JV partners
e. Measurement of Petroleum
f. Recovery of cost for Oil and Gas
g. Production sharing of Oil and Gas
h. Valuation of petroleum
i. Assignment of interest
j. Payment of fee to Government
k. Bank Guarantee submission (Basis & Timely submission)
l. Cost allocation basis
m. Approvals thereof
2. Compliance to JOA / PSC accounting procedures
a. Government / License and assistance
b. Certificates and notices
3. Cash call periodicity
4. Submission of bill statement by timeline.
5. Check whether compliance checklist were prepared by process owner, and verify compliances.

162
Audit Checklist

6. Check frequency of operating committee meeting.


7. Compare with the physical documents maintained.

14.IA.7.2.2 PSC and JOA compliance


Control Objective To verify that the management committee and the operating committee
approves/reviews all the joint venture related issues and documents
Nature of Work Step Analysis
Risk Non compliance to internal policies/ Audit Exceptions by Other partners/ Govt
Auditors may lead to disputes
Nature of Control Manual
1. Verify procedure around approval and review of following by Operating and Management
committee:
a. Minimum work program
b. Annual budget
c. Revision of budget
d. Authorization for Financial Expenditure (AFE)/ Authorized Expenditure Request
e. Progress of the work
f. Cash call
g. Costing basis
h. Preparation & Circulation of MIS.

14.IA.7.2.3 PSC and JOA compliance


Control Objective To verify whether the operator functions in a good operational and financial
probity.
Nature of Work Step Analysis and Verification
Risk Inadequate financial and operation probity may lead to financial
misstatement.
Nature of Control Manual
1. Review the following:
a. Recoverability of debts
b. Movement of Inventory
c. Working capital management
d. Funds management
e. Procedure for cash calls
f. Analysis of cash calls as against approved work program
g. Escrow account maintained for the work program (if applicable)
h. Deployment of cash call received
i. Application of time writing rates
j. Time writing and allocation policies, rates, revision of rates and time writing of other Non JV
activities and their allocation if any
k. Procedures for monthly accounts closure.
l. Contracts and materials
m. Procedure for arriving at the Value of Work Done
n. Well cost reconciliation, if wells drilled
o. Payment of duties, taxes, cess and other statutory payments on time
p. Engineering, Procurement, Installation and Commissioning reconciliation
q. Structuring of contracts
r. Application of contractual rates in invoice payments
s. Commitment reporting

163
Audit Checklist

t. Replies to DGH, Government audits and other Audits including CAG21 accounting structure.

2. Prepare a detailed process flow on each of the above and examine the compliance to the SOP, if
in existence.
3. In cases of control weakness observed, report the issues with its perceived impact on the cost
recovery and its financial / operational impact.
4. Verify whether the management has an established internal control structure and a procedure
for financial reporting.
5. Document and report in cases of anomalies observed.

14.IA.7.3.1 Revenue sharing


Control Objective Sharing revenue and costs
Nature of Work Step Verification
Risk Non-realization of potential revenue
Nature of Control Automated / Manual
1. Use T-code GJ_GD13 to ensure that all revenue is shared according to the contract.
2. Use T-codes GJ98 and GJ95 to check that costs are also being shared in agreed ratio.
3. Ensure that all expenditure are supported with adequate evidence or supporting. Use T-code
CV04 to generate list and CV03N to display individual document.
4. Look for any non compliance in any terms of Joint Operating Agreement (JOA) / Project Sharing
Contract (PSC).

14.IA.7.4 Cash Calls


Control Objective Control on making calls, instant reminders and time limit for receiving calls
Nature of Work Step Verification / Analysis
Risk Delay in operations.
Nature of Control Manual/ Automated
1. Use T-codes GJ01, GJ02, GJ05 and GJ06 to check the controls available for making calls on time
and its treatment.
2. Check whether any reminder is available or the process of tracking the due calls.
3. Use T-codes GJ01, GJ02, GJ05 and GJ06 to check records for any default made by the JV partner
in paying the cash calls.
4. Use T-code GJRCN to check the reconciliation sheet and verify it is updated regularly and kept
up to date.

14.IA.7.5 Budget preparation


Control Objective Making budgets, incurring expenses on basis of budgets, opening expense
heads
Nature of Work Step Verification / Analysis
Risk Unbudgeted expenses leading to cost overruns.
Nature of Control Manual/ Automated
1. Use T-code CJ03 / CJ31 to check that budget is available before starting any project.
2. Use T-code CJ03 / CJ31 to ensure all expenses incurred are in confirmation with the budget
prepared and are pre-planned.
3. Check that control is available which restricts any new expense to be booked which is not
defined in the budget.
4. Use T-code CJ03 / CJ31 to check that any deviation from the budget is highlighted and recorded.

164
Audit Checklist

14.IA.7.6.1 Recording of expenses and accounting


Control Objective Separate accounting, ensuring accuracy
Nature of Work Step Verification
Risk Non-realization of potential revenue/ incorrect accounting leading to future
disputes.
Nature of Control Manual/ Automated
1. Use T-code GJ_GD13 / GD20 to check if separate accounting and financial books are maintained
for joint ventures as per the Accounting Procedure of PSC and JOA.
2. Use T-codes CJ03 / CJ31 to ensure that each expense recorded relates to the current year only.
3. To obtain line items wise JVA and JV billing totals and verify the accounting documents posted in
the SAP system and check that all costs are appropriately accounted for.
4. To make a review of the financial statements for accuracy and appropriateness especially with
regard to the items not cost recoverable, payment of duties (if any) Forex gains/losses,
acquisition of assets/ Main Office Overhead/ PCO and other charges and their applicability.

14.IA.7.6.2 Recording of expenses and accounting


Control Objective FOREX revaluations
Nature of Work Step Verification
Risk Inaccurate valuation of forex may lead to financial mis-statement.
Nature of Control Manual
1. Check whether periodic FOREX revaluation of liabilities and assets activity is carried out and the
rates used are as specified in the JOA.
2. Obtain list of assets and liabilities for which Forex revaluation has been done.
3. Verify whether the rates have been charged appropriately or not.
4. Also review in line with Accounting Standard 11 (ICAI).

14.IA.7.7 Insurance
Control Objective Insurance Coverage
Nature of Work Step Verification
Risk Inadequate insurance coverage.
Nature of Control Automated / Manual
1. Check the insurance chapter of PSC and list out the requirements. Ensure compliance of the
same.

14.IA.7.8 Cost Allocation


Control Objective Correct cost allocation, inability to achieve MWP
Nature of Work Step Analysis / Verification
Risk 1. Over / under statement of expenditure.
2. Risk of under cost recovery
Nature of Control Automated / Manual
1. Review whether cost allocation has been done as per the PSC.
2. Review whether basis of allocation and working thereof is available.
3. Obtain GJ_GD20 for line items wise JVA and JV billing totals with the accounting document
number.
4. Verify the accounting documents posted in the system and check that all costs are appropriately
accounted for.
5. Compare it with the monthly Joint Interest Billings and with the DGH correspondence.
6. Document and report on anomalies observed in reporting and compliance.
7. Check appropriate cost recovery / depreciation made in ledger.

165
Audit Checklist

14.IA.8 Finance & Accounts – JV Non Operated


Scope
Audit Areas
1 JV contract
2 PSC and JOA compliance
3 Revenue sharing
4 Periodic audit
5 Budget preparation
6 Recording of expenses and accounting
7 Agreement terms

166
Audit Checklist

14.IA.8.1 JV contract
Control Objective Guidelines specified, reasonable conditions.
Nature of Work Step Analysis / Verification
Risk Possibility of legal action against Company.
Nature of Control Manual
1. Check that a contract has been made and all terms and conditions have been clearly specified
and no important condition has been missed.
2. Check whether any MOU or Joint Bidding Agreement(JBA) has been signed between the partners
before bidding and if so, whether all the conditions have been clearly spelt out.
3. Ensure all conditions are reasonable and not adverse to the company.
4. Check whether any time has been specified for which JV has been entered. If yes, then if the
period has exceeded then, any new contract has been entered or not.

14.IA.8.2.1 PSC and JOA compliance


Control Objective To review the compliance of:
a) Production Sharing Contracts (PSC)
b)Joint Operating Agreement (JOA)
and draw out the salient features and conditions that the operator needs to
comply with
c) Any other agreements between Operator and other partners including any
Farm-in/ Farm-out agreements effecting OIL
Nature of Work Step Verification/Analysis
Risk Non compliance to PSC and JOA by the Operator may lead to:
a. Dis qualification of JV
b. Heavy penalty/ Liquidated Damages(LD) to JV
c. Cancelation of exploration license by Govt.
Nature of Control Manual
1. Prepare detail list of compliances under PSC, JOA or any other agreement:
Compliance of if they will include following:
a. Requirements of the operating / Management committee
b. Approvals in budgeting process
c. Compliance to reporting to DGH & JV partners
d. Basis of computation of various reporting's to DGH & JV partners
e. Measurement of Petroleum
f. Recovery of cost for Oil and Gas
g. Production sharing of Oil and Gas
h. Valuation of petroleum
i. Assignment of interest
j. Payment of fee to Government
k. Bank Guarantee submission (Basis & Timely submission)
l. Cost allocation basis
m. Approvals thereof
2. Compliance to JOA / PSC accounting procedures
a. Government / License and assistance
b. Certificates and notices
3. Obtain details of the Joint Operating Agreements
4. Compare with the physical documents maintained.
5. Document and report on anomalies observed in reporting and compliance.

167
Audit Checklist

14.IA.8.2.2 PSC and JOA compliance


Control Objective To verify whether the operator functions in a good operational and financial
probity.
Nature of Work Step Analysis and Verification
Risk Inadequate financial and operation probity may lead to financial
misstatement.
Nature of Control Manual
1. Review the following:
a. Recoverability of debts
b. Movement of Inventory
c. Working capital management
d. Funds management
e. Procedure for cash calls
f. Analysis of cash calls as against approved work program
g. Escrow account maintained for the work program (if applicable)
h. Deployment of cash call received
i. Application of time writing rates
j. Time writing and allocation policies, rates, revision of rates and time writing of other Non JV
activities and their allocation if any
k. Procedures for monthly accounts closure.
l. Contracts and materials
m. Procedure for arriving at the Value of Work Done
n. Well cost reconciliation, if wells drilled
o. Payment of duties, taxes, cess and other statutory payments on time
p. Engineering, Procurement, Installation and Commissioning reconciliation
q. Structuring of contracts
r. Application of contractual rates in invoice payments
s. Commitment reporting
2. Replies to DGH, Government audits and other Audits including CAG21 accounting structure
3. Prepare a detailed process flow on each of the above and examine the compliance to the SOP, if
in existence.
4. In cases of control weakness observed, report the issues with its perceived impact on the cost
recovery and its financial / operational impact.
5. Verify whether the management has an established internal control structure and a procedure
for financial reporting.
6. Document and report in cases of anomalies observed.

14.IA.8.3.1 Revenue sharing


Control Objective Sharing revenue and costs
Nature of Work Step Verification
Risk Non-realization of potential revenue
Nature of Control Automated / Manual
1. Check that the invoice is being raised by the operator correctly. Ensure that all revenue is shared
according to the contract.
2. Check that costs are also being shared in agreed ratio.
3. Ensure that all expenditure are supported with adequate evidence or supporting.
4. Look for any non compliance in any terms of Joint Operating Agreement (JOA) / Project Sharing
Contract (PSC).
5. Check whether the payment is being made timely and accurately.

168
Audit Checklist

14.IA.8.3.2 Revenue Sharing


Control Objective To verify that the cash calls made by the operator are duly supported and the
amounts advanced are compared at the end of the year
Nature of Work Step Verification
Risk Excess payment/ short recovery of expenses
Nature of Control Manual/ Automated
1. Obtain the cash calls raised in the JV and cash calls which are settled against the bank receipts
documents.
2. Verify the amounts for which the cash calls were raised.
3. Verify that all supporting documents are appropriately maintained.
4. Verify whether previous cash call is reconciled prior to release of next cash call.
5. Document and report on anomalies observed in reporting and compliance

14.IA.8.4 Periodic audit


Control Objective Deciding time for audits, documenting audit results
Nature of Work Step Verification
Risk Inability to track operations of operator.
Nature of Control Manual/ Automated
1. Use T-codes GJJ1 and GJJ2 to check whether periodic audits are being conducted.
2. Use T-codes GJJ1 and GJJ2 to check whether audit results have been documented and discussed
with the JV partner.
3. Use T-codes GJ05 and GJ06 to ensure calls are being made as per the contract made earlier.
4. Use T-codes GJ_GD13 to check the reconciliation sheet and verify it is updated regularly and
kept up to date.

14.IA.8.5 Budget preparation


Control Objective Making budgets, incurring expenses on basis of budgets, opening expense
heads
Nature of Work Step Verification / Analysis
Risk Unbudgeted expenses leading to cost overruns.
Nature of Control Manual/ Automated
1. Use T-code CJ03 / CJ31 to check that budget is available before starting any project.
2. Use T-code CJ03 / CJ31 to ensure all expenses incurred are in confirmation with the budget
prepared and are pre-planned.
3. Check that control is available which restricts any new expense to be booked which is not
defined in the budget.
4. Use T-code CJ03 / CJ31 to check that any deviation from the budget is highlighted and recorded.

169
Audit Checklist

14.IA.8.6.1 Recording of expenses and accounting


Control Objective Separate accounting, ensuring accuracy
Nature of Work Step Verification
Risk Non-realization of potential revenue/ incorrect accounting leading to future
disputes.
Nature of Control Manual/ Automated
1. Use T-code GJ_GD13 / GD20 to check if separate accounting and financial books are maintained
for joint ventures as per the Accounting Procedure of PSC and JOA.
2. Use T-codes CJ03 / CJ31 to ensure that each expense recorded relates to the current year only.
3. To obtain line items wise JVA and JV billing totals and verify the accounting documents posted in
the SAP system and check that all costs are appropriately accounted for.
4. To make a review of the financial statements for accuracy and appropriateness especially with
regard to the items not cost recoverable, payment of duties (if any) Forex gains/losses,
acquisition of assets/ Main Office Overhead/ PCO and other charges and their applicability.

14.IA.8.6.2 Recording of expenses and accounting


Control Objective To verify that the financial statements of the Joint Venture have been audited
regularly by the audit firm defined in the PSC/JOA.
Nature of Work Step Verification
Risk Risk of misstatement in financial statements
Nature of Control Manual
1. Obtain process of appointment of auditor and whether the same has been followed.
2. Take audited reports and check the same with PSC and JOA figures

14.IA.8.6.3 Recording of expenses and accounting


Control Objective To verify whether the operator has obtained adequate Insurance coverage.
Nature of Work Step Verification
Risk Inadequate cover against risk for assets
Nature of Control Manual
1. Check the Insurance chapter of the PSC and detail out the requirements to be met by the
operator.
2. Check item by item compliance for the insurance coverage and report on the under / over / co/
non insurance.

14.IA.8.7 Agreement terms


Control Objective Conditions mentioned in Agreement terms.
Nature of Work Step Analysis / Verification
Risk Inability to track operations of operator.
Nature of Control Automated / Manual
1. Use T-code GJFARM_0 to check if farm-in and farm-out agreement is followed.
2. Use T-codes CV03N and GJT6 to check whether expenses have been annexed with adequate
supporting.
3. Ensure that the Company has not lost all control over non-operating blocks.

170
Audit Checklist

14.IA.9 Finance & Accounts – Financial Reporting


Scope
Audit Areas
1 Adherence to laid down procedures
2 Intermediary account balances
3 JV/NELP accounting
4 Access rights
5 Non routine activities
6 Report and ledger review

171
Audit Checklist

14.IA.9.1 Adherence to laid procedures


Control Objective Adherence to laid down procedures
Nature of Work Step Verification
Risk Incorrect financial statements.
Nature of Control Manual
1. Whether process of financial closing and reporting has been documented and periodically
updated.
2. Review the process for financial closing in line with documented procedures.
3. Note down any delays in complying with schedule and check the reasons for the same.

14.IA.9.2.1 Intermediary account balances


Control Objective All transitory IUT heads (Account heads) are nullified
Nature of Work Step Verification/Analysis
Risk Inaccurate accounting of treatment may lead to financial misstatement.
Nature of Control Manual
1. Execute transaction code FS10N
a. Select GL codes of all IUT accounts.
b. Execute the report.
2. Check whether any account shows a balance. In case there is a balance, then the same needs to
be nullified before account closures.

14.IA.9.2.2 Intermediary account balances


Control Objective To verify whether balances in the Clearing accounts are cleared on a timely
basis.
Nature of Work Step Verification/Analysis
Risk Non clearing of balances from clearing accounts may lead to inaccurate
financial reporting.
Nature of Control Automated/ Manual
1. Obtain the GL Account (Open Item Managed Accounts) balances for clearing account from
system using transaction code: S_ALR_87012277 or F.08
a. Enter Chart of Account
b. Enter Company Code
c. Enter GL Accounts
d. Enter Fiscal Year
e. Enter Reporting period
f. Select Field status group from Dynamic selection and select the relevant clearing field status
variant. Check whether trainer’s past feedbacks are considered before reappointment of any
trainer.
2. Verify whether the balances in such clearing accounts are cleared on a timely basis.
3. Obtain reasons for abnormalities, if any, and report the same.
4. In case of GR/IR & SR/IR, check whether MR11 is executed and balances are transferred to the
respective accounts.

172
Audit Checklist

14.IA.9.2.3 Intermediary account balances


Control Objective To verify whether access right for period opening and closing in SAP are
available with only authorized person
Nature of Work Step Analysis
Risk Incorporating unaudited JV/NELP figures in financials may lead to qualified
audit report.
Nature of Control Automated
1. Use transaction code FBV3 to check parked documents.
a. Enter Company code
b. Enter Fiscal YearCheck whether all the mandatory/ statutory trainings as per the MOU
guidelines are scheduled and conducted.
2. c. A list of parked documents, if any will be displayed.
3. Check whether all documents appearing as parked are deleted or posted before closing of
accounts for respective quarters.
4. Obtain reasons for abnormalities, if any, and report the same.

14.IA.9.3 JV/NELP accounting


Control Objective To ensure appropriate cost of the trainings
Nature of Work Step Verification
Risk Inappropriate cost of training.
Nature of Control Manual/ Automated
1. Take the access control list for user group in corporate accounts and check whether
authorization for the same has been given to head as per BDP.Check whether the expenses
incurred by the department are in adherence to the documented company policy. Use T-Code
MIR4, FBL3N.

14.IA.9.4 Access rights


Control Objective To verify whether access right for period opening and closing in SAP are
available with only authorized person
Nature of Work Step Analysis
Risk Lack of control over period opening and closing module may result in
misappropriation of financials.
Nature of Control Automated
1. Take the access control list for user group in corporate accounts and check whether
authorization for the same has been given to head as per BDP.Check whether approvals for PRs,
issue of spares/materials and conducting jobs are taken as per DOP.

173
Audit Checklist

14.IA.9.5 Non routine activities


Control Objective Appropriate accounting treatment is specified for each non-routine event,
transaction, and account balance, including those requiring the use of
accounting estimates and judgment in the selection and application of
accounting principles
Nature of Work Step Verification/Analysis
Risk Incorrect financial statements
Nature of Control Manual/ Automated
1. Understand the procedures relating to accounting treatment for classes of transactions and
account balances that
a. contain estimates,
b. are non routine events
c. transactions that require application of judgment
d. Communication of such information to responsible parties.Check whether service entry
in SAP is made by EIC on a timely basis.
2. Understand the policies and procedures for computing estimates, including the framework for
applying judgment, and the communication of such information to responsible parties on a
regular basis.
3. Interview individuals who prepare and update information about classes of transactions and
account balances that contain estimates or that require judgment and those responsible for the
establishing and documenting timeframes and appropriate methods for computing estimates,
including the framework for applying judgment. Ask them to describe the following:
a. the steps involved,
b. reports and other information used, including how they are used,
c. the procedures performed when exceptions, misstatements, or unusual items are
encountered,
d. how the control activity is performed in their absence, and
e. any changes to the control activity during the period of intended reliance, including
changes in the individuals who perform the activity.

14.IA.9.6 Report and ledger review


Control Objective Periodic review of SAP generated reports
Nature of Work Step Verification
Risk Incorrect financial statements.
Nature of Control Automated
1. Review the following reports for year end and month end activities:
a. S_ALR_87012277 - GL Account Balances
b. F.17 - Review of GRIR balances
c. AR01 - Asset Register
d. FB03 - Review of Parked documents.
e. FBL3N/ FF67 - Bank Reconciliation reports
f. S_P99_41000192 - Posted Depreciation
g. S_ALR_87012349 - Outstanding Checks Analysis per GL and VendorAccount.
h. J1INMIS - TDS reporting.
i. MB5B/MC.9 - Material and Stock Account Reconciliations.
j. OB52/MMPV - Period Closing in SAP
k. FAGL_FC_VAL - Foreign Currency Revaluation
l. Crude oil levels and its rate of depletion.

174
Audit Checklist

14.IA.10 Finance & Accounts – Payroll


Scope
Audit Areas
1 Payroll policies
2 Processing and disbursement of salaries
3 Reimbursement claims
4 Retirement benefits

175
Audit Checklist

14.IA.10.1 Payroll Policies


Control Objective To avoid unauthorized activities
Nature of Work Step Verification
Risk Unauthorized payroll.
Nature of Control Manual
1. Check whether all policies are approved from competent authority as per Delegation of Power
(DOP).
2. Check whether revisions to the policies (if any) are approved from competent authority as per
Delegation of Power (DOP).
3. Check the compliance to the policies w.r.t to remuneration and compensation of the employees.

14.IA.10.2.1 Processing and disbursement of salaries


Control Objective Ensure controls for salary processing, accounting in books and timely
disbursements
Nature of Work Step Verification/Analysis
Risk Incorrect/ delayed payment of salary.
Nature of Control Manual / Automated
1. Review whether salary was processed as per defined timeline. PC00_M40_KTO.
2. Perform salary reconciliation for sample employees of consecutive months, and check whether
there are variances in salary. T-code: PC00_M99_CWTR / PCOO_M40_CEDT.
3. Use T-code PC00_M99_CWTR to check the accounting treatment of salary, unpaid salary and
bonus accounts etc.
4. Review whether the advice sent to Bank is encrypted. (To ensure there are no variations possible
afterwards)
5. Check if final salary voucher and disbursement is approved as per DOA.
6. Use T-codes PC00_M40_LJN and PC00_M99_CWTR to check if accurate deductions on account of
TDS, loans, advances etc. are made from the salary which is verified by Finance for accuracy.
(Check detailed calculations on a sample basis).
7. Ensure on a sample basis whether original documents are available for reimbursements.
8. Use T-codes PC00_M99_CIPC and PC00_M40_LJN to check the calculation of last month salary for
outgoing employees for accuracy.
9. Use T-codes PC00_M99_CWTR to ensure notice pay has been recovered if a person leaves without
serving the notice period.
10. Use T-codes PT50 and PT_QTA10 to check any negative balance of leave to be deducted from
salary.
11. Use T-code PC_PAYRESULT to check if all assets issued to the employee have been taken back and
then only full and final sheet has been prepared. Use T-code PC_PAYRESULT to check the full and
final statements and ensure that they are completed in reasonable time.

176
Audit Checklist

14.IA.10.2.2 Claims processing and follow-up


Control Objective Compliances to various HR laws
Nature of Work Step Transaction
Risk Initiation of penal actions by Governing authorities.
Nature of Control Automated/ Manual
1. Obtain a list of latest applicable regulations in respect to employee welfare & security
a. PF Laws
b. Income Tax Laws TDS provisions.
c. Payment of Bonus Act
d.Payment of Gratuity Act
e.Other relevant laws.
2. Verify whether compliances to same have been done.

14.IA.10.3 Reimbursement claims


Control Objective Ensure controls for processing of reimbursement claims and timely
disbursements
Nature of Work Step Verification
Risk Incorrect/ delayed reimbursement.
Nature of Control Manual
1. Obtain a list of reimbursements made during the review period using T-Code: PC00_M40_REMP.
2. Obtain the Company policy for employee reimbursement.
3. For a sample, check whether re-imbursements are made as per policy and approved as per DOA.

14.IA.10.4 Retirement benefits


Control Objective Calculation of retirement benefits, eligibility.
Nature of Work Step Analysis / Verification
Risk Incorrect payment of retirement benefits.
Nature of Control Manual/ Automated
1. Use T-codes PA20 and PC_PAYRESULT to check the calculation of deduction on account of
retirement benefits from employees on sample basis
2. Use T-codes PA20, PC_PAYRESULT, PC00_M99_CWTR to check the eligibility of retirement
benefits to employee availing the same.
3. Use T-codes PC00_M40_PFE and PC00_M99_CWTR to check if the deductions made are
deposited with appropriate authorities on timely basis (EPF, Superannuation etc.).
4. Use T-code PC00_M99_CWTR, PA20 to check the accounting of retirement benefits.
5. Use T-code PC_PAYRESULT to check the full and final statements and ensure it is completed in
reasonable time.

177
Audit Checklist

14.IA.11 Finance & Accounts – Receivables


Scope
Audit Areas
1 Matching sales orders
2 Price master
3 Posting to receivables
4 Monitoring of receivables
5 Debit/ Credit notes
6 Legal case initiation

178
Audit Checklist

14.IA.11.1 Master creation


Control Objective Responsibility of person creating master, updation of master and party codes
Nature of Work Step Verification / Analysis
Risk Unauthorized creation of customers in master.
Nature of Control Manual / Automated
1. Use T-code SUIM to check the list of persons authorized to create the Customer Master.
2. To check if a maker-checker control is in place before creation of the master to avoid duplicate
codes.
3. Use S_ALR_87012179 to obtain list of customer master. Check for:
a. Duplicate vendors.
b. Incomplete details / incorrect details
c. Inactive customers / blacklisted customers.
4. To check whether customer master changes are authorized, check authorization for
VD02/FD02/FBL6. Verify that changes in the master approved as per DOP. Also verify the reason
for any change in Customer Master.

14.IA.11.2 Matching sales orders


Control Objective Terms of sales orders, party purchase orders, rate comparison
Nature of Work Step Verification/Analysis
Risk Incorrect billing to customers.
Nature of Control Manual
1. Use T-codes VF25, VF05 and V.21 to ensure that every sales order is backed by an authorized
contract/ MOU.
2. Use T-codes FBL3N and VF05 to match invoice terms, rates and quantities against contracts.
3. Check whether any payments are being made against expired contracts.

14.IA.11.3 Price Master


Control Objective Updating of price master and invoice booking
Nature of Work Step Verification
Risk Incorrect billing to customers.
Nature of Control Automated/ Manual
1. Use T-codes V/I6, and V/LC to check if the Price Master is updated regularly.
2. Use T-codes V/I6, V/LC, and V/LD to obtain the list of declared prices (as agreed upon based on
the MOU) from time to time and ensure that no bill is raised with incorrect price.

14.IA.11.4 Posting to receivables


Control Objective Booking receivables and posting collections
Nature of Work Step Analysis / Verification
Risk Delay in accounting of revenue received leading to incorrect picture of
financial health.
Nature of Control Automated / Manual
1. Use T-codes VF25, VF05, VF05N and V.21 to check if all invoices are raised on the basis of the
dispatch advise / delivery sheet.
2. Use T-codes FBL3N and VF05 to check whether money received is applied against invoices and
reconciled periodically.
3. Check the reconciliation sheet with bank for any miscellaneous payment received. Check
whether reconciliation sheet is made and updated regularly.
4. Use T-code FBL3N to ensure that post-dated cheques are entered in system only on actual
deposit of cheques in the bank and if a separate file is maintained for keeping track of post-

179
Audit Checklist

dated cheques.
5. Check if debtor aging is available with the department responsible for collection. Perform
separate aging analysis and compare with againg analysis prepared by Finance team.
6. Use T-code FBL5N to check for overdue balances and check for case-wise responses.
7. In case of major customers, take balance confirmations.
8. Use T-codes FBL5N, FBL6N, VF05 and V.21 to check for controls present in SAP to track invoices
that are pending to be received.

14.IA.11.5.1 Monitoring of receivables


Control Objective Monitoring of receivables, balance confirmation and write-offs
Nature of Work Step Verification
Risk Delay in collection of dues leading to lack of working capital.
Nature of Control Manual/ Automated
1. Check if ageing of receivables is performed on regular basis and reviewed by the management.
2. Check if adequate follow-up procedures to recover old dues are established.
3. Use T-code FBL3N to check if provision for doubtful recoveries has been made in line with DOP.
4. Check if all write-offs are approved as per DOP.
5. Use T-code FBL5N to check if balances are confirmed with all parties on regular basis.
6. Use T-codes FBL3N and FBL5N to check if reconciliation of differences noted in balance
confirmation is available.

14.IA.11.5.1 Monitoring of receivables


Control Objective Ensuring subsidy is collected as per the agreement
Nature of Work Step Analysis / Verification
Risk Under recovery.
Nature of Control Manual
1. In case of subsidized sales, review whether same has been billed to and received from
respective Government agencies.

14.IA.11.6 Debit/ Credit notes


Control Objective Ensuring adequacy of DR/CR notes raised
Nature of Work Step Analysis / Verification
Risk Delay in collection of dues leading to lack of working capital.
Nature of Control Automated / Manual
1. Use T-codes VFRB and CV03N to check if all debit/ credit notes are backed by adequate
supporting, and are approved as per DOA.
2. Check if customer acknowledgement/ acceptance is obtained for all DR/CR notes raised to
customers.
3. Use T-code FBL5N to check if all interest/ dues/ charges have been levied as per the contracts
with the customers.
4. Review manually whether all charges leviable under the sales contract have been levied.

180
Audit Checklist

14.IA.11.7 Legal case initiation


Control Objective Initiation of legal cases
Nature of Work Step Analysis / Verification
Risk Non-recovery of dues due to dispute with customer.
Nature of Control Manual
1. Check the long-pending dues and the procedure followed by the department to recover the
same.
2. Check for any legal cases initiated by the department over non-recovery of payable amount by a
customer.
3. Check if the issue is taken up with the adequate forum and government authorities to ensure
recovery of old dues.

181
Audit Checklist

14.IA.12 Finance & Accounts – Insurance


Scope
Audit Areas
1 Insurance cover
2 Claims processing and follow-up
3 Pending claims
4 Accounting treatment

182
Audit Checklist

14.IA.12.1.1 Insurance Cover


Control Objective Adequate insurance coverage
Nature of Work Step Verification
Risk Occurrence of event which was not covered leading to financial loss.
Nature of Control Manual
1. Check process which management undertakes to identify and assess risks.
2. Review the risks identified by divisions and determine whether all risks have been identified.
3. Review the operational and financial impact of each risk and determine whether action plans to
manage risks are appropriate.
4. AR10 for list of insurance / and obtain manual list for assets and employees.

14.IA.12.1.2 Insurance Cover


Control Objective Timely identification of claims
Nature of Work Step Verification/Analysis
Risk Delays in claims.
Nature of Control Manual
1. Check if officers responsible for risk management are identified. Review the procedures for
managing risk in terms of:
a. identification of potential claims (and future projections)
b. purchase of appropriate coverage
c. other action programs instituted to decrease losses/risk
d. review of uninsured risks (and exposure to potential claims and deductions)
e. approval of the risk management policies and procedures manual.
2. Review strategies used to manage risks:
a. Avoid (i.e. other alternatives)
b. Accept (i.e. after they are minimized)
c. Diversify (i.e. other business activities)
d. Share/transfer (i.e. through contracts such as insurance and joint venture partners).

14.IA.12.2 Claims processing and follow-up


Control Objective 1. All claims are timely reported and re-imbursed by the insurers
2. All policies and procedures have been adhered to.
Nature of Work Step Verification/Analysis
Risk Delays in claims.
Nature of Control Automated/ Manual
1. Conduct a walk-through of claims processing process and supporting documents to understand
how the claims are reported.
2. Use T-code WTYSE to get the list of claims under processing. Select sample of claims and use T-
code WTYSE and enter claim number to verify:
a. Timeliness of the claims filing
b. If any incident which could possibly give rise to a claim has been immediately reported to
the insurer with a copy to the insurance broker
c. Any loss by theft and/or willful or malicious damage was immediately reported to the
nearest police station
d. Whether compliance has been made with the relevant claims procedure specified to the
class of insurance for which the claim applies to.
3. Check whether the appropriate claim form has been completed and submitted to the Insurer
with the supporting documents without delay with a copy to the insurance broker.

183
Audit Checklist

14.IA.12.3 Pending claims


Control Objective Timely monitoring of pending claims
Nature of Work Step Verification
Risk Delays in settlements due to inadequate follow-ups.
Nature of Control Automated / Manual
1. Use T-code WTYSE to get the list of claims under processing. Check the list of claims pending due
to reason of non receipt of report from surveyor.
2. Check the list of claims pending with insurance company.
3. Ensure in case of delay from supplier's side adequate steps have been taken.

14.IA.12.4 JV/NELP accounting


Control Objective Correct Accounting treatment for received and pending claims
Nature of Work Step Analysis / Verification
Risk Incorrect accounting.
Nature of Control Manual/ Automated
1. Ensure correct accounting treatment for pending claims.
2. Check for treatment of premium. Check premium has been differentiated into current year
premium and prepaid insurance.
3. Check correct head has been credited or reduced from the asset value in case money is received
from insurance company.
4. Check insurance GL using FBL3N, and verify on a sample basis that insurance postings are done
appropriately

184
Audit Checklist

15. Geology & Reservoir – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Exploration & Development
3 Operations
4 Reservoir
5 Reserve appraisal
6 PR tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower planning

185
Audit Checklist

15.IA.1 Planning, budgeting & monitoring


Control Objectives Adequate planning and approvals, effective tracking of annual
plan, compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated / Manual
1. Check whether the annual plan of G&R department is complete and all-inclusive to cover the
requirements of all the activities that come under its purview.
2. In version management check the changes done in the budget.
3. Check for appropriate approval as per DOP for the budget and subsequent changes.
4. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
5. Check the timelines for preparation and approval of budget.
6. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

15.IA.2PR tracking
Control Objectives Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out
situations / operational delays
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

186
Audit Checklist

16. Geophysics – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Interpretation

3 Planning and execution of seismic and related data


acquisition
4 Environment, health and safety compliance
5 Instruments management and maintenance
6 Buy vis a vis hiring of instruments / equipment
7 Seismic data processing and archival of data
8 Technical upgradation
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

187
Audit Checklist

16.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Adequate planning and approvals, effective tracking of annual plan, compliance to
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments.
b. Inclusive of all the related costs
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

16.IA.2 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

188
Audit Checklist

17. Human Resources


Scope
Audit Areas
1 HR Payroll Policies
2 Employee master maintenance
3 Leave and attendance records
4 Payroll-Processing and Disbursement
5 Statutory compliance
6 Hospitality services
7 Manpower planning
8 Attrition rate analysis
9 Budgeting
10 PR tracking
11 Training employees
12 Performance evaluation and feedback
13 Setting goals
14 Motivating employees
15 Education policy
16 Raising requisitions
17 Mode of recruitment
18 Recruitment notice
19 Evaluation process
20 Finalization of selection and pre joining formalities
21 Contract employees
22 Joining process
23 Recruitment expenses
24 Appraisal policy and process
25 Appraisal process
26 Eligibility and approvals
27 Recent promotions
28 Employee interaction and communication
29 SAP Change Management
30 Grievance management system
31 Leave policy
32 Travel policy
33 Insurance policy
34 Job rotation and transfer
35 Resignations
36 Clearance procedures
37 Voluntary retirement scheme
38 Exit interview
39 Full and final payments (F&F)

189
Audit Checklist

40 Policies
41 Appointment of consultant
42 Legal/Vigilance
43 RTI cases

190
Audit Checklist

17.IA.1 HR payroll policies


Control Objective To avoid unauthorized activities and transactions unfavorable to the
organization
Nature of Work Step Analysis / Verification
Risk Unauthorized activities
Nature of Control Automated/Manual
1. Check whether HR policies are approved from competent authority as per Delegation of Power
(DOP).
2. Check whether revisions to HR policies (if any) are approved from competent authority as per
Delegation of Power (DOP).
3. Check the compliance to the HR policies w.r.t to remuneration and compensation of the
employees.
4. Check whether all HR policies are maintained in a central respositary accessible to all employees.
5. Check whether any change in HR policies is updated and uploaded in intranet and mail
intimation is circulated to the employees timely.

17.IA.2 Employee master maintenance


Control Objective To ensure correct updation of employee master for accurate processing of
transactions
Nature of Work Step Verification
Risk Access to unauthorized employees.
Nature of Control Automated / Manual
1. Check if the access to add or modify the employee master is restricted to authorized persons only.
TheT - code reference for reports /verification is S_AHR_61003750/S_AHR_61003751 to get the
access right details and map it with the employee’s role.
2. Check whether all the changes in the audit period are duly authorized as per the defined policy and
DOP.
3. Check whether audit logs are maintained and reviewed for the changes to employee masters. The
T-code reference for reports/verification is S_AHR_61016380.

17.IA.3 Statutory compliance


Control Objective To ensure timely and accurate compliance to all statutory requirements.
Nature of Work Step Verification
Risk Non compliance with statutory requirements.
Nature of Control Manual
1. Check whether any checklist for tracking and ensuring the compliance to all statutory
requirements is maintained.
2. To check if the department is ensuring the compliance to all statutory requirements. E.g.
a. PF
b. ESI
c. Gratuity
d. Other labor laws.

191
Audit Checklist

17.IA.4 Hospitality services


Control Objective Fair allocation
Nature of Work Step Verification
Risk Employee dissatisfaction.
Nature of Control Manual
1. Check existence of a competent system exists, to ensure recording of all guest house
requisitions. Review appropriateness of basis of allocation. Check whether the system is
designed to record all requests on first-cum-first basis.
2. Check whether the allocation is done as per the policy and on first-cum-first-served basis. Ensure
that approval is taken for the same as per DOP.
3. Check whether recovery for the guest house is done as per the rates defined in policy. Check
whether the amounts collected are timely submitted to Finance.
4. Check whether there exists a process of grievance management pertaining to hospitality
services. Check what is the action taken to address the same.

17.IA.5 Leave and attendance records


Control Objective To ensure timely and accurate updation of leave and attendance records
Nature of Work Step Analysis / Verification
Risk Non updation of attendance records.
Nature of Control Automated / Manual
1. Review the attendance monitoring process and ensure that office timings are communicated to
all employees and correctly mapped in the attendance recording system. Use T-Code PT65 and
enter the employee code to extract the attendance details rom the system and map it to the
attendance records sent for payroll processing.
2. Check if the attendance is duly recorded and monitored. The T –code reference for reports
/verification is PT65.
3. Verify whether attendance records are maintained and cross checked by an independent
personnel. The T –code reference for reports /verification is PT65.
4. Ensure that leave balances are correctly recorded and carried forward to the next year. The T –
code reference for reports /verification is PT50/PT_QTA10 and enter the employee code to get
the leave details.
5. Examine the access rights to attendance and leave recording system and ascertain whether
access rights are in line with the roles and responsibilities defined. The T –code reference for
reports /verification is S_AHR_61003750/S_AHR_61003751 to get the access right details and
map it with the employee’s role.
6. Ensure that the attendance and leave records are approved/ authorized as per the process
before considered for monthly payroll.
7. Whether logs of access/ changes to the attendance and leave records are prepared and
reviewed.

17.IA.6 Payroll- processing and disbursement


Control Objective To ensure timely and accurate disbursement of salary to employees
Nature of Work Step Verification
Risk Inaccurate disbursement of salary.
Nature of Control Manual
1. To check if correct leave records are used for processing of salary and the same tally with the
attendance records maintained by the company.
2. Check the logs generated for changes in the employee master data after payroll processing.
3. Test check salary computations for employees. Ensure the salary processed is as per the

192
Audit Checklist

Offer/Appointment letter of the employee or as per increment letter in case of increment given.
4. Check if any arrears to salary are accurately processed and duly approved before disbursement.
5. Ensure that leave encashment, overtime etc. are computed accurately and in accordance to the
company policy. The T-code reference for reports/verification is PC_PAYRESULT and enter the
employee code from the sample selected. Check the calculation for the payroll is done correctly
and as per policy.
6. Obtain and understand policies and procedures defining entitlement, time of submitting claim,
approvals etc.
7. Examine the process of submission of reimbursements by the employee. The T-code reference
for reports/verification is PC00_M40_REMS to check the status of claims and ensure whether
the approval has been done as per DOP.
8. Check for any advances or loans paid to the employees, and if deductions are paid for the same
from the salary. Use T-code PA30 and enter the employee code to check whether there is any
outstanding loan against the employee. Thereafter, use T-Code PC_PAYRESULT to check
whether the loan is being deducted gradually from the salary.
9. Review the disbursement of payroll is in accordance to the approval payroll processed.
10. Review and analyze the payment disbursement for current month with last two months
(employee wise).
11. Check the payroll variance report and investigate instances wherein there is a huge variance
between the salaries paid during the months. Use T-code PC00_M40_ANN/PC00_M99_CWTR to
extract the summary of amount paid under various heads of payroll. Examine reasons for major
differences noted.
12. Examine the cases where disbursement of salary was made through cash (if any).

17.IA.7 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

17.IA.8 Attrition rate analysis


Control Objective Least attrition rate
Nature of Work Step Verification
Risk High attrition rate
Nature of Control Manual / Manual
1. To check the attrition rate used to forecast manpower requirements and compare the same
with actual attrition rate. Use T-Code S_L9C_94000095 to calculate the number of employees
who have left the organization.
2. Compare current year attrition rate with previous years and the reason for increase or decrease.
3. To check the last year attrition rate and the rate used for budgeting last year.
4. To check whether any replacement done due to separations are adequately approved if not
factored in initial planning. Use T-Code S_AHR_61016509 to view the number of vacant
positions.
5. To check if any action plan is prepared for handling the attrition rate.
6. To check if future attritions (other than normal rate of attritions) due to mass retirements etc.
are factored in planning.

193
Audit Checklist

17.IA.9 Budgeting
Control Objective Control expenditure
Nature of Work Step Verification / Analysis
Risk Uncontrolled expenditure.
Nature of Control Manual
1. To check the current year budgeted expenditure of manpower cost and compare the same with
actual cost for current year as well as previous year budgeted expenditure.

17.IA.10 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

17.IA.11 Training employees


Control Objective Operation efficiency and satisfaction of employees leading to organizational
development
Nature of Work Step Verification / Analysis
Risk Operational inefficiency.
Nature of Control Manual / Automated
1. To check whether regular training sessions are conducted on code of conduct.
2. To check that training session are conducted at all level of employees. Use T- code
S_PH9_46000433 to view the attendance for trainings and ensure employees from all levels
attend the trainings.
3. To check that job description is clearly defined at all positions in company. Use T- code
S_AHR_61016497, S_AHR_61016498 to view job descriptions.
4. To check that Code of ethics and value charter has been signed by employees.

17.IA.12 Performance evaluation and feedback


Control Objective Timely detection of performance and ensuring 2 way communication
Nature of Work Step Verification
Risk Lower productivity of employees.
Nature of Control Manual / Automated

17.IA.13 Setting goals


Control Objective Organization growth along with personal growth
Nature of Work Step Verification
Risk Inefficient goal setting.
Nature of Control Manual

194
Audit Checklist

1. To check whether individual goals have been set and submitted with the respective heads.
2. To check whether goals set have been submitted to the Approving authority and they have been
approved timely.
3. To check that goals set by individuals are in line with organization goals and related to the job of
the person.

17.IA.14 Motivating employees


Control Objective Keeping high motivation level for best output
Nature of Work Step Verification
Risk Lack of motivation.
Nature of Control Manual
1. To check whether individual goals have been set and submitted with the respective heads.
2. To check whether goals set have been submitted to the Approving authority and they have been
approved timely.
3. To check that goals set by individuals are in line with organization goals and related to the job of
the person.

17.IA.15 Education Policy


Control Objective Updating of knowledge and skills and continuous learning
Nature of Work Step Verification
Risk Insufficient learning and no updating of knowledge.
Nature of Control Manual
1. To check whether education policy has been formed and duly approved.
2. To check the actions taken to motivate employees like arranging seminars to update employee's
knowledge and motivation level.
3. To check the number of person taking benefit of education policy.

17.IA.16 Raising Requisitions


Control Objective All recruitments are done based on requisitions
Nature of Work Step Analysis / Verification
Risk Recruitments are not based on requisitions.
Nature of Control Automated/Manual
1. To check the adherence to annual job rotation plan. The T-code reference for
reports/verification is PA30.
2. To check whether the person transferred has been transferred on the basis of transfer policy.
The T-code reference for reports/verification is PA30.
3. To check if the company policy w.r.t to mandatory transfers is followed for all employees unless
specific approval is obtained from the competent authority. The T-code reference for reports/
verification is PA30, PA40.
4. Check if in case of extension in transfer / job rotation, approval from competent authority has
been obtained.
5. To check that proper training has been imparted in case new job responsibilities are to be
performed after transfer.
6. To check the time lag in processing the transfer requests. The T-code reference for reports/
verification is PA30, PA40.
7. To check whether the SAP has been updated with revised transfer details. . The T-code
reference for reports/ verification is PA40/PA30.
8. To check accuracy of the payroll process for the overlapping period. . The T-code reference for
reports/verification is PC_PAYRESULT. Check whether confirmation or acknowledgement of
work completed is taken from contractor on measurement book.

195
Audit Checklist

17.IA.17 Mode of recruitment


Control Objective Selection of mode of requirement based on cost and other factors
Nature of Work Step Analysis / Verification
Risk The mode of requirement is not based on specific factors.
Nature of Control Automated / Manual
1. Tocheck that last date of application is mentioned on the notice of vacancy.
2. To check that correct mode of examination has been conducted like level B/C employees are
tested via interview/ viva only.
3. To check recruitment plan is prepared in advance and approved by HOD for recruitments to be
done during the period so that timely recruitment is done considering the mode of recruitment.
Use T-Code S_AHR_61015516 to check the vacancies and whether the recruitment plan is taking
into account the number of positions to be filled.
4. To check if proper documentation is available to substantiate that recruitment is conducted
from the same mode in which it is planned.
5. To check if all the required guidelines issued from time to time are followed for recruitment
considering equal opportunity to all eligible candidate.Conduct lead time analysis between PR
initiation and release. Ensure that reasoning analysis is conducted for delays.

17.IA.18 Recruitment notice


Control Objective Selection based on defined process
Nature of Work Step Verification
Risk Selection is not based on defined processes.
Nature of Control Manual
1. Check if recruitment process is started according to the basis of defined plan.
2. Check if proper notice/ advertisement is issued for all the vacancies defining the following:
a. Job requirement and responsibilities
b. Eligibility criteria's
c. Educational qualifications
d. Experience criteria's
e. Evaluation criteria's etc. Use T-Code S_AHR_61015517 to extract the population of job
advertisements.
3. Check if the advertisement is published at all the required places (e.g. newspaper and websites
etc.).
4. In case of campus recruitments, check if the recruitment is done from the pre-approved
institution.
5. To check the list of candidates shortlisted for interview and their experience papers.
6. To check that no application has been accepted which has been received after the last date
unless approved. Use T-Code S_AHR_61015510 to check the date of receipt of application.
7. To check if adequate tracking and monitoring process is in place to ensure completion of
recruitment process in time.

17.IA.19 Evaluation Process


Control Objective Screening, initial screening of documents, written test, group discussion,
interview, medical examination.
Nature of Work Step Verification
Risk Non screening of documents.
Nature of Control Manual
1. To check if timely and adequate screening is done to identify the eligible candidates for
proceeding with the recruitment process

196
Audit Checklist

2. Check if the screening is done by the authorized and independent person to objective screening
of the candidates
3. Check if the final list of eligible candidate is prepared and approved by HOD to process for
further process
4. Verify sample cases to check if all the candidates are eligible as per the requirement posted in
advertisement
5. Check if adequate mix is maintained to adhere to the various regulation and quotas (e.g. SC/ST
vacancies). Use T-Code PA30 to check the quota(SC,ST) et
6. Check if the copies and original of the required documents are verified to ensure
appropriateness of the details mentioned in the application form
7. Check if results are adequately documented and then on eligible candidates are selected. Use T-
Code S_AHR_61015513 to check the applicant statistics of the selected employees. Ensure that
the statistics are in line with the policy and standar
8. To check whether written test was conducted according the timelines mentioned in the
advertisement or communicated thereafte
9. Check if any change in the date of test is communicated well in advance to the eligible
candidates
10. Check if adequate evaluation of the written test is conducted in time for selection of candidates.
Check if GD is conducted for the vacancies requiring GD as per polic
11. Check if the panel of observers with defined criteria of selection is finalized in advance
12. Check if adequate documentation is maintained for all the candidates for selection/ rejection
reasons. Use T-Code PB10 to check whether reasons for selection or rejection are documente
13. Check if the interview panel is finalized and approved in advance as per DOP
14. Check if adequate mix of the interview panel is maintained in line with the required policy (e.g.
if recruitment involves SC/ST candidate, then 1 member must be SC/ST category)
15. To check all interview processes are completed within specified time
16. Check if the interview evaluation sheet is prepared and the rating of each candidate (for all
rejected/ selected candidates)
17. Post the interview, check if a report is prepared by the interview panel which is put to
competent authority for approval stating result of the recruitment process
18. Upon approval, check if the final candidates are called for medical examination. On clearance of
the same, offer letter is sent to the candidate for joining.

17.IA.20 Finalization of selection and pre joining formalities


Control Objective Proper approvals and selection and pre joining formalities.
Nature of Work Step Verification
Risk Improper approvals.
Nature of Control Manual
1. Check if adequate documentation is maintained for all the evaluation conducted for finalizing
the candidates. Use T-Code PB30 to view the employee master, an thereafter check hardcopy
supporting for sample employees.
2. To check whether medical examination was conducted for all shortlisted candidates.
3. To check whether all conditions like selection of quota candidates has been adhered to.
4. To check that all offer letters contain clearly defined policies like of Independence.
5. To check if the offer letter clearly defined the documents which the candidate need to submit
before joining.
6. To check if the offer letter clearly defines other requirements (if any) which the candidate need
to fulfill before joining.
7. Check if the offer letter is issued based on approval from authorized person as per DOP.
8. To check that all joining formalities like maintenance of employee files, medical checks have

197
Audit Checklist

been done.
9. To check whether employee files are properly maintained and contain necessary documents like
blood group report.
10. To check the reference check and background check forms have been documented in employee
files.
11. To check whether offer letter clearly states the last date of joining unless approved by
concerned authority.

17.IA.21 Contract Employees


Control Objective Contract Employees
Nature of Work Step Verification
Risk Excess recruitment and improper selection.
Nature of Control Manual
1. Check if recruitment on contract basis is done in case of urgency which could not be planned in
the manpower plan.
2. Check if the contractual recruitment is initiated on the basis of approved manpower requisition
by competent authority stating the justification of such recruitment.
3. Check if the adequate evaluation process from screening to finalization is followed for
contracted employees.
4. Check if the contract with the employee is duly approved by legal and for the limited period of
requirement.
5. Check the process of renewal of candidate is followed after ensuring equal opportunity to all
prospective candidates unless approved by the competent authority as per DOP.
6. Check if all the documentation requirement is completed for the contracted employee before
joining. Check if the offer letter is issued based on approval from authorized person as per DOP.

17.IA.22 Joining process


Control Objective Collection and documentation of mandatory documents in employee
personnel file, to smoothen the entry of newly joined executives in the
organization
Nature of Work Step Verification
Risk Improper documentation.
Nature of Control Manual
1. Check the periodicity for conducting the induction for the newly joined employees.
2. Check whether the data specified in the induction template / document have been updated
from time to time.
3. Check whether Job responsibilities/ descriptions (JDs) are adequately defined for all positions
and communicated to employees at the time of joining.
4. Check whether copy of all the mandatory certificates and photo ID cards have been collected
from the employee.
5. Check employee master data and personal files are accessible by authorized personnel's only.
Use T-code S_AHR_61003750 /S_AHR_61003751 to view the employees provided with the
access rights and thereafter, map the same to the roles and responsibilities as per policy.
6. Check the time lag (if any) in generation of the joining report for the new employees. Use T-
Code S_AHR_61015513 to check the applicants joining status.
7. Check the dates of sign off on the appointment letters issued to the employees. The T-code
reference for reports/verification is S_AHR_61015513.
8. Check if the employee file is updated with all the records and documents w.r.t. to the new
employee. Use T-Code PA40 to view the employee master and ensure its completeness. Check
the hardcopy supporting for a sample number of employees.

198
Audit Checklist

17.IA.23 Recruitment Expenses


Control Objective Ensure adequate control over expenses incurred for recruitment
Nature of Work Step Analysis / Verification
Risk Inadequate control over expenses.
Nature of Control Manual/ Automated
1. Check if adequate budget is in place for incurring the recruitment expenses. Use T-Code KSBL
and then enter the cost center.
2. Check if budget Vs. actual is monitored for all recruitment expenses. The T-code reference for
reports/verification is S_ALR_87013611 to view the actual vs. budgeted as per system. Check if
reasoning analysis and approvals are available whenever the budget is exceeded.
3. Check if all expenses are incurred with prior approval according to DOP.
4. Check if re-imbursement to candidates is made based on eligibility and with adequate approval
as per DOP. Use T-Code PA40 to view the employee master and the designation. Thereafter,
check the reimbursement policy and entitlement as per designation and use T-code
PC00_M40_REMS to check whether the reimbursement is made as per policy and approval is
taken as per DOP.
5. Check if recruitment expenses are properly accounted and monitored. The T-code reference for
reports/verification is S_ALR_87013611.

17.IA.24 Appraisal policy and process


Control Objective Clearly defined policy and process to be followed
Nature of Work Step Analysis / Verification
Risk Unclear policies, not defined properly.
Nature of Control Manual/ Automated
1. To check that policy for promotion is available and duly authorized. The T-code reference for
reports /verification is PA40.
2. Check if the process of PMS clearly defines the timelines, authority and protocols to be followed
for PMS. The T-code reference for reports /verification is APPSEARCH.
3. Check the eligibility criteria's defined for promotions for all grades. The T-code reference for
reports /verification is APPSEARCH.

17.IA.25 Appraisal process


Control Objective Adherence to defined and transparent appraisal process
Nature of Work Step Verification
Risk Non adherence to appraisal process.
Nature of Control Manual/ Automated
1. Check if the appraisal is conducted in accordance to the defined policy and process. The T-code
reference for reports/verification is APPSEARCH.
2. Check if the self appraisal is adequately documented and then reviewed by the appraiser with
feedback on strengths and improvement areas. The T-code reference for reports/verification is
APPSEARCH.
3. Check if the compilation of initial ratings are done by HR and reviewed in line with policy. The T-
code reference for reports/verification is APPSEARCH.
4. Check if adequate process is followed for normalization and approved as per DOP. The T-code
reference for reports/verification is APPSEARCH.
5. Check if the final rating on the basis of following parameters are accurately calculated and then
finalized. The T-code reference for reports/verification is APPSEARCH.
6. Check if the improvement areas are communicated to L&D for planning of required trainings.
The T-code reference for reports/verification is APPSEARCH.

199
Audit Checklist

7. Check if the final incentive and increments are accurately decided and circulated in accordance
to the PRP ratings. The T-code reference for reports/verification is APPSEARCH.ed for
promotions for al grades. The T-code reference for reports /verification is APPSEARCH.

17.IA.26 Eligibility and approvals


Control Objective Eligible employees are promoted only. Only department approved candidates
are promoted
Nature of Work Step Verification
Risk Promotions to ineligible employees
Nature of Control Manual/ Automated
1. To check that list of persons eligible for promotion is prepared at each level and cross check it
from eligibility criteria. The T-code reference for reports/verification is S_AHR_61016356 and
enter the sample employee code.
2. Check the number of eligible candidates against the total number of vacant seats. The T-code
reference for reports/verification is S_AHR_61016356 to determine the number of eligible
candidates and S_L9C_94000095 to determine the number of vacancies.
3. Check if all promotions are adequately approved as per defined DOA. Use T-Code PA40 to check
the master data for appraisal. Further use T-code APPSEARCH to check whether the promotion
has been done as per DOP defined in the master data.
4. Check if promotion is decided after considering all the parameters according to the policy (e.g.
experience, seniority etc.) Use T-Code PA40 to check the master data for appraisal. Further use
T-code APPSEARCH to check whether the promotion has been done as per policy.
5. To check that the list of employees eligible for promotion was vetted by concerned
departments. The T-code reference for reports/ verification is APPSEARCH.
6. To check the time taken in sending documents to department for approval and time taken by
department for approving the same. The T-code reference for reports /verification is
APPSEARCH.
7. To check whether applications received in this regard have been forwarded to the concerned
department for scrutiny of final details. The T-code reference for reports/verification is
APPSEARCH.

17.IA.27 Recent promotions


Control Objective Eligible employees are promoted only
Nature of Work Step Verification
Risk Undeserving employees are promoted.
Nature of Control Manual/ Automated
1. Check the controls in place for scheduling exams for promotions for grade A and grade B
executives.
2. Check whether selection committee was constituted before conducting the exam.
3. Check whether all eligible candidates were issued call letters clearly specifying the date and
venue for examination/interview.
4. Check the time taken in issuing promotion letters from final selection. Use T-Code
S_AHR_61016503 to view the list of promotions.
5. Review the APR marks / merit list with the promotions announced. Use T-Code
S_AHR_61016503 to view the list of promotions.
6. Check whether employee master is updated with new salary structure and grades immediately
after announcement. The T-code reference for reports/verification is PA30.
7. To check the total number of employees promoted against the total number of vacant seats The
T-code reference for reports/verification is S_AHR_61016356 to check the number of
employees promoted and T-Code S_L9C_94000095 is to check the number of vacant positions.

200
Audit Checklist

17.IA.28 Employee interaction and communication


Control Objective Employee satisfaction
Nature of Work Step Verification
Risk Employee dissatisfaction.
Nature of Control Manual
1. To check the process of intimation and communicating with employees on performance.
2. Check the controls over issue of promotion letter to the employees like authorized person to
issue the same and mode of giving.

17.IA.29 SAP Change Management


Control Objective All changes are authorized and updated in SAP
Nature of Work Step Analysis / Verification
Risk Unauthorized changes.
Nature of Control Manual / Automated
1. To check whether change management policy is available.
2. To check that Change request form is duly authorized as per DOP.
3. To check that Change request form is duly authorized by HR Head.
4. To check that all change requests are available and separately recorded.
5. To check that proper reason for change is given and also check its impact. The T-code reference
for reports/verification is solman_workcenter to check whether adequate reasoning is available
and approval has been taken as per DOP.
6. To check controls present in system to restrict data leakage like salary of employees. The T-code
reference for reports/verification is SUIM and enter the T-Codes used to consume budget to get
a report about the users authorized to incur expenditure and value of expenditure incurred. This
can then be checked with the defined policy, if any.
7. To check if SAP is updated timely SAP after change has been made in HR Policy. The T-code
reference for reports/verification is PA30.

17.IA.30 Grievance management system


Control Objective Employee satisfaction and timely redressed of employee grievances
Nature of Work Step Verification
Risk Employee dissatisfaction.
Nature of Control Manual
1. To check the system of receiving employee grievances.
2. To check the time taken to address the employee grievance.
3. To check steps taken to ensure employee satisfaction.To check whether change management
policy is available.

17.IA.31 Leave Policy


Control Objective Planned leaves and social recognition
Nature of Work Step Verification
Risk Unplanned leaves.
Nature of Control Manual
1. To check whether leave policy is approved as per DOP.
2. To check whether leaves of employees is recorded in the system. The T-code reference for
reports/verification is PA30.
3. To check whether employees are encouraged to go on leaves in case their leaves get
accumulated. Use T-code PT50 and enter the employee code to check the employee's absence
quota and T-Code PT_QTA10 to check the number of leaves availed.

201
Audit Checklist

4. Check that the policy for maternity leave is available.

17.IA.32 Travel policy


Control Objective Restricted expenditure on travel
Nature of Work Step Verification
Risk Unrestricted expenditure.
Nature of Control Manual
1. To check that travel policy is available and authorized as per DOP.
2. To check that expenses are reimbursed as per travel policy after authorization from heads. The
T-code reference for reports /verification is PC00_M40_REMS.

17.IA.33 Insurance policy


Control Objective Security from loss of person or injury to employee
Nature of Work Step Verification
Risk Insecurity from loss of person.
Nature of Control Manual
1. To check whether insurance policies have been taken as per HR policy of the Company .The T-
code reference for reports /verification is PA30.

17.IA.34 Job rotation and transfer


Control Objective Job transfers within or outside the department for personal growth and
avoiding monotonous jobs
Nature of Work Step Analysis / Verification
Risk Monotonous jobs leading to low employee productivity.
Nature of Control Manual / Automated
2. To check the adherence to annual job rotation plan. Use T-Code PA30 to view employee master
and perform analysis to ensure whether the job rotation plan is adhered with.
3. To check whether the person transferred has been transferred on the basis of transfer policy.
The T-code reference for reports/verification is PA30.
4. To check if the company policy w.r.t to mandatory transfers is followed for all employees unless
specific approval is obtained from the competent authority. The T-code reference for
reports/verification is PA30, PA40.
5. Check if in case of extension in transfer / job rotation, approval from competent authority have
been obtained.
6. To check that proper training has been imparted in case new job responsibilities are to be
performed after transfer.
7. To check whether the SAP records have been updated with revised details after transfer such as
dates, location, department etc. The T-code reference for reports/verification is PA40/PA30.
8. To check accuracy of the payroll process for the overlapping period. Use T-Code PC_PAYRESULT
to check whether payroll calculations are done accurately and as per the policy.

17.IA.35 Resignations
Control Objective To ensure adherence to defined policy.
Nature of Work Step Analysis / Verification
Risk Non adherence to defined policy.
Nature of Control Manual / Automated
1. Check the adherence to the HR policy guidelines for employee separation.
2. Check and analyze the attrition rate at the various management level.

202
Audit Checklist

3. Check if the employee resignation is documented and accepted by HOD before relieving.
4. Check if intimation is send to the HR and payroll team by HOD on receipt of resignation.
5. Check if payroll is put on hold (in line with the policy requirement) on receipt of employee
resignation.
6. Check if employee is communicated to all the requirements need to be completed by him
before leaving the organization:
a. No due to be cleared
b. Assets to be returned
c. Guarantee/ bond amount to be paid if any
d. Notice to be served etc.
7. Check if HR initiates the retirement process in advance in case of retiring employee.
8. Check whether data back up have been obtained from the employee before his relieving.To
check the adherence to annual job rotation plan. Use T-Code PA30 to view employee master
and perform analysis to ensure whether the job rotation plan is adhered with.
9. Check whether payroll calculations are done accurately and as per the policy.

17.IA.36 Clearance Procedures


Control Objective To safeguard the interest of the Organization against physical / intellectual
property loss
Nature of Work Step Verification
Risk Physical intellectual property loss.
Nature of Control Manual
1. Check if clearance/ no due form is defined containing the authorities who need to give no due
clearance to all separating employees.
2. Check if all the receivables/recoverable are mentioned on the clearance form before by the
authorized person.
3. Check if all the following access are removed at the time of clearance:
a. Physical access card (if any)
b. SAP Access by ERP team
c. Oil Network Access by IT team.
4. Access to any other IT application by IT team.
5. Check if all the authorizations to the individual (if any) are removed:
a. Bank Account
b. Dealing with third parties
c. Reprinting company
d. Power of Attorney etc.

17.IA.37 Voluntary retirement scheme


Control Objective Hassle free retirement and separation
Nature of Work Step Verification
Risk Problematic retirement.
Nature of Control Manual / Automated
1. To check the number of person applying for early retirement or VRS scheme. Use T-code PA30
to view the employee master. Ensure it is updated with the details of employees applying for
VRS.
2. Check the employee entitlement for the Early Retirement and Voluntary Premature Retirement
schemes granted (if any). Use T-Code S_PH9_46000223 to check the employees joining date and
department worked for in order to ascertain whether he is eligible for VRS.
3. To check the time lag between applying for VRS and actually sanctioning the same.
4. To check the reasons for same and also check the entitlement calculation.

203
Audit Checklist

17.IA.38 Exit interview


Control Objective Analyzing the reason to control turnover rate for future
Nature of Work Step Verification
Risk No proper reason is found for turnover rate.
Nature of Control Manual
1. Check whether there is a process of conducting exit interview at the time of separation and
whether reasons are identified & analyzed during the exit interview.
2. To check all exit interviews are available in employee files.
3. To check the steps taken by management to resolve such issues as stated in exit interviews.

17.IA.39 Full and final payments (F&F)


Control Objective Accuracy and timely clearances
Nature of Work Step Verification
Risk 1. Inaccurate clearance/settlement payment.
2. Delay in settlement.
Nature of Control Manual / Automated
1. Full and final settlement must be done for each and every employee only after all the company
assets have been recovered.
2. Check the time difference between full & final from the date of releasing. Use T-code PA30 to
check the last working day of employee and use TCode PC00_M99_PA03_check to check the
date on which F&F was done. Ensure the time delay is within the timelines defined as per
Company Policy.
3. Check the computation of Full & final settlement. The T-code reference for reports/verification
is PC_PAYRESULT/PC00_M40_TERM.
4. Check if the tax deductions are appropriately provided on the basis of receipt of documentary
evidence from the employee. Use T-Code - PC_PAYRESULT/PC00_M40_F16.
5. Check if resigned employees' records are timely updated in master records and check if these
are not included in payroll computation sheet. The T-code reference for reports/verification is
PA30.
6. Check the controls over issue of experience certificate to the employees and check that
experience certificate is issued only after all clearances have been done by employee. The T-
code reference for reports/verification is PA40.
7. To check whether any notice pay or bond money has been recovered from employee in case he
refuses to serve the entire term of notice period or Bond period. . The T-code reference for
reports/verification is PC_PAYRESULT.
8. Check if the full and final amount is disbursed timely in accordance to the policy.

17.IA.40 Policies
Control Objective To avoid unauthorized activities and transactions unfavorable to the
organization
Nature of Work Step Verification / Analysis
Risk Unauthorized activities.
Nature of Control Manual
1. To check if there is defined process and policy to govern the handling of legal and vigilance
cases.
2. Check if the department has mechanism to monitoring the compliance to defined policy and
process for handling legal cases.

204
Audit Checklist

17.IA.41 Appointment of consultant


Control Objective To ensure adequate hiring and payment to consultant/ advocates
Nature of Work Step Verification
Risk Inadequate hiring of consultants.
Nature of Control Manual
1. Check if appointment of consultant/ advocate is done after due evaluation and approval as per
policy.
2. Check if the evaluation is carried out for the cases handled by the consultant.
3. Check if payment to the consultant is made after proper verification and required approvals as
per DOA

17.IA.42 Legal/Vigilance
Control Objective To safeguard the interest of the Organization
Nature of Work Step Verification
Risk The interest of the organization is threatened.
Nature of Control Manual
1. Check whether there is a tracker maintained to keep a record of all the active and resolved legal
cases. Ensure whether it is updated timely.
2. Check whether guidelines exist to ensure adequate documentation for each legal case. Check
whether a document checklist has been prepared and followed.
3. Check the maintenance of documentary proof and witness for the cases.
4. Ensure settlement of employee full and final post solvation of the dispute.
5. Check if the past cases are reviewed and analyzed for common reasons with action plan to
prevent such cases in future. .
6. To check if there is adequate tracking and documentation of the cases initiated by vigilance.

17.IA.43 RTI cases


Control Objective To safeguard the interest of the Organization and compliance to statutory
requirements.
Nature of Work Step Verification
Risk 1. Loss of goodwill
2. Non-compliance to statutory requirements.
Nature of Control Manual
1. Check if the dedicated persons are identified for handling the RTI cases.
2. Check if all replies to RTI are properly verified and supported with adequate documentation to
ensure accuracy of reply.
3. Check if proper evidence is maintained ensuring date of receipt of RTI and reply to RTI.

205
Audit Checklist

18. Information Technology – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory Compliance
3 User request management
4 Disaster recovery site
5 Process documentation
6 Backup procedures
7 IT administration
8 PR tracking
9 Creation of Service Entry Sheet (SES)
10 Manpower planning
11 Physical access controls
12 Logical controls
13 IT applications
14 ERP solutions
15 Physical access controls
16 IT infrastructure and environmental controls
17 Physical access controls
18 Network security
19 Physical access controls
20 Logical controls
21 IT applications

206
Audit Checklist

18.IA.1 ITGC - Planning, budgeting & monitoring


Control Objectives Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget

Nature of Control Manual /Automated


1. Check whether the annual plan of IT department is complete and all-inclusive to cover the
requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

18.IA.2 ITGC - Statutory Compliance


Control Objectives Adherence to applicable Rules and Regulations
Nature of Work Step Verification
Risk Initiation of penal action by concerned authorities.
Nature of Control Manual
1. Check whether there is compliance framework to monitor or track compliance required under
various law/Acts applicable to the Company.
2. Verify whether compliance of applicable rules/provisions e.g. Information Technology Act are
monitored periodically.
3. Check whether non compliance to the requirements is reported to the management
periodically for further action.
4. Check whether statutory compliance reports are submitted.
5. Check whether disposal of written off scrap of IT systems is done as per applicable statutory
Acts/ Rules.

18.IA.3 ITGC - PR tracking


Control Objectives Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out
situations / operational delays.
Nature of Control Manual /Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as

207
Audit Checklist

per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

18.IA.4 Commercial Systems - Physical access controls


Control Objectives Access checks, CCTV's monitoring and data security
Nature of Work Step Verification/ Analysis
Risk Unsecure data and IT infrastructure.
Nature of Control Manual
1. Check that access to critical systems is available to authorized personnel only.
2. Check that CCTV's are available in and around critical areas.
3. Check if access logs are created for the persons accessing the Data Centre.
4. Check if critical IT equipment's are controlled through lock in key or access control.
5. Check that no internal confidential information like network diagram etc. is made available on
public domain.

18.IA.5 Infrastructure - Physical access controls


Control Objectives Access checks, CCTV's monitoring and data security
Nature of Work Step Verification/ Analysis
Risk Unsecure data and IT infrastructure.
Nature of Control Manual
1. Check that access to critical systems is available to authorized personnel only.
2. Check that CCTV's are available in and around critical areas.
3. Check if access logs are created for the persons accessing the data centre.
4. Check if critical IT equipment's are controlled through lock in key or access control.
5. Check that no internal confidential information like network diagram etc. is made available on
public domain.

208
Audit Checklist

18.IA.6 Network & Communication - Physical access controls


Control Objectives Access checks, CCTV's monitoring and data security
Nature of Work Step Verification/ Analysis
Risk Unsecure data and IT infrastructure.
Nature of Control Manual /Automated
1. Check that access to critical systems is available to authorized personnel only.
2. Check that CCTV's are available in and around critical areas.
3. Check if access logs are created for the persons accessing the Data Centre.
4. Check if critical IT equipment's are controlled through lock in key or access control.
5. Check that no internal confidential information like network diagram etc. is made available on
public domain.

18.IA.7Technical Systems - Physical access controls


Control Objectives Access checks, CCTV's monitoring and data security
Nature of Work Step Verification/ Analysis
Risk Unsecure data and IT infrastructure.
Nature of Control Manual /Automated
1. Check that access to critical systems is available to authorized personnel only.
2. Check that CCTV's are available in and around critical areas.
3. Check if access logs are created for the persons accessing the Data Centre.
4. Check if critical IT equipment's are controlled through lock in key or access control.
5. Check that no internal confidential information like network diagram etc. is made available on
public domain.

209
Audit Checklist

19. Instrumentation – Internal Audit


Scope
Audit Areas
1 Planning and administration
2 Operations
3 Maintenance
4 Projects
5 Environment, Health and Safety Compliance
6 PR Tracking
7 Manpower Planning

210
Audit Checklist

19.IA.1 Planning & Administration


Control Objective Adequate planning, Effective monitoring over plan, Compliance to DOP
Nature of Work Step Analysis / Verification
Risk Inadequate planning.
Nature of Control Manual / Automated
1. To check whether the plan of instrumentation department is complete and all-inclusive for man,
materials, equipment required for preparation. Check whether the plan is in compliance on
statutory obligations.
2. To check whether there are laid down procedures for preparation of plan and the same are
complied with.
3. To check whether such plan is approved by competent authority as per DOP. The T-code
reference for reports/verification is KSBL. This report provides the planning overview and can be
used to check whether the plan is approved as per DOP.
4. To check whether any amendments in such plan is approved by competent authority as per DOP.
The T-code reference for reports/verification is KSBL.
5. To check whether actual expenses are monitored / compared with planned expenses on periodic
basis against such plan. The T-code reference for reports/verification is S_ALR_87013532.
6. To ensure timely procurement of material. Use MB5B to check the stock levels on a particular
day and use ME5A to ensure that the PR is raised for the material where stocks are below the
threshold levels defined.
7. To check whether there is non moving inventory at departmental storage location. The T-code
reference for reports/verification is MC46
8. To ensure proper security is in place in laboratory.

19.IA.2 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

211
Audit Checklist

20. Land – Internal Audit


Scope
Audit Areas
1 Planning and assessment
2 Acquisition of land through Bipartite Negotiation / Settlement
3 Acquisition of land through Land Acquisition Act, 1894
4 Acquisition of land under Provision of Forest (Conservation) Act, 1980
5 Land records
6 Restoration of land
7 PR tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower planning

212
Audit Checklist

20.IA.1.1 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Accuracy of information in line with land/revenue records
Nature of Work Step Verification
Risk Non-compliance.
Nature of Control Manual
1. Check whether the Land Officer confirmed the name of village, mouza, dag no., patta no., class
of land etc., name of occupiers/ pattadars, etc. with land/ revenue records such as Chitha copy,
Cadastral Land Map, etc. provided by the Contract Revenue Circle Office.
2. Check whether field visit is carried out by the Revenue Authorities for actual verification/
certification of individual Dag No., Patta No., Village Name, Mouza, area of land, class of land
etc.

20.IA.1.2 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Minimizing possibility of disputes with the occupiers/pattadars
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether written consent is obtained from the occupiers/ pattadars.
2. Check whether a formal letter asking for consent of the occupiers/ pattadars is available in case
of registered/corporate tea garden lands.

20.IA.1.3 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Adequate assessment and subsequent accuracy in decision making
Nature of Work Step Verification / Analysis
Risk Inaccurate assessment.
Nature of Control Manual
1. Check whether the Assessment Committee report is prepared and submitted to Land
department with adequate supporting.

20.IA.1.4 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Negotiation with land owners through liasoning officers
Nature of Work Step Verification
Risk Non-compliance to DOP
Nature of Control Manual / Automated
1. Check whether there are any liasoning officer has been hired by OIL for negotiations with land
owners.
2. Check whether a contract exists for the same and is approved as per DOP.
3. Check whether the payment is made to the officer as per the terms of contract. Use T-Code
FBL1N/FBL3N.
4. Check whether the payment made is capitalized along with the land value.

20.IA.1.5 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Accuracy in payment and compliance to DOP
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. Check whether surface compensation is paid only after adequate approvals and documentation.

213
Audit Checklist

20.IA.1.6 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Minimizing possibility of disputes with the occupiers/pattadars
Nature of Work Step Verification
Risk Disputes.
Nature of Control Manual
1. Check whether payment of surface compensation was made to all occupiers/ pattadars.

20.IA.1.7 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Release of land as per timelines
Nature of Work Step Verification
Risk Delay in release of land.
Nature of Control Manual
1. Check whether land release letter is issued by Land Department to Civil department as per the
defined timelines.

20.IA.1.8 Acquisition of land through Bipartite Negotiation / Settlement


Control Objective Adequate documentation to defend legal dispute
Nature of Work Step Verification
Risk Inadequate documentation.
Nature of Control Manual
1. Check whether proper and correct land records are obtained from the Revenue Circle office.

20.IA.2.1 Acquisition of land through Land Acquisition Act, 1894


Control Objective Release of land as per timelines
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether proposal for land acquisition is submitted to the Collector along with Land Maps
provided by Civil Survey Department on timely basis.

20.IA.2.2 Acquisition of land through Land Acquisition Act, 1894


Control Objective Accuracy in proposal for land acquisition
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether proposal for land acquisition is reviewed and approved as per the defined DOP.

20.IA.2.3 Acquisition of land through Land Acquisition Act, 1894


Control Objective Release of land as per timelines
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether there is a tracker maintained to monitor list of pending registrations.
2. Check whether there is a process for regular follow-up of the status of land acquisition.

214
Audit Checklist

20.IA.2.4 Acquisition of land through Land Acquisition Act, 1894


Control Objective Accuracy and timely deposition of award amount
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether upon intimation by the Collector, award amount is deposited within a
reasonable time after obtaining adequate approvals.

20.IA.2.5 Acquisition of land through Land Acquisition Act, 1894


Control Objective No un-accounted land
Nature of Work Step Verification
Risk Delay in execution.
Nature of Control Manual
1. Check whether entry of land acquisition is made in the Asset Register and General Ledger by
value of land including development cost. SAP T-codes for verification isAR01 and FBL3N.

20.IA.3.1 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Release of land as per timelines
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual
1. Check whether the de-reservation proposal is submitted timely to the Nodal officer for seeking
approvals u/s 2 of the proposal by the State Government.
2. Check whether there is a tracker maintained to monitor list of pending registrations.
3. Check whether there is a process for regular follow-up of the status of land acquisition.

20.IA.3.2 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Accuracy and timely payment
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual / Automated
1. Check whether upon intimation by the Nodal Officer, requisite payments are made through a/c
payees draft within a reasonable time. SAP T-code for verification is FBL3N.

20.IA.3.3 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Adequate documentation to defend legal dispute
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual
1. Check whether land records obtained from Nodal Officer are uploaded in the Documentation
Management System in SAP.

215
Audit Checklist

20.IA.3.4 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Appropriate land value payment and compliance to DOP
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual
1. Check whether payment of land value is made after obtaining adequate approvals as per DOP.

20.IA.3.5 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Appropriate costing of land
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual / Automated
1. Check whether cost associated in land acquisition such as legal costs, stamp duties, fees are
allocated, sanctioned and approved. SAP T-code for verification is FBL3N.

20.IA.3.6 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective No un-accounted land
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual / Automated
1. Check whether entry of land acquisition is made in the Asset Register and General Ledger by
value of land including development cost. SAP T-code for verification is AR01 and FBL3N.

20.IA.3.7 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Minimizing disputes for ownership of land
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual
1. Check whether there is a process of monitoring and efficiently handling the legal cases/ RTI
queries.

20.IA.3.8 Acquisition of land under Provision of Forest (Conservation) Act, 1980


Control Objective Minimize encroachment of land
Nature of Work Step Verification
Risk 1.Dispute.
2.Non-compliance.
3.Inappropriate costing.
Nature of Control Manual
1. Check whether there is a process for review of occupancy of land acquisitioned by the Company
on a periodic basis.

216
Audit Checklist

20.IA.4.1 Land records


Control Objective Proper accounting of land
Nature of Work Step Verification
Risk Incorrect accounting.
Nature of Control Automated / Manual
1. Check the type of ownership of land on a sample basis.
2. Ensure that if it is OIL owned land, then it is accounted in the books of accounts accordingly and
FAR is updated.
3. If it is leased land, check whether it is amortized during the leasehold period.
4. If it rented land, ensure that rent is paid accurately and timely.
5. Ensure that if change in type of ownership happens, then the records are updated timely and
accounting is done as per standards.

20.IA.4.2 Land records


Control Objective Adequate data storage
Nature of Work Step Verification
Risk Inadequacy of documentation may result in disputes in future.
Nature of Control Automated / Manual
1. Check whether land records obtained from Pattadars / Collector are uploaded in the
Documentation Management System. The SAP T-code for verification is CV03N.

20.IA.4.3 Land records


Control Objective No un-accounted land
Nature of Work Step Verification
Risk Incorrect accounting.
Nature of Control Automated / Manual
1. Check whether entry of land acquisition is made in the Asset Register and General Ledger by
value of land including development cost, legal fees and liasoning fees as per AS-10. The SAP T-
code for verification is AR01 and FBL3N.

20.IA.4.4 Land records


Control Objective Proof of ownership of land
Nature of Work Step Verification
Risk Legal implications.
Nature of Control Automated / Manual
1. Check whether the safe custody of land ownership deeds is being maintained.

20.IA.4.5 Land records


Control Objective Release of land as per timelines
Nature of Work Step Verification
Risk Delay in release of land.
Nature of Control Automated / Manual
1. Check whether Joint SPP application is submitted at concerned Revenue Circle office and
recommendation is submitted to DC’s office on timely basis.

217
Audit Checklist

20.IA.5 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. 8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

20.IA.6 PR Tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated / Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

20.IA.7 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

218
Audit Checklist

21. Learning & Development – Internal Audit


Scope
Audit Areas
1 Need identification
2 Trainings - planning and execution
3 Compulsory and statutory trainings
4 Planning and administration
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning

219
Audit Checklist

21.IA.1Need identification
Control Objective To ensure employees and organizational development.
Nature of Work Step Verification
Risk Non Adherence to Learning and Development policy.
Nature of Control Manual
1. Check the adherence to the learning and development policy.
2. Check the periodicity of conducting skill gap analysis and competency mapping.
3. Check whether option of self-nomination is provided to employees for trainings and the same is
being used effectively for skill up gradation.
4. Check whether training needs of employees across all levels have been identified and discussed.
5. Check if the nominations for training is based on the need assessment and duly approved by
HOD.

21.IA.2.1 Trainings - planning and execution


Control Objective To make employees more competitive,maintain incremental learning curve
for the organization.
Nature of Work Step Verification/Analysis
Risk 1. Low participation level in employees.
2. Absence of training.
Nature of Control Automated/ Manual
1. Check whether training calendar have been formulated for the year / quarter.
2. Check whether training calendar is prepared on the basis of need identification and
organizational requirements considering the long term goals.
3. Check if the training calendar is approved as per the DOP.
4. Check whether the training plan is communicated and circulated well in advance.
5. Check any deviations from the defined calendar are approved and communicated in advance.
6. Check if the absence from training are properly documented and required approvals are
obtained by the employee for not attending the training. Use T-Code S_AHR_61016216.
7. Check is all the trainings are conducted as per the plan.
8. Check whether the training feedback is obtained, analyzed and considered for future planning.
9. Check if the training feedback is used to rate the trainer and use it effectively for future
planning.
10. Check whether any root cause analysis is being carried out for low participation level in the
trainings.
11. Check if process of evaluating the training benefits is followed.
12. Check the list of actual participants with the registered participants. Use T-Code
S_PH9_46000433.
13. Check if there are employees who have not been nominated for training for long period and
conduct reason analysis for same.

21.IA.2.2 Trainings - planning and execution


Control Objective To make employees more competitive, maintain incremental learning curve
for the organization
Nature of Work Step Verification/Analysis
Risk 1. Unplanned payments made to the trainer.
2. Ineffective trainers reappointed repetitively
Nature of Control Automated/ Manual
1. Check the process of identification, selection and payment to trainers. Use T-Code MIR4, FBL3N.
2. Check whether trainer’s past feedbacks are considered before reappointment of any trainer.

220
Audit Checklist

21.IA.3 Compulsory and statutory trainings


Control Objective To ensure awareness and compliance with statutory requirements
Nature of Work Step Verification
Risk Non-compliance with statutory trainings.
Nature of Control Manual
1. Check the list of actual participants with the registered participants.
2. Check whether all the mandatory/ statutory trainings as per the MOU guidelines are scheduled
and conducted.
3. Check whether any root cause analysis is being carried out for low participation level in the
trainings.

21.IA.4 Planning and administration


Control Objective To ensure appropriate cost of the trainings
Nature of Work Step Verification
Risk Inappropriate cost of training.
Nature of Control Manual/ Automated
1. Verify the actual vs. budgeted amount sanctioned for the trainings. Use T-Codes
S_ALR_87011761. Analyze the root cause for any significant variation in the budget vs. actual.
2. Check whether the expenses incurred by the department are in adherence to the documented
company policy. Use T-Code MIR4, FBL3N.
3. Analyze the root cause for excess fund utilization than sanction for trainings.
4. Check on sample basis if the expenses are supported with adequate approvals and evidences.
5. Use T-Codes MIR4, FBL3N.

21.IA.5 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk 1. Delay in procurement leading to costlier procurement/ stock out situations.
2. Delay in procurement leading to stock out situations causing operational
delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

221
Audit Checklist

21.IA.6.1 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification/Analysis
Risk Excess payment due to non-verification of the work done by contractor
Nature of Control Manual/ Automated
1. Check whether manual records for work in progress and completed has been maintained by
engineer in charge
2. Check whether service entry in SAP is made by EIC on a timely basis.
3. Check whether details from contractor are independently reviewed in line with the service
entry.
4. Check whether there is appropriate segregation of duty between the person releasing service
entry, verifying contractor invoice and approving payment.
5. Check whether service entry is approved by the EIC as per the Contract.
T-Code to check service entry in SAP: MSRV1, ME2S, ML81N
6. Check the manual records maintained by the EIC to monitor work in progress and work done by
the Contractor.
7. Understand the basis of the records. Eg: In case of paint job, whether area was measured by
the EIC. Whether the SE was based on the dimensions as per the approved drawing of location.
8. On a sample verify the measurement done.

21.IA.6.2 Creation of Service Entry Sheet (SES)


Control Objective Timely payment to contractor
Nature of Work Step Analysis
Risk Delay in payments to contractor
Nature of Control Manual/ Automated
1. Analyze the time gap between Service execution, service entry and invoice verification.
2. Highlight the cases where unreasonable delays are noted.

21.IA.7 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities.
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

222
Audit Checklist

22. Legal – Internal Audit


Scope
Audit Areas
1 Handling litigations
2 Legal compliance
3 Outsourced consultancy
4 Monitoring, tracking & vetting
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning

223
Audit Checklist

22.IA.1 Handling litigations


Control Objective Safeguard the reputation, financial loss and other business strategic
interest of the organization
Nature of Work Step Verification/Analysis
Risk 1. Loss of Reputation.
2. Financial Loss.
Nature of Control Manual/Automated
1. Check whether dedicated personnel's / team have been identified to handle litigations.
2. Check whether trackers are maintained for the active and resolved litigations in chronological
order.
3. Check the amount of contingent liability (if any) reported and expected financial exposure.
4. Check the controls over out of court settlements and authorized Company's representative.
5. Map the amount authorized for the payouts for out of court settlement with actual payout. Use
T-Code MIR4, FBL3N.

22.IA.2 Legal compliance


Control Objective Ensure awareness and compliance to statutory requirements
Nature of Work Step Verification
Risk Statutory Non Compliance.
Nature of Control Manual
1. Check timely revert to the notices / representation of personnel in court as intimated.
2. Check the availability of the various statutory compliance checklists. Check whether checklists
are periodically updated, based on the changes in regulatory requirements.
3. Check whether the statutory compliance checklist used by various departments is vetted by
legal department.
4. Check if process is in place to ensure compliance of the legal requirements as communicated by
legal department.

22.IA.3 Outsourced consultancy


Control Objective Safeguard the interest of the organization
Nature of Work Step Verification/Analysis
Risk Reputation of the organization at stake.
Nature of Control Manual/Automated
1. Check the process to shortlist and selection of a consulting / law firm. Use T-Codes ME5A, ME2J,
ME2S.
2. Check whether background / reputation verification have been carried out before hiring a
consultancy / law firm.
3. Track timely response / service delivery by the consulting / law firms.
4. Check the terms & conditions to the contracts entered with the consulting / law firms. Use T-
Code ME3L.
5. Check the payouts to consulting / law firms with the contracts signed. Use T-Code MIR4, FBL3N.
6. Check whether contracting terms and condition have been updated based on the changes in
regulatory requirements. Use T-Code ME3L.
7. Check the amount of contingent liability (if any) conveyed by consultants/ law firm with the
amount reported.

224
Audit Checklist

22.IA.4 Monitoring, tracking and vetting


Control Objective Adequate documentation and approval mechanism
Nature of Work Step Verification/Analysis
Risk Inadequate Monitoring, tracking and vetting process.
Nature of Control Manual/Automated
1. Check whether periodical monitoring, reporting and escalation of unresolved/pending
legal/arbitration cases is being carried out in chronological order.
2. Check the maintenance of the chronological order of events along with the checklist for each
legal case.
3. Check the maintenance of documentary proof and witness for the cases. Use T-Code CV03N.
4. Check the maintenance of list of vetted documents in chronological order. Use T-Code CV03N.
5. Check the maintenance of appeals filed / in process in chronological order. Use T-Code CV03N.
6. Check whether there is a process of obtaining feedback from legal department over various
terms and conditions used in contracting by other departments.

22.IA.5 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

22.IA.6 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

225
Audit Checklist

22.IA.7 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

226
Audit Checklist

23. LPG Plant - Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Policy and procedures
3 LPG extraction
4 Identification and evacuation of defective cylinders
5 LPG filling and bottling
6 Dispatch of cylinders
7 PR tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower planning
10 Compliances with HSE standards
11 Training of employees
12 Periodic audits & inspections
13 Statutory clearances and permission
14 Disposal of waste, hazardous chemicals and other by products
15 Handling safety issues
16 SOP Compliance
17 Preventive maintenance
18 Breakdown maintenance
19 Safety
20 Training to workers
21 Security
22 Statutory compliances
23 Tools, spares and other expenses
24 HSE compliances

227
Audit Checklist

23.IA.1 LPG - Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of administration department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

23.IA.2 LPG - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

228
Audit Checklist

24. Materials Management – Internal Audit


Scope
Audit Areas
1 Budgeting
2 Material planning & monitoring
3 Operations
4 Purchase requisition
5 Purchase order
6 Vendor development and enlistment
7 Notice Inviting Tender (NIT)
8 Sale of bidding document
9 Bid security
10 Pre-bid conference
11 BEC/BRC
12 Two-bid system
13 Open tendering
14 Limited tendering/ Single tendering/ Emergency procurement
15 Spot purchases
16 Annual rate contract
17 Procurement of medicines
18 Receipt of bid
19 Opening of bid
20 Evaluation of bids, preparation of Tender Tabulation / Purchase
Proposal Committee Resolution (TCR) and award & signing of the PO
contract
21 Placement of order
22 Performance guarantee
23 Amendment to order
24 Follow-up
25 Replacement Supply
26 Receipt of material
27 Issuance of material
28 Demurrage
29 Storage
30 Scrap disposal
31 Insurance
32 DGCA permit and Explosives license
33 Monitoring of lead times from PR to PO issuance.
34 PR tracking
35 Creation of Service Entry Sheet (SES)
36 Manpower planning

229
Audit Checklist

24.IA.1 Budgeting
Control Objectives Adequate budget planning, Effective monitoring over expenses, Compliance
to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Manual / Automated
1. Use T-Code S_ALR_87013558 to check whether the annual budget of material department is
complete and all-inclusive to cover the requirements of manpower, stationary, forklifts, stock
racks etc.) etc.
2. Check whether annual budget is approved by competent authority as per DOP.
3. Check whether any amendments in annual budget is approved by competent authority as per
DOP.
4. Use T-code S_ALR_87013532 to obtain the overall budgeted and actual figures and use T-code
CJ31, CJ33 to obtain the project specific details. Check whether actual expenses are monitored /
compared with planned expenses on periodic basis.

24.IA.2 Material planning & monitoring


Control Objectives Adequate planning, effective monitoring over expenses, compliance to DOP,
avoid stock out situations
Nature of Work Step Analysis / Verification
Risk 1. Inadequate planning for stock of different materials leading to stock out
situation.
2. Proper updation of material master.
3. Operational delay.
Nature of Control Manual / Automated
1. Check whether there is classification of inventory between Vital, essential and desirable so as to
avoid Excess/shortage of spares. Use T-Codes MM60.
2. Check whether annual plan prepared for procurement of stock items is complete and all inclusive
considering the overall requirement of the user department/consumption patterns of previous 3
years.
3. Check whether monthly plan prepared for procurement of stock items is complete and all inclusive
considering the overall requirement of the user department/consumption patterns of previous 3
years.
4. To ensure that there is adequate assessment of non-moving/slow-moving stock so that the
working
capital doesn't get blocked. Use T-Codes MC46, MC50 (Dead Stock),MC.9.
5. Check whether any amendments in annual/monthly plan is approved by competent authority as
per
DOP.
6. Check whether actual purchases are monitored / compared with planned annual/monthly plan on
periodic basis.
7. To ensure that no unauthorized purchases are taking place due to indents not being approved.
Use
T-Codes ME2B.
8. To conduct a walkthrough of the planning process. Ensure it is complete w.r.t analyzing current

230
Audit Checklist

stock, upcoming demand/projects, past usage trend etc.


9. Check whether various inventory levels (minimum, maximum, safety stock etc.) have been defined
for stock items to keep a control over stock items.
10. Check that there is availability of critical inventory / consumables for drilling
operations/production in order to avert operation delays. Use T-Codes MB52.
11. Check whether operation activities of user departments were stopped for a considerable period
of time due to any stock out situations.
12. Check whether materials planning is done based on factors used for material requirement
planning (MRP).
13. Check whether regular monitoring of annual/monthly plan for procurement of stock items and
exceptions are identified.
14. Check that only those who are authorized, access the material master. Use T-Codes SUIM.
15. Check whether economies of scale are adversely effected due to weak process of material
requirement planning and tracking.
16. Check whether exceptions in planned vs. actual are analyzed and root cause is identified for such
exception so as to take necessary actions against it.

24.IA.4.1 Purchase requisition


Control Objectives Adequate information readily available for procurement, accuracy in
accounting, compliance to DOP
Nature of Work Step Verification
Risk 1. Non-compliance to DOP.
2. incomplete / incorrect PR.
Nature of Control Manual / Automated
1. Use T-Code ME53N, ME5A to check whether the PR for stock items is raised as per the process
mentioned in Purchase Manual.
2. Check whether PRs are raised within the budgetary limits allocated to the department and
approvals on PRs are obtained as per DOP.
3. Check whether PR is accompanied with complete details as required by Purchase Manual such as
detailed of quantity, cost, required at site date, budget provisions & management approvals,
detailed technical specifications, the approved BRC/BEC, last purchase reference, requirement of
sample/drawings, weight of item etc.
4. If invitation of bid is to be done on limited bid/single bid/proprietary single bid /emergency bid
basis, to check PR is approved accordingly as per defined DOP.
5. Check whether PRs raised are completed in order to avoid delays due to incompleteness /
incorrectness of PR.
6. Check whether there is a maker checker control for preparation and release of PR.
7. Check whether pending purchase requests are reviewed and necessary actions/follow ups are
done
internally or externally.
8. Check whether technical/budget sanction is as per the Purchase Manual and approved as per the
defined DOP.
9. Check whether PRs for non-stock/capital items are timely re-validated by Planning section to avoid
delays due to incompleteness / incorrectness of PR.

231
Audit Checklist

24.IA.4.2 Purchase requisition


Control Objectives To verify that the indents are not raised for materials already in stock
resulting in accumulation of inventory in excess of requirement.
Nature of Work Step Analysis / Verification
Risk 1. Blockage of working capital.
2. Accumulation of inventory items which may expire or become obsolete.
Nature of Control Manual / Automated
1. Generate list of Requisitions using T-Code ME5A for the review period.
2. Check the stock of material requisitioned on the date of Requisition using t code ZMM_STOCK
and MB5B.
3. Check the stock available on PR date and the movement of material during the selection period
to find if the material was available as unrestricted stock.
4. If the stock is available on the PR date, find the reasons why PR was raised and report it.

24.IA.4.3 Purchase requisition


Control Objectives To verify that material requisitioned was actually consumed as per plan
Nature of Work Step Analysis / Verification
Risk 1. Blockage of working capital.
2. Accumulation of Inventory items which may expire or become obsolete.
Nature of Control Manual / Automated
1. Use T-Code T-Code MB51 to generate list of material received for the period.
2. Analyze the list of materials which are received & not being issued (consumed) as per the plan.
3. Discuss the reasons with requisitioner as to why the material is not consumed as per plan, report
any deviations.

24.IA.4.4 Purchase requisition


Control Objectives To verify that requisitions for materials with high lead time are raised on time
Nature of Work Step Analysis / Verification
Risk 1. Adoption of emergency procurement methods may result in procurement
at higher costs &unfavorable terms & conditions.
2. Unavailability of material at the requirement may result in disruption of
operations.
Nature of Control Manual / Automated
1. Verify whether standard lead times for material have been defined using MM03.
2. Verify using ME5A whether the same have been considered by requisitioner while raising the
purchase requisition (by comparing lead times defined in PR & Material Master).
3. Discuss & report the cases where the time given to MM department for procurement of material
is less than the standard lead time defined in the system.

232
Audit Checklist

24.IA.4.5 Purchase requisition


Control Objectives To verify existence & implementation of procedures for monitoring of
pending requisitions & orders
Nature of Work Step Analysis / Verification
Risk Delay in procurement of material / services may result in disruption
of operations.
Nature of Control Manual / Automated
1. Generate a list of pending requisitions using T-Code ZMMPRFOLLOWUP - PR follow-up report.
2. Generate a list of pending orders using ME5A & ME2N (filter using delivery dates as a basis to
identify overdue requisitions & orders).
3. Analyze the long pending cases in discussions with MM department & Process owner. Ensure
that PR's that are not required are deleted.
4. Understand the criticality of the requirement, its impact on operations and report any
observations.

24.IA.4.6 Purchase requisition


Control Objectives To verify whether economy of scale is attempted by clubbing multiple
requirements for similar material / services
Nature of Work Step Analysis / Verification
Risk Finalization of order on uncompetitive terms & conditions.
Nature of Control Manual / Automated

1. Generate ME2N for the review period.


2. Analyze the orders for same material / services within a short span.
3. Report cases where:
a. Same material / service has been procured at differential price
b. Where opportunity of obtaining the bulk quantity discount could have been levered.

24.IA.5.1 Purchase order


Control Objectives Monitoring of POs
Nature of Work Step Analysis / Verification
Risk Inadequate monitoring of open Pos.
Nature of Control Manual / Automated

1. To ensure that there's a process monitoring of emergency PO's so as to reduce the cost of
procurement.
2. To ensure there 's adequate 3-way match procedure such that correct payment is made. Use T-
Codes MB5S & ME2N.
3. To ensure that there's no delay in procurement due to non-monitoring of Open PO's. Use T-
Codes MB5S & ME2N.

233
Audit Checklist

24.IA.5.2 Purchase order


Control Objectives To verify that the Non-proprietary items are not purchased as
proprietary item to avoid tendering process.
Nature of Work Step Analysis / Verification
Risk 1. Finalization of order on uncompetitive terms & conditions.
2. Increased dependency on limited no. of vendors.
Nature of Control Manual / Automated
1. Generate a list of Orders awarded on Proprietary basis using T-Code ME2N.
2. Verify availability of proprietary certificate against each order.
3. Analyze of the validity of the certificate and report any observation.

24.IA.5.3 Purchase order


Control Objectives To verify that any order is not awarded to any black listed vendor
Nature of Work Step Analysis / Verification
Risk 1. Finalization of order on uncompetitive terms & conditions.
2. Delay in procurement of material / services which may result in
disruption of operations.
3. Procurement of material / services which do not match the
requirement.
Nature of Control Manual / Automated

1. Obtain the list of black listed vendors. Use SAP T-Code S_ALR_87012179, enter the company
code and select check box "Only with posting block".
2. Generate a ME2N / ME3N for the period giving list of orders awarded during the review period.
3. Analyze these reports to verify if any order is given to any blacklisted vendor, after the date of
blacklisting.

24.IA.5.4 Purchase order


Control Objectives To ascertain whether same material / services are being availed at
differential prices during a short span of time
Nature of Work Step Analysis / Verification
Risk Finalization of order on uncompetitive terms & conditions.
Nature of Control Manual / Automated

1. Generate ME2N for materials and services.


2. Analyze whether same material/ services have been procured / availed at differential prices
within short span of time both from same or different vendor.
3. Verify if any Rate contract exists for any material / services which is procured through One Time
Orders using T-Code ME33K.
4. Do the similar rate comparison with the same material / service procured across different
spheres / Projects / Branch offices within short span of time.
5. Discuss the reasons for variances with MM department and report any observations.

234
Audit Checklist

24.IA.5.5 Purchase order


Control Objectives To verify that procurement is done only for uniquely codified
materials
Nature of Work Step Analysis / Verification
Risk 1. Finalization of order on uncompetitive terms & conditions.
2. Procurement of material with wrong specifications.
3. Distortion of procurement history database.
Nature of Control Manual / Automated

1. Obtain list of purchase orders and verify if there is any line item without material code.
2. Further analyze list of services availed during the period using T-Code MSRV1. and find any cases
where material has been procured through work order.
3. Discuss the exceptions with MM department.

24.IA.5.6 Purchase order


Control Objectives To verify that the adequate taxes have been paid on the procurement
of goods / services
Nature of Work Step Analysis / Verification
Risk Statutory non compliance leading to penal consequences.
Nature of Control Manual / Automated

1. Use Transaction ME2N to see the list of orders.


2. Check the orders for correct taxes as per the applicable rates.
3. Obtain the reason for exceptions and report the same.

24.IA.5.7 Purchase order


Control Objectives To verify that there is segregation of duties for creation of order /
contract and approval of order / contract.
Nature of Work Step Analysis / Verification
Risk 1. Unauthorized procurement of material / services.
2. Procurement of material / services in excess of requirement.
3. Finalization of order on uncompetitive terms & conditions.
Nature of Control Manual / Automated

1. Check with Administrator / SAP Basis Team for the list of users who have authorization to create
Order / contract by using T-Code ME21N, ME31, ME31L, ME31K and users who have
authorization to release the order / contract at different authorization level.
2. Check if the same user does not have both creation and approval roles.
3. Discuss & report any observation.

235
Audit Checklist

24.IA.6 Vendor development and enlistment


Control Objectives Compliance to Purchase Manual, competitive pricing leading to cost
advantage to the Company
Nature of Work Step Verification
Risk 1. Non-compliance to Purchase manual.
2. Inappropriate approvals.
3. Uncompetitive procurement due to no vendor development.
Nature of Control Manual / Automated
1. Check whether list of approved vendors is prepared and updated on regular basis against the
materials.
2. To ensure that there is no overdependence on sole supplier due to non-identification of
alternate vendors. Use T-Codes ME2L.
3. Check whether any inclusion/ deletion of a new vendor is approved as per DOP.
4. Check whether the vendors are enlisted through flagging of tenders only if they meet the
qualifying criteria as mentioned in the Purchase Manual.
5. Check that potential vendors who submitted applications after a period from the date of
publication of tender is not considered for enlistment through flagging.
6. Check whether the vendors are enlisted through trail orders only if they meet the qualifying
criteria as mentioned in the Purchase Manual.
7. Check whether trial orders are raised only in situations as mentioned in the Purchase Manual.
8. Check whether trial orders are not raised for specific items mentioned in the Purchase Manual.
9. Check whether techno-commercial analysis is done as per the process mentioned in the
Purchase Manual, before raising a PR for trial order.
10. Check whether PR for trial order is raised timely as per the process mentioned in the Purchase
Manual and approved as per DOP.
11. Check whether the payment for materials received for trial order is made after material testing
and its acceptance.
12. Check whether payment for trial order is made to potential vendor in case of delayed trials after
lab testing/ documentary evidence against the bank guarantee.
13. In case the payment needs to be made without a bank guarantee, ensure necessary approvals
are obtained as per DOP.
14. To ensure that there's presence of key terms & conditions in the contract, PO and ratification by
the legal department to avert vendor disputes.
15. To ensure that there's authorized access to vendor master. Use T-Codes SUIM.
16. To ensure the presence of vendor appraisal process. Use T-Codes ME6H.
17. Check that the vendor name is enlisted on acceptance of materials received for trail order.

236
Audit Checklist

24.IA.7 Notice Inviting Tender (NIT)


Control Objectives Competitive bidding, completeness of tender document, safeguarding
interest of the Company
Nature of Work Step Verification
Risk 1. Incompleteness of notice inviting tenders.
2. Inadequate documentation in contract file.
Nature of Control Manual
1. Check whether NIT are timely sent to PR Public Relation department for approval.
2. Check whether follow up is done with the PR department for timely publication of
advertisement.
3. Check whether copies of newspaper is documented in contract tender file.
4. Check whether completeness of the notice inviting tenders (whichever applicable) is ensured in
terms of its content e.g. Tender Number, Brief description and quantity of material required, Bid
closing date and date of opening of tender, Addresses from where the tender documents are
available for sale, Amount and mode of payment of tender fee, Starting and closing date of sale,
Other terms and conditions, if any, The web site address of Oil India Ltd, as mentioned in the
Purchase Manual.
5. Check whether the tender forms are serially numbered.

24.IA.8.1 Sale of bidding document


Control Objectives Accuracy in amount received through sale of bid document
Nature of Work Step Analysis / Verification
Risk 1. Inadequate process of collection of money raised through bid
document.
Nature of Control Manual / Automated
1. Check whether a bid document fee is charged for the sale of bid documents as per the Purchase
Manual.
2. Verify that the sale of bid document is recorded in the bid register along with their address,
cheque number and whether the bidder is a Government Department or registered with NSIC.
The SAP T-Codes for checking tender fee amount and tender received is ZMMTENFEE3 /
ZMMTENDER3.
3. Check whether appropriate supporting are taken from the bidders exempted from paying the
bid document fee i.e. Government Department or registered with NSIC.
4. Check whether the total amount collected from sale is reconciled with the total number of bid
documents sold.
5. To verify that the proper accounting of the tenders sold and unsold is done.
6. To verify that no sale of bid document is done after last day of tendering sale closing date.
7. Check whether there is a process of monitoring the collections made through sale of bid
document w.r.t the bid documents sold.
8. Check whether reconciliation between money collected and total number of bid documents sold
is done.
9. Check whether the tender documents are mailed as per the process mentioned in the Purchase
Manual and after approval as per DOP.
1. 10. Obtain the list of black listed vendors. Use SAP T-Code SE16N (LFA1 Table) to get list of
vendors for posting block and purchasing block. Check that no tender documents are sold to
parties who have been suspended/banned i.e. blacklisted by any sphere of OIL.

237
Audit Checklist

24.IA.8.2 Sale of bidding document


Control Objectives To verify that the extension of bid entering date is authorized in
writing by the competent authority.
Nature of Work Step Verification
Risk Non compliance to DOP / MM Manual may result in unauthorized
procurement of material/ services.
Nature of Control Manual

1. Check for the tenders for which bid entering date was extended.
2. Check if the competent authority has approved the extension as per DOP/MM MANUAL.
3. Obtain the reason for exceptions and report the same.

24.IA.9 Bid security


Control Objectives Assuring collection or return of bid security as per Purchase Manual
Nature of Work Step Analysis / Verification
Risk 1. Non-adherence to purchase manual.
Nature of Control Manual

1. Check whether Bid security is obtained as specified in the bid document.


2. Check whether bid security is only received in the form bank guarantee, bank draft, banker's
cheque or irrevocable letter of credit. Ensure it has been kept in safe custody.
3. Check whether exemption of bid security has been made in compliance to the Purchase Manual.
4. Check whether bid security is released only as per the terms mentioned in the Purchase Manual.
5. Check whether bid security is returned to the bid winner only after performance security has
been received.
6. Check whether bid security is forfeited in case of withdrawal of bid within the validity period or
non-acceptance of offer made.

24.IA.10 Pre-bid conference


Control Objectives Compliance to Purchase Manual, Transparency in process
Nature of Work Step Analysis / Verification
Risk 1. Legal hurdles resulting from non-transparent process being
followed.
2. Non-compliance to purchase manual.
Nature of Control Manual

238
Audit Checklist

1. Check whether pre-bid conference is held only after approval from competent authority.
2. Check whether only the parties who had bought the Bid Documents are invited to attend the
Pre-bid Conference.
3. Check whether senior most officer from the Indenting Department along with the representative
from Materials Department and Finance is present at the Pre-Bid Conference.
4. Check whether the minutes of the meetings are prepared and signed off by all the attendees.
5. Check whether the changes made, if any in PBC are approved by competent authority and
communicated to the bidders through fastest means of communication.
6. Check whether new bidders are invited for participation only if there is any major change in the
qualifying criteria.
7. Check if approval is taken as per DOP in case the sale of bid documents is initiated again.
24.IA.12 Two-bid system
Control Objectives Competitive bidding, compliance to contract manual
Nature of Work Step Verification
Risk 1. Non-compliance to contract manual.
2. Non-adherence to process of two bid system.
Nature of Control Manual
1. Check whether two part-bid system (Un-priced Technical Bid and Price Bid separately) is used as
required in Purchase Manual.
2. Check whether in the two bid system, the price envelope is opened only after opening of
technical bid and opening of price bid is approved as per DOP.
3. Check whether only the bids that have been quoted within the time period as specified in the
bid document are considered as valid.
4. Check whether the price Bids of the Techno-Commercially rejected parties are stored for one
year after finalization of the tender.

24.IA.13 Open tendering


Control Objectives Timely bidding, allowing eligible vendors for bidding, time bound
bidding
Nature of Work Step Verification
Risk 1. Non-adherence to purchase manual/DOP.
Nature of Control Manual
1. Check whether approval for adoption of open tendering process is taken as per DOP.
2. Check whether open tendering system is used as required in Purchase Manual.
3. Check whether the date of PR release, with the date of e-tendering initiation and the date of
vendor code creation for the same are mapped and reasons are recorded for delay.
4. Check whether for open bidding, advertisement is published on OIL website and Press as
required by the Purchase Manual.

24.IA.14 Limited tendering/ Single tendering/ Emergency procurement


Control Objectives Compliance to DOP, availing emergency services procurement, time
bound bidding
Nature of Work Step Verification
Risk 1. Non-adherence to purchase manual/DOP.
2. Inappropriate approvals.
Nature of Control Manual
1. Check whether there is a process to maintain a database with details of all the contracts / PO
made through single tender contract and reasons are provided for the same.

239
Audit Checklist

2. Check whether approvals are obtained as per DOP for entering into the selected method of
bidding.
3. Check whether for single bid, either the certificate for emergency approved by DOP or the
proprietary certificate is present.
4. Check whether quarterly report on nomination orders is submitted to CVO,CBC, Board
(whichever applicable) as required by the Purchase Manual.
5. Check whether the bidding process is open only till the time period mentioned as per the
Purchase Manual.
6. Check whether the emergency procurement is regularized timely and as per the process
mentioned in Purchase Manual.

24.IA.15 Spot purchases


Control Objectives Compliance to DOP
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual / Automated
1. Obtain the list of spot purchase orders by using T-Code ZMMPOValue. Obtain the list of Spot
Purchase Requisition by using T-Code ME5A.
2. Check whether spot purchases are made only for items less than Rs. 10000 or the limit as
specified in DOP.
3. Check if the Spot wing of the Materials department has an updated list of vendors for spot
purchases.
4. Check whether there is bias is placement of spot orders.
5. Check whether orders are placed on piece-meal basis to procure the item through spot
purchase.
6. Check whether a committee is constituted for spot purchases of items that are highly design
oriented and aesthetic.
7. Check whether minimum 3 quotations are invited from enlisted OIL vendors.
8. Check whether emergency purchases are finalized by a committee formulated for the same.
Check PR list using ME5A (filter by PR type).

24.IA.16 Annual rate contract


Control Objectives Compliance to DOP
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual / Automated

1. Use T-Code ME3L and check whether annual rate contracts have been finalized for proprietary
spares as mentioned in the Purchase Manual.
2. Check whether necessary approvals are obtained as per DOP.
3. Check whether the contract is only valid for a period of 2 years (whether the contract is
extended for another year after the requisite approvals).
4. Check whether annual rate contracts are utilized and no tender is processed for items for which
annual contract is present.

240
Audit Checklist

24.IA.17 Procurement of medicines


Control Objectives Timely procurement of medicines, avoid procurement of fake
medicines
Nature of Work Step Analysis / Verification
Risk 1. Inadequate process for procurement of medicines.
Nature of Control Manual / Automated

1. Use T-Code ME53N and ME5A to check whether the PR raised for medicine by the Medical
department is certified by Drug Purchase Committee. Use the T-Code ZMMPOVALUE to obatin
the list of PO.
2. Check whether the PR raised mentions the manufacturers name against each medicine to be
procured.
3. Check whether the Materials department timely requests the manufacturer to provide details of
distributors in nearby areas as mentioned in the Purchase Manual.
4. Check whether follow up mechanism exists to procure the quotations in order to avoid delay and
enhance competition.
5. Check whether rate applicable to the Hospital/ Institutional sale are considered as per the
current price list.
6. Check whether the contract is awarded to the party offering highest discount subject to their
fulfillment of other terms and conditions of the NIT.
7. Check whether payment is made as per current price list meant for Hospital / Institutional sale at
the time of delivery considering discount offered by the supplier.
8. Check whether a letter is obtained from the manufacturer certifying that medicines supplied
have been manufactured by the manufacturer mentioned in the package and the medicines
covered in the supply lot have shelf life of half the total shelf life period at the time of receipt.
9. Check whether quality of the supplied medicines is periodically tested on random basis through
reputed laboratories.

24.IA.18 Receipt of bid


Control Objectives Segregation of duties, Bids in lock in key
Nature of Work Step Analysis / Verification
Risk 1. Improper safeguarding of bids.
Nature of Control Manual

1. Check whether the bid closing date, if extended is done as per the terms and procedures
mentioned in the Purchase Manual.
2. Check whether the Bids are deposited by the bidders in the Tender Box kept at the designated
office of OIL, received by ordinary/registered post/courier/Speed post or handing them over to
the Officer in charge of receiving the bids in case the numbers of bids are voluminous.
3. Check whether tender Box is always kept locked by two locks and key of one lock is under
custody of Purchase office and key of other lock is with the designated officer of Accounts Office.
4. Check whether bids received by ordinary/Regd. Post/personally are handed over to Dispatch
Section and recorded in a register maintained at dispatch section.
5. Check whether E-mail / fax / telex / telegraphic/telephonic bids are accepted only when
specifically asked for in writing.

241
Audit Checklist

24.IA.19 Opening of bid


Control Objectives Tracking of bid documents
Nature of Work Step Analysis / Verification
Risk 1. Improper tracking of bid documents.
Nature of Control Manual

1. Check whether the attendees present at the time of opening the bids are only bidders /
authorized representative of bidders.
2. Check whether a letter of authority has been submitted along with the copy of tender in case, an
authorized representative is attending the meeting.
3. Check whether the bids received are serially numbered and envelops are preserved.
4. Check whether Bid officers presented at the time of opening of Bid have signed against the
name of firms who’s Bid has been received and to sign against all
changes/amendments/addition etc. made as mentioned in the Purchase Manual.
5. Check whether certificate of compliance and bid security are furnished by the bidders.

24.IA.20 Evaluation of bids, preparation of Tender Tabulation / Purchase Proposal


Committee Resolution (TCR) and award & signing of the PO contract
Control Objectives Selection of competent supplier contractor
Nature of Work Step Analysis / Verification
Risk 1. Selection of incompetent supplier contractor.
2. Inadequate documentation.
Nature of Control Manual / Automated
1. Use T-Code ME49 to check whether comparative statement including FOB/FCA charges is
prepared as per the Purchase Manual and approved as per DOP.
2. Check whether the evaluation of the bid is done as per evaluation criteria, technical and
commercial evaluation reports, BEC/BRC including bidder’s qualification requirements and cost
compensating the deviations taken by the bidders.
3. Check whether more than one person is involved in finalization of PO/ Contract.
4. Check whether a rejection report with complete details as mentioned in the Purchase manual is
prepared timely.
5. Check whether the Purchase Proposal is approved and communicated to the bid winner within
the bid validity period.
6. Check whether the detailed PO contract is signed within two weeks of notification of award of
Contract (LOA/LOI).

24.IA.21 Placement of order


Control Objectives Timeliness and accuracy in placement of order, Inclusion of standard
terms and conditions
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approval.
2. Non-Inclusion/adherence of standard terms and conditions.
Nature of Control Manual / Automated
1. Check whether the LOA is sent timely through FAX/Courier/ Email for cases where validity of
recommended bidder is going to expire prior to expected receipt of formal order by the party in
order to freeze the rates.

242
Audit Checklist

2. Check whether the LOA seek submission of Performance bank guarantee.


3. Check whether the formal order complete with Techno-Commercial specification, testing/
inspection requirements and commercial terms and conditions etc. and General terms and
conditions of Purchase Order, is issued timely to the winning bidder.
4. Check whether bidder refusing the acceptance of LOA has been debarred and the bid security
has been seized.
5. Check whether the bid security is released only after deposit of performance security.
6. Check whether the order for foreign/indigenous procurement includes salient terms as
mentioned in the Purchase Manual. E.g.: Insurance, CIF, FOB, weight of consignment, Buy right
now (BRN)/ Buy right here (BRH) etc.
7. Use T-Code ME23N, ME2N and ME2S to check whether the Purchase Order/ Formal offer is
signed and approved as per DOP.
8. To ensure that the price mentioned in the PO is same as that mentioned in the bid.

24.IA.22 Performance guarantee


Control Objectives Assuring collection or return of performance guarantee as per
Purchase Manual
Nature of Work Step Analysis / Verification
Risk Non-receipt of performance guarantee.
Nature of Control Manual

1. Check whether the performance guarantee is collected timely from the bidder as per the
Purchase Manual. Also, check if the performance guarantee was extended/renewed as required.
2. Check whether the performance guarantee is returned only after NOC is received from the user
department and warranty obligations have been fulfilled.
3. Check whether in case of invocation of performance security, proper reasoning is done and
approval is taken as per DOP.
4. Check whether performance security is not returned if order for invocation is passed.

24.IA.23 Amendment to order


Control Objectives Compliance to Purchase manual and DOP
Nature of Work Step Verification
Risk Inappropriate approval.
Nature of Control Manual
1. Check whether the amendment made w.r.t PO (payment term, packing, quantity, mode of
dispatch etc.) is approved as per DOP.

24.IA.24 Follow-up
Control Objectives Timeliness in delivery of materials
Nature of Work Step Verification
Risk Untimely delivery of materials.
Nature of Control Manual / Automated
1. Check whether there is a database to monitor the expected date of receipt of materials.
2. Check whether there is a process to follow-up with the supplier advising them for execution of
orders falling due after two months.
3. Check whether a list of major suppliers has been maintained and updated.
4. Check whether monthly follow up is done with these suppliers regarding pending orders.

243
Audit Checklist

5. Check whether the responses are recorded and reviewed by concerned dealing officer for
further action.
6. Use T-Code ME2N/ME5S , then check "Still to be delivered" quantity, if this value is not zero then
it is open PO. Check whether there is a process of monitoring open POs and closing them timely,
if required.
7. By using T Code FBL3N, generate the DR (Discrepancy) report and discuss with department long
pending issues.

24.IA.25 Replacement Supply


Control Objectives Timely action to avoid financial loss to the Company
Nature of Work Step Analysis / Verification
Risk Financial Risk.
Nature of Control Manual

1. Check whether claim for replacement is filed timely with the supplier as per the process
mentioned in Purchase Manual.
2. Check whether the defective ordered item is returned to the supplier only after obtaining
adequate bank guarantee.
3. Check whether the defective ordered item is replaced without a bank guarantee only after
taking approval as per DOP.
4. Check that Materials department informs GM(F&A) timely for filing of insurance claim, in case of
no response from supplier.

24.IA.26.1 Receipt of material


Control Objectives Timely and accurate receipt of material
Nature of Work Step Analysis / Verification
Risk Operational risk with late receipt of material/inaccurate receipt of
material.
Nature of Control Manual / Automated
1. Check whether the entry pass and delivery note for the materials received is initiated timely by
the Materials Department.
2. Check whether the delivery note prepared is complete.
3. Check whether the quality of the material is up to the mark. The SAP T-Code is MCXE.
4. Check whether there is timely inspection from user department. The SAP T-Code is MB51.
5. Check whether all the relevant documentation like delivery note, invoice, test proprietary
certificate etc. is sent by the Materials department to the user department timely.
6. Check whether intimation regarding the unloading point of non-stock items is received timely
from the user department.
7. Check whether the GRN is prepared immediately on receipt of note from user department
confirmed no exceptions.
8. Check whether the material received is unloaded timely.
9. Check whether there is a process to monitor the delay between receipt of material and GRN
creation taken to avoid similar delays in future.
10. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.
11. Check that receipt of material is directly at site. The SAP T-Code is MB51.
12. Check whether the receiving of material is done in the presence on CISF, representatives from
Materials and user department.

244
Audit Checklist

24.IA.26.2 Receipt of material


Control Objectives To verify that GRN is done for the right quantity of goods
Nature of Work Step Analysis / Verification
Risk 1. Payment may be released to supplier for sub standard delivery.
2. Disruption in operation due to non availability of material.
3. Delay in updating an inventory ledger or creation of GRN.
4. Sub standard delivery may get accepted as standard delivery.
Nature of Control Manual / Automated

1. Check if the company has defined policies and procedure for receiving material and recording
receipt information at the gate.
2. Check if the SAP system permits creation of GRN without Gate entry in the system. Display Gate
Entry ZMMINWARD3.
3. Check if the goods have been received as per the PO quantity, rate, description, terms etc.4.
Weighment / Counting controls:
a. Whether the receiving section has a weighment bridge. If not, whether the security
accompanies the truck to the external weighment bridge.
b. Whether shortage is accurately recorded or not.
4. Check whether the tolerance limits are defined for materials wherever applicable.
5. Discuss and report any observations.

24.IA.26.3 Receipt of material


Control Objectives To verify that the Inward entry is done before GRN
Nature of Work Step Analysis / Verification
Risk Inability to track gate entry time and GRN time separately may
hamper the delivery monitoring system.
Nature of Control Manual / Automated
1. Check if the company has defined policies and procedure for receiving material and recording
receipt information at the gate Display Gate Entry ZMMINWARD3.
2. Check if the SAP system permits creation of GRN without Gate entry in the system.
3. Discuss & report any observations.
24.IA.26.4 Receipt of material
Control Objectives To verify that there is no delay for GRN once the Inward entry is done.
Nature of Work Step Analysis / Verification
Risk 1. Inability to track gate entry time & GRN time separately may
hamper the delivery monitoring system.
2. Delay in updation of stock may lead to delay in issue of material to
process & operations may suffer.
Nature of Control Manual / Automated

1. Obtain GRN dump from the system. Use T-Code MB51.


2. Compare GRN creation date with GRN / gate entry date to identify cases of delay in creation of
GRN.
3. Discuss and report any observations.

245
Audit Checklist

24.IA.26.5 Receipt of material


Control Objectives To verify in case of partial delivery , the follow up for reasons &
remainder of order with supplier is done.
Nature of Work Step Analysis / Verification
Risk 1. Disruption in operation due to non availability of material.
2. Extra financial outlay for multiple trips by truck.
Nature of Control Manual / Automated
1. Use T-Code ME2N for list of Purchase orders along with balance quantity to be delivered.
2. Check whether adequate follow up / correspondence with vendor for pending.
3. Obtain the reasons for under-delivery and report the same.
4. Discuss & report any observations.

24.IA.27 Issuance of material


Control Objectives Authorized issue
Nature of Work Step Verification
Risk Unauthorized issue leading to control risk
Nature of Control Manual / Automated
1. To ensure that there's authorized issue of material in accordance with segregation of duties
between personnel responsible for ordering, receiving and issue of material. The SAP T-Code is
SUIM.
2. To ensure correct valuation of inventory for material issued, and timely updation in SAP. The
SAP T-Code is MM60.

24.IA.28 Demurrage
Control Objectives Avoid unnecessary demurrage charges
Nature of Work Step Verification
Risk Inadequate Reasons, corrective actions and quantum of payment of
demurrage.
Nature of Control Manual
1. Check whether there are instances in which demurrage has been incurred by the Company.
2. Check if negotiation has been carried out with the concerned authority regarding relaxation of
demurrage charges.
3. Check whether demurrage is paid only after approval as per DOP.
4. Check if reasoning analysis is available as to why demurrage has taken place and corrective
actions have been initiated to avoid the same.

24.IA.31.1 Insurance
Control Objectives To verify that the insurance spares are identified separately.
Nature of Work Step Verification
Risk Non availability of material at the time of requirement may lead to
disruption in operations resulting in financial losses.
Nature of Control Manual

246
Audit Checklist

1. Identify insurance spares from material register / master.


2. Review of insurance spares on sample basis and check that approvals are taken.
3. Review the criticality of spares based on the discussion with maintenance HOD and Identify the
cases where non-critical spares are declared as insurance spares.
4. Discuss and report any deviations.

24.IA.31.2 Insurance
Control Objectives To review monitoring procedures for insurance claims
Nature of Work Step Verification
Risk 1. Delay in claiming insurance may result in non receipt of claim.
2. Delay in receipt of claim may result in blockage of working capital.
Nature of Control Manual

1. Obtain list of goods damaged.


2. Verify whether insurance is available for such goods.
3. Check whether the claim are filed on timely basis.
4. Obtain a list of pending insurance claims.
5. Inquire reasons for delay in filing and finalization of claims.
6. Discuss & report any observations.

24.IA.32 DGCA permit and Explosives license


Control Objectives Statutory Compliance
Nature of Work Step Verification
Risk Non Compliance to statutory requirements.
Nature of Control Manual
1. Check whether procurement of explosives and radioactive materials is done in compliance with
Purchase Manual and Statutory Guidelines.
2. Check whether application for DGCA permit/explosives license/NOC from BARC is filed
immediately after completion of the Techno-Commercial scrutiny, with the concerned
government departments after approval as per DOP.
3. To ensure compliance to regulatory laws and regulations.
4. To ensure there is no delay in renewal or expiry of various licenses.
5. Check whether there is a process of follow-up with the concerned departments/organizations
for granting of licenses/permit.

24.IA.33 Monitoring of lead times from PR to PO issuance.


Control Objectives Timely award of contracts
Nature of Work Step Analysis / Verification
Risk Delays in finalizing contracts
Nature of Control Manual / Automated

1. Check whether the time taken in converting PR to PO for each stage is being monitored by
Materials Department.
2. Analyze the lead time taken for each stage from PR to contract and report the cases of
exceptional delays.

247
Audit Checklist

24.IA.34 PR tracking
Control Objectives Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out
situations / operational delays.
Nature of Control Manual / Automated

1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

24.IA.35 Manpower planning


Control Objectives To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual

1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

248
Audit Checklist

25. Medical – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Empanelment of hospitals
3 Patient registration
4 Billing for Entitled patient / Non entitled patient (NEP)
5 Receiving, storage and issuance process of drug
6 Patient's feedback and action plan
7 Regulatory and Statutory compliance
8 Certification of bills of vendor
9 Training
10 Claims
11 Service
12 PR tracking
13 Creation of Service Entry Sheet (SES)
14 Manpower planning

249
Audit Checklist

25.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. To check whether the annual plan of Medical department is complete and all-inclusive to cover
the requirements of medicines, medical equipment, new medical facilities, CSR activities etc.
Use SAP T-codes KSBL and enter cost center to see planning overview.
2. To check whether any amendments in annual plan is approved by competent authority as per
DOP.
3. To check whether annual plan is approved by competent authority as per DOP.
4. To check whether actual expenses are monitored / compared with planned expenses on
periodic basis. Use SAP T-codes S_ALR_87013532/ S_ALR_87013558 and enter cost center.

25.IA.2 Empanelment of hospitals


Control Objective Reputed hospitals have been empanelled
Nature of Work Step Verification
Risk 1. Unsatisfactory medical services.
2. Non-availability of tax exemption certificate for the hospital may lead to
payment of addition tax by employee.
Nature of Control Manual
1. Check the process of empanelment of hospitals.
2. Ensure that adequate market research has been done and documented.
3. Check whether the empanelled hospitals have been approved as per DOP.
4. Ensure that tax exemption certificate is collected from the empanelled hospitals by the Medical
department.
5. Check whether the hospital rate chart has been taken and documented.

25.IA.3 Patient registration


Control Objective Accurate patient details, Complete documentation & No duplicate patient ID
Nature of Work Step Verification/Analysis
Risk 1. Inaccurate patient details.
2. Incomplete documentation.
3. Duplicate patient ID.
Nature of Control Manual/Automated
1. To check whether patient master is maintained in Hospital Information System (""HIS"")/SAP
application.
2. To check whether important details like name, unique patient ID, address, age, family members
(dependents) etc. are recorded in case of Entitled patient and Non Entitled patient.
3. To ensure correct completion of registration form.
4. To check whether any duplicate patient ID exist.
5. To ensure that only a registered user is authorized.
6. To check whether patient details mentioned in the master are aligned with the details given in
hardcopy records maintained by the department.

250
Audit Checklist

25.IA.4 Billing for Entitled patient / Non entitled patient (NEP)


Control Objective Accurate billing
Nature of Work Step Verification/Analysis
Risk 1. Financial risk.
2. Non Compliance to DOP.
Nature of Control Manual/Automated
1. To conduct a walkthrough of the billing process and identify the gaps in process.
2. To check whether invoice is raised for NEP patient and approved by competent authority as per
DOP.
3. To check whether invoice (No value invoice) is raised for NEP patient and approved by
competent authority as per DOP.
4. To check whether billing done for Non entitled patient (""NEP"") is accurate in terms of rates
specified in rate circular, services provided to NEP and applicable local taxes if any.
5. To check whether segregation of duties is maintained in billing process.
6. To check whether billing done for Non entitled patient (""NEP"") is accounted for in HIS/SAP.
7. To check whether reconciliation of 'HIS's billed amount is done with SAP records on regular
basis. Use T-code FBL3N and enter G/L code.

25.IA.5 Receiving, storage and issuance process of drug


Control Objective Avoid stock out of medicines, Avoid or minimize pilferage/loss of medicines &
Avoid or minimize loss on account of expired medicines
Nature of Work Step Verification/Analysis
Risk 1. Stock out of medicines leading to operational delays.
2. Pilferage/loss of medicines.
3. Loss on account of expired medicines.
Nature of Control Manual/Automated
1. To conduct a walkthrough of receiving and issuance of medicines / medical equipment.
2. To check whether on receipt of medicines, medical equipment; GRN is created in SAP and the
same is reflected in 'HIS'. Use SAP Code MB5B, MB52 and enter plant code to see inventory
levels.
3. To check whether physical inspection of medicines, medical equipment received in store is done
by receiver/store keeper.
4. To check whether stock levels (minimum/safety/maximum) have been defined for regular
medicines/medical equipment and are monitored.
5. To check whether on issue of medicines, GRN is made in SAP and the same is reflected in 'HIS'.
6. To check whether the process of FIFO is followed while issuing the medicines. Use SAP Code
MB5B, MB52.
7. To check whether physical verification of medicines/medical equipment is done as per defined
procedures.
8. To check whether a physical verification report is prepared and signed by the authorities
presented during physical verification process.
9. To check reconciliation of physical stock is performed with HIS and SAP stocks and adjustments
for differences are made after adequate approval as per DOP.
10. To ensure that issue of medicine is supported with authorized request.
11. To check whether regular monitoring is done for expired stock and the same are disposed of
timely to avoid mishaps.

251
Audit Checklist

12. To ensure that unauthorized person keeps a check so that spurious drugs, expired drugs etc. are
not received. Use SAP Code MB5M.
13. To check whether item master is reviewed to identify duplication and incomplete description.
Use SAP Code MM03.

25.IA.6 Patient's feedback and action plan


Control Objective Patient satisfaction
Nature of Work Step Verification
Risk Patient dissatisfaction.
Nature of Control Manual
1. To check whether there is a process of taking feedback from the patients.
2. To check whether recommendations made by the patients are considered for evaluation of
processes.

25.IA.7 Regulatory and Statutory compliance


Control Objective No penalties or imprisonment as applicable under the rules/provisions
Nature of Work Step Verification
Risk Regulatory & Statutory Non- Compliance.
Nature of Control Manual
1. To check whether there is compliance framework to monitor or track compliance required
under various law/Acts applicable to the Company.
2. To verify whether compliance of applicable rules/provisions are monitored periodically.
3. To check whether non compliance to the requirements is reported to the management
periodically for further action.

25.IA.8 Certification of bills of vendor


Control Objective Authorized payment, No duplicity payments
Nature of Work Step Verification
Risk 1. Unauthorized and duplicate payments.
2. Delay in payment may lead to employee being denied treatment at the
hospital.
Nature of Control Manual/Automated
1. To conduct a walkthrough of certification of bills of vendor.
2. To check whether vendor's invoices are paid only after proper supporting have been verified
and approval is taken as per DOP. Use SAP Code FBL1N for accounting in GL code, MIR4 and
enter invoice number to see details.
3. To check whether advance payment made to the vendor is adjusted while making payment of
invoice. Use SAP Code FBL1N.
4. To check that there's no over payment / duplicate payment to the vendors. Ensure that the
payment has been made as per the approved rate card provided by the hospital. Use SAP Code
FBL1N.
5. To check whether payment is made only against liability created in SAP. Use SAP Code FBL1N.
6. Ensure that all the medical bills are paid timely by the Company.

252
Audit Checklist

25.IA.9 Training
Control Objective Trained staff
Nature of Work Step Verification/Analysis
Risk 1. Untrained staff.
2. Low quality of services.
Nature of Control Manual
1. To check whether training calendar/schedule for nurses and doctors is planned.
2. To check whether planned training schedule for nurses and doctors is complied with.
3. To check whether all staff/nurses/doctors were covered in training schedule.
4. To check whether attendance is recorded for staff / nurses / doctors who attended the
trainings.
5. To check whether feedback of the staff/nurses/doctors is obtained.
6. To check whether recommendations made by the staff/ nurses/ doctors are considered for
evaluation of training process.

25.IA.10 Claims
Control Objective Processing
Nature of Work Step Verification/Analysis
Risk Incorrect processing of claims.
Nature of Control Manual/Automated
1. To ensure correct processing of claims. Use SAP Code FBL3N/FBL1N.

25.IA.11 Service
Control Objective Quality of service
Nature of Work Step Verification/Analysis
Risk Delay in case of a breakdown.
Nature of Control Manual/Automated
1. To check that situation of breakdown of equipment is speedily met for its repair/ replacement.
Use SAP code IW29, IW39, IW23, IW33 and enter details of medical equipment numbers.
2. Obtain list of AMC from the department. Check whether all the equipment have been covered
under AMC. Further, check whether the maintenance is carried out as per schedule. Use T-code:
IE03/IP24/IP10, IW29/IW39.
3. To ensure there is no shortage of doctors and other staff.

25.IA.12 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis
is conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

253
Audit Checklist

25.IA.13 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

25.IA.14 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES.
Check whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

254
Audit Checklist

26. Pipe Line Fields – Internal Audit


Scope
Audit scope
1 Planning, preparation and budget
2 Environment, Health and Safety Compliance
3 Construction of Crude Oil Flow lines and Crude Oil Delivery
(COD) Lines
4 Maintenance of Crude Oil Delivery (COD) lines
5 Construction of Natural Gas Flow lines and Transportation
Lines
6 Maintenance of Natural Gas, transportation lines
7 Construction of formation water disposal lines
8 Maintenance of formation water disposal lines
9 Installation of Indirect Heater
10 Operation
11 PR Tracking
12 Creation of Service Entry Sheet
13 Manpower Planning

255
Audit Checklist

26.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of Pipe line fields department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

26.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

256
Audit Checklist

27. Planning – Internal Audit


Scope
Audit Areas
1 Budgeting and business plan
2 Budget monitoring
3 Pre-requisites for operations
4 MIS Reporting
5 Annual plan / MOU Targets
6 Inter departmental co-ordination
7 PR Tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower Planning

257
Audit Checklist

27.IA.1.1 Budget monitoring


Control Objective To ensure expenditure with in the approved budget
Nature of Work Step Verification/Analysis
Risk Inability to prepare corrective action plans.
Nature of Control Manual/Automated
1. Check whether adequate budget monitoring for budgeted vs. actual expenditure is there for all
type of budgets. Use T-Code S_ALR_87011761 to see all types of budget.
2. Check if preventive control is in place to ensure no expenditure is made beyond the approved
budget.
3. Check segregation of duties for preparation and releasing of budget in SAP. Use T-Code SUIM.
4. Check if all the budget is entered in SAP against appropriate cost center. Use T-Code CJ31.
5. Check if access to add or change the budget figures in SAP is restricted and allocated to
authorized person only. Use T-Code SUIM; S_ALR_87013560 for any updates in budget.
6. Check if any deviation from the approved budget is backed with proper reason and approval
from appropriate authority.
7. Check if the budget monitoring is done in line with assumptions taken during budget
finalization. Any deviation need to be factored in budget monitoring.

27.IA.1.2 Budget monitoring


Control Objective Fixing accountability
Nature of Work Step Verification/Analysis
Risk Weak monitoring controls may lead in inability to initiate corrective action
plans.
Nature of Control Manual/Automated
1. Check whether monitoring responsibility have been fixed within the department. (To monitor
execution of proposal/project within budgeted funds and time.)
2. Check whether appropriate reporting has been done by the person responsible in case of any
deviations.

27.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

258
Audit Checklist

27.IA.3 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

259
Audit Checklist

28. Production Gas – Internal Audit


Scope
Audit Areas
Production Gas -P & D
1 Planning, budgeting & monitoring
2 Monitoring
3 Contracting and receiving
4 Billing and sales accounting
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning
8 New project and achievements
Production Gas - Projects
1 SOP compliance
2 Projects
3 Contract monitoring
4 Operations
5 Cost control analysis
6 New project and achievements
7 Safety
8 Training to workers
9 Security
10 Statutory compliances
11 Tools, spares and other expenses
12 HSE compliances
Production Gas - SCADA
1 Monitoring through SCADA
2 Projects
3 Tools, spares and other expenses
4 Calibration
5 Statutory compliances
6 Equipment management and maintenance
7 Maintenance
8 PR tracking
9 Creation of Service Entry Sheet (SES)
Production Gas - NAGFD
1 Planning, budgeting & monitoring
2 Gas transportation
3 Manpower planning
4 Training to workers
5 Well stimulation services
6 Commissioning and work over

260
Audit Checklist

7 Gas flaring
Production Gas -Admin & MSO
1 Health, safety and environment compliances
2 Periodic audits & inspections
3 Statutory clearances and permission
4 Disposal of waste, hazardous chemicals and other by products
5 Administration
Production Gas -O & M
1 SOP Compliance
2 Equipment management and maintenance
3 Maintenance
4 Maintenance of pipelines
5 Issuing material for replacement
6 Breakdown analysis
7 Safety
8 Training to workers
9 Statutory compliances
10 Tools, spares and other expenses
11 HSE compliances
Production Gas -GCS
1 SOP compliance
2 Operations
3 Safety
4 Testing of flow lines
5 Equipment management and maintenance
6 Maintenance
Production Gas -Gas Field
1 Planning, budgeting & monitoring
2 Gas transportation
3 Work over operation
4 Dehydration of Natural Gas
5 Gas flaring
6 Resource planning and monitoring

261
Audit Checklist

28.IA.1 P & D- Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of Production Gas department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various sections of production gas department
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

28.IA.2 P & D - Monitoring


Control Objective Effective implementation of activities
Nature of Work Step Analysis/Verification
Risk Inefficient implementation of activities.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013532 to check whether actual expenses are monitored / compared with
planned expenses on periodic basis against such plan.
2. Check whether the information for future requirements is gathered and the proposal is sent for
approval to management.
3. Use T-Code MCPO to check whether the production reports are being prepared on daily/
weekly/ monthly/ quarterly basis visa- a- visa entry in SAP system.
4. Use T-Code MCPM to check actual production meets planned targets.
5. Use T-Code MC4L to check that there are no delays in response from service providers/
contractors.
6. Check that production target is fixed by corporate based on directives from government.

262
Audit Checklist

28.IA.3 P & D - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis/Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

28.IA.4 SCADA - Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory Non-Compliance.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
compliance to the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department
5. Check if all statutory compliances w.r.t contract labour are ensured.

28.IA.5 SCADA - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis/Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

263
Audit Checklist

28.IA.6 Gas Field - Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of Production Gas (Gas Field) section is complete and all-
inclusive to cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
c. Linked to the requirement of various departments
d. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

264
Audit Checklist

29. Production Oil – Internal Audit


Scope
Audit Areas
Production Oil -P & D
1 Planning, budgeting & monitoring
2 Monitoring
3 Contracting and receiving
4 Billing and sales accounting
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning
8 New project and achievements
Production Oil - Projects
1 SOP compliance
2 Projects
3 Contract monitoring
4 Operations
5 Cost control analysis
6 New project and achievements
7 Safety
8 Training to workers
9 Security
10 Statutory compliances
11 Tools, spares and other expenses
12 HSE compliances
Production Oil - Administration & Contracts
1 Health, safety and environment compliances
2 Periodic audits & inspections
3 Statutory clearances and permission
4 Disposal of waste, hazardous chemicals and other by products
5 Administration
6 Contracts
Production Oil - Operations
1 SOP Compliance
2 Equipment management and maintenance
3 Maintenance
4 Maintenance of pipelines
5 Issuing material for replacement
6 Breakdown analysis
7 Safety
8 Training to workers
9 Statutory compliances
10 Tools, spares and other expenses

265
Audit Checklist

11 HSE compliances
Production Oil - Installations (ITF/OCS/EPS/WPS)
1 SOP compliance
2 Operations
3 Safety
4 Testing of flow lines
5 Equipment management and maintenance
6 Maintenance
7 ITF
Production Oil - Water Injection
1 Water Injection
Production Oil - Utility
1 Utility
Production Oil - WSS
1 Well Stimulation Services
2 Work over Operations

266
Audit Checklist

29.IA.1 P & D - Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 3. Inappropriate approvals.
4. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of Production Oil department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various sections of production gas department
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

29.IA.2 P & D - Monitoring


Control Objective Effective implementation of activities
Nature of Work Step Analysis/Verification
Risk Inefficient implementation of activities.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013532 to check whether actual expenses are monitored / compared with
planned expenses on periodic basis against such plan.
2. Check whether the information for future requirements is gathered and the proposal is sent for
approval to management.
3. Use T-Code MCPO to check whether the production reports are being prepared on daily/
weekly/ monthly/ quarterly basis visa- a- visa entry in SAP system.
4. Use T-Code MCPM to check actual production meets planned targets.
5. Use T-Code MC4L to check that there are no delays in response from service providers/
contractors.
6. Check that production target is fixed by corporate based on directives from government.

29.IA.3 P & D - Billing and sales accounting


Control Objective Ensure adequate and timely billing
Nature of Work Step Analysis/Verification
Risk Delay/ incorrect billing.
Nature of Control Automated/Manual
1. Use T-Code VF03 to check that the quantities for invoicing are received from authorized person
of Production department.
2. Use T-Code VF03, VF05 to check whether invoices were raised as per defined timeliness.
3. Use T-Code FBL5N to check whether payment received from customer on time and interest
charged in case of delayed payment.
4. Use T-Code FBL3N to check whether reconciliation of Annual Returns has been done.
5. Use T-Code FBL3N to check whether reconciliation of return and payment of royalty, sales tax
etc. has been done.

267
Audit Checklist

29.IA.4 P & D - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis/Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

29.IA.5 Projects - Cost control analysis


Control Objective Minimum cost and maximum productivity
Nature of Work Step Verification
Risk Low productivity and excess cost incurred.
Nature of Control Automated/Manual
1. Use T-Code CJ31, CJ33, S_ALR_87013558 to check whether the budget allocated for Projects is
utilized in effective manner.
2. Use T-Code S_ALR_87013532 to check the cost incurred for Projects and compare the same
with the allocated budget.
3. Use T-Code S_ALR_87013532 to check costs incurred due to accidents or injuries sustained
while performing project work.
4. Use T-Code IE03, IW33, S_ALR_87013532 to check extra expense incurred due to obsolete
equipment.

268
Audit Checklist

30. Production Projects – Internal Audit


Scope
Audit Areas
1 Preparation of surface plan / layout
Preparation of detailed equipment layout & piping
2 drawings
3 Environment, Health and Safety Compliance
4 Statutory clearances and compliance
5 Equipment & materials design & procurement
6 Contractor / Vendor
7 Contract procedures
8 Issuance of materials/spares items
9 Project implementation/ Project execution
10 Commissioning
11 Handing over of project
12 Monitoring framework
13 Projects investment
14 PR tracking
15 Creation of Service Entry Sheet (SES)
16 Manpower planning

269
Audit Checklist

30.IA.1 Statutory clearances and compliance


Control Objective Statutory clearances and compliance
Nature of Work Step Analysis/Verification
Risk Statutory Non-Compliance.
Nature of Control Manual
1. Check that statutory clearances are timely obtained/ renewed to ensure there are no
operational delays due to any such delay.
2. Ensure compliance of the contract terms by the outsourced contractors as a result of existence
of adequate monitoring framework.
3. Ensure compliance to various statutory provisions and requirements.

30.IA.2 Contractor / Vendor


Control Objective Adequate vendor management
Nature of Work Step Analysis/Verification
Risk Inefficient procurement of materials/services.
Nature of Control Manual
1. Check that resource requirements pertaining to contractors / manpower was planned efficiently
and whether preparation of internal estimates is based on prevailing market rates.
2. Check whether adequate Performance Bank Guarantee (PBG) were obtained. Ensure that there
is no back out by L1 vendors. In case if it has happened, whether appropriate penalty was
charged and timely action was initiated for backlisting the vendor/contractor.
3. Check if there is cost/time overrun on account of inadequate deployment by contractor.

30.IA.3 Contract procedures


Control Objective Monitoring of contractual terms
Nature of Work Step Analysis/Verification
Risk Non adherence to agreed terms impacting delivery as per contract.
Nature of Control Manual
1. Ensure there is no time overrun on account of preparation of Technical specifications and
drawing by contractor.
2. Ensure there is continuous monitoring, progress reporting, quality inspections and other
contract terms etc. of work done by contractors.
3. Use T-Code ME23N,FBL1N to check if there is deduction for faulty work as per contract clause.

30.IA.4.1 Projects investment


Control Objective Return on Investment (ROI)
Nature of Work Step Analysis / Verification
Risk Non achievement of projected ROI.
Nature of Control Automated/Manual
1. Use T-Code KE30 to view profitability analysis report and check whether projected ROI is
achieved.

270
Audit Checklist

30.IA.4.2 Projects investment


Control Objective Funding requirements
Nature of Work Step Analysis / Verification
Risk Non availability of required funds.
Nature of Control Manual
1. Check whether there are appropriate tie ups done for meet funding requirements.
2. Check whether adequate and timely monitoring is done to ensure timely availability of funds.

30.IA.5 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis/Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

30.IA.6 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

271
Audit Checklist

31. Projects – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory approvals
3 Environment, Health and Safety Compliance
4 Contracting
5 Project Implementation/ Project Execution
6 Commissioning
7 Handing over of project
8 Monitoring framework
9 Projects investment
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

272
Audit Checklist

31.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of projects department is complete and all-inclusive to cover the
requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013531 by entering cost center to check whether actual expenses are
monitored/ compared with planned expenses on periodic basis.

31.IA.2 Statutory approvals


Control Objective Statutory approvals
Nature of Work Step Verification
Risk Statutory non-Compliance.
Nature of Control Manual
1. Check whether the project have the requisite statutory approvals prior to initiating construction
activities.

31.IA.3 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Manual
1. Check whether there is a compliance framework related to statutory requirement for EH&S.
2. Check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. Check whether compliance of Safety Operating Procedures (SOP) is ensured.
4. Check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt. authorities.
5. Check whether necessary approvals/clearances were obtained before start of activities.

273
Audit Checklist

31.IA.4.1 Contracting
Control Objective Strategy and contract award
Nature of Work Step Analysis / Verification
Risk Cost Overrun.
Nature of Control Automated/Manual
1. Check whether appropriate contracting strategy is identified by the company (i.e. Turnkey
contracting vis-à-vis Engaging Multiple contractors etc.).
2. Check that internal estimates are prepared based on adequate inputs, required assumptions are
documented and the same is approved as per Company policy.
3. Check whether the prices quoted are too high or too low, to ensure whether price negotiation
with L1 Bidder is in conformity with CVO Guidelines and contract procedures.
4. Check that there is no time overrun in signing of the contract by successful bidder.
5. Use T-Code CJ30N and select the WBS for the sample project to check whether the small
projects undertaken by OIL are being handled effectively and efficiently.

31.IA.4.2 Contracting
Control Objective Compliance of contract terms and conditions
Nature of Work Step Analysis / Verification
Risk Non-compliance to contractual terms and conditions by contractor.
Nature of Control Automated/Manual
1. Use T-Code CJ20N and ME33K to check whether there was delay in mobilization by contractor.
2. Use T-Code CJ20N to check whether the timing of the contractor and the supplier is
coordinated.
3. Check that disputes with the contractor are handled with adherence to Contractual Clauses and
there is a timely release of bills.
4. Check there is compliance of the contract terms and conditions by the outsourced contractors.

31.IA.4.3 Contracting
Control Objective Unsatisfactory performance by Contractor
Nature of Work Step Analysis / Verification
Risk Cost overrun.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87015124, S_ALR_87015125 to view the project status and check whether
there is continuous monitoring/ progress reporting/ quality inspections etc.

31.IA.4.4 Contracting
Control Objective Contract management
Nature of Work Step Verification
Risk Cost overrun.
Nature of Control Manual
1. Check whether there is adequate contract management process (for e.g. Contract
administration, verification, certification etc.).

274
Audit Checklist

31.IA.5.1 Projects investment


Control Objective Return on Investment (ROI)
Nature of Work Step Analysis / Verification
Risk Non achievement of projected ROI.
Nature of Control Automated/Manual
1. Use T-Code KE30 to view profitability analysis report and check whether projected ROI is
achieved.

31.IA.5.2 Projects investment


Control Objective Funding requirements
Nature of Work Step Analysis / Verification
Risk Non availability of required funds.
Nature of Control Manual
1. Check whether there are appropriate tie ups done for meet funding requirements.
2. Check whether adequate and timely monitoring is done to ensure timely availability of funds.

31.IA.6 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

31.IA.7 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated

275
Audit Checklist

1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

276
Audit Checklist

32. Public Relations and Corporate Communication – Internal Audit


Scope
Audit Scope
1 Budgeting
2 Implementation of CSR Policy/Projects
Implementation of corporate communication & media
3 relations
4 Public relations
5 Public grievance management
6 Implementation of official language (Hindi)
7 MIS
8 PR tracking
9 Creation of Service Entry Sheet (SES)
10 Manpower plannning

277
Audit Checklist

32.IA.1 Budgeting
Control Objective Adequate budget planning, Effective monitoring over expenses,
Compliance to DOP
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Use T-Code CJ31 to view the actual budget submitted, CJ32 to check the approval for the
budget, and S_ALR_87013558 to check the actual vs. budgeted analysis. Ensure that the annual
budget is complete and all-inclusive to cover the requirements of CSR projects as per the DP
guidelines and whether the cost exceeding budget cases, if any are approved as per DOP.
2. Use T-Code KSBL to view the approval taken for estimates and ensure that estimates provided
by BDO are vetted by CSR committee, local management, and corporate DOP office.
3. Use T-Code KSBL to check whether annual budget is approved by competent authority as per
DOP.
4. Use T-Code KSBL to check whether any amendments in annual budget is approved by
competent authority as per DOP.
5. Use T-Code S_ALR_87011761 to check whether actual expenses are monitored / compared with
planned budget on periodic basis. Ensure reasoning analysis is done for al the cases wherein the
actual costs exceed the budget and approval is taken as per DOP.

32.IA.2.1 Implementation of CSR Policy/Projects


Control Objective Compliance
Nature of Work Step Verification
Risk Non-Compliance to government guidelines.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87011761 to view the processes or programs on which the CSR budget has
been used. Ensure that the allocated CSR budget is spent on CSR projects in accordance to the
CSR policy and as per the Companies Act 2013 requirements.
2. Ensure that report of community development plan as per policy is submitted to CSR
Committee/ Local management/ Corporate office by PR/ Concerned department of other
spheres.
3. Ensure that summary of corporate development report is published in print and posted on OIL's
website.
4. Ensure that CSR Annual Report is published on OIL's website.

278
Audit Checklist

32.IA.2.2 Implementation of CSR Policy/Projects


Control Objective Effective utilization, minimization of processing time, fulfillment of
development needs/ aspirations of target beneficiaries
Nature of Work Step Verification
Risk 1. Delay in achieving defined targets.
2. Inefficient process may lead to loss in terms of monetary and non-
monetary resources.
Nature of Control Manual
1. Check if the MoU targets on CSR are achieved. Ensure that third party certification for
completion is taken.
2. Check there is intradepartmental coordination.
3. Check there is liasoning with District Administration and Other related external agencies.
4. Check whether there is a proper process to ensure end use of funds allocated, by taking
feedback from beneficiaries and ensure that there is desired involvement in the projects.

32.IA.2.3 Implementation of CSR Policy/Projects


Control Objective Timeliness
Nature of Work Step Verification
Risk Delay in achieving defined targets.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check for timeliness in getting the management approval.
2. Use T-Code CJ20N and enter the WBS for the project to check that there is timeline set in every
stage of project execution.

32.IA.3 Implementation of corporate communication & media relations


Control Objective Effective media relations, enhancement of OIL's brand image,
timeliness
Nature of Work Step Verification
Risk 1. Loss in brand value.
2. Leaking of confidential information may harm the Company's
growth.
Nature of Control Automated/Manual
1. Check whether there is timely publication of all the communiques ensuring excellent coverage
of OIL events, achievements in local, regional and national media.
2. Use T-Code FBL1N to check whether authorized statements are made on behalf of the
company.
3. Check if there is any leaking of confidential information taking place.
4. Check whether proper branding guidelines are being followed.
5. Check if there is any drawback in reaching out to the respective target audience and the media.
6. Check whether timely and regular inputs are obtained from OIL's Departments.
7. Check the timeliness of getting the Management Approval.
8. Check whether there is timely communication with Media Personnel and related external
agencies.

279
Audit Checklist

32.IA.4 Public relations


Control Objective Expenditure
Nature of Work Step Verification
Risk Cost over-run.
Nature of Control Automated/Manual
1. Use T-Code KSBL, CJ20N to check whether the expenditure is authorized by the competent
authority as per DOP.
2. Check there is compliance to MoU.
3. Ensure that the expenses incurred are audited by a firm of Chartered Accountants annually.

32.IA.5 Public grievance management


Control Objective Receiving of grievance , processing of grievances
Nature of Work Step Verification
Risk 1. Loss in brand value.
2. Delay in grievance settlement may lead to public unrest causing
operational delays.
Nature of Control Manual
1. Check for all the grievances received against OIL.
2. Check the timeliness of receiving the information of public grievance.
3. Check whether the processing time is minimized.
4. Check if a dedicated cell has been set up within PR department to provide strategic attention to
public grievance mitigation.
5. Check whether there is departmental coordination.
6. Check whether there is timely liasoning with district administration.

32.IA.6 Implementation of official language (Hindi)


Control Objective Timeliness
Nature of Work Step Verification
Risk Delay in achieving defined targets.
Nature of Control Manual
1. Check if there are delays in executing translation and related activities of promotion and
implementation of official language (Hindi) in the Company.

32.IA.7 MIS
Control Objective Accurate reporting of expenditure
Nature of Work Step Verification
Risk Incorrect or delay in reporting.
Nature of Control Automated/Manual
1. Ensure that the expenditure incurred is reported periodically to the Audit Committee/
Management.
2. Use T-Code CJI3 to check whether the expenses and end use of funds is reported accurately.

280
Audit Checklist

32.IA.8 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

32.IA.9 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

32.IA.10 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

281
Audit Checklist

33. Research Development – Internal Audit


Scope
Audit Scope
1 SOP Compliance
2 R&D budget
3 R&D activities
4 Procurement and AMC contracts
5 Testing & Inventory management
6 Issuance of materials/spares items
7 Statutory Requirements
8 Confidentiality
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

282
Audit Checklist

33.IA.1 Testing & Inventory management


Control Objective Availability of right information at right time,
Restricted and authorized access
Nature of Work Step Analysis / Verification
Risk 1. Non availability of information may hamper the operations.
2. Possibility of unauthorized transactions.
Nature of Control Automated/Manual
1. Use of T-Code - SUIM to check the authorization access rights to R&D test results and database.
2. Check the process / techniques for carrying out testing of water injection and quality
parameters as defined.
3. Use of T-Code - IK07, IK17, S_ALR_87013321 to check whether R&D tools and equipment are
timely identified and initiated for calibration process.
4. Use of T-Code - MB52 to check adequate maintenance of inventory of chemicals and restricted
access to the storage premises.
5. Use of T-Code - S_SH8_72000033 to check the compliance to Central Pollution Control Board
(CPCB) guidelines.
6. Use of T-Code - MCXB, MCXD to Check adequate documentation of the test reports and timely
communication of the test results to the concerned personnel.
7. T-Code - MCXB, MCXD to check if the adequate quality checks are performed during receipt to
ensure actual consignment sample matches with laboratory test and field trail samples.
8. Use of T-Code - MCXB, MCXD to check if the quality acceptance is done in SAP based on actual
quality test.
9. Use of T-Code - IK07, IK17, S_ALR_87013321 to ensure that proper calibration plan is prepared
for calibrating all tools and equipment.
10. Use of T-Code - IP24, IW23, IW39 to extract and ensure that all equipment are duly calibrated as
per the plan.

33.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

283
Audit Checklist

34. Safety Environment – Internal Audit


Scope
Audit Areas
1 Compliances with HSE standards
2 Training of Employees
3 Periodic Audits & Inspections
4 Statutory Clearances and permission
5 Disposal of waste, Hazardous chemicals and other by products
6 PR Tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower Planning
9 Fire Safety Plan
10 Fire Safety training
11 Fire fighting Equipments testing
12 Incident Management
13 Procurement of Fire safety equipments

284
Audit Checklist

34.IA.1 HSE - PR tracking


Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

34.IA.2 HSE - Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

34.IA.3 Procurement of Fire safety equipment


Control Objective Availability of right equipment at right price
Nature of Work Step Verification
Risk Non availability of equipment.
Nature of Control Automated/Manual
1. Use T-Code MB5B to view the details of stock on a particular date. Check the process of
planning the requirement of fire safety equipment. Ensure proper basis (trend analysis using
past records etc.).
2. Ensure that no equipment is out of stock or below threshold level defined. Also, ensure that no
non-moving or slow-moving stock has been procured.
3. To check if timely procurement and compliance to company policy is ensured for all
procurements. Use T code ME5A, ME2N.
4. To check if there exists documented basis, approval and recording of all distributions of fire
safety equipment.

285
Audit Checklist

35. Security – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Security services
3 Attendance records
4 Workforce deployment
5 Amenities and imprest to the workforce
6 Regulatory and Statutory Compliance
7 Vehicles/visitors movement
8 Certification of bills of vendor
9 Police background verification
10 Complaints
11 Training
12 PR tracking
13 Creation of Service Entry Sheet (SES)
14 Manpower planning

286
Audit Checklist

35.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of security department is complete and all-inclusive to cover the
requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

35.IA.2 Security Services


Control Objective Effective implementation of security activities
Nature of Work Step Verification
Risk 1. Inadequate security infrastructure.
2. Delay in providing Security Services.
3. Risk of sabotage and unauthorized entry.
Nature of Control Manual
1. To ensure there is appropriate security infrastructure and equipment.
2. To ensure there is no delay in providing security services.
3. To check whether the risk from anti-social elements was averted through liasoning with local
police, coordination with CISF and Assam Industrial Security Force (AISF) etc.
4. To check that there is issue of security passes on day to day basis and periodic basis by
CISF/Security department to labors and visitors with recommendations of the user departments
to enter in the restricted area.
5. To check whether inventory of arms and ammunitions are checked and maintenance done on
regular basis.
6. To check whether advance intelligence inputs are gathered.
7. To check whether mock drills of security alertness and preparedness are conducted, up
gradation of security gadgets, access and exit controls, proper documentations exist.

287
Audit Checklist

35.IA.3 Attendance records


Control Objective Appropriate attendance process and payment to the workforce
Nature of Work Step Verification
Risk 1. Risk of recording incorrect attendance.
2. Processing incorrect payment to workforce.
Nature of Control Manual
1. To conduct a walkthrough of the attendance process of the workforce and identify the gaps in
process. To check whether a defined format is used to record attendance of various types of the
workforce.
2. To check whether attendance records are maintained and reviewed on daily basis.
3. To check whether overtime is recorded separately and the same is approved as per DOP.
4. To check whether the payment to workforce is made as per the approved attendance records
and overtime records.

35.IA.4 Workforce deployment


Control Objective Timely deployment, availability of work force at sites
Nature of Work Step Verification
Risk Delay in deployment of workforce.
Nature of Control Manual
1. To conduct a walkthrough of the workforce deployment process and identify gaps in process. To
check whether the workforce is deployed in a reasonable time as per requirement of the user
department.
2. To check whether the workforce deployed at sites is adequate and aligned as per requirement
of the user department.
3. To ensure there is effective utilization of workforce.
4. To ensure there is a provision for emergency deployment of forces.
5. To check whether surprise visit is done to verify availability of deployed workforce at sites.

35.IA.5 Amenities and imprest to the workforce


Control Objective Compliance to contractual terms, tracking of amenities issued to the
workforce
Nature of Work Step Verification
Risk Non Compliance to contractual terms.
Nature of Control Automated/Manual
1. To check whether the basic amenities provided to workforces are as per the contractual terms.
To check whether exceptions to the contractual terms are approved as per DOP. Use SAP
ME23N and ME33K.
2. To check whether amenities issued to the workforces are tracked and monitored on regular
basis.
3. To check there is cash imprest monitoring. Use SAP T-code FBL3N.
4. To check whether imprest advance is issued to the workforce as per contractual terms. Use SAP
T- code FBL3N, FBL1N.

288
Audit Checklist

35.IA.6 Regulatory and Statutory Compliance


Control Objective No penalties or imprisonment as applicable under the rules/provisions
Nature of Work Step Analysis/Verification
Risk Regulatory and Statutory Non-Compliance.
Nature of Control Manual
1. To check whether there is compliance framework to monitor or track compliance required
under various law/Acts applicable to the Company.
2. To verify whether compliance of applicable rules/provisions e.g. Minimum Wages Act 1948,
Employees' State Insurance Act 1948 are monitored periodically.
3. To check whether noncompliance to the requirements is reported to the management
periodically for further action.

35.IA.7 Vehicles/visitors movement


Control Objective Monitoring over vehicles/visitors movements
Nature of Work Step Verification
Risk Poor monitoring over vehicles and visitors.
Nature of Control Manual
1. To check whether the inward and outward registers for vehicle movements are maintained and
all the relevant details are captured.
2. To check that visitor’s register is updated and all the relevant details are captured.
3. To check whether surprise checking is done for the vehicles/visitors.
4. To check whether visitor pass is checked at gate before allowing entry in the premises.

35.IA.8 Certification of bills of vendor


Control Objective Authorized and appropriate payment, No duplicity of payments
Nature of Work Step Analysis/Verification
Risk 1. Unauthorized payments
2. Duplicity of payments.
Nature of Control Automated/Manual
1. To conduct a walkthrough of certification of bills of vendor.
2. To check whether that the payment is processed on the basis of agreed contractual terms and
rates agreed upon. Use SAP T-code FBL1N, MIR4.
3. To check whether that the payment is processed on the basis of agreed contractual terms and
rates agreed upon. Use SAP T-code FBL1N, MIR4.
4. To check whether vendor's invoices are paid only after proper supporting e.g. attendance
records, claims have been verified and approval is taken as per DOP. Use SAP T-code FBL1N,
MIR4.
5. To check whether advance payment made to the vendor is adjusted while making payment of
invoice. Use SAP T-code FBL1N, MIR4.
6. To check whether any deductions to be made from the agencies deploying the workforce is
processed while making payment. Use SAP T-code FBL1N, MIR4.

289
Audit Checklist

35.IA.9 Police background verification


Control Objective Timely police verification
Nature of Work Step Verification
Risk Entry of unauthorized person.
Nature of Control Manual
1. To check whether requests received for police verification of new recruitments are monitored.
2. To check whether the process of police verification is initiated and completed timely.
3. To check whether employee has been hired after completion of police verification.
4. To check whether police verification is done for all the WCLs employed by the contractors.
5. To check whether follow up is done with Police to complete police verification for pending
requests.

35.IA.10 Complaints
Control Objective Users' satisfaction
Nature of Work Step Verification
Risk Delay in action over complaints.
Nature of Control Manual
1. To check whether complaints lodged with Security Department are recorded.
2. To check whether status of complaints lodged is maintained.
3. To check whether timely action over the recorded complaints is done.

35.IA.11 Training
Control Objective Trained workforce
Nature of Work Step Verification
Risk Untrained workforce.
Nature of Control Manual
1. To check whether training calendar/schedule for the workforce is planned. To check whether
planned training schedule for the workforce is complied with.
2. To check whether all workforce are covered in training schedule.
3. To check whether attendance is recorded for the all trainings conducted.
4. To check whether feedback of the workforce is obtained.
5. To check whether recommendations made by the workforce are considered for evaluation of
training process.

35.IA.12 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up
process with Contracts/Material Management exists.

290
Audit Checklist

35.IA.13 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

35.IA.14 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

291
Audit Checklist

36. Transport – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation and release of purchase requisition
3 Deployment of vehicles
4 Passenger vehicle
5 Inspection
6 Certification of bills of vendor
7 Health, Safety & Environment
8 Maintenance
9 Inventory control of maintenance / spares items
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

292
Audit Checklist

36.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of transport department is complete and all-inclusive to cover
the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

36.IA.2 Creation and release of purchase requisition


Control Objective Timely procurement of stores/spares
Nature of Work Step Analysis/Verification
Risk Operational risk due to non-availability of stores/spares on time.
Nature of Control Automated/Manual
1. To check whether PR is raised as per Purchase/Contract policy manual. Use T-code ME53N,
ME5A.
2. To check whether the PR for procurement/hiring of vehicles/buses/spares and hiring of
contractual manpower is raised timely. Use T-Code ME53N, ME5A.
3. To check whether approvals for PR is taken as per DOP. Use T-Code ME53N, ME5A.
4. To conduct lead time analysis between PR initiation and its release. Ensure there is reasoning
analysis done for delays. Use T-Code ME53N, ME5A.
5. To check whether there is a process of reviewing pending PRs and its follow up process with
Contracts/Material Management. Use T-Code ME53N, ME5A.
6. To check whether proper specifications are mentioned while creating a PR. Use T-Code ME53N,
ME5A.
7. To check whether all PRs are raised through SAP.Use T-Code ME53N, ME5A.
8. To check that there is no delay in procurement of stores/spares, no delay in procurement due to
incomplete / unapproved PR. Use T-Code ME53N.
9. To check whether no hired vehicle is being used after expiry of contract. Use T-Code ME23N,
ML84.

293
Audit Checklist

36.IA.3 Deployment of vehicles


Control Objective Efficient utilization of vehicles
Nature of Work Step Analysis/Verification
Risk Inefficient utilization of vehicles.
Nature of Control Automated/Manual
1. To check whether there is an updated database for all the vehicles/buses owned or hired by the
Company -Use T-Codes IE03, IH08.
2. To check whether there exists a process of verifying the number of Company owned/hired
vehicles and their classification i.e. heavy and light etc.
3. To conduct a walkthrough of the process of deployment of vehicles and identify gaps, if any.
4. To check whether the deployment plan is aligned to the request received from different
departments.
5. To check whether there exists a process of monitoring of the deployment plan.
6. To check whether a log book is maintained for each vehicle.
7. To check whether the log book is verified and signed by the in-charge everyday
8. To check whether there is a process of analyzing vehicle utilization and thereafter,
increasing/decreasing the fleet size, if required. Use T-Codes IE03, IK07, IK17, S_ALR_87013421.
9. To check whether detailed analysis is conducted for calculating fuel efficiency as against the
OEM recommendation.
10. To check whether root cause analysis is done for all the variances observed and steps are
initiated for improvements.
11. To check there is effective utilization of hired vehicles. Use T-Code IK51.
12. To check whether the utilization analysis and fuel efficiency analysis is signed off.

36.IA.4 Passenger vehicle


Control Objective Availability of vehicles
Nature of Work Step Analysis/Verification
Risk Non availability of vehicles.
Nature of Control Manual
1. To check that adequate planning is undertaken for regular operation of transport activities.
2. To check there is regular monitoring to ensure availability of vehicles for deployment of
manpower.

36.IA.7 Health, Safety & Environment


Control Objective Statutory Compliance, avoid accidents
Nature of Work Step Analysis/Verification
Risk 1. Non-Compliance to statutory framework.
2. Frequent employee accidents and dissatisfaction.
Nature of Control Automated/Manual
1. To check whether statutory safety requirements w.r.t transportation of materials to the fields,
passenger vehicles etc. are complied with. E.g.: fire extinguisher in every truck carrying rigs etc.
2. To check whether there is a repository comprising of all the HSE compliances.
3. To check whether the compliances as defined are monitored regularly.
4. To ensure compliance to the Safety Manual.
5. To check whether tool box meeting is conducted before initiation of any major maintenance
job.
6. To check whether there exists a training calendar for the department and its compliance.

294
Audit Checklist

7. To check whether statutory training e.g. MVT (Mines Vocational Training) and First Aid Trainings
are conducted as per statutory requirement.
8. To check whether all the employees are trained as per schedule. E.g.: MVT training is to be
attended by an employee every 5 years.
9. To check whether feedback is taken from attendees w.r.t training and improvement measures
are initiated.
10. To check whether root cause analysis has been done for all the accidents during the year and
steps are taken to avoid the same.

36.IA.9 Inventory control of maintenance / spares items


Control Objective Avoiding stock out situation, adequate approvals for issuance,
inventory controls
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Inappropriate inventory levels leading to stock out situation.
Nature of Control Automated/Manual
1. To check whether there is a process for review of inventory levels of Maintenance/spares items.
Use T-Codes MB52, MMBE, MB5B.
2. To conduct a walkthrough of the issuance process of Maintenance/spares items from stores and
identify gaps. Use T-Codes MB52, MMBE, MB5B.
3. To ensure that sub-quality spare parts are not used, leading to frequent break downs. Use T-
Code MCXB.

36.IA.10 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

295
Audit Checklist

36.IA.12 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

296
Audit Checklist

37. Well logging – Internal Audit


Scope
Audit Areas
1 Data collection and its storage
2 Interpretation
3 Planning and budgeting process (Equipment, manpower etc.)
4 Planning and administration
5 Purchase requisition
6 Issuance of stores/spares items
7 Open hole/ cased hole
8 Logging equipment management and maintenance
9 Environment, Health and Safety Compliance
10 Certification of bills of vendor
11 Buy vis a vis Hiring of well logging equipment
12 Training
13 Creation of Service Entry Sheet (SES)
14 Manpower planning

297
Audit Checklist

37.IA.3 Planning and budgeting process (Equipment, manpower etc.)


Control Objective Adequate planning, Effective monitoring over annual plan, Compliance to
DOP
Nature of Work Step Analysis/Verification
Risk 1. Non Compliance to DOP.
2. Inadequate planning.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check whether the annual plan of Well Logging department is complete and
all-inclusive to cover the requirements of equipment's and manpower.
2. To ensure there is availability of manpower (engineers and crew).
3. Use T-Code KSBL to check whether annual plan is approved by competent authority as per DOP.
4. Use T-Code KSBL to check whether any amendments in annual plan is approved by competent
authority as per DOP.
5. To check whether actual expenses are monitored / compared with planned expenses on
periodic basis. T-codes reference for reports / verification S_ALR_87013532/S_ALR_87013558.

37.IA.5 Purchase requisition


Control Objective Timely procurement of spares
Nature of Work Step Analysis/Verification
Risk Non-availability of spares.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

37.IA.11 Buy vis a vis Hiring of well logging equipment


Control Objective Exploiting the best option available
Nature of Work Step Analysis/Verification
Risk Increase in Cost.
Nature of Control Automated/Manual
1. To check whether cost benefit analysis is done for buying vis a vis hiring of equipment

298
Audit Checklist

38. Business Development – Internal Audit


Scope
Audit Areas
1 Asset acquisitions
2 New opportunities
3 Monitoring
4 PR tracking
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

299
Audit Checklist

38.IA.1.1 Monitoring
Control Objective Compliance with PSC /JOA or Farm-in Agreements
Nature of Work Step Verification
Risk Non Compliance with PSC /JOA or Farm-in Agreements.
Nature of Control Manual/Automated
1. Ensure that there is compliance with PSC / JOA or Farm-in agreements with respect to non-
operator.
2. Ensure that any cash call received is checked for correctness, is duly approved and supported
with appropriate documents like details of expenditure and budget for future activity. Use
transaction Code- GJ01, GJ02, GJ05.
3. Ensure that timely reports are received from operator with respect to budgets / MWP and
annual program.
4. Ensure monthly update is received from the operator.
5. Ensure that all Authorization for Expenditures (AFE) are sent by operator before incurring
expenses.
6. Check whether MIS for blocks handled by BD department is being prepared and monitored.

38.IA.1.2 Monitoring
Control Objective Compliance with PSC /JOA or Farm-in Agreements
Nature of Work Step Verification
Risk Non Compliance with PSC /JOA or Farm-in Agreements.
Nature of Control Manual
1. Check whether audited accounts of overseas projects have been received on timely basis.
2. Check whether cash calls received from overseas Non operated JV have adequate supporting
and are as per the agreement.

38.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process with
Contracts/Material Management exists.

38.IA.3 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated

300
Audit Checklist

1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

38.IA.4 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

301
Audit Checklist

39. Corporate affairs – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Environment scan and business development
3 Management service group
4 PR tracking
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

302
Audit Checklist

39.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Non Compliance to DOP.
2. Inadequate Planning.
Nature of Control Automated/Manual
1. To check whether the annual Corporate strategic plan of is complete and all-inclusive.
2. To check whether annual plan is approved by competent authority as per DOP. Use T-codes
KSBL for reports / verification. Version Management can be used to track changes.
3. To check whether the Corporate Strategic Plan is revisited as per requirement.
4. To check whether any amendments in annual plan is approved by competent authority as per
DOP. Use T-Code KSBL.
5. To check whether budget is made as per the annual plan and is inclusive of all the related costs.
Use SAP T-codes CJ31 and CJ33 to check if budget has been entered into SAP. Check if any
supplementary budget has been passed on the project.
6. To check that everything is within the financial limits that have been allowed to various levels as
per DOP. Use T-code S_ALR_87013532.
7. To check whether the budget is timely prepared and approved as per DOP.
8. To check whether all the supporting w.r.t budget approvals are uploaded in SAP. T-Code CV03N
to be used as reference for reports verification.
9. To check whether actual expenses are monitored / compared with planned expenses on
periodic basis. Use T-codes S_ALR_87013532.
10. To check whether there is a follow up mechanism for internal/external approvals to ensure
timeliness.

39.IA.2.1 Environment scan and business development


Control Objective Trend analysis , expansion
Nature of Work Step Verification
Risk Losing on opportunities to grow.
Nature of Control Manual
1. To check whether activities such as study of upcoming trend/ due diligence of areas is
undertaken so that identification of new areas to be entered for investments/ expansion can be
accessed with greater accuracy.
2. To verify whether the assessment of business opportunity involves assured gains and minimizes
risk to an extent possible.
3. To check whether there is timely identification of areas for expansion / investment.

39.IA.2.2 Environment scan and business development


Control Objective Domestic business development
Nature of Work Step Verification
Risk Lack of Business Development.
Nature of Control Manual
1. To check whether steps are being undertaken w.r.t domestic business development.

303
Audit Checklist

39.IA.3.1 Management service group


Control Objective Preparation and updation of MIS
Nature of Work Step Verification
Risk Delay in preparation of MIS.
Nature of Control Manual
1. To check whether the MIS is timely prepared and updated.
2. To check whether there is correct reporting to the management.

39.IA.3.2 Management service group


Control Objective Timeliness
Nature of Work Step Verification
Risk Information not available to management for the purpose of review.
Nature of Control Manual
1. To check whether gathering of data is done within timelines.
2. To check whether timely information is provided to the management.

39.IA.3.3 Management service group


Control Objective Corporate scorecard
Nature of Work Step Verification
Risk KPI's not aligned with the organizational objectives.
Nature of Control Manual
1. To check whether the KPI of the individuals are aligned to the overall organizational objectives.

39.IA.4 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

304
Audit Checklist

39.IA.5 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

39.IA.6 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

305
Audit Checklist

40. Secretarial – Internal Audit


Scope
Audit Area
1 Compliances
2 PR Tracking
3 Creation of Service Entry Sheet (SES)
4 Manpower Planning

306
Audit Checklist

40.IA.1.1 Compliances
Control Objective Compliance to statutory rules and regulations/laws.
Nature of Work Step Verification
Risk Non-Compliances
Nature of Control Manual
1. Check whether checklists for all the relevant acts are being maintained by the department. Few
acts are mentioned below:
a. The Companies Act, 1956/2013 and regulations frames under the Act
b. Securities and Exchange Board of India Act, 1992
c. SEBI (Substantial Acquisition of shares and Takeovers) Regulation,1997
d. Disclosure & Investor Protection Guidelines,2000
e. The Depositories Act, 1996 and regulations frames under the Act
f. Securities and Exchange Board of India (Issue and Listing of Debt Securities) Regulations
2008
g. The Listing Agreement for Debt Securities with the National Stock Exchange of India Ltd.
h. Please note that the above list is not comprehensive.
2. Check whether the checklists are updated whenever amendments are announced.
3. Check whether secretarial audit has been conducted as per The Companies Act, 1956/ The
Companies Act, 2013, as applicable.

40.IA.1.2 Compliances
Control Objective Follow-up on observations
Nature of Work Step Verification
Risk Non-Compliances
Nature of Control Manual
1. Obtain the list of non-compliances noted during secretarial audits.
2. Check whether there is a process to follow-up on audit observations and ensure its compliance.
3. Check whether all the audit observations have been complied with.

40.IA.2 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

307
Audit Checklist

40.IA.3 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

40.IA.4 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

308
Audit Checklist

41. Centre of Excellence – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Work programs
3 Hiring
4 PR tracking
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

309
Audit Checklist

41.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of Centre of excellence department is complete and all-inclusive
to cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

41.IA.2 Work programs


Control Objective Meeting the targets
Nature of Work Step Verification
Risk Failure to meet targets.
Nature of Control Manual
1. To check whether the work program has been made for the year and vetted by the approving
authority.
2. To check that the targets made have been approved.
3. To check whether business targets and objectives decided are monitored and action plan
prepared for any delay.

41.IA.3 Hiring
Control Objective Hiring of right manpower
Nature of Work Step Verification
Risk Inappropriate hiring of manpower.
Nature of Control Manual
1. To check whether hiring of skilled/ unskilled manpower is done as per Company Policy.
2. To check whether the person with right qualification has been chosen for the right job.
3. To check whether the adequacy of the manpower hired is reviewed.

41.IA.4 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated

310
Audit Checklist

1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

41.IA.5 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

41.IA.6 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

311
Audit Checklist

42. PHQ OIL Movement – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Costs
3 Environment, Health and Safety Compliance
4 Forward transfers
5 Reverse transfers
6 Reconciliation
7 Maintenance
8 Oil Transportation Contract
9 Billing
10 Service contract management
11 Closure of service contract
12 PR tracking
13 Manpower planning
14 Creation of Service Entry Sheet (SES)

312
Audit Checklist

42.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of PHQ Oil movement department is complete and all-inclusive
to cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

42.IA.2 Costs
Control Objective Monitoring cost
Nature of Work Step Analysis
Risk Higher cost.
Nature of Control Automated/Manual
1. To check whether operating cost is monitored with respect to budgeted parameters and
reasons are identified for deviations, if any. Based on reasoning analysis, whether corrective
actions are initiated. Use T-Code S_ALR_87013558.

42.IA.3 Billing
Control Objective Correct billing
Nature of Work Step Verification
Risk Incorrect billing.
Nature of Control Automated/Manual
1. To check the terms defined in MoU / contract with respect to the penalty and billings are
adhered for invoices raised to ONGC, IOCL, NRL, etc. Ensure the invoice raised is as per the
contract and the amount paid is as per the invoice.
2. To check whether correct invoice / billing is done. Use T-Code FBL1N.
3. To check whether MoU is uploaded in SAP.

313
Audit Checklist

42.IA.4 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

42.IA.5 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

314
Audit Checklist

43. PHQ Pipeline – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation of Service Entry Sheet (SES)
3 Environment, Health and Safety Compliance
Maintenance of sub surface pipelines including
4
surface facilities (Routine jobs)
Maintenance of sub surface pipelines including
5
surface facilities (Non routine jobs)
6 Health inspection of pipelines
7 Inventory control of maintenance / spares items
8 Certification of bills of vendor
9 Maintenance of Crude Oil Delivery (COD) Lines
10 Maintenance
11 Training
12 PR tracking
13 Manpower planning

315
Audit Checklist

43.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of PHQ Pipeline maintenance department is complete and all-
inclusive to cover the requirements of all the activities that come under its purview.
2. In case, the plan and actuals are not updated in SAP, check manual documents.
3. Use T-Code KSBL and enter cost center to get budget.
4. In version management check the changes done in the budget.
5. Check for appropriate approval as per DOP for the budget and subsequent changes.
6. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
7. Check the timelines for preparation and approval of budget.
8. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

43.IA.2 Certification of bills of vendor


Control Objective Authorized and appropriate payment.
Nature of Work Step Analysis/Verification
Risk 1. No duplicity payments
2. Inappropriate payments.
3. Duplicity of payment.
Nature of Control Automated/Manual
1. Conduct a walkthrough of certification of bills of vendor. To check whether vendor's invoices
are paid only after proper supporting have been verified and approval is taken as per DOP. Use
T-Code FBL1N.
2. To check whether advance payment made to the vendor is adjusted while making payment of
invoice, if applicable Use T-Code FBL1N.
3. To check that there is no over payment/ duplicate payment/ unauthorized payment to the
vendors Use T- code FBL1N, MIR4.
4. To check that there is correct certification of contractor bills.
5. To check whether payment is made only against liability created in SAP. Use T-code FBL1N.

316
Audit Checklist

43.IA.3 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

43.IA.4 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

317
Audit Checklist

44. PHQ – Pump Stations – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation of Service Entry Sheet (SES)
3 Environment, Health and Safety Compliance
Maintenance of sub surface pipelines including
4
surface facilities (Routine jobs)
Maintenance of sub surface pipelines including
5
surface facilities (Non routine jobs)
6 Health inspection of pipelines
7 Inventory control of maintenance / spares items
8 Certification of bills of vendor
9 Maintenance of Crude Oil Delivery (COD) Lines
10 Maintenance
11 Training
12 PR tracking
13 Manpower planning

318
Audit Checklist

44.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Automated/Manual
1. Check whether the annual plan of PHQ Pump Station department is complete and all-inclusive to
cover the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement of various departments
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

44.IA.2 Training
Control Objective Trained workforce
Nature of Work Step Verification
Risk Untrained workforce.
Nature of Control Manual
1. To check whether adequate training is provided to manpower.
2. To check whether training calendar/schedule for the workforce is planned.
3. To check whether planned training schedule for the workforce is complied with.
4. To check whether all workforce are covered in training schedule.
5. To check whether attendance is recorded for the workforce who attended the trainings.
6. To check whether feedback of the workforce is obtained.
7. To check whether recommendations made by the workforce are considered for evaluation of
training process.

44.IA.3 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis/Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Automated/Manual
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

319
Audit Checklist

44.IA.4 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

44.IA.5 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

320
Audit Checklist

45. Kolkata Shipping Office – Internal Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Third party custody transfer
3 Assets/ Equipment
4 Equipment management and maintenance
5 Reporting
6 Environment, Health and Safety Compliance
7 Security services
8 Training
9 Operations
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

321
Audit Checklist

45.IA.1 Planning, budgeting & monitoring


Control Objective Adequate planning, Effective monitoring over plan, Compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1.Inadequate Planning.
2.Ineffective Monitoring.
3.Non Compliance to DOP.
Nature of Control Automated/Manual
1. To check whether the plan of shipping office is complete and all-inclusive for man, materials,
equipment required. To check whether such plan is approved by competent authority as per DOP
Use T-Code KSBL This report can be used to view annual planning at cost center level.
2. To check whether any amendments in such plan is approved by competent authority as per DOP.
Use T-Code KSBL Version Management can be used to track changes.
3. To check whether actual expenses are monitored / compared with planned expenses on periodic
basis against such plan. Use T-code S_ALR_87011761. This report can be used to view planned vs.
actual expenses.
4. To check whether there are laid down procedures for preparation and planning.
5. To verify if that inspection plans exist for maintenance of flow lines and lines are regularly tested
and inspected for damage or blockages.
6. To check whether such laid down procedures are complied with.Use T-Code FBL3N to review
whether correct and timely accounting is done so as to ensure compliance to generally accepted
accounting concepts.

45.IA.2 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / creatures
Nature of Work Step Verification
Risk Non Compliance to Environment, Health and Safety.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Operating Procedures (SOP) is ensured and
documented.
4. To check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt./Authorities/AERB.

45.IA.3 Agent
Control Objective Selection/ Billing/ Release of payments
Nature of Work Step Verification
Risk 1.Delay in Settling Agents Commission.
2.Overpayment/ Duplicity of payment to agent.
Nature of Control Manual/Automated
1. Check the process of selection of agents as per the Contracts checklist.
2. To check whether release of payment is done after getting all clearances. Use T-code MIR4 to
display logistics invoice, FBL1N to display vendor invoice for reference.
3. To check whether Agents commission bills are timely settled. Use T-code MIR4, FBL1N for
reference.
4. To check if adequate reasoning is provided for selection of Agents with higher rates.
5. To verify the correctness of bills submitted by agents. Use T-code MIR4, FBL1N for reference.
6. To check that no case of overpayment / duplicate payment to agents occurs.

322
Audit Checklist

45.IA.4.1 Import clearance/ Shipping function


Control Objective Proper documentation
Nature of Work Step Verification/Analysis
Risk 1.Delay in Clearing imports.
2.Improper Documentation.
Nature of Control Automated/Manual
1. To check if the shipping office is timely clearing all the imports.
2. To check whether the PO was received by the shipping office.
3. To check whether the freight forwarder is informed about the consignment timely. Use T-code
VL06T to display deliveries ready for transport planning.
4. To check whether Letter of credit is established as per the delivery schedule and all the relevant
terms and clauses are mentioned in the LC as per the PO/Contract. Ensure it is approved as per
DOP.
5. Review the time lag between purchase order date and LC establishment date. Analyze the
reasons for delay.
6. Review the process of opening/extending the LC and cost involved therein. Ensure that the
charges are as per the agreement with the bank.
7. To check whether payment terms in L/C were checked and payment made against proper
documentation. Use T-code MIR4, FBL1N for reference.
8. To make payment to the bank (in case of L/C) only if proper documentation and clean Bill of
Lading is obtained. Use T-code MIR4, FBL1N for reference.
9. To check that the payment is released only after receipt of documentation and any financial loss
emerging on account of delay in receipt of documentation is borne by the supplier. Ensure that
the payment is made at correct exchange rate. Use T-code MIR4, FBL1N for reference.
10. To ensure that all the shipping documents are present from the supplier's side to the freight
forwarder (FF).

45.IA.4.2 Import clearance/ Shipping function


Control Objective Ship arrival/ cargo arrival
Nature of Work Step Verification
Risk Delay in intimation.
Nature of Control Manual/ Automated
1. To check whether timely intimation is received about shipment arrival. Use T-code VL06IG
for reference.

45.IA.4.3 Import clearance/ Shipping function


Control Objective Minimum demurrage charges
Nature of Work Step Verification/Analysis
Risk Excess demurrage paid.
Nature of Control Manual/Automated
1. Use T-code FBL3N to extract the ledger for demurrage.
2. Check on a sample basis, whether the same have been approved as per DOP.
3. Check whether an MIS is prepared to monitor the reasons for paying demurrage. Check whether
there is a process of analysis the MIS and taking action to ensure that demurrage charges paid
may be reduced in future.

323
Audit Checklist

45.IA.4.4 Import clearance/ Shipping function


Control Objective Inspection
Nature of Work Step Verification
Risk Delay in inspection
Nature of Control Manual/Automated

1. To check whether timely inspection of cargo imported is done by the user department. Use T-
code MCXB, MCXD to check the quality inspection done for order received.

45.IA.4.5 Import clearance/ Shipping function


Control Objective Adherence to the terms and conditions mentioned in the contract
Nature of Work Step Verification/Analysis
Risk Non Compliance to the terms and conditions mentioned in the contract.
Nature of Control Manual/Automated
1. To ensure that correct amount (import duty) due for customs is paid and to check the
conditions mentioned in the contract to ensure if the payment is due from OIL's end or
exporter's end. Use T-code FBL1N for reference.
2. To check the service contract for air transport and see if the rate is charged as per the contract.
Use T-code VA45N to display the list of contracts.

45.IA.4.6 Import clearance/ Shipping function


Control Objective Insurance
Nature of Work Step Verification
Risk Loss of goods.
Nature of Control Manual
1. To ensure that marine insurance was taken before the dispatch of goods.
2. To check if there is adequate monitoring of Material in Transit.
3. To ensure that the safety and security risk in transport of explosives to the FHQ is covered
through marine insurance.

45.IA.4.7 Import clearance/ Shipping function


Control Objective Release of payment
Nature of Work Step Verification
Risk Non Compliance.
Nature of Control Manual/Automated
1. To check that payment is released only after getting all the clearances. Use T-code MIR4,
FBL1N for reference.

45.IA.4.8 Import clearance/ Shipping function


Control Objective Port clearance
Nature of Work Step Verification/Analysis
Risk Delay in Port Clearance.
Nature of Control Manual

1. To check the timeliness of port clearance done by OIL's own resources / private party and
compare.

324
Audit Checklist

45.IA.5 Air cargo


Control Objective License for supply of explosives
Nature of Work Step Verification
Risk Non Compliance to DGCA Norms.
Nature of Control Manual
1. To check whether supplier has provided adequate documentation required for supply.
2. To check whether Explosive license and DGCA permit has been acquired by OIL the supplier for
the explosives received.
3. To check whether explosives license / DGCA clearance and essentiality certificates are timely
obtained.

45.IA.6 Payment
Control Objective Adequate monitoring and payment
Nature of Work Step Verification/Analysis
Risk Inadequate monitoring and payments.
Nature of Control Manual/Automated
1. To check the adequate monitoring and payment as per Air Freight contract. Use T-code FBL1N
for reference.
2. To check the adequate monitoring and payment of ocean freight charges for orders placed on
FOB basis. Use T-code FBL1N for reference.
3. To check if there is adequate monitoring and payment of various port charges. Use T-code
FBL1N for reference.

45.IA.7 Statutory Requirements


Control Objective Compliance
Nature of Work Step Verification
Risk Statutory Non Compliance.
Nature of Control Manual
1. To check whether there is compliance to the statutory requirements.

45.IA.8 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Verification/Analysis
Risk Delay in procurement leading to costlier procurement/ stock out situations/
operational delays.
Nature of Control Manual/Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised
timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as
per DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.
4. Check whether there is a process of reviewing pending PRs and whether a follow-up process
with Contracts/Material Management exists.

325
Audit Checklist

45.IA.9Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

45.IA.10 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

326
Audit Checklist

46. Wind Energy – Internal Audit


Scope
Audit Areas
1 Accounting
2 Maintenance
3 Operations
4 Revenue generation
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

327
Audit Checklist

46.IA.1 Accounting
Control Objective Timely and correct accounting
Nature of Work Step Analysis/Verification
Risk Books as not been closed as per company policy and on time.
Nature of Control Automated/Manual
1. Use T-Code FBL3N to review whether correct and timely accounting is done so as to ensure
compliance to generally accepted accounting concepts.
2. Ensure that accounting standards are complied with.

46.IA.2 Revenue generation


Control Objective Correct and timely billing to customers as per the billing terms and within
the billing cycles.
Nature of Work Step Verification
Risk 1. Non billing to customer on time may lead to long outstanding in books.
2. Delay in collection of funds.
Nature of Control Automated/Manual
1. Use T-Code VF03, VF05, FBL5N, FBL3N to review the revenue sources of the Company and
revenue recognition methodology followed by the Company.
2. Ensure that required accounting standards are complied with for recognition of revenue.
3. Review if any process exists for revenue assurance.

46.IA.3 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk
1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.

Nature of Control Manual

1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

328
Audit Checklist

Technical Audit

329
Audit Checklist

3. Chemical – Technical Audit

Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Planning, preparation and maintenance of drilling fluid
3 Sampling and testing of mud/cement
4 Sampling and testing of chemicals
5 Environment, health and safety compliance
6 Creation and release of purchase requisition
7 Issuance of chemicals/spares items/storage
8 Equipment management and maintenance
9 Buy vis a vis hiring of chemicals/ equipments
10 Creation of Service Entry Sheet (SES)
11 Certification of bills of vendor
12 Manpower planning

330
Audit Checklist

3.TA.1 Planning, preparation and maintenance of drilling fluid


Control Objective Adequate planning, Effective monitoring over plan, Compliance to DOP
Nature of Work Step Verification / Analysis
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
3. Non compliance to DOP.
Nature of Control Automated / Manual
1. To check whether the plan of Chemical department is complete and all-inclusive for man,
materials, equipment required for preparation and maintenance of Drilling fluid.
2. To check whether such plan is approved by competent authority as per DOP.
3. To check whether any amendments in such plan is approved by competent authority as per
DOP.
4. To check whether actual expenses are monitored / compared with planned expenses on
periodic basis against such plan.
5. To check whether there are laid down procedures for preparation and maintenance of drilling
fluid.
6. To check whether such laid down procedures for preparation and maintenance of drilling fluid
are complied with.
7. To check whether real time monitoring of drilling parameters, mud parameters, formation
parameters, well site activities is undertaken or not.

3.TA.2 Sampling and testing of mud/cement


Control Objective Appropriate results of testing
Nature of Work Step Verification
Risk 1. Non - adherence to the laid procedures.
2. Unqualified personnel undertaking the said process.
Nature of Control Manual
1. To check whether there are laid down procedures to perform sample testing and bulk testing
of mud/cement.
2. To check whether such laid down procedures are complied with and its compliance is duly
documented.
3. To check whether results of sample testing and bulk testing are revalidated following maker
checker control environment.
4. To check whether sample and bulk testing are performed as per the agreed turnaround time
(TAT).
5. To verify that only calibrated equipment and qualified personnel's are being used to undertake
this process and there is availability of proper infrastructure.

331
Audit Checklist

3.TA.3 Sampling and testing of chemicals


Control Objective Appropriate results of testing
Nature of Work Step Verification
Risk 1. Non - adherence to the required sample size.
2. Improper documentation of the testing results.
Nature of Control Manual / Automated
1. To check whether documentation is maintained for incorrect analysis/ report / mismatch in
sample/ records.
2. To check whether any remedial action was undertaken for incorrect analysis/ report /
mismatch in sample.
3. To check whether frequency followed for sample testing is as per defined process.
4. To check whether validation of well site test results is being done in laboratory.
5. To check the report regarding completion of analysis & monitoring of accuracy of testing
results by cross laboratory validation [For the sample basis as defined].
6. To check if the pricing and/or realization of the testing services provided to other operators is
adequately done. Basis of costing to be verified.

3.TA.4 Environment, health and safety compliance


Control Objective Safeguarding interest of Company / employees / public / creatures
Nature of Work Step Verification
Risk 1. Non-compliance to Statutory laws leading to legal hurdles.
2. Dissatisfaction among the employees.
3. Non- adherence to government rulings creating a risk on market
reputation.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Operating Procedures (SOP) is ensured and
documented.
4. To check whether training is being provided as per job requirement.
5. To check proper sampling and labeling of chemicals is done before providing it to the
customers.
6. To check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt./Authorities/Atomic Energy Regulatory Board (AERB).
7. To check whether there is adherence to statutory compliance while handling hazardous
chemicals.

3.TA.5 Issuance of chemicals/spares items/Storage


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Verification/Analysis
Risk 1. Inappropriate approvals.
2. Delays in process to monitor and mitigate the delays.
Nature of Control Manual/ Automated
1. To check about availability of proper storage system.
2. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items. Also, check
whether there is a process for review of inventory levels of spares items.
3. To check whether there is a process for review of inventory levels of chemicals/spares items.

332
Audit Checklist

4. Use T-code MB23 and conduct a walkthrough of the issuance process of chemicals/spares
items from stores and identify gaps.
5. Use T-code MB5B and MMBE to obtains details of inventory issued. Check whether approvals
for issue of materials/spares items are taken as per DOP.
6. To check whether there is availability of supplier for supplying chemicals in small quantities.
7. To check whether there is a process to monitor and mitigate the delays in supply of mud/ fluid.
8. To check whether there is a process to monitor and mitigate the delays due to unavailability or
loss of critical inventory /apparatus / work over fluid.
9. To check whether there is a process to monitor and mitigate the delays in providing the work
over fluid/ loss of work over fluid due to inefficient planning.
10. To check whether there is a process for monitoring over obsolete / slow / non moving / spares
/chemicals and appropriate decisions are taken for the same.
11. Use MC46 and MC50 for reviewing slow-moving / non-moving inventory.

3.TA.6 Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Verification / Analysis
Risk 1. Idle equipment.
2. Regular breakdowns due to non-adherence to Preventive maintenance
schedule.
Nature of Control Manual / Automated
1. Use T-Code IE03 to view the equipment details and check whether the utilization of equipment
is reviewed regularly.
2. Ensure that there is availability of equipment to mobilize resources / carry work.
3. Check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance. Use T-Code IW39 to display the PM orders and IP24 to display the scheduling
overview list form.
4. Check whether monitoring over turnaround time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Code IW39 to display the PM orders and IP24 to
display the scheduling overview list form.
5. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.
Use T-Code IE03 to view the equipment details.

3.TA.7 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.

333
Audit Checklist

7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.

8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

3.TA.8 Certification of bills of vendor


Control Objective Authorized payment, no duplicity payments
Nature of Work Step Analysis / Verification
Risk 1. Non- adherence to the process of making payment.
2. Unauthorized payments.
3. Duplicate payments.
Nature of Control Automated / Manual
1. Conduct a walkthrough of certification of bills of vendor.
2. Use T-code FB03/FBL3N and ME2N to check whether vendor's invoices are paid only after
proper supporting documents have been verified and approval is taken as per DOP.
3. Use T-code FBL3N to check whether advance payment made to the vendor is adjusted while
making payment of invoice, if applicable.
4. Use T-code FBL3N to check whether payment is made only against liability created in SAP.

3.TA.9 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

334
Audit Checklist

4. Civil – Technical Audit

Scope
Audit Areas
1 Planning, budgeting & monitoring
2 EHS Compliance
3 Creation and release of purchase requisition
4 Survey (Fields and Projects)
5 Cost estimate
6 Design plan
7 Operations
8 Contracting of civil services
9 Field activities
10 Escalation
11 Issuance of equipment/spares items and storage
12 Equipment management and maintenance
13 Buy vis a vis hiring of civil equipment or tools
14 Creation of Service Entry Sheets (SES)
15 Certification of RA bills of vendor
16 Complaints (Township)
17 Miscellaneous activities
18 PR tracking
19 Manpower planning

335
Audit Checklist

4.TA.1 Survey (Fields and Projects)


Control Objective Timely and accurate stacking of location
Nature of Work Step Verification
Risk 1. Process gaps in the process of stacking.
2. Late updation to the G&R department.
Nature of Control Manual

1. Check whether the preparation of location has been exhaustively done post the release of LAF 1
by geology department and location point is fixed only after discussion with geology and drilling
department.
2. Check that the processing time between LAF 1- LAF 2- LAF 3 is not exceeding defined time limit
for handover of land to civil.
3. Check that the preparation time taken by civil department is not exceeding defined time limit.
4. To understand the process of stacking of location and identify gaps.
5. Check whether G&R department is timely intimated in case, the specified coordinates cannot be
stacked.
6. Check whether LAF-2 is timely approved and sent to the G&R department along with the
required estimate for civil job.
7. Check whether cost estimate is prepared by the department before submission of LAF-2.

4.TA.2 Design Plan


Control Objective Appropriate design
Nature of Work Step Verification
Risk 1. Non-adherence to the specified format.
2. Inappropriate designing.
Nature of Control Manual

1. Check whether the design/plan is approved timely as per DOP.


2. Check whether the amendments made, if any are timely approved as per DOP.
3. Check whether actual design is compared with planned design and approval is obtained for any
deviations.
4. To ensure that construction has been undertaken as per specification and approved design.

336
Audit Checklist

4.TA.3 Issuance of equipment/spares items and storage


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate inventory controls and monitoring of inventory levels.
2. Inappropriate approvals.
Nature of Control Automated / Manual

1. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items. Also, check
whether there is a process for review of inventory levels of spares items.
2. Check whether there is a buffer stock buildup of construction material.
3. Check about availability of proper storage system.
4. Conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
5. Use T-code MB5B and MMBE to obtains details of inventory issued. Check whether approvals
for issue of materials/spares items are taken as per DOP.
6. Check whether the materials issued to contractors are monitored and deduction, if applicable as
per contractual terms is made at the time of payment.
7. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Ensure
that there is identification of critical spares and process of maintaining of appropriate inventory
level exists.
8. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
9. Check whether adequate insurance cover has been obtained for the items stored.
10. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.

4.TA.4Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis / Verification
Risk 1. Idle equipment.
2. Regular breakdowns due to non-adherence to preventive maintenance
schedule.
Nature of Control Automated / Manual

1. Use T-Code IE03 to view the equipment details and check whether the utilization of equipment
is reviewed regularly.
2. Ensure that there is availability of equipment to mobilize resources / carry work.
3. Check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance. Use T-Code IW39 to display the PM orders and IP24 to display the scheduling
overview list form.
4. Check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Code IW39 to display the PM orders and IP24 to
display the scheduling overview list form.
5. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.
Use T-Code IE03 to view the equipment details.

337
Audit Checklist

4.TA.5 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual

1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.
9. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or tools.

4.TA.6 Complaints (Township)


Control Objective Resolution of complaints
Nature of Work Step Verification
Risk Non - resolution of complaints
Nature of Control Manual
1. To ensure that there is timely resolution of township complaints.

4.TA.7 Miscellaneous civil jobs


Control Objective Monitoring and processing of miscellaneous civil jobs
Nature of Work Step Analysis / Verification
Risk 1. Delays in execution.
2. Improper estimation of miscellaneous jobs.
Nature of Control Automated / Manual

1. To ensure that correct estimation is done for miscellaneous jobs.


2. Use T-Code ME2N to verify that PR (Using appropriate PR type) have been raised for all
miscellaneous jobs.
3. To ensure that ancillary jobs (CISF camps, sheds, canteens, pillars etc.) are carried out through
contracts on basis of rate contracts.
4. Check whether the task of strengthening of the foundation of bridges (breach of which results in
floods during heavy rains/ foundation failure due to earthquake) is undertaken during the dry
season.

338
Audit Checklist

5. Contracts – Technical Audit

Scope
Audit Areas
1 Purchase requisition and budget
2 Procurement
3 Cost estimate
4 Invitation for Bidding (IFB) in case of open bidding
5 Sale of bidding document
6 Pre-bid conference
7 Bidding process
8 Relaxation of standard terms and conditions
9 Open bidding
10 Limited bidding/ Single bidding
11 Receipt of bid
12 Opening of bid
13 Preliminary examination and comparison of bids
Evaluation of bids, preparation of Tender Committee Resolution
14 (TCR) and award & signing of the contract
Commencement of work and issue of work order and monitoring of
15 work
16 Liquidated damages
17 Retention money
18 Extension of contract period
19 Variation in contract
20 Extra / Substituted items
21 Escalation
22 Payment
23 Closure of contract
24 Performance appraisal
25 Bid security
26 Performance guarantee
27 Monitoring of lead times from PR to awarding of contract
28 PR tracking
29 Creation of Service Entry Sheet (SES)
30 Manpower planning

339
Audit Checklist

5.TA.1.1 Pre-bid conference


Control Objective Compliance to Purchase Manual, Transparency in process
Nature of Work Step Verification
Risk 1. Legal hurdles resulting from non-transparent process being followed.
2. Non-compliance to Purchase manual.
Nature of Control Manual
1. Check whether pre-bid conference is held only after approval from competent authority.
2. Check whether only the parties who had bought the Bid Documents are invited to attend the
Pre-bid Conference.
3. Check whether senior most officer from the Indenting Department along with the
representative from Materials Department and Finance is present at the Pre-Bid Conference.
4. Check whether the minutes of the meetings are prepared and signed off by all the attendees.
5. Check whether the changes made, if any in PBC are approved by competent authority and
communicated to the bidders through fastest means of communication.
6. Check whether new bidders are invited for participation only if there is any major change in the
qualifying criteria.
7. Check if approval is taken as per DOP in case the sale of bid documents is initiated again.

5.TA.1.2 Pre-bid conference


Control Objective To verify that the extension of bid entering date is authorized in writing by
the competent authority.
Nature of Work Step Verification
Risk Non compliance to DOP / MM Manual may result in:
a. unauthorized procurement of material / services
b. procurement of material / services in excess of requirement
c. Finalization of order on uncompetitive terms & conditions.
Nature of Control Automated / Manual
1. Check for the tenders for which bid entering date was extended. Use T-code ZMMTENDER3
/ZMMBIDEXTN.
2. Check if the competent authority has approved the extension as per DOP/MM Manual.
3. Obtain the reason for exceptions and report the same.

5.TA.2 Relaxation of standard terms and conditions


Control Objective Compliance to DOP
Nature of Work Step Verification
Risk 1. Incompleteness of notice inviting tenders.
2. Inadequate documentation in contract file.
Nature of Control Automated / Manual
1. Check whether in case of OEM (original equipment manufacturer) Services / proprietary
Services, the competent authority as per DOP approves the relaxation of standard terms and
conditions of work orders / contracts for the OEM / manufacturer of proprietary items/ Services.
Use T-Code ZMMTENDER3 / ME43 / ME33K /ME3L and ME3N.

340
Audit Checklist

5.TA.3.1 Commencement of work and issue of work order and monitoring of work
Control Objective Compliance of Statutory requirements, accuracy in order placement, Inclusion
of standard terms and conditions
Nature of Work Step Analysis / Verification
Risk Non-compliance to Statutory framework.
Nature of Control Automated / Manual
1. Check whether that after signing the contract, the contractor has submitted the labor license
and the certificates relating to compliance with the statutory requirements as may be required
for the specific contract.
2. Check whether that after fulfilling the statutory compliance, the work order has been issued by
the use department to the contractor.
3. Check whether there is a maker checker control for preparation and release of work order. The
relevant T-code in SAP- ME23N, ME2L, ME33K.
4. Verify that the WO contains standard terms and conditions safeguarding Company's interest e.g.
insurance, timely delivery, payment etc. The relevant T-code in SAP- ME23N, ME2L, ME33K.
5. Ensure that the price mentioned in the WO is same as that mentioned in the contract. The
relevant T-code in SAP- ME23N, ME2L, ME33K.

5.TA.3.2 Commencement of work and issue of work order and monitoring of work
Control Objective Appropriate monitoring of the contractual terms
Nature of Work Step Analysis / Verification
Risk 1. In absence of a log, the process owner may make an error in certifying the
service entry sheet, which serves as a basis of Invoice verification and vendor
payment.
2. Financial loss due to incorrect certification of the services received in terms
of quality / quantity.
Nature of Control Automated / Manual
1. Use T-Code ME23N, ME2S to obtain a list of work orders against which work has been done and
service entry is pending.
2. Verify with the process owner / Engineer in charge as to whether they have kept independent
log of work done by vendor.
3. Discuss & report any exceptions.

5.TA.3.3 Commencement of work and issue of work order and monitoring of work
Control Objective Penal deductions are made as per contract
Nature of Work Step Verification
Risk 1. Non recovery of penalties from vendor.
2. Violation of work order/contract conditions.
Nature of Control Automated / Manual
1. Use T-Code ME23N, ME2S, ME33K, ME2N to obtain a list of work order/contract given during
the review period.
2. Analyze the cases where any deductions on account of delayed delivery, other breach of
contract should have been recovered from the vendor invoice.
3. Discuss and report any cases where appropriate deductions have not been made.

341
Audit Checklist

5.TA.4 Extra / Substituted Items


Control Objective Appropriate payment on account of extra items
Nature of Work Step Analysis / Verification
Risk Inappropriate payments.
Nature of Control Automated / Manual
1. Check whether sanction for extra and substituted items and rates are approved as per DOP. The
relevant T-code in SAP- ME23N, FBL1N, MIR4.
2. Check whether the rates for the extra items are worked out at OIL SOR/CPWD/PWD on
contractor’s quoted percentage on the original contract items whichever is lower prevailing at
the time of commencement of execution of these items.
3. Check whether for substituted items, the agreement rate of the original item are adjusted for
the difference in agreed rate of original and substituted items. The relevant T-code in SAP-
ME23N, ME33K, FBL1N, MIR4.

5.TA.5 Performance appraisal


Control Objective Maintaining history of contractor performance for future reference
Nature of Work Step Verification
Risk Inadequate documentation.
Nature of Control Manual
1. Check whether a process for performance appraisal is undertaken as per the Contract Manual.
2. Check whether a file for each contractor is prepared to keep record of their performance.
3. Check whether a performance report is submitted by Head (Indenting Department) to Head
Contract at the time of preparation of final bill / completion of work.

5.TA.6 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

342
Audit Checklist

7. Drilling – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Inter-location movement
3 Drilling operations
4 Creation and release of purchase requisition (PR)
5 Issuance of materials/spares items
6 Certification of bills of vendor
7 Environment, health and safety compliance
8 Buy vis a vis hiring of well equipment/rigs
9 Equipment management and maintenance
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

343
Audit Checklist

7.TA.1 Inter – Location Movement


Control Objective Timely delivery of equipment to avoid delays, control over transit
loss/pilferage
Nature of Work Step Verification / Analysis
Risk 1. Delay in delivery of equipment and material.
2. Loss of material and unauthorized adjustments.
Nature of Control Manual / Automated
1. Use T-Code CJ20N for obtain and verify the drilling plan. Check whether plan is prepared and
monitored for movement of drilling equipment, consumables, and other support equipment
from one location to another.
2. Check whether such movement plan of equipment is aligned with drilling program/plan
communicated by G&R department in terms of capacity/type of equipment.
3. Check whether movement plan of equipment is timely communicated to Transport department.
4. Check whether cleaning and dressing of forward well plinth is done before placement of
equipment/Rigs.
5. Check whether equipment/Rigs are loaded after proper boxing up of all materials and in
supervision of competent authority.
6. Use T-code IE03 to display equipment installed or being used at the drilling site. Check whether
the drilling equipment, consumables and other support equipment are loaded and transferred
timely and in sequential manner to the drilling site as per drilling / rig movement plan.
7. Use T-code IH08 to display equipment installed or being used at drilling site. Check whether
physical count of each drilling equipment, consumables and other equipment is performed and
documented before any movement and the same is documented.
8. Use T-code MB5B, MB52, MC.9 to obtain the details of inventory and movement of material.
Check whether reconciliation of physical count performed vis a vis receipt of all equipment,
consumables at drilling site is performed.
9. Use T-code MB03 to obtain the details of inventory adjustments. Check whether any variances
while reconciliation are reported and adjusted in SAP after approval as per DOP.

7.TA.2.1 Drilling Operations.


Control Objective Effective execution of drilling activities (Rig down/rig up/drilling
conductor/drilling isolation/drilling oil string/ drilling wire line survey/
production testing) , adequate monitoring, avoiding accidents
Nature of Work Step Analysis / Verification
Risk 1. Inadequate execution.
2. Delay in execution.
3. HSE Risk.
4. Inadequate utilization of resources.
Nature of Control Automated / Manual
1. Check whether installation and drilling activities are carried out as per Drilling program
circulated by G&R department.
2. Check that proper drilling parameter is used so as to ensure proper drilling and casing of hole.
3. Check whether prolonged production testing is leading to loss of rig time.
4. Check whether any deviation in carrying out installation and drilling activities are informed to
G&R department well in advance and the approval for the same is obtained.
5. Check whether timelines are monitored in carrying out each defined activities of installation and
drilling in drilling program.
6. Check whether root cause analysis is performed for any delays in carrying of installation and

344
Audit Checklist

drilling activities.
7. Ensure that there is efficient functioning of the process due to compliance to policies and
procedures defined.
8. Check whether well plinth, and all infrastructures are ready and free from all hazards before
spud in.
9. Check whether wire line survey is carried out.

7.TA.2.2 Drilling Operations.


Control Objective Effective execution of drilling activities (Rig down/rig up/drilling
conductor/drilling isolation/drilling oil string/ drilling wire line survey/
production testing) , adequate monitoring, avoiding accidents
Nature of Work Step Analysis / Verification
Risk 1. Inadequate execution.
2. Delay in execution.
3. HSE Risk.
4. Inadequate utilization of resources.
Nature of Control Automated / Manual
1. Use T-code IK07 and IK17 to give the list of measuring points and corresponding measuring
documents searching by maintenance plant. Check whether cycle speed (rig up to rig up at next
location) and Commercial speed (spudding to well completion) are closely monitored and
benchmarked to ensure efficient utilization of drilling rigs.
2. Check whether pre spud meeting is carried out before spud in well.
3. Check that well plinth, and all infrastructures is ready and free from all hazards before spud in.
4. Ensure that adequate training of employees has been undertaken, in order to avert accidents.

7.TA.2.3 Drilling Operations.


Control Objective Effective execution of drilling activities (Rig down/rig up/drilling
conductor/drilling isolation/drilling oil string/ drilling wire line survey/
production testing) , adequate monitoring, avoiding accidents
Nature of Work Step Analysis / Verification
Risk 1. Inadequate execution.
2. Delay in execution.
3. HSE Risk.
4. Inadequate utilization of resources.
Nature of Control Automated / Manual
1. Ensure that there is adequate clarity of roles and responsibilities of the employees working on
drilling operations. Use T-code SU03.2. Ensure that there is adequate definition of roles and
responsibilities of the employees working on drilling operations.

345
Audit Checklist

7.TA.2.4 Drilling Operations.


Control Objective Effective execution of drilling activities (Rig down/rig up/drilling
conductor/drilling isolation/drilling oil string/ drilling wire line survey/
production testing) , adequate monitoring, avoiding accidents
Nature of Work Step Analysis / Verification
Risk 1. Inadequate execution.
2. Delay in execution.
3. HSE Risk.
4. Inadequate utilization of resources.
Nature of Control Automated / Manual
1. Ensure that there is adequate cementing of the drilling wells.
2. Check hydrocarbon is produced from wellbore in a controlled manner to prevent damage to the
reservoir.
3. Check whether drilling targets are achieved as planned.
4. Check that the drilling and casing of the hole is as per well policy.

7.TA.2.5 Drilling Operations.


Control Objective To verify optimal drilling time
Nature of Work Step Analysis / Verification
Risk 1. Non - utilization of drilling rig.
2. Excess payment to vendor.
Nature of Control Automated / Manual
1. Obtain the daily progress reports (DPR) for drilling.
2. Compare the drilling time to the standard drilling time for similar sands/ regions and depth.
3. In case of delays, go through the root cause analysis.
4. Make note of discrepancies if any.

7.TA.2.6 Drilling Operations.


Control Objective Ensure optimal cycle speed and commercial speed for each rig.
Nature of Work Step Verification
Risk 1. Non - utilization of drilling rig.
2. Excess payment to vendor.
Nature of Control Manual
1. Ensure that cycle and commercial speed for each well was planned in advance.
2. Compare actual vs. planned cycle and commercial speed.
3. Discuss reasons for discrepancies if any.

7.TA.3 Issuance of materials/spares items


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Analysis / Verification
Risk 1. Delay in procurement and availability of material.
2. Non moving inventory blocking the working capital.
Nature of Control Automated / Manual
1. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items.
2. Conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
3. Use T-code MB5B and MMBE to obtains details of inventory issued. Check whether approvals
for issue of materials/spares items are taken as per DOP.

346
Audit Checklist

4. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Ensure
that there is identification of critical spares and process of maintaining of appropriate inventory
level exists.
5. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
6. Check whether adequate insurance cover has been obtained for the items stored.
7. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.

7.TA.4 Certification of bills of vendor


Control Objective Authorized payment, no duplicity payments
Nature of Work Step Analysis / Verification
Risk 1. Unauthorized payment.
2. Excess payout to vendor.
Nature of Control Automated / Manual
1. Conduct a walkthrough of certification of bills of vendor.
2. Use T-code FBL1N for obtaining vendor ledger and MIR4 for details of invoice. Check whether
vendor's invoices are paid only after proper supporting have been verified and approval is taken
as per DOP.
3. Use T-code FBL1N for obtaining vendor ledger. Check whether advance payment made to the
vendor is adjusted while making payment of invoice, if applicable.
4. Check whether payment is made only against liability created in SAP.

7.TA.5 Environment, health and safety compliance


Control Objective Safeguarding interest of Company / employees / public / creatures
Nature of Work Step Verification
Risk 1. Statutory non compliance.
2. Risk of adverse impact on Health, safety and Environment and penal
consequences.
Nature of Control Automated / Manual
1. Check whether there is a compliance framework related to statutory requirement for EH&S.
2. Check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. Check whether compliance of Safety Operating Procedures (SOP) is ensured and documented.
4. Check whether documentation required by various regulatory bodies (OISD, DGMS, PCB etc.) is
complete and timely submitted.
5. Check whether adequate number of Personal protective Equipment (PPE) is present at drill site.
6. Check whether adequate numbers of safety officers are deployed at the drill site.
7. Use T-code S_ALN_01001342,S_ALN_01001343 to list agents and safety measures for a work
area and person respectively. Check measures are adopted for safety of personnel/ well safety/
rig equipment.
8. Use T-code S_ALN_01001342 to list agents and safety measures for a work area. Ensure that
there is no damage to the equipment due to inadequate safety at the site.
9. Check that all precautions as per SOP is done prior to hermetical testing of the production
casing.
10. Use T-code S_SH8_72000033 for evaluating a completed questionnaire. Check whether
necessary environmental approvals/clearances are obtained before start of drilling activities.

347
Audit Checklist

7.TA.6 Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis / Verification
Risk Ineffective utilization of resources and financial loss.
Nature of Control Automated / Manual
1. Use T-code IK07 for obtaining the list of measure points searching by maintenance plant. Check
whether the utilization of equipment/Rigs (owned or outsourced) is reviewed regularly.
2. Use T-code IE03,IK07, IK17 for displaying equipment and equipment status, list of measure
points and corresponding measuring documents searching by maintenance plant respectively.
Ensure that performance of outsourced/contractual rigs is consistently monitored and
evaluated.
3. Use T-code IE03, IH08 to display equipment and corresponding equipment information and
status. Check that there is availability of critical equipment (Drilling rigs etc.) as and when
required.
4. Use T-code IP24 for viewing the overview of the scheduling list. Check whether there is a
maintenance schedule (preventive/regular) for equipment and its compliance.
5. Use T-code IP24 and IW39 for viewing overview of scheduling list and for obtaining the work
order listing respectively. Check whether monitoring over turn around time as per schedule and
actual time taken for maintenance of equipment is done.
6. Use T-code IP24 and IW39 for viewing overview of scheduling list and for obtaining the work
order listing respectively. Check whether the equipment (owned or outsourced) are calibrated
regularly.
7. Use T-code S_ALR_87013421 for displaying the measurement entry reading list. Check whether
there is adequate capturing / monitoring of rig downtime, movement time, idle time to ensure
optimal utilization of rigs and other drilling equipment.
8. Check whether that equipment or technology in use are appropriate in terms of present
technology.
9. Check whether cost benefit analysis is performed before proposing new equipment or
technologies.
10. Ensure that dual records (manual and in SAP) maintenance is not taking place.
11. Use T-code IA07 and IW39 for displaying the general task list and displaying the work order
listing respectively. Check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

348
Audit Checklist

7.TA.7 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

7.TA.8 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

349
Audit Checklist

7a. Technical Services (Drilling) – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 TS drilling operations
3 Creation and release of purchase requisition (PR)
4 Issuance of materials/spares items
5 Certification of bills of vendor
6 Environment, health and safety compliance
7 Buy vis a vis hiring of servicing equipment
8 Equipment management and maintenance
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

350
Audit Checklist

7a.TA.1 TS drilling operations


Control Objective Effective execution of TS drilling activities, adequate monitoring
Nature of Work Step Verification / Analysis
Risk Inadequate monitoring and ineffective execution.
Nature of Control Automated / Manual
1. Check whether preventive or regular maintenance schedules are exist for various types of
drilling/work over equipment/Rigs. SAP T-codes reference for reports / verification IP24, IW23,
IW39.
2. Check whether such maintenance schedules are monitored and followed for all drilling/work
over equipment/Rigs. SAP T-codes reference for reports / verification IP24, IW23, IW39.
3. Check whether for any deviation in compliance to such maintenance schedule, necessary
approvals are obtained from the competent authority as per DOP.
4. Check whether estimate is prepared for adhoc services. SAP T-codes reference for reports /
verification CJ20N.
5. Check whether necessary approvals for estimate are obtained from the competent authorities
as per DOP before carrying out any services.
6. Check whether maintenance history of each service of drilling/work over equipment/Rigs is
maintained. Use T-code IW39, IW73.
7. Check whether warranty / guarantees / insurance claims are availed wherever applicable for
replacement or repair of any spares/part. SAP T-codes reference for reports / verification IE03.
8. Check whether turn around Time (TAT) for carrying out technical services is defined for various
type of services.
9. Check whether actual TAT taken to carry out technical services is tracked against defined TAT
of various services.
10. Check whether attendance of deployed labor is recorded and approved by the competent
authority as per DOP.
11. Check whether overtime hours of labor is justified and approved by the competent authority as
per DOP.

7a.TA.2 Issuance of materials / spare items


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Verification / Analysis
Risk Ineffective inventory control.
Nature of Control Manual / Automated
1. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items. Also, check
whether there is a process for review of inventory levels of spares items.
2. Conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
3. Use T-code MB5B and MMBE to obtains details of inventory issued. Check whether approvals for
issue of materials/spares items are taken as per DOP.
4. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Ensure
that there is identification of critical spares and process of maintaining of appropriate inventory
level exists.
5. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
6. Check whether adequate insurance cover has been obtained for the items stored.

351
Audit Checklist

7. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.

7a.TA.3 Certification of bills of vendor


Control Objective Authorized payment, no duplicity payments
Nature of Work Step Verification / Analysis
Risk 1. Unauthorised Payments.
2. Duplicate Payments.
Nature of Control Manual / Automated
1. Conduct a walkthrough of certification of bills of vendor.
2. Check whether vendor's invoices are paid only after proper supporting documents have been
verified and approval is taken as per DOP. SAP T-codes reference for reports / verification MIR4,
FBL3N.
3. Check whether advance payment made to the vendor is adjusted while making payment of
invoice, if applicable. SAP T-codes reference for reports / verification MIR4, FBL3N.
4. Check whether payment is made only against liability created in SAP. SAP T-codes reference for
reports / verification MIR4, FBL3N.

7a.TA.4 Environment, health and safety compliance


Control Objective Safeguarding interest of Company / employees / public / creatures
Nature of Work Step Verification
Risk Non Compliance to EH&S.
Nature of Control Manual / Automated
1. Check whether there is a compliance framework related to statutory requirement for EH&S.
2. Check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. Check whether compliance of Safety Operating Procedures (SOP) is ensured and documented.
Use Transaction codes S_SH8_72000033.
4. Check whether documentation required by various regulatory bodies (OISD, DGMS, PCB etc.) is
complete and timely submitted. Use SAP T-codes CV03N.

7a.TA.5 Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment.
Nature of Work Step Verification / Analysis
Risk 1. Non Compliance to OEM Guidelines.
2. Improper maintenance of Equipment.
3.Use of outdated technology.
Nature of Control Manual / Automated
1. Use T-Code IE03 to view the equipment details (owned or outsourced) and check whether the
utilization of equipment is reviewed regularly.
2. Ensure that there is availability of equipment to mobilize resources / carry work.
3. Check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance. Use T-Code IW39 to display the PM orders and IP24 to display the scheduling
overview list form.
4. Check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Code IW39 to display the PM orders and IP24 to
display the scheduling overview list form.
5. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.
Use T-Code IE03 to view the equipment details.
6. Check whether that servicing equipment or technology in use are appropriate in terms of
present technology.

352
Audit Checklist

7. Check whether cost benefit analysis is performed before proposing new servicing equipment
or technologies. SAP T-codes reference for reports /verification- KSBL.

7a.TA.6 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from
contractor on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

7a.TA.7 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

353
Audit Checklist

8. Electrical – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory compliances
3 PR tracking
4 Creation of Service Entry Sheet (SES)
5 Manpower planning
6 Statutory compliances
7 Distribution
8 Operations
9 Maintenance
10 SOP compliance
11 Services - Operations
12 Safety
13 Training to workers
14 Security
15 Statutory compliances
16 Tools, spares and other expenses
17 HSE compliances

354
Audit Checklist

8.TA.1 P&A -Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

8.TA.2 Distribution
Control Objective To ensure timely and efficient distribution of power.
Nature of Work Step Verification
Risk 1. Delay in distribution of power.
2.Non-availability of spares.
Nature of Control Manual / Automated
1. Check the distribution network is identified and well established to cover all requirements.
2. Check any compliant received and timely action is taken to resolve the same.
3. Check for delays from procuring the product to issuing resulting in stoppage of production. Use
SAP T-code MB52.
4. Check that necessary spares are available within the department to provide maintenance
services. Use SAP T-code MMBE.
5. Check if distribution lines are periodically maintenance to prevent and breakdown. Use T-code
IP24.
6. Check if proper analysis is carried for downtime (if any) and action plan is prepared to prevent
future breakdown. Use T-code IP24.

8.TA.3.1 Power Generation - Operations


Control Objective To ensure generation is planned and raw material is available for production.
Nature of Work Step Verification
Risk 1. Unplanned Power generation.
2 . Unavailability of raw material.
Nature of Control Manual / Automated
1. Ensure that requirement of gas / any other raw material is planned as per the production plan.
2. Ensure that input gas / any other raw material is monitored appropriately and periodic
calibration of equipment in done.

355
Audit Checklist

8.TA.3.2 Power Generation - Operations


Control Objective To ensure that the power generation plan addresses the power to be
wheeled or imported
Nature of Work Step Verification
Risk Excess or insufficient power generation.
Nature of Control Manual
1. Obtain the power generation plan.
2. Verify that the plan contains the quantity of power to be wheeled into the grid or imported.

8.TA.3.3 Power Generation - Operations


Control Objective To ensure plant is utilized for optimum capacity
Nature of Work Step Analysis / Verification
Risk Under-utilization of plant.
Nature of Control Manual/ Automated
1. Ensure that plant utilization is as per budgeted norms and reasons for any deviations have been
identified and documented. Use T Code S_ALR_87013099 to check the actual vs. budget cost
and ensure approval has been taken in case the budgeted cost has been exceeded.
2. Obtain the details of the power generated and gas consumed.
3. Compare the power generated versus consumption.
4. Check the plant load factor. Obtain reasons if plant load factor is not achieved.

8.TA.3.4 Power Generation - Operations


Control Objective To ensure whether a cost benefit analysis is done for determining whether to
generate captive power or procure power from the state.
Nature of Work Step Analysis / Verification
Risk Loss of working capital and revenue.
Nature of Control Manual
1. Acquire per unit cost of obtaining electricity from Government.
2. Calculate per unit cost of electricity generation after considering depreciation and capital
invested.

8.TA.3.5 Power Generation - Operations


Control Objective To ensure that adequate back up options are available should the captive
power plan trip
Nature of Work Step Verification
Risk Loss of power may lead to stoppage of operations leading to loss of
production / revenue.
Nature of Control Manual
1. Validate that standby power generators are in up and running condition.
2. Check if standby power purchase agreements are signed with state or alternative suppliers of
power.
3. Check the validity of these agreements.

8.TA.3.6 Power Generation - Operations


Control Objective Break-down Analysis
Nature of Work Step Analysis / Verification
Risk Lack of Documentation.
Nature of Control Manual
1. Check for stoppages which were not planned and whether reasons for such stoppages was
identified and documented.

356
Audit Checklist

8.TA.3.7 Power Generation - Operations


Control Objective Input / Output reconciliation
Nature of Work Step Analysis / Verification
Risk Raw material not fed as per defined efficiency of the turbine.
Nature of Control Automated / Manual
1. Check whether amount of raw material fed is as per defined / budgeted efficiency of the
turbine. In cases of any deviations if reasons for the same are identified. Use T-ode
S_ALR_87013095.

8.TA.4 Power Generation - Maintenance


Control Objective Timely availability of spares parts and minimum break-downs.
Nature of Work Step Analysis / Verification
Risk 1. Non availability of spares.
2.Break-downs.
Nature of Control Manual/ Automated
1. Check for delays from procuring the spares to issuing resulting in stoppage of production. Use T
Code ME2J. Check whether any delays have been observed due to non-availability of spares.
2. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items. Also, check
whether there is a process for review of inventory levels of spares items.
3. Check that necessary spares are available within the department to provide maintenance
services. Use T Code MB52.
4. Check whether preventive maintenance has been carried out as per defined schedule. Use T
Code IP24, IW23, IW39.
5. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
6. Check whether adequate insurance cover has been obtained for the items stored.
7. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.

8.TA.5.1 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs – Service (Operations)
Control Objective Completion of work on time, distribution channels
Nature of Work Step Verification
Risk Delay in completion of work.
Nature of Control Manual
1. Check whether service is availability 24*7 to ensure timely service of any electrical breakdown.
2. Check for delay in providing maintenance services resulting in loss of operational efficiency.
3. Check that manpower are allocated as per plan only so as to avoid any delay.
4. Check that adequate maintenance is carried out on timely basis to avoid power breakdown. Use
T-code IP24.
5. Check that energy audit is conducted on time.
6. Check if controls are in place to ensure efficient utilization of power.
7. Check that recommendations of energy audits are complied with.
8. Check that statutory compliance checklist is analyzed and updated regularly. Use T-Code IW38.
9. Check whether required energy meters are installed to measure consumption of power in
residential areas, market places, hospital, industrial installation, official building and any other
location where power is being supplied.

357
Audit Checklist

8.TA.5.2 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs – Service (Operations)
Control Objective To ensure that site diesel generator fuel consumption and efficiency is
monitored on a continuous basis
Nature of Work Step Analysis / Verification
Risk Unauthorized issue and inaccurate consumption of diesel.
Nature of Control Manual / Automated
1. Check if the company has defined policies and procedure (SOP) related to consumption of
material.
2. Validate that the material is consumed at the same well to which the material is issued. Use T-
code MB51.
3. Understand the process of making SAP entries related to consumption.
4. Cross check the issues quantity vis a vis the consumed quantity.

8.TA.6 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - Safety
Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non-adherence to safety measures.
Nature of Control Manual / Automated
1. Check the maintenance service schedule of power lines. Use T-code IP24.
2. Check whether safety devices are kept for maintenance people and no one is allowed entry
without them.
3. Check any other area of major safety lapse.

8.TA.7 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - Training to workers
Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained Workers.
Nature of Control Manual
1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

8.TA.8 Service Colony and Industrial Building, Air Conditioners, Production Installations,
Projects, Rigs - Tools, spares and other expenses
Control Objective To ensure adequate controls over expenses
Nature of Work Step Analysis / Verification
Risk Non Compliance to DOP.
Nature of Control Automated / Manual
1. Check if expenses are incurred within the approved budget. Use T-code S_ALR_87013558.
2. Check if all indenting is approved as per DOP. Use T-code ME53N.
3. Check all procurement is carried out as per defined company policy. Use T-codes ME53N,
ME23N.
4. Check if amount spent is adequately utilized for the purpose.

358
Audit Checklist

11. Exploration & Development (ED) – Technical Audit

Scope
Audit Areas
1 Acquisition of blocks
2 Monitoring of blocks
3 PR Tracking
4 Manpower Planning
5 Creation of Service Entry Sheet (SES)
6 Technical Support
7 Financial Review
8 IT Infrastructure
9 Legal Aspects
10 PR Tracking
11 Manpower Planning
12 Creation of Service Entry Sheet (SES)
13 Monitoring of Operator function and financial probity

359
Audit Checklist

11.TA.1.1 ED - Acquisition of blocks


Control Objective Adequate evaluation of offers for overseas operating property/assets for OIL
participation in Bidding
Nature of Work Step Analysis / Verification
Risk Inadequate evaluation.
Nature of Control Manual
1. Check if adequate evaluation of offers for overseas operating property / assets was performed.

11.TA.1.2 ED - Acquisition of blocks


Control Objective Geotechnical study of properties/ assets before release of locations
Nature of Work Step Analysis / Verification
Risk Delay in release of locations.
Nature of Control Manual
1. Check whether there was systematic collection and analysis of data for release of locations.

11.TA.1.3 ED - Acquisition of blocks


Control Objective Effective liaison with Government / Regulatory Agencies
Nature of Work Step Analysis / Verification
Risk Delay in resolution of block/PSC related issues.
Nature of Control Manual
1. Check whether there was adequate coordination/liaison with both internal and external agencies
like DGH/ MoP&NG to facilitate timely resolution of block / PSC related issues and provide
information / data/ reply/ clarifications on time.

11.TA.1.4 ED - Acquisition of blocks


Control Objective Adherence to PSC for submission of periodic statements
Nature of Work Step Analysis / Verification
Risk Non-adherence to PSC terms.
Nature of Control Manual
1. Check whether periodic statements, e.g., Statement of Cost, Expenditures and Receipts, etc.,
are furnished as required by the PSC as per the timelines stipulated in the PSC.

11.TA.1.5 ED - Acquisition of blocks


Control Objective Review of Minimum Work Program (MWP) before submission of the bid
Nature of Work Step Analysis / Verification
Risk Over commitment in the work program.
Nature of Control Manual
1. Check whether there was adequate review of basis of preparation of work program and budgets -
its accuracy, completeness and authenticity.

11.TA.1.6 ED - Acquisition of blocks


Control Objective Adequate Approval of Budgets and Work Program
Nature of Work Step Analysis / Verification
Risk Inadequate approvals.
Nature of Control Manual
1. Check whether work programs and budgets were submitted to the Operating Committee and
the Management Committee as per the stipulated timelines.

11.TA.2.1 ED - Monitoring of blocks


Control Objective Monitoring of projects (under E&D Dept.) for timely implementation of MWP

360
Audit Checklist

in OIL’s NELP/ JV/Overseas blocks


Nature of Work Step Verification/ Analysis
Risk Delays in MWP
Nature of Control Automated / Manual
1. Check whether adequate inputs were provided by E&D at different stages of work program
execution for taking proactive measures to avoid delays and thereby minimizing liabilities.
2. Check whether there was adequate monitoring of overseas blocks in where OIL is the operator /
non-operator in block.
3. Understand and review the monitoring process to ensure actual exploration meets planned
targets on annual basis. Use T Code S_ALR_87015125.

11.TA.2.2 ED - Monitoring of blocks


Control Objective Periodic techno-commercial review of actual outcome vis-à-vis estimates
Nature of Work Step Verification / Analysis
Risk 1. Non-compliance to internal policies and contractual terms.
2. Cost Overrun
3. Inability to meet projections.
Nature of Control Automated / Manual
1. Whether the budgets vs. actuals are monitored on a periodic basis and corrective actions are
taken wherever required. Use T Code S_ALR_87013557 and using cost center.
2. Whether the approval of the Operating Committee and the Management Committee is
obtained, in case, actual expenses exceed budgeted expenses for each line item of the budget at
the point of time stipulated in PSC and the JOA.
3. Whether any activity is undertaken which is beyond the approved Work programs and Budgets.
Verify from project report and expenses booked in SAP in cost center / project.

11.TA.2.3 ED - Monitoring of blocks


Control Objective The management committee and the operating committee approves/reviews
all the joint venture related issues and documents.
Nature of Work Step Verification
Risk 1. Non compliance to internal policies
may lead to disputes
2. Carrying on unauthorized activities
Nature of Control Manual
1. Verify procedure around approval & review of following by Operating & management
committee:
a. Minimum work program.
b. Annual Budget.
c. Revision of Budget.
d. Authorization for Financial Expenditure / Authorized Expenditure Request.
e. Progress of the work.
f. Cash call.
g. Costing basis.
h. Preparation & Circulation of MIS.

361
Audit Checklist

11.TA.3 ED - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

11.TA.4.1 CEMG - Technical Support


Control Objective Acquisition of blocks
Nature of Work Step Verification / Analysis
Risk Incorrect evaluation.
Nature of Control Manual
1. Review the process followed by CEMG for due diligence/evaluation of strategic alliances through
Joint bidding and farm out/farm in.

11.TA.4.2 CEMG - Technical Support


Control Objective Standardization of agreements
Nature of Work Step Verification / Analysis
Risk Non-standard agreements which may lead to non-compliances.
Nature of Control Automated / Manual
1. Evaluate the process followed for standardization of agreements like PSC, JOAs etc.
2. The process should consist of the following steps -
a. Comparison of change in clauses in PSC/JOA from old to new blocks
b. Monitoring of LD/cost of unfinished work program
c. Use T Code CV03N.

11.TA.4.3 CEMG - Technical Support


Control Objective Adequate controls over exploration related jobs
Nature of Work Step Verification / Analysis
Risk Delays in contracts.
Nature of Control Manual
1. Check the process of preparation, finalization and monitoring of contracts by CEMG for the
exploration related jobs outside North East.

362
Audit Checklist

11.TA.4.4 CEMG - Technical Support


Control Objective Adherence to MWP requirements to avoid delays and thereby minimizing
liabilities
Nature of Work Step Verification / Analysis
Risk Non-adherence to MWP.
Nature of Control Manual
1. Understand and review the support provided to management by CEMG with project related vital
inputs at different stages of work program execution.

11.TA.4.5 CEMG - Technical Support


Control Objective Timely implementation of projects
Nature of Work Step Verification / Analysis
Risk Delays in projects.
Nature of Control Manual
1. Understand and review the process of monitoring of Pre NELP/NELP/JV Blocks by CEMG to
ensure compliance of contractual timelines and total adherence to related Government
guidelines and policies.

11.TA.4.6 CEMG - Technical Support


Control Objective Effective liaison with Government / Regulatory Agencies
Nature of Work Step Verification / Analysis
Risk Delay in resolution of block/PSC related issues.
Nature of Control Manual
1. Review the liaison process followed by CEMG with internal and external agencies like
DGH/MoP&NG to facilitate timely resolution of block/PSC related issues.

11.TA.4.7 CEMG - Technical Support


Control Objective Monitoring of block issues
Nature of Work Step Verification / Analysis
Risk Financial loss due to penalties.
Nature of Control Manual
1. Check the process followed by CEMG to resolve the block issues like change of phase,
relinquishment, deposit of LD/BG, cost of unfinished work program etc.

11.TA.5.1 CEMG - IT Infrastructure


Control Objective Adoption of suitable applications so as get desired results from analysis
Nature of Work Step Verification / Analysis
Risk Insufficient infrastructure.
Nature of Control Automated / Manual
1. Check whether the applications (Software) in use are appropriate in terms of present
technology.

11.TA.5.2 CEMG - IT Infrastructure


Control Objective Cost Benefit Analysis
Nature of Work Step Verification / Analysis
Risk Higher cost.
Nature of Control Manual
1. Check whether cost benefit analysis is performed before proposing new applications or
technologies.

363
Audit Checklist

11.TA.6 CEMG - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

11.TA.7 CEMG - Monitoring of Operator function and financial probity


Control Objective To verify whether the operator functions in a good operational and financial
probity.
Nature of Work Step Verification
Risk Inadequate financial and operation probity may lead to financial
misstatement.
Nature of Control Manual
1. Review :
a. Recoverability of debts.
b. Movement of inventory.
c. Working capital management.
d. Funds management.
e. Procedure for cash calls.
f. Analysis of cash calls as against approved work program.
g. Escrow account maintained for the work program (if applicable).
h. Deployment of cash call received.
i. Application of time writing rates.
j. Time writing and allocation policies.
k. Time writing charges for Non-Joint venture activity.
l. Time writing rates, including revisions thereof.
m. Procedures for monthly accounts closure.
n. Contracts and materials management.
o. Procedure for arriving at the value of work done.
p. Well cost reconciliation.
q. Payment of duties, taxes, cess and other statutory payments on time.
r. Engineering, Procurement, Installation and Commissioning reconciliation.
s. Structuring of contracts.
t. Application of contractual rates in invoice payments.
u. Commitment reporting.

364
Audit Checklist

v. Replies to DGH and Government audits.


w. Accounting structure.
2. Prepare a detailed process flow on each of the above and examine the compliance to the SOP, if
in existence.
3. In case control weakness observed, report the issues with its perceived impact on the cost
recovery and its financial / operational impact.
4. Verify whether the management has an established internal control structure and a procedure
for financial reporting.
5. Document and report in cases of anomalies observed.

365
Audit Checklist

12. Field Communication – Technical Audit


Scope
Audit Areas
1 Planning, preparation and maintenance
2 Field communication
3 Technical up gradation
4 Equipment management and maintenance
5 Issuance of spare items
6 PR tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower planning

366
Audit Checklist

12.TA.1.1 Field Communication


Control Objective Effective implementation of activities (Central server)
Nature of Work Step Verification
Risk Communication/ Equipment Failure and malfunctioning.
Nature of Control Manual
1. To verify availability & effectiveness of communications devices.
2. To ensure that communication failure due to inadequate power backup does not occur.
3. To check the availability of substitute sources (Gen sets) in case of breakdown of electrical
power supply in camp and field.
4. To ensure situation of equipment failure and/or malfunctioning is immediately handled.
5. To check if redundancy is inbuilt in switching system to mitigate failure effect.
6. To ensure that there is timely restoration of services and/ or presence of monitoring at night.

12.TA.1.2 Field Communication


Control Objective Effective implementation of activities (Radio communication network)
Nature of Work Step Verification
Risk Ineffective communication.
Nature of Control Manual / Automated
1. To check that in order to avert the situation of equipment failure spares are maintained, there
is repair of faulty equipment in lab, maintenance service contracts are in place and installation
of proper lightning arrestors and earthings has been done. Use T-codes MMBE, IW39, IW29.
2. To check that new Wireless Planning & Co-ordination (WPC) licenses are obtained as and when
required/there is timely renewal of wireless licenses.
3. To check that communication is provided through other service providers to far-flung
installations where there is non feasibility of radio communication.

12.TA.1.3 Field Communication


Control Objective Equipment security
Nature of Work Step Verification
Risk Theft and sabotage of equipment.
Nature of Control Manual
1. To ensure there is proactive security available to restrict theft and sabotage of equipment.
2. To check if measures have been adopted to avert the risk of fire in installation.

12.TA.1.4 Field Communication


Control Objective Data security
Nature of Work Step Verification
Risk Data loss
Nature of Control Manual
1. To check that back-up of data and information has been taken periodically as per defined policy
and log book has been maintained.

12.TA.1.5 Field Communication


Control Objective Availability of substitutes
Nature of Work Step Verification
Risk No back-up in case of OFC failure.
Nature of Control Manual
1. To check if there is availability of remote field exchanges and Voice over Internet Protocol (VoIP)
devices work in Local mode in case of radio link failure with central server.

367
Audit Checklist

2. To check if there is a back-up available in case of failure of OFC media.


3. To see if alternative communication modes or substitute communication is available in case of
communication failure due to failure of transmission lines.

12.TA.2 Technical Up-gradation


Control Objective Absorption of new technologies
Nature of Work Step Analysis / Verification
Risk Operational inefficiency.
Nature of Control Manual
1. To check whether there is appropriate application in terms of present technology.
2. To ensure there are no operational inefficiencies on account of technology obsolescence.
3. To check if there is late adoption of technology.
4. To check the pay back period for adopted new technology.
5. To ensure there are special projects undertaken for the advanced studies to support proposed
locations and identify new technologies.
6. To check if there is a periodic review of progress.
7. To ensure that equipment used are as per international standards and best practices.
8. To review and to obtain present technology and new technology on the basis of cost -benefit
analysis and also its overall success ratio.

12.TA.3 Equipment maintenance & management


Control Objective Efficient utilization and increased life of the instruments/ equipment/ ground
electronics
Nature of Work Step Analysis / Verification
Risk Underutilization of instruments, equipment and ground electronics.
Nature of Control Manual / Automated
1. Use T-Code IE03 to view the equipment details and check whether the utilization of equipment is
reviewed regularly.
2. To check whether there is proper maintenance of instruments/ ground electronics.
3. To check whether there is proper AMC in place. Use T-codes ME23N, IE03.
4. Check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance. Use T-Code IW39 to display the PM orders and IP24 to display the scheduling
overview list form.
5. Check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Code IW39 to display the PM orders and IP24 to
display the scheduling overview list form.
6. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.
Use T-Code IE03 to view the equipment details.

12.TA.4 Issuance of spare items


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Analysis / Verification
Risk No process monitoring over obsolete/ slow/ non- moving spares.
Nature of Control Manual / Automated
1. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Check
whether there is a process for review of inventory levels of materials/spares items. Also, check
whether there is a process for review of inventory levels of spares items.
2. Check about availability of proper storage system.

368
Audit Checklist

3. Conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
4. Use T-code MB5B and MMBE to obtains details of inventory issued. Check whether approvals for
issue of materials/spares items are taken as per DOP.
5. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Ensure
that there is identification of critical spares and process of maintaining of appropriate inventory
level exists.
6. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
7. Check whether adequate insurance cover has been obtained for the items stored.
8. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.

12.TA.5 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

369
Audit Checklist

13. Field Engineering – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory Compliances
3 PR tracking
4 Creation of Service Entry Sheet (SES)
5 Manpower planning
6 SOP Compliance
7 Services - Operations
8 Preventive maintenance
9 Breakdown maintenance
10 Cost control analysis
11 New project and achievements
12 Safety
13 Training to workers
14 Security
15 Statutory Compliances
16 Tools, spares and other Expenses
17 HSE Compliances
18 Projects

370
Audit Checklist

13.TA.1 P&A - Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

13.TA.2 P&A - Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

13.TA.3 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – SOP Compliance
Control Objective Compliance of SOP
Nature of Work Step Verification
Risk Non compliance to SOP.
Nature of Control Manual
1. Check that company has a well defined SOP for servicing.
2. To check that all process are being followed as per SOP.
3. To check any deviation from SOP and document the reason given for same. Analyze its
reasonability and quote.
4. Check that ISO standards have been met with.

371
Audit Checklist

13.TA.4 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Services - Operations
Control Objective Effective distribution of work and timely completion
Nature of Work Step Verification / Analysis
Risk Inefficiency in work completion and delays.
Nature of Control Manual / Automated
1. To check whether service is availability 24*7 to ensure timely service.
2. Check for delay in providing maintenance services resulting in loss of operational efficiency.
3. To check that manpower are allocated as per plan only so as to avoid any delay.
4. Check that adequate maintenance is carried out on timely basis to avoid power breakdown. Use
T-code IP24 and enter machine / job number to see the maintenance schedule.
5. Check that energy audit is conducted on time.
6. Check if controls are in place to ensure efficient utilization of power.
7. Check that recommendations of energy audits are complied with.
8. Check that statutory compliance checklist is analyzed and updated regularlyand quote.

13.TA.5 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Preventive maintenance
Control Objective Effective distribution of work and timely completion
Nature of Work Step Analysis / Verification
Risk Inefficiency in work completion and delays.
Nature of Control Automated/Manual
1. To check whether preventive maintenance plan is prepared. Use T-code IP24 and enter machine
/ job number to see the maintenance schedule.
2. To check if the preventive maintenance plan is followed in all cases. UseT-code IW23 and IW39
to see maintenance details.
3. To check the reasons and approvals for deviations are documented.
4. To check if the equipment's/ machines not covered as per plan are re-scheduled for maintenance
using IP24.
5. To check if the past breakdowns and machine conditions are considered while preparing the
maintenance plan using IP24.
6. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.
Use T-Code IE03 to view the equipment details.

13.TA.6 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Breakdown maintenance
Control Objective Effective distribution of work and timely completion
Nature of Work Step Analysis / Verification
Risk Inefficiency in work completion and delays.
Nature of Control Automated/Manual
1. To check whether service is availability 24*7 to ensure timely service of any breakdown in the
plant.
2. Check for delay in providing maintenance services resulting in loss of operational efficiency.
3. To check that manpower are allocated as per plan only so as to avoid any delay.
4. Check that adequate maintenance is carried out on timely basis to avoid power breakdown.
Use T-code IP24 and enter machine / job number to see the maintenance schedule.
5. Check that statutory compliance checklist is analyzed and updated regularly.
6. Check downtime and breakdown due to the maintenance issues. Use T-code - IK07, IK17,
S_ALR_87013421.

372
Audit Checklist

7. To check that necessary equipment's are always available in stores for unplanned
malfunctioning of machines.
8. To check for any delays in maintenance due to non-availability of critical instruments and
spares.

13.TA.7 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Cost control analysis
Control Objective Minimum cost and maximum productivity
Nature of Work Step Analysis / Verification
Risk 1. Cost overruns.
2. Inadequate productivity.
Nature of Control Automated/Manual
1. To check the budget is allocated and utilized in effective manner. The relevant T-code in SAP-
S_ALR_87013559.
2. To check the cost incurred for maintenance and compare the same with budget. The relevant
T-code in SAP- S_ALR_87013557.

3. To check if there are repetitive accidents for employees working in the department and
corrective actions taken by department to minimize such cases.
4. To check extra expense incurred due to obsolete equipment's by analyzing the equipment-wise
maintenance cost. The relevant T-code in SAP- S_ALR_87013557.

13.TA.8 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – New project and achievements
Control Objective Timely completion of task
Nature of Work Step Verification
Risk 1. Untimely completion of task.
2. Penalties.
Nature of Control Manual
1. To check annual report for the new assignments undertaken and completed during the year
and compare the same with their expected date of completion.
2. To check the financial impact of delay in completion of task.

13.TA.9 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Safety
Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Accident prone
Nature of Control Manual
1. Check the maintenance service schedule of lines.
2. Check whether safety devices are kept for maintenance people and no one is allowed entry
without them.
3. Check whether safety guidelines are defined for maintenance function and the same are
followed.
4. Check permit is issued and approved by designated authority before performing critical
maintenance activity.

373
Audit Checklist

13.TA.10 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Training to workers
Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk 1. Untrained employees.
2. Employee dissatisfaction.
Nature of Control Manual
1. To check if the training is scheduled for all employees based on need identification.
2. To check steps taken to update workers with new machinery and technology.
3. To check if all mandatory and statutory trainings are provided to all workers.
4. To check if performance is analyzed and training needs are identified on the basis of same.

13.TA.11 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Security
Control Objective To minimize risk of thefts and prevent financial losses
Nature of Work Step Verification
Risk 1. Risk of thefts.
2. Financial Risk.
Nature of Control Manual
1. To check that management has identified critical areas in terms of thefts.
2. To check the management has a plan of action to stop any theft.
3. To check that CCTV's are in place to track any such case and is monitored by a security person.
4. To check any major theft reported during the audit period.

13.TA.12 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Statutory Compliances
Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Non-compliance to statutory framework.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.4. Check whether all
the statutory compliances are ensured by the department.

13.TA.13 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Tools, spares and other Expenses
Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification / Manual
Risk Excess financial cost.
Nature of Control Manual / Automated
1. To check if expenses are incurred within the approved budget. The relevant T-code in SAP-
S_ALR_87013557, FBL3N.
2. To check if all indenting is approved as per DOP. The relevant T-code in SAP- ME53N, ME5A.
3. To check if all the material issues are duly approved and recorded. The relevant T-code in SAP-
MMBE, MB52, MB5B.
4. To check all procurement is carried out as per defined company policy.
5. To check if amount spent is adequately utilized for the purpose.

374
Audit Checklist

13.TA.14 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – HSE Compliances
Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-compliance to HSE laws.
Nature of Control Manual
1. To check that all HSE norms are complied with.
2. To check that health of workers is not compromised on any count.
3. To check that adequate safety measures are available within the premise and workers are asked
to adhere to the same.

13.TA.15 CWS, IC Field & Water Injection (ICE-F & WI), Project and Tank Farms, Water
Supply and Injection – Projects
Control Objective To avoid any time and cost overrun in the projects
Nature of Work Step Verification
Risk Time and cost overruns.
Nature of Control Manual
1. Check if the adequate planning is done for timely completion of the project within allocated
budget. The relevant T-code in SAP- KSBL to see the budget.
2. Check if the periodic monitoring is done to avoid any time and cost overrun. The relevant T-code
in SAP- CJ20N.
3. Check if proper quality checks are performed for all input material, equipment and jobs carried
out.
4. Check if the project commission and installation tests are performed and documented. The
relevant T-code in SAP- CV03N to see the documents.

375
Audit Checklist

15. Geology & Reservoir – Technical Audit

Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Exploration & Development
3 Operations
4 Reservoir
5 Reserve appraisal
6 PR tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower planning

376
Audit Checklist

15.TA.1.2 Exploration and Development

Control Objectives Minimizing or avoiding Risk of drilling dry hole


Nature of Work Step Verification/ Analysis
Risk Drilling dry hole.
Nature of Control Manual
1. To check whether all the steps as planned are followed while analyzing the data for generating
a exploratory/ development location.
2. To check whether the drilling is done for priority locations to minimize dry wells.
3. To check whether there is a process for revalidation of results by peer groups (within the
Company) in case of exploratory/ development locations.

15.TA.1.3 Exploration and Development


Control Objectives Techno-economic viability
Nature of Work Step Verification
Risk Incurring high cost.
Nature of Control Manual
1. To check whether techno-economic analysis is conducted before proposing a location.

15.TA.1.4 Exploration and Development


Control Objectives Compliance to DOP for release of a location
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. To check whether necessary approvals are obtained as per DOP for release of a location for
drilling.

15.TA.1.5 Exploration and Development


Control Objectives Compliance to SOP
Nature of Work Step Verification
Risk Non-compliance to SOP.
Nature of Control Manual
1. To check whether the procedures mentioned in Standard Operating Procedures (SOP) are
complied with while carrying out exploration activities.

15.TA.1.6 Exploration and Development


Control Objectives Identification of activities chart and effective monitoring
thereof
Nature of Work Step Verification
Risk Non-compliance to activity schedule.
Nature of Control Automated / Manual
1. To check whether an activity schedule is prepared, and its compliance is monitored. Any
diversification from the plan and delays, should be reported to the management with reasons.
Use T-code CN47N.

377
Audit Checklist

2. To ensure the achievement of the MOU parameter(s).

15.TA.1.7 Exploration and Development


Control Objectives Tracking of annual targets
Nature of Work Step Verification
Risk No check on planned v/s actual.
Nature of Control Manual
1. To check whether actual exploration meets planned targets on annual basis.
2. To check whether expected returns from exploration blocks are optimized/ actualized.

15.TA.1.8 Exploration and Development


Control Objectives Timeliness
Nature of Work Step Verification
Risk Non adherence to timeliness.
Nature of Control Automated / Manual
1. To check that there is adherence to annual drilling program especially with respect to
timeliness. Use SAP T-code CNE5, S_ALR_87015124.

15.TA.1.9 Exploration and Development


Control Objectives Adoption of suitable applications so as to get desired results
from analysis
Nature of Work Step Verification
Risk Use of outdated technology.
Nature of Control Manual
1. To check whether the applications (Software) in use are appropriate in terms of present
technology.

15.TA.1.10 Exploration and Development


Control Objectives Techno-economic analysis
Nature of Work Step Verification
Risk Incurring high cost.
Nature of Control Automated / Manual
1. To check whether cost benefit analysis is performed before proposing new applications or
technologies. Use SAP T-code KSBL and enter cost center to check planning over view.
2. To check whether extensive quality analysis is done for the vendors hired for various purposes
(conducting surveys, recording of special logs etc.).

15.TA.2.1 Operations
Control Objectives Land acquisition
Nature of Work Step Verification
Risk Delay in land acquisition.
Nature of Control Manual

378
Audit Checklist

1. To check whether Land Acquisition Form LAF - 1 and LAF-3 are timely issued by the department.
2. To check whether regular follow-ups are done for timely receipt of LAF-2.
3. To check whether timely approval is obtained for selection of an alternative location as per DOP
in case the desired location cannot be stacked.

15.TA.2.2 Operations
Control Objectives Planning , budgeting and costs
Nature of Work Step Verification
Risk Inadequate planning and budgeting.
Nature of Control Automated / Manual
1. To check whether there is adequate planning process (e.g. no delays in regulatory approval
process).
2. To check whether there is adequate tracking of costs of exploration vs. targets or the standards
defined in SOP (e.g. budget vs. actual). Use SAP T-code S_ALR_87013532.
3. To check whether there is delay in work completion or cost overruns due to planning process.

15.TA.2.3 Operations
Control Objectives Data analysis
Nature of Work Step Verification
Risk 1. Drilling dry hole.
2. Insufficient data.
Nature of Control Manual
1. To check there is integration of all surface and subsurface geoscientific data and lab analyses,
including flush sample analysis.
2. To ensure that the risk of dry wells due to insufficient data and neighboring well evidence is
averted.

15.TA.2.4 Operations
Control Objectives Minimizing or avoiding drilling risk
Nature of Work Step Verification
Risk Risk of drilling in a stacked location.
Nature of Control Manual
1. To check whether there is a validation process to check if the exact location requested has been
stacked.

15.TA.2.5 Operations
Control Objectives Timely abandonment and restoration of well
Nature of Work Step Verification
Risk Delay in abandonment /restoration of abandoned well sites.
Nature of Control Manual
1. To ensure that there is timely abandonment of dry/non-producing well have been done.
2. To ensure timely restoration of abandoned well sites.

15.TA.2.6 Operations
Control Objectives Identification of activity chart and effective monitoring
thereof

379
Audit Checklist

Nature of Work Step Verification


Risk 1. Delays in activities.
2. Non-monitoring of activities.
Nature of Control Manual
1. To check that timely and complete plan of drilling/testing program is made and ensure that
approval is taken as per DOP.

15.TA.2.7 Operations
Control Objectives Tracking of actual vis a vis planned drilling program
Nature of Work Step Verification
Risk No tracking of drilling activities as per planned vs. actual.
Nature of Control Manual
1. To check whether the drilling plan is monitored regularly and modified, if required.

15.TA.2.8 Operations
Control Objectives Compliance to SOP
Nature of Work Step Verification
Risk Non-compliance to SOP.
Nature of Control Manual
1. To check whether the procedures mentioned in SOP are complied with while preparing the
drilling program.

15.TA.2.9 Operations
Control Objectives Identifying areas of improvements by performing root cause
analysis
Nature of Work Step Verification
Risk Operation failures.
Nature of Control Manual
1. To check if root cause analysis is done for operational problems/ failures and steps taken for
improvement.

15.TA.2.10 Operations
Control Objectives Adequate approvals
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. To check whether approvals as required by DOP are obtained.

15.TA.2.11 Operations
Control Objectives Sick wells
Nature of Work Step Verification
Risk Delay in identification of upcoming work over.
Nature of Control Manual

380
Audit Checklist

1. To check whether the sick wells are diagnosed for work over.
2. To check whether there is timely identification of upcoming work over candidates.
3. To check whether there is effective knowledge sharing so that well logs are properly
interpreted.

15.TA.2.12 Operations
Control Objectives Maintaining a well completion history report with adequate
supporting data
Nature of Work Step Verification
Risk Delay in submitting completion report.
Nature of Control Manual
1. To ensure that the well completion report is submitted timely along with root cause analysis in
case of failure, by the Geologist responsible for the well and distributed as per policy.
2. To check whether there is any data loss of well history due to inadequate data management
(e.g. Data Security, Disaster Planning etc.).

15.TA.3.1 Reservoir
Control Objectives Data Acquisition
Nature of Work Step Verification
Risk Delay in data acquisition.
Nature of Control Manual
1. To ensure timeliness of data acquisition process i.e. data request must be sent in advance and
follow-up should be done regularly.

15.TA.3.2 Reservoir
Control Objectives Accuracy of data to be used for analysis
Nature of Work Step Verification / Analysis
Risk Inaccurate data.
Nature of Control Manual
1. To check whether there is a process to analyze the quality and accuracy of the data received by
the Reservoir department.

15.TA.3.3 Reservoir
Control Objectives Performance Analysis
Nature of Work Step Verification/ Analysis
Risk Low performance.
Nature of Control Manual
1. To check whether data acquired is fully used for carrying out Performance analysis of a
well/field for optimum results.

15.TA.3.4 Reservoir
Control Objectives Optimum utilization of applications used for data analysis and
interpretation
Nature of Work Step Verification/ Analysis
Risk Underutilization Of applications.

381
Audit Checklist

Nature of Control Manual


1. To check the optimum utilization of applications used for data analysis and interpretation.
2. To check whether there is integration of all surface and subsurface geoscientific data and lab
analyses with pressure and production data.
3. To check whether mapping of geologically complex data is done in detail after adequate quality
control of data.
15.TA.3.5 Reservoir
Control Objectives Increasing efficiency of applications
Nature of Work Step Verification
Risk 1. Low maintenance.
2. Non-compliance to maintenance schedule.
Nature of Control Automated / Manual
1. To check whether there is a maintenance schedule for the applications used for data analysis
and ensure its compliance. Use SAP T-code IP24.

15.TA.3.6 Reservoir
Control Objectives Data storage
Nature of Work Step Verification
Risk Loss of data.
Nature of Control Manual
1. To check there is proper archiving so that there is no loss of data in case of software/hardware
failure.

15.TA.3.7Reservoir
Control Objectives Techno-economic analysis
Nature of Work Step Verification/ Analysis
Risk Incurring high cost.
Nature of Control Manual
1. To verify the process followed for conducting cost benefit analysis to optimize production.

15.TA.3.8 Reservoir
Control Objectives Increasing efficiency of carrying out various activities
Nature of Work Step Verification/ Analysis
Risk Low efficiency.
Nature of Control Manual
1. To check whether there is a process for lead time analysis and monitoring of various activities
carried out by Reservoir Section.
2. To check the choice of proper risk margins for selection of reservoir parameters.

15.TA.3.9 Reservoir
Control Objectives Improvement measures
Nature of Work Step Verification/ Analysis
Risk Process failure.
Nature of Control Manual

382
Audit Checklist

1. To ensure whether analysis is done to identify the short falls in the process and improvement
measures taken.

15.TA.3.10 Reservoir
Control Objectives Compliance to SOP
Nature of Work Step Verification
Risk Non-compliance to SOP.
Nature of Control Manual
1. To check whether the procedures mentioned in SOP are complied with while performing
Reservoir activities.

15.TA.3.11 Reservoir
Control Objectives Adequate approvals
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. To check whether approvals as required by DOP are obtained.

15.TA.4.1 Reserve appraisal


Control Objectives Compliance to SPE-PRMS
Nature of Work Step Verification/ Analysis
Risk Non-compliance to SPE-PRMS.
Nature of Control Manual
1. Check whether estimation, categorization / classification of oil, condensate & gas reserves are
in compliance with the Society of Petroleum Engineers (SPE) -Petroleum Resources
Management System (PRMS) reserve definition and guidelines. Refer Reserve Audit standards.

15.TA.4.2 Reserve appraisal


Control Objectives Compliance to DOP
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. To check whether estimation, categorization/ classification of oil, condensate & gas reserves are
reviewed and approved as per DOP.

15.TA.4.3 Reserve appraisal


Control Objectives Adequate documentation
Nature of Work Step Verification
Risk Inadequate documentation.
Nature of Control Automated / Manual
1. To check whether necessary documentation is maintained as required by SPE-PRMS guidelines.
Use SAP T-code CV03N.

15.TA.4.4 Reserve appraisal


Control Objectives Planning

383
Audit Checklist

Nature of Work Step Verification


Risk Delays in monitoring
Nature of Control Automated / Manual
1. To ensure timely monitoring of the reserves. Use SAP T-code CJ31, CJ33, S_ALR_87013558.
2. To ensure the estimation of reserves is accurate. Use SAP T-code CJ31, CJ33, S_ALR_87013558.

15.TA.4.5 Reserve appraisal


Control Objectives Technology
Nature of Work Step Verification
Risk Use of outdated technology.
Nature of Control Manual
1. To ensure that the technology used is new and check the reasons for reliance on old
technology.

15.TA.4.6 Reserve appraisal


Control Objectives Timely submission of reports
Nature of Work Step Verification
Risk Delay in submission of reports.
Nature of Control Manual
1. To check whether monthly/quarterly/annual reports are submitted as per the requirement.

15.TA.5 Creation of Service Entry Sheet (SES)


Control Objectives Timely and accurate receipt of material
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. To check whether status of work completion in manual records is updated as per contract
terms. Use T-code ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

384
Audit Checklist

15.TA.6 Manpower planning


Control Objectives To ensure manpower is adequate for all the departmental
activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under utilization of manpower
2. Operational delays caused due to low manpower
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

385
Audit Checklist

16. Geophysics – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Interpretation

3 Planning and execution of seismic and related data


acquisition
4 Environment, health and safety compliance
5 Instruments management and maintenance
6 Buy vis a vis hiring of instruments / equipment
7 Seismic data processing and archival of data
8 Technical upgradation
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

386
Audit Checklist

16.TA.1 Interpretation
Control Objective Accuracy of interpretation
Nature of Work Step Verification
Risk Incorrect interpretation.
Nature of Control Manual
1. To ensure that there is correct interpretation of data.
2. To check that there is correct processing of data based on correct interpretation.
3. To ensure that there is quality review process of validating the interpretation workflow / cycle
followed.
4. To check that there is timely study for interpretations.
5. To verify that the receipt of processed seismic data & well data along with other related
information.
6. To verify that there is a quality control check for authenticity of the data.
7. To verify that there is no corruption of seismic/ well/ petro physical data set.
8. To ensure adequate storage capacity of hardware.
9. To verify that there is proper selection of workflow and choice of optimum parameters.
10. To verify that people involved have knowledge of entire exploration cycle.
11. To verify that there is a timeline decided for each study.
12. To cross check with previous interpretation if available, available well data set, local geology
reports.

16.TA.2.1 Planning and execution of seismic and related data acquisition


Control Objective Accuracy in planning and adequate controls in execution of seismic and
related data acquisition, database management, availability of supply of
explosives etc., logistics, and substitute sources, timeliness of activities
Nature of Work Step Verification / Analysis
Risk Delay in execution.
Nature of Control Automated/ Manual
1. To ensure there is adequate planning so that regular operation of geophysics activities is not
affected.
2. To check the acquisition process of seismic data for both 2D and 3D operational areas.
3. To check that there is a proper process for recording of data and submission of recorded data to
processing section.
4. To check that there is proper database for consumption and availability of explosives and
detonators. SAP T-codes reference for reports / verification MMBE, MB51, MMBE.
5. To check whether there is monitoring of receiving, consumption, stock of explosives on daily
basis. SAP T-codes reference for reports / verification MMBE, MB51, MMBE.
6. To check the availability of substitute sources in case of unexpected breakdown of survey and
recording equipment, tools, ground electronics etc.
7. To check the availability of substitute sources(Gen sets) in case of breakdown of electrical power
supply in camp and field.
8. To ensure proper logistics in the area i.e. customized design for recording and drilling activities
put in practice for logistically difficult areas.
9. To ensure proper logistics between the storage location and area of blast.
10. To ensure that there is timely procurement & uninterrupted supply of explosives and detonators.
SAP T-codes reference for reports / verification ME5A, MB5B, ME5A.
11. To ensure timely awarding of seismic contracts/ hiring of vehicles. SAP T-codes reference for
reports / verification ME53N, ME23N, ME5A and ME2N.

387
Audit Checklist

12. To ensure that seismic survey contractors comply with the terms and conditions of the contract.
13. To ensure there is no situation of non-performance by the contractor/ in-house team to acquire
quality seismic data.
14. To check there is liasoning with forest officials, district authorities, police station, tea estates,
and village heads etc.
15. To ensure that sensors are properly laid, as otherwise if even one of the sensor is uprooted the
measurement cannot be taken.
16. To check that there is no delay in execution due to ineffective liasoning and inadequate follow-
up with district authorities, police station, tea estates, and village heads etc. to get approval for
survey before proceeding for it.

16.TA.2.2 Planning and execution of seismic and related data acquisition


Control Objective Statutory Compliances
Nature of Work Step Verification
Risk Non-compliance to statutory requirements.
Nature of Control Manual
1. To verify whether there is timely submission of annual return (online) report on explosives and
detonators consumed.
2. To ensure that no explosives are blasted after sunset. Ensure that any unused material is stored
in designated space / bunker as defined in the SOP.

16.TA.3 Environment, health and safety compliance


Control Objective Safeguarding interest of Company / employees / public and environment
Nature of Work Step Verification
Risk Non-compliance to EH&S regulations.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check that there is safe handling of explosives under the supervision of licensed shot fired
and SOP should be followed for geophysical activities.
4. To check whether compliance of Safety Operating Procedures is ensured and documented.
5. To check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt./Authorities/Atomic Energy Regulatory Board (AERB).
6. To check that process exists to mitigate risks arising from explosive handling, shot hole drilling
for safe loading and blasting operations, equipment malfunctioning and data quality.
7. To check that there is deployment of security on time in case of any emergency.
8. To ensure that short firer has a valid license for handling and operation of explosives.
9. To check that forest area permission is taken for seismic survey.

16.TA.4 Instruments management and maintenance


Control Objective Efficient utilization and increased life of the instruments/ equipment/ ground
electronics
Nature of Work Step Verification / Analysis
Risk 1.Non-compliance to OEM guidelines.
2.Inefficient utilization of equipment.
Nature of Control Manual / Automated
1. To check whether cost benefit analysis is done for buying vis a vis hiring of equipment.
2. To check there is proper maintenance of instruments/ ground electronics.
3. To check there is proper AMC in place. Use T-code ME2S and ME33K.
4. To verify there is proper AMC For hardware and software in place.

388
Audit Checklist

5. To ensure proper maintenance of hardware or software used for processing of seismic data.
6. To check whether there is a maintenance schedule (preventive/regular) for equipment/
instrument and its compliance.
7. To check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done.
8. To check whether the equipment/ instruments are calibrated regularly.
9. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment.

16.TA.5 Buy vis a vis hiring of instruments / equipment


Control Objective Exploiting the best option available
Nature of Work Step Verification
Risk Increase in cost.
Nature of Control Manual
1. To check whether cost benefit analysis is done for buying vis a vis hiring of equipment.

16.TA.6 Seismic data processing and archival of data


Control Objective Accuracy in data processing and archival
Nature of Work Step Verification / Analysis
Risk Delay and non-accuracy in data processing and archival process
Nature of Control Manual
1. To verify there is no delay in seismic data processing due to ineffective scheduling.
2. To ensure the presence of base maps/topographical maps for field surveys activities or for
processing purpose.
3. To ensure proper receipt of raw field data set and other related information.
4. To check the maintenance of history of raw field data set and processed data.
5. To ensure the archival of raw field data set and processed outputs in relevant media for safe
storage.
6. To ensure proper loading, geometry (coordinate) assignment and navigation QC of field data.
7. To ensure that selection of processing parameters/ processing work flow of seismic data is as
per defined procedures.
8. To ensure there is generation of report and delivery of processed output to concerned section.
9. To ensure archival of raw dataset in relevant media for safe storage.
10. To verify that there exists a process for proper resource management.
11. To ensure that redundancy in input data sets are predicted timely.
12. To ensure there is a process of monitoring progress and periodic review of projects.

16.TA.7 Technical upgradation


Control Objective Absorption of new technologies
Nature of Work Step Verification
Risk Operational inefficiency.
Nature of Control Manual
1. To check whether there is appropriate application in terms of present technology.
2. To check if there is late adoption of technology.
3. To check the pay back period for adopted new technology.
4. To ensure there are special projects undertaken for the advanced studies to support proposed
locations and identify new technologies.
5. To ensure that equipment used are as per international standards and best practices.
6. To review and to obtain present technology and new technology on the basis of cost -benefit
analysis and also its overall success ratio.

389
Audit Checklist

16.TA.8 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

16.TA.9 Manpower Planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under-utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

390
Audit Checklist

19. Instrumentation – Technical Audit


Scope
Audit Areas
1 Planning and administration
2 Operations
3 Maintenance
4 Projects
5 Environment, Health and Safety Compliance
6 PR Tracking
7 Manpower Planning

391
Audit Checklist

19.TA.1 Operation
Control Objective 1. Automation & Control for all Process Equipment & Installations.
2. Effective implementation of activities
Nature of Work Step Verification
Risk Ineffective implementation of activities.
Nature of Control Manual
1. To check that repairing and calibration of field instruments is done in Lab wherein there is
receipt of material from fields, necessary repair is carried out and calibration of the equipment is
done against a laboratory standard.
2. To check the generation of calibration report.
3. To check that the activities are recorded.
4. To check if training is provided to the available manpower to develop skill.
5. To check if training is provided on safety awareness.
6. To check that there is proper handling of equipment and there is sufficient availability of spares.
7. To check that there is timely deployment and adequate team mobilization.
8. To check that there is effective utilization of available infrastructure.
9. To check that before calibration all the fittings attached to the drilling instruments/ main
equipment should also be able to withstand same high pressure.
10. To check that for calibrations at site, instrument is Intrinsically Safe (IS) approved by CIMFR.
11. To check that in all new OCS installations PMCS (Process monitoring control system) is being
planned.
12. To verify that before commissioning any PLC/DCS, a detailed analysis is done to identify key risks.
13. To check that there is no delay in utilization due to non availability of required commissioning
site.

19.TA.2 Maintenance
Control Objective Timely closure of maintenance requests to avoid operational delays
Efficient utilization and increased life of the equipment
Effective implementation of activities
Nature of Work Step Verification
Risk Inefficient utilization of equipment.
Nature of Control Manual

1. To check whether PM schedule has been displayed for every equipment/vehicle. The T-code
reference for reports/verification is IP10 to display the scheduled maintenance plan and use IP24
to display the plan defined based on overview.
2. To check that there is display of the PM checklist in the workplace near vehicle.
3. To check whether there is a maintenance schedule for equipment and its compliance. The T-code
reference for reports/verification is IP10, IP24.
4. To check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done.
5. To check whether the equipment are calibrated regularly. The T-code reference for
reports/verification is IP10, IP24.
6. To verify that equipment are ready for reinstallation in fields.
7. To check whether the services equipment/vehicle is tested under appropriate conditions and in
presence/by experience individual.
8. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment. To check for timely receipt of notifications.
9. To check for timely deployment of manpower. The T-code reference for reports/verification is
IW23or IW29 to display the PM notifications. Ensure that a proper manpower plan has been

392
Audit Checklist

drafted to deploy the resources timely.


10. To check whether there are frequent breakdowns due to inadequate maintenance. The T-code
reference for reports/verification is IW23,IW29,IW39 to check for frequent breakdowns. Analyze
the reasons for the same and ensure that the same did not occur due to non-maintenance of
equipment.
11. Use T-code MB5B, MB52 and MC.9 to obtain details of inventory levels and movements. Ensure
that there is identification of critical spares and process of maintaining of appropriate inventory
level exists.
12. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non moving / materials or spares and appropriate decisions
are taken for the same.
13. Check whether adequate insurance cover has been obtained for the items stored.
14. Check whether there is a process of monitoring inventory levels and obtaining additional
insurance cover, if required.
15. To check if adequate maintenance measures are adopted as usage of gas instead of air affects
the life of instruments.
16. To ensure proper utilization of the assets.
17. To check that AMC of relevant equipment is done on time.
18. To ensure utmost care of customer satisfaction and attending grievances effectively.
19. To check if there is liasoning with contractors to procure spares on urgent basis.
20. To ensure timely services to other departments like Hospital, LPG, Chemical, Fire, Safety etc.
21. To check there is safety from hazards due to working conditions in the lab.

19.TA.3 Projects
Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Delays in project and ineffective monitoring.
Nature of Control Manual

1. Check whether project planning has been done and adhered to.
2. Check before start of project feasibility study has been done to evaluate all available
technologies.
3. Check delays in projects on sample basis and verify root cause analysis is done for deviations
and whether appropriate approvals have been obtained.

19.TA.4 Environment, Health & Safety and Statutory Compliance


Control Objective Safeguarding interest of Company / employees / public / creatures
Nature of Work Step Verification
Risk Interest of the company is threatened.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Operating Procedures (SOP) is ensured and documented.
4. To check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt. /State Govt./Authorities/Atomic Energy Regulatory Board (AERB).
5. Verify procedure around approval & review of following by Operating & management committee:
a. Minimum work program.
b. Annual Budget.
c. Revision of Budget.
d. Authorization for Financial Expenditure / Authorized Expenditure Request.

393
Audit Checklist

e. Progress of the work.


f. Cash call.
g. Costing basis.
h. Preparation & Circulation of MIS.

19.TA.5 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material / service
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated / Manual
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

19.TA.6 PR tracking
Control Objective Timely raising of PR and monitoring
Nature of Work Step Analysis / Verification
Risk Delay in procurement leading to costlier procurement/ stock out situations /
operational delays.
Nature of Control Manual/ Automated
1. Use T-Codes ME53N and ME5A to check whether PRs for spares/materials/jobs are raised timely.
2. Check whether approvals for PRs, issue of spares/materials and conducting jobs are taken as per
DOP.
3. Conduct lead time analysis between PR initiation and release. Ensure that reasoning analysis is
conducted for delays.

394
Audit Checklist

20. Land – Technical Audit


Scope
Audit Areas
1 Planning and assessment
2 Acquisition of land through Bipartite Negotiation / Settlement
3 Acquisition of land through Land Acquisition Act, 1894
4 Acquisition of land under Provision of Forest (Conservation) Act, 1980
5 Land records
6 Restoration of land
7 PR tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower planning

395
Audit Checklist

20.TA.1.1 Planning and assessment


Control Objective Appropriate decision making in terms of acquiring the land
Nature of Work Step Verification
Risk Non-compliance.
Nature of Control Manual
1. Check whether land acquisition forms (LAF) are issued by the respective departments:
a. LAF 1 - issued by Geology & Reservoir (G&R).
b. LAF 2 - issued by Civil and Land.
c. LAF 3 - issued by G&R.

20.TA.1.2 Planning and assessment


Control Objective Completeness of the details required to be filled up in forms
Nature of Work Step Verification
Risk Incomplete Details.
Nature of Control Manual
1. Check whether LAFs issued by the respective departments are complete as per the defined
format.

20.TA.1.3 Planning and assessment


Control Objective Compliance to DOP
Nature of Work Step Verification
Risk Non-compliance to DOP.
Nature of Control Manual
1. Check whether LAFs are approved by competent authority as per DOP.

20.TA.1.4 Planning and assessment


Control Objective Alignment between Land Map and survey, pillaring, demarcation, plot
measurement conducted by Civil Department
Nature of Work Step Verification
Risk Non-compliance and delay.
Nature of Control Manual
1. Check whether a Land Map is prepared and issued by Civil Engineering (Survey section) after
issuance of LAF
2. Check whether detailed survey, pillaring, demarcations and individual plot measurement are
conducted by the Civil Department as per the land map received.

20.TA.2 Restoration of land


Control Objective Site restoration and timely transfer of custody
Nature of Work Step Analysis / Verification
Risk 1. Statutory Non-Compliance.
2. Excess payment.
Nature of Control Automated / Manual
1. Check whether the land department conducts regular inspection of land restored by drilling
department.
2. Check whether a policy exists for treatment of land after drilling of dry holes or the wells from
which have been shut down. Ensure the compliance to the same.

396
Audit Checklist

23. LPG Plant - Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Policy and procedures
3 LPG extraction
4 Identification and evacuation of defective cylinders
5 LPG filling and bottling
6 Dispatch of cylinders
7 PR tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower planning
10 Compliances with HSE standards
11 Training of employees
12 Periodic audits & inspections
13 Statutory clearances and permission
14 Disposal of waste, hazardous chemicals and other by products
15 Handling safety issues
16 SOP Compliance
17 Preventive maintenance
18 Breakdown maintenance
19 Safety
20 Training to workers
21 Security
22 Statutory compliances
23 Tools, spares and other expenses
24 HSE compliances

397
Audit Checklist

23.TA.1 LPG - Policy and procedures


Control Objective Documentation of process, identifying deviations and mode of improvements
Nature of Work Step Verification
Risk 1. Non Compliance to SOP.
2. Non Compliance to ISO Standard.
Nature of Control Manual
1. To check the SOP for LPG production is available and strictly followed.
2. To check if the operating guidelines are defined and followed for all operations involved in
production.
3. Check if system is in place to regularly review and update the documented process in line with
changing requirements.
4. Check if the ISO standard procedure is documented and followed for all operating activities.

23.TA.2 LPG - LPG extraction


Control Objective Extraction of LPG with appropriate quality standards
Nature of Work Step Verification
Risk Non Standard quality of LPG.
Nature of Control Manual/Automated
1. To check that procedure for removing impurities is strictly followed in line with defined
guidelines. Use T-Code QP08.
2. To check if the planned level of impurities are monitored for removal from the actual input. Use
T-Code QP08.
3. To check that system is in place to ensure correct compression ratio. Also ensure that the same
is maintained as per the defined requirements. Use T-Code QP08.
4. Check if system is in place to identify the gas leakages on timely basis so that corrective action is
taken.
5. Review the reported instances in the past to ensure timely action is taken by the department.
6. Check if root cause analysis is done for all the reported instances and action plan is decided to
avoid the same in future.
7. To check if the guidelines for maintenance of temperature in boiler are followed and monitored.
Use T-code IA07.
8. Check if the regular quality check is performed for both incoming gas and extracted LPG. Use T-
Code QDH2, QGC2.
9. Check if all quality deviations are adequately documented and approved by designated
authority. Use T-Code MCXB and MCXD.

398
Audit Checklist

23.TA.3 LPG - Identification and evacuation of defective cylinders


Control Objective Identifying leaky cylinders, damaged cylinders and final disposal of Gas in
such identified cylinders
Nature of Work Step Verification
Risk Non identification of defective, damaged and leaking cylinder causing filling
and dispatch of gas in defective cylinders.
Nature of Control Manual/Automated
1. To check whether defined procedure is followed for identification of defective cylinders at the
floor. Use T-Code MCXE, MCXC.
2. To check the number of return cases due to over filling causing leakage of Gas and verify
whether the adequate quality control procedures were followed for such cases. Use T-Code
VL06I.
3. To check the disposal plan for defective cylinders so that they do not get mixed with other
cylinders.
4. To check whether the gas is removed on timely basis from all defective cylinders.

23.TA.4 LPG - LPG filling and bottling


Control Objective Ensuring filling of correct quantity
Nature of Work Step Analysis/Verification
Risk Incorrect quantity of LPG filling and LPG is not having any odor.
Nature of Control Manual/Automated
1. Check that the process of cross checking the unloading advice with number of cylinders to
identify difference is followed.
2. To check that a person has been designated at gate for counting purpose, each time a truck
comes for unloading.
3. Check if the validity date and physical condition of cylinders is verified and cylinders with
deviations are rejected. Use T-Code MCXE, MCXG.
4. To check whether tare weight has been mentioned on each cylinder.
5. To check whether tare weight is measured and cylinders with deviations are rejected.
6. To check whether cut off point is fixed at 14.2 kg to limit extra Gas filling. Tolerance as per the
defined guidelines are allowed and no excess/ short filling is accepted.
7. Sample check the measurement of few filled cylinders to check accuracy of the process
followed.
8. Check if the tare weight is adequately checked and monitored for all cases of LPG dispatched
through tankers.
9. Check if adequate records are maintained for tare weight and gross weight for each dispatch.
Use T-Codes IK07, IK17, S_ALR_87013421.
10. Verify if the tare weight of the same vehicle has major differences in multiple visits.
11. Check if the billing information is tallied with the difference of gross weight and tare weight.
Use T-Code VF03.
12. Check if all the tests, as defined in the process, are carried out to identify leakage and other
quality issues. Use T-Code MCXG, QDH2.
13. Check if the tanker is moved inside after proper verification of tanker and statutory
documents.
14. Check if physical safety checking and weight verification of tankers are carried out by
competent authority randomly.

399
Audit Checklist

15. Check if in all cases ethyl mercaptan is mixed with LPG before filling of LPG. Use T-Code MCXB,
MCXD.

23.TA.5 LPG - Dispatch of cylinders


Control Objective Number of cylinders dispatched, proper monitoring and checking of cylinder
weights and caps
Nature of Work Step Verification
Risk Improper monitoring while cylinder is dispatched.
Nature of Control Manual/Automated
1. To check the number of cylinders dispatched against the order and pack list available for
dispatch. Use T-Codes VL03N and enter the sample delivery number.
2. To check if adequate verification and counting is performed before loading of cylinders for
dispatch.
3. Check if the delivery slips are duly authorized and verified by security.
4. Check if all the cylinders being dispatched are properly capped.
5. Check if proper calibration and maintenance of weigh bridge is ensured on timely basis. Use T-
Code IP23, IW33, IW39.

23.TA.6 LPG - Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

23.TA.7 LPG - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

400
Audit Checklist

23.TA.8 Safety- Compliances with HSE standards


Control Objective Checklist of HSE norms, compliances of same on time
Nature of Work Step Verification
Risk Non Compliance with HSE Standards.
Nature of Control Manual/Automated
1. To check if the comprehensive checklist of various HSE compliances is maintained. Use T-code
S_SH8_72000033.
2. To check if there exist approved Safety policy and employees are aware of the same. Use T-code
S_SH8_72000033.
3. To check if the checklist of compliances is monitored and updated on continuous basis.
4. To check if there exists the mechanism of ensuring the compliances to all statutory
requirements.
5. To check if the action plan is documented and adhered for the identified non compliances.
6. To check if various statutory reports and MIS are correctly prepared.
7. To check if various statutory reports and MIS are submitted timely to various statutory
authorities.

23.TA.9 Safety- Training of employees


Control Objective Employees are trained, aware of the safety equipment, zero accidents
Nature of Work Step Verification
Risk 1. Untrained employees.
2. Accidents.
Nature of Control Manual/Automated
1. To check whether employees are trained for compliance to safety requirements. Use T-code
S_SH8_72000013.
2. To check accidents due to lack of training with respect to operation and maintenance of
equipment. Use T-code S_ALN_01001346.
3. To check the number of accidents occurred during the year and the reasons for same are
documented and analyzed for not repeating in future. Use T-code S_ALN_01001346, CBIH83.
4. To check whether any personal injury was caused due to lack of proper training. Use T-code
S_SH8_84000003.
5. To check whether any loss to asset was made due to improper training. Use T-code CG54,
CBIH83.
6. To check whether all the statutory training required under any act are planned and conducted.
Use T-code CG54.
7. To check if the control measures are adapted to control any incident in future. Use T-code
S_SH8_84000007.

23.TA.10 Safety- Periodic audits & inspections


Control Objective To avoid Pollution complaints, statutory penalties and other
environmental losses
Nature of Work Step Verification
Risk Statutory penalties.
Nature of Control Manual/Automated
1. To check if any complaint has been registered against the Company for causing pollution of any
kind like air, water etc.
2. To check whether periodic audits regarding environment safety has been conducted and the
observations of such audits are monitored and complied.

401
Audit Checklist

3. To check whether periodic inspection has been conducted internally and results are monitored.
4. To check if checklist / manual of compliances is updated with the deviations noted during
various audits. Use T-code S_SH8_72000033.

23.TA.11 Safety- Statutory clearances and permission


Control Objective Availability of all Statutory Clearances and permission
Nature of Work Step Verification
Risk Non availability of statutory clearances and permission.
Nature of Control Manual/Automated
1. To check if the tracker is maintained to monitor the clearances to be obtained by the
department. Use T-code S_SH8_72000033.
2. To check if all the required clearances have been obtained by the department. Use T-code
S_SH8_72000033.
3. To check if there exists a checklist of the documents required to be filed for the required
clearances. Use T-code S_SH8_72000033.
4. To check if there is adequate follow up done to ensure time receipt of all clearances.
5. To check if the renewal process is started in timely basis for the clearances nearing expiry.

23.TA.12 Safety- Disposal of waste, hazardous chemicals and other by products

Control Objective Disposal of waste, Hazardous chemicals and other by products as per
statutory requirements
Nature of Work Step Verification
Risk Non Compliance to statutory requirement.
Nature of Control Manual/Automated
1. To check that Company has a well-defined disposal plan for disposal of hazardous waste. Use T-
code S_SH8_72000789.
2. To check that waste is processed before disposal, so as to cause minimum damage. Use T-code
WAE03.
3. To check compliance with ISO manual to prevent water and air pollution. Use T-code WAE03.
4. To check whether a disposal is done as per the statutory requirements and guidelines
prescribed for disposal. Use T-code S_SH8_72000023, CG54.
5. To check whether company has obtained all required approvals and clearances for disposal. Use
T-code CG54.

23.TA.13 Safety- Handling safety issues


Control Objective Ensuring least safety concerns and timely action over incidents
Nature of Work Step Verification
Risk Non Compliance to safety norms.
Nature of Control Manual/Automated
1. To check if adequate systems are installed to identify leakages on timely basis.
2. To check if defective cylinders are removed and not used for filling the LPG.
3. To check if condition and weight of the cylinder is duly verified before filling.
4. To check if over filling is not done in the cylinders/tanker.
5. To check first aid box is available and necessary medicines are available in same. Use T-code
CBIH13.
6. To check the expiry dates of medicines.

402
Audit Checklist

7. To check the number of accident occurred during the audit period and the loss suffered due to
same. Use T-code CBIH83.
8. To check the reason for such accident and whether it was due to poor maintenance or other
uncontrollable factor. Use T-code CBIH83.
9. To check the steps taken to avoid any possibility of any such future risk. Use T-code CBIH83.
10. To check that safety equipment like fire detectors, gas leakage alarms are installed.
11. To check that equipment are regularly serviced. Also check the maintenance/calibration due
dates of equipment. Use T-code IW33, IW39.
12. To check whether CCTV cameras have been installed in the production area and also check
whether security person is available to monitor the same.
13. To check whether fire audit has been carried out for the installations.

23.TA.14 Maintenance- SOP Compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well defined SOP for LPG Plant.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

23.TA.15 Maintenance- Preventive maintenance


Control Objective Completion of maintenance on time
Nature of Work Step Analysis/Verification
Risk Unavailability of equipment.
Nature of Control Manual
1. To check whether preventive maintenance plan is prepared and approved. Use T-code IP23,
IW33, IW39.
2. To check if the preventive maintenance plan is followed in all cases. Use T-code IP23, IW33,
IW39.
3. To check the reasons and approvals for deviations from approved maintenance plan.
4. To check if the equipment/ machines not covered during actual maintenance as per plan are re-
scheduled for maintenance. Use T-code IP23, IW33, IW39.
5. To check if the past breakdowns and machine conditions are considered while preparing the
maintenance plan. Use T-code IP23, IW29, IW33, IW39.

403
Audit Checklist

23.TA.16 Maintenance- Breakdown maintenance


Control Objective Completion of maintenance on time
Nature of Work Step Analysis/Verification
Risk Unavailability of equipment.
Nature of Control Manual
1. To check whether service is availability 23*7 to ensure timely service of any breakdown in the
plant. Use T-code IP23, IW29, IW33, IW39.
2. To check for delay in providing maintenance services resulting in loss of production.
3. To check that manpower are allocated as per plan only so as to avoid any delay.
4. To check that adequate maintenance is carried out on timely basis to avoid breakdown. Use T-
code IP23, IW33, IW39.
5. To check that statutory compliance checklist is analyzed and updated regularly. Use T-code
IA07, IW33, IW39.

23.TA.17 Maintenance- Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Loss to asset and life.
Nature of Control Automated/Manual
1. To check the maintenance service schedule. Use T-code IW33, IW39.
2. To check whether safety devices are kept for maintenance people and no one is allowed entry
without them.
3. To check whether safety guidelines are defined for maintenance function and the same are
followed.
4. To check permit is issued and approved by designated authority before performing critical
maintenance activity. Use T-code IPMD.

23.TA.18 Maintenance- Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification/Analysis
Risk Lack of training to workers.
Nature of Control Automated/Manual
1. To check if the training is scheduled for all employees based on need identification.
2. To check steps taken to update workers with new machinery and technology.
3. To check if all mandatory and statutory trainings are provided to all workers.
4. To check if performance is analyzed and training needs are identified on the basis of same.

23.TA.19 Maintenance- Security


Control Objective To minimize risk of thefts and prevent financial losses
Nature of Work Step Verification
Risk Financial loss.
Nature of Control Manual
1. Check that management has identified critical areas in terms of thefts.
2. Check the management has a plan of action to stop any theft.
3. Check that CCTV's are in place to track any such case and is monitored by a security person.
4. Check any major theft reported during the audit period.

404
Audit Checklist

23.TA.20 Maintenance- Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory non-compliance.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

23.TA.21 Maintenance- Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification
Risk Inadequate control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.
4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

23.TA.22 Maintenance- HSE compliances


Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Automated/Manual
1. Use T-Code S_ALN_01001342 to check that all HSE norms are complied with.
2. Use T-Code S_SH8_72000002 to check that health of workers is not compromised on any count.
3. Use T-Code S_ALN_01001342 to check that adequate safety measures are available within the
premise and workers are asked to adhere to the same.

405
Audit Checklist

24. Materials Management- Technical Audit

Scope
Audit Areas
1 Budgeting
2 Material planning & monitoring
3 Operations
4 Purchase requisition
5 Purchase order
6 Vendor development and enlistment
7 Notice Inviting Tender (NIT)
8 Sale of bidding document
9 Bid security
10 Pre-bid conference
11 BEC/BRC
12 Two-bid system
13 Open tendering
14 Limited tendering/ Single tendering/ Emergency procurement
15 Spot purchases
16 Annual rate contract
17 Procurement of medicines
18 Receipt of bid
19 Opening of bid
20 Evaluation of bids, preparation of Tender Tabulation / Purchase
Proposal Committee Resolution (TCR) and award & signing of the PO
contract
21 Placement of order
22 Performance guarantee
23 Amendment to order
24 Follow-up
25 Replacement Supply
26 Receipt of material
27 Issuance of material
28 Demurrage
29 Storage
30 Scrap disposal
31 Insurance
32 DGCA permit and Explosives license
33 Monitoring of lead times from PR to PO issuance.
34 PR tracking
35 Creation of Service Entry Sheet (SES)
36 Manpower planning

406
Audit Checklist

24.TA.1 BEC/BRC
Control Objectives Approved BEC/BRC
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
Nature of Control Manual

1. Check whether BEC/BRC have been approved before issuing notice for tender.
2. Check if standard BEC/BRC have been used in the tender as per Purchase Manual.
3. Check if BEC/BRC have been approved as per DOP in case of any deviation.
4. Check whether changes made, if any have been approved as per DOP and communicated to
bidders timely.

24.TA.2.1 Storage
Control Objectives Avoid pilferage/spoilage/ damage of inventory
Nature of Work Step Verification
Risk Inefficient usage of resources.
Nature of Control Manual / Automated
1. Check whether the storage space requirement has been monitored and changed as per the
business needs.
2. To conduct a walkthrough of the storage and issuance of materials process and identify gaps, if
any.
3. Check whether there is a process to monitor pilferages/damage/spoilage of stored inventory.
4. Check whether reasoning analysis is done to analyze reasons for pilferages /damage /spoilage
and steps are taken to avoid he same in future.
5. Check whether there is a process to ensure FIFO process in material issuance.
6. Check whether the materials are stored in appropriate bins/racks to avoid mixing/
misplacement of materials.
7. Check whether the godowns are in compliance with the statutory storage norms applicable.
8. Check whether the godowns have adequate security and fire protection system.
9. Check whether adequate insurance cover has been obtained for the stored inventory.
10. Check whether there is a process of monitoring the value of inventory and obtaining extra
insurance cover, if required.
11. Check whether there is a schedule for carrying out physical verification.
12. Check whether the physical verification schedule is complied with.
13. Check if reasoning analysis is done for variances observed.
14. Check if the difference are written off timely after taking approval as per DOP.
15. To ensure that there are strong storage/stacking and segregation norms so as to avert
inventory loss. The SAP T-code is MB52.
16. Check if maker-checker control exists between the person responsible for inventory
management and the person conducting physical verification.
17. Check if any license is required from designated authority for storage of specific goods. Check
the validity of the licenses and ensure there is no delay in renewal or expiry of various licenses.

407
Audit Checklist

24.TA.2.2 Storage
Control Objectives To verify that the policies and procedure for warehouse
management is clearly defined and communicated.
Nature of Work Step Analysis / Verification
Risk Distortion of inventory records, which may lead to:
1. Over stocking of inventory may result in blockage of working
capital.
2. Under stocking of inventory may result in disruption of operations
due to non-availabilityof required items.
3. Pilferage may occur in absence of proper controls.
Nature of Control Manual
1. Understand the policies and procedures defined for issuance and consumption of material,
stores, spares and consumables.
2. Obtain listing of goods issued and consumed during the audit period. Use T-Code MB51.
3. On sample basis check whether the records of the goods issued, consumed, obsolete etc. are
maintained are per the defined policies and procedures.
4. Obtain the list of access rights for receipt and issuance of material analyze if same person has
performed different functions in same transactions.

24.TA.2.3 Storage
Control Objectives To verify that the preservation procedures and schedules are
implemented to maintain the material in storage facility.
Nature of Work Step Analysis / Verification
Risk Material getting damaged due to inadequate preservation
mechanism, finally resulting in financial losses / property damage.
Nature of Control Manual / Automated

1. Obtain a list of equipment, spares & other items in warehouse.


2. Verify for availability for maintenance schedule of equipment, spares & other items in
warehouse. Use T-Code IP10/IP24 and IW29/IW39.
3. Check adherence to preservation schedule for other items through documents and by doing a
physical verification.
4. Discuss and report any observation.

24.TA.2.4 Storage
Control Objectives To verify that obsolete, defective and damaged items are properly
identified, physically segregated and counted separately.
Nature of Work Step Analysis / Verification
Risk Blockage of working capital in obsolete inventory.
Nature of Control Manual

1. Check if the obsolete stock is bifurcated physically and in the system from fresh stock.
2. Check for adequacy of provision for obsolete inventory and existence of a disposal plan.
3. Verify timely disposal of obsolete material.
4. Discuss reason for exception and report the same.

408
Audit Checklist

24.TA.2.5 Storage
Control Objectives To verify that the slow moving materials are identified and physically
segregated.
Nature of Work Step Analysis / Verification
Risk Blockage of working capital in slow moving inventory due to
continuous procurement.
Nature of Control Manual / Automated

1. Review the inventory ageing report to highlight obsolete and non-moving inventory.
2. Check for the existence of a disposal plan.
3. Check for adequacy of provision for old and obsolete inventory.
4. Use T-code MC46 and MC50 for inventory ageing and check whether there is a process for
monitoring over obsolete / slow / non-moving / materials or spares and appropriate decisions
are taken for the same. Check whether details of rejected/ obsolete/ non-moving inventory are
reported as part of MIS.
5. Discuss reason for exception and report the same.

24.TA.3 Scrap disposal


Control Objectives Pilferage of scrap
Nature of Work Step Verification
Risk 1. Inappropriate approval for disposal.
2. Non-compliance to safety norms.
Nature of Control Manual / Automated

1. Check whether there is process for identifying scrap items.


2. Check the compliance of the process for identification of scrap, if any.
3. Check whether the scrap items are disposed/auctioned timely after taking adequate approval as
per DOP.
4. To ensure that there is authorized disposal of scrap. The SAP T-Code is SUIM.
5. 5. Check whether environment and safety norms are complied with in case of scrapping of
materials containing chemical/radioactive materials etc.

24.TA.4 Creation of Service Entry Sheet (SES)


Control Objectives Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual / Automated

409
Audit Checklist

1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

410
Audit Checklist

26. Pipe Line Fields – Technical Audit


Scope
Audit scope
1 Planning, preparation and budget
2 Environment, Health and Safety Compliance
3 Construction of Crude Oil Flow lines and Crude Oil Delivery
(COD) Lines
4 Maintenance of Crude Oil Delivery (COD) lines
5 Construction of Natural Gas Flow lines and Transportation
Lines
6 Maintenance of Natural Gas, transportation lines
7 Construction of formation water disposal lines
8 Maintenance of formation water disposal lines
9 Installation of Indirect Heater
10 Operation
11 PR Tracking
12 Creation of Service Entry Sheet
13 Manpower Planning

411
Audit Checklist

26.TA.1 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Verification
Risk Non Compliance to EH&S.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Manual is ensured and documented.
4. To check whether required documents/report/returns are filed on monthly/ quarterly/annually
basis to Govt./State Govt./Authorities/ Atomic Energy Regulatory Board (AERB).
5. To ensure adequate measures are undertaken to mitigate the risk in case of pipeline burst.

26.TA.2 Construction of Crude Oil Flow lines and Crude Oil Delivery (COD) Lines
Control Objective Proper process undertaken for construction of pipelines
Nature of Work Step Analysis/Verification
Risk Inadequacies in construction of pipeline.
Nature of Control Manual
1. To check the integrity of the pipeline i.e. construction of pipeline should be as per ASME B 31.4,
API 1104, & coating as per AWWA 203C.
2. To check that radiography, X-ray test has been conducted for welding done on pipelines as per
defined procedures.
3. Check that the welders involved in welding have certification for Welders Qualification Test
(WQT).
4. To check if peel test and holiday test has been undertaken for coating and wrapping.
5. To verify whether hydro tests are conducted to check the continuity of the pipeline.
6. To check that leak detection, pilferage, encroachment, asset lifecycle management,
replacement policy are checked by the user department and timely informed to the PLF
department.
7. To check if tests are carried out through the length of the pipeline during construction and
commissioning.

26.TA.3 Maintenance of Crude Oil Delivery (COD) Lines


Control Objective Choke free and free flow of delivery lines
Nature of Work Step Analysis/Verification
Risk Interruption in delivery lines.
Nature of Control Manual
1. To check that pressure is relieved from the pipeline before commencing of repair to ensure that
there is no fire during the leak repair of the pipeline.
2. To check that pigging operation of pipeline is conducted as per defined schedule.
3. To check whether there are delays / difficulties in identification of choked line.
4. To check that pressure test is carried out after the repair of the pipeline.

412
Audit Checklist

26.TA.4.1 Maintenance of Crude Oil Delivery (COD) Lines


Control Objective Safety
Nature of Work Step Verification
Risk No safety/ precautionary measures.
Nature of Control Manual
1. To check that precautionary safety measures are undertaken like using proper PPEs, requisition
of Fire Service on standby duty at site.

26.TA.4.2 Construction of Natural Gas Flow lines and Transportation Lines


Control Objective Proper process undertaken for construction of pipelines
Nature of Work Step Analysis/Verification
Risk Inadequacies in construction of pipeline.
Nature of Control Manual
1. To check the integrity of the pipeline i.e. construction of pipeline should be as per ASME B 31.4,
API 1104, & coating as per AWWA 203C.
2. To check that radiography, X-ray test has been conducted for welding done on pipelines as per
defined procedures.
3. Check that the welders involved in welding have certification for Welders Qualification Test
(WQT).
4. To check if peel test and holiday test has been undertaken for coating and wrapping.
5. To verify whether hydro tests are conducted to check the continuity of the pipeline.
6. To check that leak detection, pilferage, encroachment, asset lifecycle management,
replacement policy are checked by the user department and timely informed to the PLF
department.
7. To check if tests are carried out through the length of the pipeline during construction and
commissioning.

26.TA.5.1 Maintenance of Natural Gas, transportation lines


Control Objective Choke free and free flow of delivery lines
Nature of Work Step Analysis/Verification
Risk Interruption in delivery lines.
Nature of Control Manual
1. To check that pressure is relieved from the pipeline before commencing of repair to ensure that
there is no fire during the leak repair of the pipeline.
2. To check that leak test is carried out after repair of the pipeline.
3. To check whether there are delays / difficulties in identification of choked line.
4. To check that pressure test is carried out after the repair of the pipeline.

26.TA.5.2 Maintenance of Natural Gas, transportation lines


Control Objective Safety
Nature of Work Step Verification
Risk No safety/ precautionary measures.
Nature of Control Manual
1. To check that precautionary safety measures are undertaken like using proper PPEs, requisition
of Fire Service on standby duty at site.

413
Audit Checklist

26.TA.6 Construction of formation water disposal lines


Control Objective Proper process undertaken for construction of pipelines
Nature of Work Step Verification
Risk Inadequacies in construction of pipeline.
Nature of Control Manual
1. To check the integrity of the pipeline i.e. construction of pipeline should be as per ASME B 31.4,
API 1104, & coating as per AWWA 203C.
2. To check that radiography, X-ray test has been conducted for welding done on pipelines as per
defined procedures.
3. Check that the welders involved in welding have certification for Welders Qualification Test
(WQT).
4. To check if peel test and holiday test has been undertaken for coating and wrapping.
5. To verify whether hydro tests are conducted to check the continuity of the pipeline.
6. To check that leak detection, pilferage, encroachment, asset lifecycle management,
replacement policy are checked by the user department and timely informed to the PLF
department.
7. To check if tests are carried out through the length of the pipeline during construction and
commissioning.

26.TA.7.1 Maintenance of formation water disposal lines


Control Objective Repair and replacement
Nature of Work Step Analysis/Verification
Risk Delay in repairs.
Nature of Control Manual
1. To check whether there is timely repair of pipeline as and when asked by the user department.
2. To check whether there are delays / difficulties in identification of choked line.
3. To check that there is timely replacement of corroded portion of pipeline.

26.TA.7.2 Maintenance of formation water disposal lines


Control Objective Choke free and free flow of delivery lines
Nature of Work Step Analysis/Verification
Risk Interruption in delivery lines.
Nature of Control Manual
1. To check that pressure is relieved from the pipeline before commencing of repair to ensure that
there is no fire during the leak repair of the pipeline.
2. To check that leak test is carried out after repair of the pipeline.
3. To check that pressure test is carried out after the repair of the pipeline.

26.TA.7.3 Maintenance of formation water disposal lines


Control Objective Safety
Nature of Work Step Verification
Risk No safety/ precautionary measures.
Nature of Control Manual
1. To check that precautionary safety measures are undertaken like using proper PPEs,
requisition of Fire Service on standby duty at site.

414
Audit Checklist

26.TA.8.1 Installation of Indirect Heater


Control Objective Proper Installation
Nature of Work Step Analysis/Verification
Risk Improper installation and no integrity check.
Nature of Control Manual
1. To check there is correct laying of foundation casting and installation of 2"" fuel lines and 4""
flow lines.
2. To check the integrity of the pipeline.
3. To ensure adequate measures are undertaken to mitigate the risk unforeseen social and local
problems.
4. To verify whether hydro tests are conducted to check the continuity of the pipeline.
5. To check if tests are carried out through the length of the pipeline during construction and
commissioning.
6. To check if there is daily progress reporting by the contractors and departmental engineers.

26.TA.9.2 Installation of Indirect Heater


Control Objective Safety
Nature of Work Step Verification
Risk No safety/ precautionary measures.
Nature of Control Manual
1. To check that precautionary safety measures are undertaken like using proper PPEs,
requisition of Fire Service on standby duty at site.

26.TA.10.1 Operation
Control Objective Budget approval
Nature of Work Step Analysis/Verification
Risk Unauthorized expenditure.
Nature of Control Manual
1. To check that route survey and land acquisition of the track are carried out after the user
department gets the budget approval and same is intimated to the respective department
timely.

26.TA.10.2 Operation
Control Objective Timely update of Contracts
Nature of Work Step Verification
Risk Inadequate parameters or unfavorable conditions in the contracts.
Nature of Control Manual
1. To check that the running contract for laying pipeline/installing in following areas of OIL's
operations are properly updated in the best interest of the Company:
a. Laying of crude oil flow lines,
b. Laying of Natural Gas flow lines,
c. Laying of formation water flow lines,
d. Installation of Indirect Heaters.

415
Audit Checklist

26.TA.10.3 Operation
Control Objective Land acquisition
Nature of Work Step Verification
Risk Delay in land acquisition.
Nature of Control Manual
1. To check if proper liasoning exists to acquire the complete land.
2. To check whether there is delay in handover of land.
3. To check that in case of encroachment of ROW, the same is informed to user and Land
department for proper action from their end.

26.TA.10.4 Operation
Control Objective Availability of Material
Nature of Work Step Analysis/Verification
Risk Non material availability.
Nature of Control Automated/Manual
1. Use T-Code CO09 to check whether there are delays in availability of material.
2. To check if there is unutilized material. Use T-Code MB52.
3. To check whether there is timely execution of the requisition from other departments. Use T-
code ME5A.

26.TA.10.5 Operation
Control Objective Effective implementation of activities
Nature of Work Step Analysis/Verification
Risk Ineffective implementation of activities.
Nature of Control Manual
1. To check if the user department send the requirement to PLF department on time.
2. To check if there is any requirement of PLF department after work over.
3. To check if cost benefit analysis is undertaken before outsourcing is undertaken for new
pipelines.
4. To check if timely measures are undertaken to overcome the problems that monsoon season
might pose.
5. To check whether health checkup of pipelines is done timely.
6. To check if intelligent pigging is done before carrying out pigging operation to save cost.

26.TA.10.5 Operation
Control Objective Disposal of scrapped pipe
Nature of Work Step Verification
Risk Inappropriate disposal of scrap pipe.
Nature of Control Manual
1. To check disposal action of scrapped pipe is done as per Company policy.

416
Audit Checklist

26.TA.11 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

26.TA.12 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

417
Audit Checklist

27. Planning – Technical Audit


Scope
Audit Areas
1 Budgeting and business plan
2 Budget monitoring
3 Pre-requisites for operations
4 MIS Reporting
5 Annual plan / MOU Targets
6 Inter departmental co-ordination
7 PR Tracking
8 Creation of Service Entry Sheet (SES)
9 Manpower Planning

418
Audit Checklist

27.TA.1 Budgeting and business plan


Control Objective To ensure timely finalization of appropriate budget
Nature of Work Step Verification/Analysis
Risk Delay in finalization of budget.
Nature of Control Manual/Automated
1. Check if the budget calendar is finalized in advance and circulated to all departments for
ensuring timely inputs.
2. Check if the monitoring is done to ensure timely receipt of departmental budgets.
3. Check if the verification of the inputs received from the departments is conducted to weed out
inaccuracies, if any.
4. Check the whether budgets are compiled and prepared on timely basis as per defined timelines
(Capital / Special Revenue / Revenue).
5. Check the timelines in receiving the budget proposals from the various departments.
6. Check the approvals over the budgets as per DOP. Use T-Code KSBL and enter cost center.
7. For special sanction for expenditure (special budget), check the request from the concerned
user department and approval from competent authority.
8. Check if the assumptions taken for the budgeting purpose are adequately documented and
approved. Use T-Code CV03N and enter document number.
9. Map the targets set with Memorandum of Understanding (MoU) and minutes of the board
meeting. Use T-Code KSBL.

27.TA.2 Pre-requisites for operations


Control Objective Safeguard interest of the Company
Nature of Work Step Verification
Risk Non Compliance to mandatory requirements.
Nature of Control Manual
1. Check whether all the mandatory lease and license have been obtained / renewed as per
statutory requirements (Exploration License, explosives storage license & Mining lease etc.).
2. Check if a tracker is maintained to ensure timely renewal of required licenses and clearances.
3. Check if proper documentation and follow up is ensured for delays in obtaining the required
clearances.

27.TA.3 MIS Reporting


Control Objective Communication of right information at right time to facilitate decision
making.
Nature of Work Step Verification/Analysis
Risk Inadequacy of MIS reported.
Nature of Control Manual
1. Check if the all type of MIS are prepared and Circulated in timely basis.
2. Check if the MIS prepared is verified for ensuring accuracy before circulating.
3. Check if adequate control is in place to prevent leakage of confidential and sensitive
information. (E.g. Access control and dedicated responsible persons)
4. Check sample figures from the input data to ensure accuracy of MIS. (Also verify with data from
SAP wherever applicable)
5. Check if the SOP of collection, processing and presentation of information is defined.

27.TA.4 Annual plan / MOU Targets


Control Objective To ensure correct recording and reporting of information

419
Audit Checklist

Nature of Work Step Verification


Risk Inaccurate information.
Nature of Control Manual
1. Check if the information circulated for the purpose of Annual Plan / MOU is accurately
calculated and reported.
2. Check if the monitoring of Annual Plan/ MOU targets is performed in a defined manner and
figures reported are accurately estimated.

27.TA.5 Inter departmental co-ordination


Control Objective To ensure timely communication to Government authorities
Nature of Work Step Verification
Risk Delay in approval of plan from respective Government authorities.
Nature of Control Manual
1. Check whether a tracker has been prepared for queries given by Government departments.
2. Check whether a tracker has been prepared for information to be furnished to Government
departments.
3. Review whether documents were submitted to the respective departments on timely basis.
4. Review whether the information provided was accurate.

27.TA.6 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

420
Audit Checklist

28. Production Gas – Technical Audit


Scope
Audit Areas
Production Gas -P & D
1 Planning, budgeting & monitoring
2 Monitoring
3 Contracting and receiving
4 Billing and sales accounting
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning
8 New project and achievements
Production Gas - Projects
1 SOP compliance
2 Projects
3 Contract monitoring
4 Operations
5 Cost control analysis
6 New project and achievements
7 Safety
8 Training to workers
9 Security
10 Statutory compliances
11 Tools, spares and other expenses
12 HSE compliances
Production Gas - SCADA
1 Monitoring through SCADA
2 Projects
3 Tools, spares and other expenses
4 Calibration
5 Statutory compliances
6 Equipment management and maintenance
7 Maintenance
8 PR tracking
9 Creation of Service Entry Sheet (SES)
Production Gas - NAGFD
1 Planning, budgeting & monitoring
2 Gas transportation
3 Manpower planning
4 Training to workers
5 Well stimulation services
6 Commissioning and work over

421
Audit Checklist

7 Gas flaring
Production Gas -Admin & MSO
1 Health, safety and environment compliances
2 Periodic audits & inspections
3 Statutory clearances and permission
4 Disposal of waste, hazardous chemicals and other by products
5 Administration
Production Gas -O & M
1 SOP Compliance
2 Equipment management and maintenance
3 Maintenance
4 Maintenance of pipelines
5 Issuing material for replacement
6 Breakdown analysis
7 Safety
8 Training to workers
9 Statutory compliances
10 Tools, spares and other expenses
11 HSE compliances
Production Gas -GCS
1 SOP compliance
2 Operations
3 Safety
4 Testing of flow lines
5 Equipment management and maintenance
6 Maintenance
Production Gas -Gas Field
1 Planning, budgeting & monitoring
2 Gas transportation
3 Work over operation
4 Dehydration of Natural Gas
5 Gas flaring
6 Resource planning and monitoring

422
Audit Checklist

28.TA.1 P & D - Contracting and receiving


Control Objective Ensure effectiveness of contracting activities
Nature of Work Step Analysis/Verification
Risk Inefficient implementation of activities.
Nature of Control Automated/Manual
1. Use T-Code ME23N, ME33K to ensure proper process exists for awarding and monitoring of
contracts.
2. Use T-Code ME23N, ME33K to check if all contracts are done after due assessment and
approvals as per DOP.
3. Use T-Code FBL1N, ME33K to check for approval of any deviation observed while executing the
contract and/or any action taken (e.g. imposition of LD/revision of contract cost etc.).
4. Use T-Code FBL1N to check whether price escalation, if any, was paid as per contract.
5. Use T-Code FBL1N to check whether Retention money is deducted from each running bill as per
Contract terms.
6. Use T-Code ME33K to verify that the contract is approved by a competent authority.
7. Check the number of incidents of contractor’s failure to provide promised services.
8. Use T-Code ML84 to check that SES entries are done based on bill certification by respective
user section.
9. Check whether there is existence of dual documentation/ dual record maintenance on account
of existence of manual as well as online entry in SAP.

28.TA.2 P & D - Billing and sales accounting


Control Objective Ensure adequate and timely billing
Nature of Work Step Analysis/Verification
Risk Delay/ incorrect billing.
Nature of Control Automated/Manual
1. Use T-Code VF03 to check that the quantities for invoicing are received from authorized person
of Production department.
2. Use T-Code VF03, VF05 to check whether invoices were raised as per defined timeliness.
3. Use T-Code FBL5N to check whether payment received from customer on time and interest
charged in case of delayed payment.
4. Use T-Code FBL3N to check whether reconciliation of Annual Returns has been done.
5. Use T-Code FBL3N to check whether reconciliation of return and payment of royalty, sales tax
etc. has been done.

28.TA.3 P & D - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.

423
Audit Checklist

4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

28.TA.4 P & D - Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

28.TA.5 P & D - New project and achievements


Control Objective Timely completion of task
Nature of Work Step Verification
Risk Delay may lead to excess cost and loss of goodwill.
Nature of Control Manual
1. Check annual report for the new assignments undertaken and completed during the year and
compare the same with their expected date of completion.
2. Check the financial impact due to delay in completion of task.

28.TA.6 Projects - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well-defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

28.TA.7 Projects
Control Objective Avoid Cost and Time Overruns
Nature of Work Step Verification
Risk 1. Cost overrun.
2. Delay in completion of project.
Nature of Control Automated/Manual

424
Audit Checklist

1. Use T-Code KSBL to check if the adequate planning is done for timely completion of the project
within allocated budget.
2. Use T-Code CJ31, CJ33, S_ALR_87013558 to check if the periodic monitoring is done to avoid
any time and cost overrun.
3. Use T-Code KSBL to check if liquidation plan is available to catch up project delays (if any).
4. Use T-Code QGA2, QDH2 to check if proper quality checks are performed for all input material
and installations.
5. Check if the project commission and installation tests are performed and documented.

28.TA.8 Projects - Contract monitoring


Control Objective To ensure contractual terms are followed by the contractor
Nature of Work Step Verification
Risk Breach of contractual terms.
Nature of Control Automated/Manual
1. Check if there is a process to ensure regular monitoring of compliance of contractual terms by
contractor.
2. Check whether SES is created timely and after appropriate inspection of the service procured. Use
T-code ME33K, ME23N, ML81N.
3. Check whether the action for renewal of maintenance contracts are initiated timely.

28.TA.9 Projects - Operations


Control Objective Completion of work on time in effective manner
Nature of Work Step Verification
Risk 1. Loss of operational efficiency.
2. Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code ME53N, ME2S to check whether service is available all time to ensure timely service.
2. Use T-Code IW23, IW28, IW33, IW39 to check for delay in providing maintenance services
resulting in loss of operational efficiency.
3. Check that manpower are allocated as per plan only so as to avoid any delay.
4. Check that statutory compliance checklist is analyzed and updated regularly.

28.TA.10 Projects - Cost control analysis


Control Objective Minimum cost and maximum productivity
Nature of Work Step Verification
Risk Low productivity and excess cost incurred.
Nature of Control Automated/Manual
1. Use T-Code CJ31, CJ33, S_ALR_87013558 to check whether the budget allocated for Projects is
utilized in effective manner.
2. Use T-Code S_ALR_87013532 to check the cost incurred for Projects and compare the same
with the allocated budget.
3. Use T-Code S_ALR_87013532 to check costs incurred due to accidents or injuries sustained
while performing project work.
4. Use T-Code IE03, IW33, S_ALR_87013532 to check extra expense incurred due to obsolete
equipment.

425
Audit Checklist

28.TA.11 Projects - New project and achievements


Control Objective Timely completion of task
Nature of Work Step Verification
Risk Delay may lead to excess cost and loss of goodwill.
Nature of Control Manual
1. Check annual report for the new assignments undertaken and completed during the year and
compare the same with their expected date of completion.
2. Check the financial impact due to delay in completion of task.

28.TA.12 Projects - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- compliance to safety procedures and guidelines.
Nature of Control Automated/Manual
1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and no
one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.
4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

28.TA.13 Projects - Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained employees may lead to delay in completion of projects/
accidents at site.
Nature of Control Manual
1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

28.TA.14 Projects - Security


Control Objective To minimize risk of thefts and prevent financial losses
Nature of Work Step Verification
Risk Financial loss.
Nature of Control Manual
1. Check that management has identified critical areas in terms of thefts.
2. Check the management has a plan of action to stop any theft.
3. Check that CCTV's are in place to track any such case and is monitored by a security person.
4. Check any major theft reported during the audit period.

28.TA.15 Projects - Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory non-compliance.

426
Audit Checklist

Nature of Control Manual


1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

28.TA.16 Projects - Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification
Risk Inadequate control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.
4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

28.TA.17 Projects - HSE compliances


Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Automated/Manual
1. Use T-Code S_ALN_01001342 to check that all HSE norms are complied with.
2. Use T-Code S_SH8_72000002 to check that health of workers is not compromised on any count.
3. Use T-Code S_ALN_01001342 to check that adequate safety measures are available within the
premise and workers are asked to adhere to the same.

28.TA.18 SCADA - Monitoring through SCADA


Control Objective Cost of acquisition, obsolete machinery
Nature of Work Step Analysis/Verification
Risk Weak budgetary control over cost of machinery.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check the cost of procuring assets and obtaining the cost benefit analysis.
2. Use T-Code S_ALR_87013542 to check any extra cost incurred due to obsolete machinery.
3. Check any loss of production or injury to person due to any external activity.
4. Use T-Code IP24, IW33, IW39 to check any delay in providing maintenance services resulting in
operational inefficiency.
5. Check any case of incorrect meter readings due to mechanical flow meters.
6. Check any wrong reporting due to inadequate controls on production reading.

28.TA.19 SCADA - Projects


Control Objective Avoid Cost and Time Overruns
Nature of Work Step Verification

Risk 1. Cost overrun.


2. Delay in completion of project.

427
Audit Checklist

Nature of Control Automated/Manual


1. Use T-Code KSBL to check if the adequate planning is done for timely completion of the project
within allocated budget.
2. Use T-Code CJ31, CJ33, S_ALR_87013558 to check if the periodic monitoring is done to avoid
any time and cost overrun.
3. Use T-Code KSBL to check if liquidation plan is available to catch up project delays (if any).
4. Use T-Code QGA2, QDH2 to check if proper quality checks are performed for all input material
and installations.
5. Check if the project commission and installation tests are performed and documented.

28.TA.20 SCADA - Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Analysis/Verification
Risk Weak budgetary control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.
4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

28.TA.21 SCADA - Calibration


Control Objective Ensure effectiveness of calibration process and activities
Nature of Work Step Analysis/Verification
Risk Incorrect calibration.
Nature of Control Automated/Manual
1. Use T-Code IP24, IW33, IW39 to check if calibration plan is prepared.
2. Check if calibration plan is approved as per defined procedure.
3. Use T-Code IP24, IW33, IW39 to check if timely calibration is ensured for all equipment.
4. Check if there is any incorrect measurement due to non-calibration of tools and equipment.

28.TA.22 SCADA - Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013422 to check whether the utilization of equipment is
reviewed regularly.
2. Use T-Code IP24 to check whether there is a maintenance schedule (preventive/regular) for
equipment and its compliance.
3. Use T-Code IP24, IW33, IW39 to check whether monitoring over turnaround time as per
schedule and actual time taken for maintenance of equipment is done.
4. Use T-Code QA33 to check whether the equipment are calibrated regularly.
5. Use T-Code IW23, IW28, IW33, IW39 to verify that minor repairs are handled on a timely basis
at the site by appropriate staff.
6. Use T-Code MMBE, MB52, MB5B to verify that adequate spares are maintained at the site to
facilitate repairs and maintenance.

428
Audit Checklist

7. Use T-Code IE03, IH08 to verify that replacements of equipment are undertaken timely before
the specified life expires.
8. Use T-Code IA07 to check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

28.TA.23 SCADA - Maintenance


Control Objective Timely closure of maintenance requests to avoid operational delay
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Conduct a walkthrough of the process of getting requests for maintenance and identify gaps, if
any.
2. Check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance. Use T-Code IW39 to display the PM orders and IP24 to display the scheduling
overview list form.
3. Use T-Code IW23, IW28 to check whether the requests received only through SAP.
4. Use T-Code IW23, IW28 to check whether there is a creation of maintenance order.
5. In case of manual request, check the process of recording and monitoring the requests received.
6. Use T-Code IW23, IW28 to check whether an analysis is done for the time taken for closing a
request.
7. Use T-Code IW23, IW28 to see that proper notification is given about defects.
8. Check if root cause analysis is done for delays and steps are taken to avoid the same in future.

28.TA.24 SCADA - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

429
Audit Checklist

28.TA.25 NAGFD - Planning, budgeting & monitoring


Control Objective Adequate planning and approvals, effective tracking of annual plan,
compliance to DOP
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Delays in preparation of budget.
Nature of Control Manual/Automated
1. Check whether the annual plan of Production Gas (NAGFD) department is complete and all-
inclusive to cover the requirements of all the activities that come under its purview.
2. Use T-Code KSBL and enter cost center to get budget.
3. In version management check the changes done in the budget.
4. Check for appropriate approval as per DOP for the budget and subsequent changes.
5. Check whether annual plan made is -
a. Linked to the requirement
b. Inclusive of all the related costs.
6. Check the timelines for preparation and approval of budget.
7. Use T-Code S_ALR_87013532 by entering cost center to check whether actual expenses are
monitored / compared with planned expenses on periodic basis.

28.TA.26 NAGFD - Gas transportation


Control Objective Ensure effectiveness of process
Nature of Work Step Analysis/Verification
Risk Ineffective transportation process leading to incurring of excess
expenses.
Nature of Control Manual/Automated
1. Check that Gas is transferred for pumping only after the sample sent to laboratory for analysis is
found to be acceptable.
2. Check that formation water at all installations is disposed as per standards.
3. Use T-Code IP24 to verify flow Assurance from well head to Processing Installations to prevent
downtime.
4. Ensure that there is round the clock monitoring of well head equipment to prevent any form of
sabotage/pilferage.
5. Check if remedial action is undertaken against activities such as pilferage of condensate by
miscreants.
6. Use T-Code IK07,IK17, S_ALR_87013421 to ensure there is proper Primary Separation of
Reservoir Fluid (Crude Oil, Formation Water, Associated & Non Associated Gas).
7. Use T-Code IK07,IK17, S_ALR_87013421 to check whether water content is being measured.
8. Use T-Code MCUF, MCUC to verify uninterrupted logistics support for operations onshore.
9. Use T-Code QGA1, QGC1, QGC2, QGC2, QGA2 to check there is adequate QA / QC process
during Production (e.g. BS&W Issues).
10. Use T-Code MCUF, MCUC to check that there is effective monitoring of Gas transportation.
11. To ensure proper checks are being maintained on quantity at loading point and unloading point.
12. Check that a mechanism exists for monitoring of pilferages/ leakages while transportation.
13. Use T-Code QDH2 to check if quality sampling is being done (Daily/ Fortnightly).

28.TA.27 NAGFD - Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities

430
Audit Checklist

Nature of Work Step Verification/Analysis


Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

28.TA.28 NAGFD - Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained employees may lead to delay in completion of projects/
accidents at site.
Nature of Control Manual
1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

28.TA.29 NAGFD - Commissioning and work over


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Inefficient implementation of activities.
Nature of Control Manual
1. Check there is existence of defined plan for carrying out the commissioning of central gas
station
2. Check that specifications are available for material utilized.
3. Use T-Code S_ALR_87015125, S_ALR_87015124 to check whether the work is carried out as per
defined plan and completed in timely manner.
4. Use T-Code S_ALR_87013558 to check if the budget is monitored and no excess expenditure is
incurred.
5. Check if the reasons for any deviations are identified timely and action plan made.

28.TA.30 NAGFD - Commissioning and work over


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Inefficient implementation of activities.
Nature of Control Manual
1. Check there is existence of defined plan for carrying out the commissioning of central gas
station
2. Check that specifications are available for material utilized.
3. Use T-Code S_ALR_87015125, S_ALR_87015124 to check whether the work is carried out as per
defined plan and completed in timely manner.
4. Use T-Code S_ALR_87013558 to check if the budget is monitored and no excess expenditure is
incurred.
5. Check if the reasons for any deviations are identified timely and action plan made.

431
Audit Checklist

28.TA.31 NAGFD - Gas flaring


Control Objective To ensure effectiveness of the monitoring process
Nature of Work Step Analysis/Verification
Risk Ineffective monitoring.
Nature of Control Automated/Manual
1. Use T-Code MCXD, MCXX to verify the quantity of gas flared. To verify if gas flaring is on account
of customer not accepting gas and if charges for non–acceptance have been accounted for as
per agreement/MOU.
2. Use T-Code S_SH8_72000033 to verify if gas flared meets environmental norms.
3. Use T-Code S_ALN_01001342 to check if plans exist to reduce gas flaring.
4. Use T-Code S_SH8_72000033 to verify that adequate safety provisions are maintained for gas
flaring.
5. Use T-Code IK07,IK17, S_ALR_87013421 to verify whether proper maintenance is carried
whether maintenance schedule for equipment and instruments used for measuring the
quantum of gas flared were prepared and circulated.

28.TA.32 Admin & MSO - Health, safety and environment compliances


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Analysis/Verification
Risk Non-compliance to HSE regulations.
Nature of Control Manual
1. Verify that appropriate contingency plans and disaster recovery plans exists.
2. Check there is HSE compliances by contractors.
3. Check there is existence of adequate breakdown analysis and timely action over breakdowns.
4. Check whether compliance of Safety Manual is ensured and documented.
5. Check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt./Authorities/AERB.
6. Check if the comprehensive checklist of various HSE compliances is maintained.
7. Check if there exist approved Safety policy and employees are aware of the same.
8. Check if the checklist of compliances is monitored and updated on continuous basis.
9. Check if there exists the mechanism of ensuring the compliances to all statutory requirements
(including but not limited to):
a. Mines Act.
b. Oils and Mines Regulations
c. Explosive Act and Rules.
d. OISD Standards.
e. Environment Protection Act
f. Water & Air Act.
g. Water Cess Act.
h. Hazardous Waste Management Act.
i. E. Waste.
j. Petroleum Act.
k. Explosive Act and Rules etc.
10. Check if the action plan is documented and adhered for the identified non compliances.
11. Check if various statutory reports and MIS are correctly prepared and submitted timely to
various statutory authorities as required.

432
Audit Checklist

28.TA.33 Admin & MSO - Periodic audits & inspections


Control Objective Pollution complaints, statutory penalties and other environmental
losses
Nature of Work Step Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Check if any complaint has been registered against the company for causing pollution of any
kind like Air, water etc.
2. Check whether adequate steps are taken by Company against the complaints filed against the
Company.
3. Check whether periodic audits regarding environment, safety has been conducted and the
observations of such audits are complied.
4. Use T-Code CBIHMR05 to check whether periodic inspection has been conducted internally and
results are monitored.
5. Check if checklist / manual of compliances is updated with the deviations noted during various
audits.

28.TA.34 Admin & MSO - Statutory clearances and permission


Control Objective Availability of all Statutory Clearances and permission
Nature of Work Step Analysis/Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code IPMD to check if the tracker is maintained to monitor the statutory clearances to be
obtained.
2. Check if all the required clearances have been obtained by the department.
3. Use T-Code S_SH8_720000033 to check if there exists a checklist of the documents required to
be filed for the required clearances.
4. Check if there is adequate follow up done to ensure timely receipt of all clearances.
5. Check if the renewal process is started on timely basis for the clearances nearing expiry.

28.TA.35 Admin & MSO - Disposal of waste, hazardous chemicals and other by products

Control Objective Disposal of waste, Hazardous chemicals and other by products as per
statutory requirements.
Nature of Work Step Analysis/Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code CG54 to check that Company has a well-defined disposal plan for disposal of
hazardous waste.
2. Use T-Code CG54 to check that waste is processed before disposition so as to cause minimum
damage.
3. Check compliance with ISO manual for disposal of waste causing water and air pollution.
4. Use T-Code CG54 to check whether a disposal is done as per the statutory requirements and
guidelines prescribed for disposal.
5. Use T-Code CG54 to check whether company has obtained all required certificate and
clearances for disposal.

433
Audit Checklist

28.TA.36 Admin & MSO - Administration


Control Objective To ensure timely and cost effective administrative procurement
Nature of Work Step Analysis/Verification
Risk 1. Inadequate cost incurred on administrative procurement.
2. Delay in administrative procurement.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check that budgets have been prepared in line with the future requirement
and duly approved as per DOP.
2. Use T-Code 'S_ALR_87013558 to check separate budgets have been prepared for CAPEX and
OPEX and monitored on regular basis.
3. Use T-Code 'S_ALR_87013532 to check whether there is process of ensuring actual performance
against the budgeted performance.
4. Check the reason for deviation, if any. Check whether adequate steps have been taken to
mitigate such deviation.
5. Check on sample basis whether the procurement process followed for admin procurement is in
line with company policy.
6. Use T-Code MMBE to check whether distribution of admin items is properly recorded.
7. Use T-Code MMBE, MB52, MB5B to check if procurement is done on need basis and proper
controls are in place to avoid wastages.

28.TA.37 O & M - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well-defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

28.TA.38 O & M - Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013422 to check whether the utilization of equipment is
reviewed regularly.
2. Use T-Code IP24 to check whether there is a maintenance schedule (preventive/regular) for
equipment and its compliance.
3. Use T-Code IP24, IW33, IW39 to check whether monitoring over turnaround time as per
schedule and actual time taken for maintenance of equipment is done.
4. Use T-Code QA33 to check whether the equipment are calibrated regularly.
5. Use T-Code IW23, IW28, IW33, IW39 to verify that minor repairs are handled on a timely basis
at the site by appropriate staff.
6. Use T-Code MMBE, MB52, MB5B to verify that adequate spares are maintained at the site to
facilitate repairs and maintenance.

434
Audit Checklist

7. Use T-Code IE03, IH08 to verify that replacements of equipment are undertaken timely before
the specified life expires.
8. Use T-Code IA07 to check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

28.TA.39 O & M - Maintenance


Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Conduct a walkthrough of the process of getting requests for maintenance and identify gaps, if
any.
2. Use T-Code IW23, IW28 to check whether the requests received only through SAP.
3. Use T-Code IW23, IW28 to check whether there is a creation of maintenance order.
4. In case of manual request, check the process of recording and monitoring the requests received.
5. Use T-Code IW23, IW28 to check whether an analysis is done for the time taken for closing a
request.
6. Use T-Code IW23, IW28 to see that proper notification is given about defects.
7. Check if root cause analysis is done for delays and steps are taken to avoid the same in future.

28.TA.40 O & M - Maintenance of pipelines


Control Objective Timely maintenance for least damage
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IP24, IW33, IW39 to check that timely maintenance of pipelines is done.
2. Use T-Code IP24 to check whether control is present in SAP to prompt due date of maintenance.
3. Use T-Code IP03,QA33 to check the periodicity and results of maintenance works performed.
4. Use T-Code IP24, IW33, IW39 to check any delay in maintenance schedule due to non-
availability of manpower.

28.TA.41 O & M - Issuing material for replacement


Control Objective Minimum downtime during replacement
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Use T-Code IE03, IH08 to check that pipelines are replaced on time.
2. Use T-Code IW23, IW28 to check the time taken from lodging a complaint to actual replacement
of pipelines.
3. Check the number of cases of leakage and financial loss suffered due to it.
4. Use T-Code MB52, MB5B, MMBE to check whether spares are issued on FIFO basis and no new
spare has been purchased which was already present in store.

28.TA.42 O & M - Breakdown analysis


Control Objective No downtime or breakdown
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual

435
Audit Checklist

1. Use T-Code IW39 to check the total number of hours of downtime.


2. Check the action taken to avoid frequent breakdowns.

28.TA.43 O & M - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- Compliance to Safety Procedures and Guidelines.
Nature of Control Automated/Manual
1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and no
one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.
4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

28.TA.44 O & M - Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained employees may lead to delay in completion of projects/
accidents at site.
Nature of Control Manual
1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

28.TA.45 O & M - Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory non-compliance
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.
5.

28.TA.46 O & M - Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification
Risk Inadequate control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.

436
Audit Checklist

4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

28.TA.47 O & M - HSE compliances


Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-compliance to HSE Laws.
Nature of Control Automated/Manual
1. Use T-Code S_ALN_01001342 to check that all HSE norms are complied with.
2. Use T-Code S_SH8_72000002 to check that health of workers is not compromised on any count.
3. Use T-Code S_ALN_01001342 to check that adequate safety measures are available within the
premise and workers are asked to adhere to the same.

28.TA.48 GCS - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well-defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

28.TA.49.1 GCS - Operations


Control Objective Collection of Gas
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code MCPD to verify if the daily production reports are being maintained on regular basis
for the wells.
2. Verify if production targets are planned and the details communicated to the respective GCS.
3. Use T-Code S_ALR_87013142, S_ALR_87013143 to verify actual production meets planned
targets on daily/monthly/quarterly/annual basis.

28.TA.49.2 GCS - Operations


Control Objective Pumping to Customer
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code VL06C to verify if gas is pumped to the customers as per the agreed time schedule /
MOU.
2. Use T-Code QC31 to verify that the gas intake certificate is obtained from the customer.
3. Verify that product reconciliation is regularly carried out with customers.

437
Audit Checklist

28.TA.49.3 GCS - Operations


Control Objective Other operations
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013421 to verify that gas received at the gas compression plant
is compressed to required pressure.
2. Verify that the LPG plant extracts LPG from the gas supplied to it.
3. Verify the availability of the agreed upon custody transfer procedures in customer agreements.
4. Check if calibration of custody transfer meters are done in presence of customer representative.

28.TA.50 GCS - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- Compliance to safety procedures and guidelines.
Nature of Control Automated/Manual
1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and no
one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.
4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

28.TA.51 GCS - Testing of flow lines


Control Objective Ensure effectiveness of testing procedures
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code QP08 to verify if that inspection plans exist for maintenance of flow lines and lines
are regularly tested and inspected for damage or blockages.
2. Use T-Code IP24, IW23, IW39 to verify if maintenance of feeder and collector lines is done by
designated personnel.
3. Verify losses during transmission in the feeder lines.

28.TA.52 GCS - Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013422 to check whether the utilization of equipment is
reviewed regularly.
2. Use T-Code IP24 to check whether there is a maintenance schedule (preventive/regular) for
equipment and its compliance.
3. Use T-Code IP24, IW33, IW39 to check whether monitoring over turnaround time as per
schedule and actual time taken for maintenance of equipment is done.
4. Use T-Code QA33 to check whether the equipment are calibrated regularly.

438
Audit Checklist

5. Use T-Code IW23, IW28, IW33, IW39 to verify that minor repairs are handled on a timely basis
at the site by appropriate staff.
6. Use T-Code MMBE, MB52, MB5B to verify that adequate spares are maintained at the site to
facilitate repairs and maintenance.
7. Use T-Code IE03, IH08 to verify that replacements of equipment are undertaken timely before
the specified life expires.
8. Use T-Code IA07 to check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

28.TA.53 GCS - Maintenance


Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Analysis/Verification
Risk Operational delays
Nature of Control Automated/Manual
1. Conduct a walkthrough of the process of getting requests for maintenance and identify gaps, if
any.
2. Use T-Code IW23, IW28 to check whether the requests received only through SAP.
3. Use T-Code IW23, IW28 to check whether there is a creation of maintenance order.
4. In case of manual request, check the process of recording and monitoring the requests received.
5. Use T-Code IW23, IW28 to check whether an analysis is done for the time taken for closing a
request.
6. Use T-Code IW23, IW28 to see that proper notification is given about defects.
7. Check if root cause analysis is done for delays and steps are taken to avoid the same in future.

28.TA.54 Gas Field - Gas transportation


Control Objective Ensure effectiveness of process
Nature of Work Step Analysis/Verification
Risk Ineffective transportation process leading to incurring of excess expenses.
Nature of Control Automated/Manual
1. Check that Gas is transferred for pumping only after the sample sent to laboratory for analysis is
found to be acceptable.
2. Check that formation water at all installations is disposed as per standards.
3. Use T-Code IP24 to verify flow Assurance from well head to Processing Installations to prevent
downtime.
4. Ensure that there is round the clock monitoring of well head equipment to prevent any form of
sabotage/pilferage.
5. Check if remedial action is undertaken against activities such as pilferage of condensate by
miscreants.
6. Use T-Code IK07,IK17, S_ALR_87013421 to ensure there is proper Primary Separation of
Reservoir Fluid (Crude Oil, Formation Water, Associated & Non Associated Gas).
7. Use T-Code IK07,IK17, S_ALR_87013421 to check whether water content is being measured.
8. Use T-Code MCUF, MCUC to verify uninterrupted logistics support for operations onshore.
9. Use T-Code QGA1, QGC1, QGC2, QGC2, QGA2 to check there is adequate QA / QC process
during Production (e.g. BS&W Issues).
10. Use T-Code MCUF, MCUC to check that there is effective monitoring of Gas transportation.
11. To ensure proper checks are being maintained on quantity at loading point and unloading point.
12. Check that a mechanism exists for monitoring of pilferages/ leakages while transportation.

439
Audit Checklist

13. Use T-Code QDH2 to check if quality sampling is being done (Daily/ Fortnightly).

28.TA.55 Gas Field - Work over operation


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk 1. Decreased life of equipment.
2. Inefficient utilization of equipment.
Nature of Control Automated/Manual
1. Check there is existence of defined plan for carrying out the commissioning and works over
activities.
2. Check that use of materials with adequate specifications is being done.
3. Check if down hole information is available before the start of work over.
4. Use T-Code IE03, IH08 to check that surface and sub-surface equipment is available.
5. Check for the condition of surface production facilities.
6. Use T-Code S_ALR_87015125, S_ALR_87015124 to check whether the work is carried out as per
defined plan and completed in timely manner.
7. Use T-Code S_ALR_87013558 to check if the budget is monitored and no excess expenditure is
incurred.
8. Check if the reasons for any deviations are identified timely and action plan made.

28.TA.56 Gas Field - Dehydration of Natural Gas


Control Objective Complete dehydration, maintaining the pressure
Nature of Work Step Analysis/Verification
Risk Loss of natural gas.
Nature of Control Automated/Manual
1. Check the process of dehydration.
2. Use T-Code IK07, IK17, S_ALR_87013421 to check that adequate pressure required for
dehydration is maintained.
3. Check whether the company is having a backup plan to be executed in case of emergency.

28.TA.57 Gas Field - Gas flaring


Control Objective To ensure effectiveness of the monitoring process
Nature of Work Step Analysis/Verification
Risk Ineffective monitoring.
Nature of Control Automated/Manual
1. Use T-Code MCXD, MCXX to verify the quantity of gas flared. To verify if gas flaring is on account
of customer not accepting gas and if charges for non–acceptance have been accounted for as
per agreement/MOU.
2. Use T-Code S_SH8_72000033 to verify if gas flared meets environmental norms.
3. Use T-Code S_ALN_01001342 to check if plans exist to reduce gas flaring.
4. Use T-Code S_SH8_72000033 to verify that adequate safety provisions are maintained for gas
flaring.
5. Use T-Code IK07,IK17, S_ALR_87013421 to verify whether proper maintenance is carried
whether maintenance schedule for equipment and instruments used for measuring the
quantum of gas flared were prepared and circulated.

28.TA.58 Gas Field - Resource planning and monitoring


Control Objective Ensure effective monitoring and supervision of manpower

440
Audit Checklist

Nature of Work Step Analysis/Verification


Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Automated/Manual
1. Verify that monitoring and evaluation of the performance of outsourced Operations/ works at
the installations is done.
2. Verify that adequate staff as per policy is available at the installations for effective performance
of operations.
3. Use T-Code IH08 to verify availability & effectiveness of communications devices.
4. Use T-Code S_ALR_87015125, S_ALR_87015124 to verify that all the operations required at the
platform are regularly monitored and carried out efficiently.
5. Verify co-ordination between installations and the base office.

441
Audit Checklist

29. Production Oil – Technical Audit


Scope
Audit Areas
Production Oil -P & D
1 Planning, budgeting & monitoring
2 Monitoring
3 Contracting and receiving
4 Billing and sales accounting
5 PR tracking
6 Creation of Service Entry Sheet (SES)
7 Manpower planning
8 New project and achievements
Production Oil - Projects
1 SOP compliance
2 Projects
3 Contract monitoring
4 Operations
5 Cost control analysis
6 New project and achievements
7 Safety
8 Training to workers
9 Security
10 Statutory compliances
11 Tools, spares and other expenses
12 HSE compliances
Production Oil - Administration & Contracts
1 Health, safety and environment compliances
2 Periodic audits & inspections
3 Statutory clearances and permission
4 Disposal of waste, hazardous chemicals and other by products
5 Administration
6 Contracts
Production Oil - Operations
1 SOP Compliance
2 Equipment management and maintenance
3 Maintenance
4 Maintenance of pipelines
5 Issuing material for replacement
6 Breakdown analysis
7 Safety
8 Training to workers
9 Statutory compliances
10 Tools, spares and other expenses

442
Audit Checklist

11 HSE compliances
Production Oil - Installations (ITF/OCS/EPS/WPS)
1 SOP compliance
2 Operations
3 Safety
4 Testing of flow lines
5 Equipment management and maintenance
6 Maintenance
7 ITF
Production Oil - Water Injection
1 Water Injection
Production Oil - Utility
1 Utility
Production Oil - WSS
1 Well Stimulation Services
2 Work over Operations

443
Audit Checklist

29.TA.1 P & D - Contracting and receiving


Control Objective Ensure effectiveness of contracting activities
Nature of Work Step Analysis/Verification
Risk Inefficient implementation of activities.
Nature of Control Automated/Manual
1. Use T-Code ME23N, ME33K to ensure proper process exists for awarding and monitoring of
contracts.
2. Use T-Code ME23N, ME33K to check if all contracts are done after due assessment and
approvals as per DOP.
3. Use T-Code FBL1N, ME33K to check for approval of any deviation observed while executing the
contract and/or any action taken (e.g. imposition of LD/revision of contract cost etc.).
4. Use T-Code FBL1N to check whether price escalation, if any, was paid as per contract.
5. Use T-Code FBL1N to check whether Retention money is deducted from each running bill as per
Contract terms.
6. Use T-Code ME33K to verify that the contract is approved by a competent authority.
7. Check the number of incidents of contractor’s failure to provide promised services.
8. Use T-Code ML84 to check that SES entries are done based on bill certification by respective
user section.
9. Check whether there is existence of dual documentation/ dual record maintenance on account
of existence of manual as well as online entry in SAP.

29.TA.2 P & D - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated

1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

29.TA.3 P & D - Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.

444
Audit Checklist

2. Operational delays caused due to low manpower.


Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

29.TA.4 P & D - New project and achievements


Control Objective Timely completion of task
Nature of Work Step Verification
Risk Delay may lead to excess cost and loss of goodwill.
Nature of Control Manual
1. Check annual report for the new assignments undertaken and completed during the year and
compare the same with their expected date of completion.
2. Check the financial impact due to delay in completion of task.

29.TA.5 Projects - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well-defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

29.TA.6 Projects
Control Objective Avoid Cost and Time Overruns
Nature of Work Step Verification
Risk 1. Cost overrun.
2. Delay in completion of project.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check if the adequate planning is done for timely completion of the project
within allocated budget.
2. Use T-Code CJ31, CJ33, S_ALR_87013558 to check if the periodic monitoring is done to avoid
any time and cost overrun.
3. Use T-Code KSBL to check if liquidation plan is available to catch up project delays (if any).
4. Use T-Code QGA2, QDH2 to check if proper quality checks are performed for all input material
and installations.
5. Check if the project commission and installation tests are performed and documented.

29.TA.7 Projects - Contract monitoring


Control Objective To ensure contractual terms are followed by the contractor
Nature of Work Step Verification
Risk Breach of contractual terms.
Nature of Control Automated/Manual

445
Audit Checklist

1. Check if there is a process to ensure regular monitoring of compliance of contractual terms by


contractor.
2. Check whether SES is created timely and after appropriate inspection of the service procured.
Use T-code ME33K, ME23N, ML81N.
3. Check whether the actions for renewal of maintenance contracts are initiated timely.

29.TA.8 Projects - Operations


Control Objective Completion of work on time in effective manner
Nature of Work Step Verification
Risk 1. Loss of operational efficiency.
2. Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code ME53N, ME2S to check whether service is available all time to ensure timely service.
2. Use T-Code IW23, IW29, IW33, IW39 to check for delay in providing maintenance services
resulting in loss of operational efficiency.
3. Check that manpower are allocated as per plan only so as to avoid any delay.
4. Check that statutory compliance checklist is analyzed and updated regularly.

29.TA.9 Projects - New project and achievements


Control Objective Timely completion of task
Nature of Work Step Verification
Risk Delay may lead to excess cost and loss of goodwill.
Nature of Control Manual
1. Check annual report for the new assignments undertaken and completed during the year and
compare the same with their expected date of completion.
2. Check the financial impact due to delay in completion of task.

29.TA.10 Projects - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- compliance to safety procedures and guidelines.
Nature of Control Automated/Manual
1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and no
one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.
4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

29.TA.11 Projects - Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained employees may lead to delay in completion of projects/
accidents at site.
Nature of Control Manual

446
Audit Checklist

1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

29.TA.12 Projects - Security


Control Objective To minimize risk of thefts and prevent financial losses
Nature of Work Step Verification
Risk Financial loss.
Nature of Control Manual
1. Check that management has identified critical areas in terms of thefts.
2. Check the management has a plan of action to stop any theft.
3. Check that CCTV's are in place to track any such case and is monitored by a security person.
4. Check any major theft reported during the audit period.

29.TA.13 Projects - Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory non-compliance.
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

29.TA.14 Projects - Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification
Risk Inadequate control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.
4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

447
Audit Checklist

29.TA.15 Projects - HSE compliances


Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Automated/Manual
1. Use T-Code S_ALN_01001342 to check that all HSE norms are complied with.
2. Use T-Code S_SH8_72000002 to check that health of workers is not compromised on any count.
3. Use T-Code S_ALN_01001342 to check that adequate safety measures are available within the
premise and workers are asked to adhere to the same.

29.TA.16 Administration and contracts - Health, safety and environment compliances


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Analysis/Verification
Risk Non-compliance to HSE regulations.
Nature of Control Manual
1. Verify that appropriate contingency plans and disaster recovery plans exists.
2. Check there is HSE compliances by contractors.
3. Check there is existence of adequate breakdown analysis and timely action over breakdowns.
4. Check whether compliance of Safety Manual is ensured and documented.
5. Check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt./State Govt./Authorities/AERB.
6. Check if the comprehensive checklist of various HSE compliances is maintained.
7. Check if there exist approved Safety policy and employees are aware of the same.
8. Check if the checklist of compliances is monitored and updated on continuous basis.
9. Check if there exists the mechanism of ensuring the compliances to all statutory requirements
(including but not limited to):
a. Mines Act.
b. Oils and Mines Regulations
c. Explosive Act and Rules.
d. OISD Standards.
e. Environment Protection Act
f. Water & Air Act.
g. Water Cess Act.
h. Hazardous Waste Management Act.
i. E. Waste.
j. Petroleum Act.
k. Explosive Act and Rules etc.
10. Check if the action plan is documented and adhered for the identified non compliances.
11. Check if various statutory reports and MIS are correctly prepared and submitted timely to
various statutory authorities as required.

448
Audit Checklist

29.TA.17 Administration and contracts - Periodic audits & inspections


Control Objective Pollution complaints, statutory penalties and other environmental
losses
Nature of Work Step Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Check if any complaint has been registered against the company for causing pollution of any
kind like Air, water etc.
2. Check whether adequate steps are taken by Company against the complaints filed against the
Company.
3. Check whether periodic audits regarding environment, safety has been conducted and the
observations of such audits are complied.
4. Use T-Code CBIHMR05 to check whether periodic inspection has been conducted internally and
results are monitored.
5. Check if checklist / manual of compliances is updated with the deviations noted during various
audits.

29.TA.18 Administration and contracts - Statutory clearances and permission


Control Objective Availability of all Statutory Clearances and permission
Nature of Work Step Analysis/Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code IPMD to check if the tracker is maintained to monitor the statutory clearances to be
obtained.
2. Check if all the required clearances have been obtained by the department.
3. Use T-Code S_SH8_720000033 to check if there exists a checklist of the documents required to
be filed for the required clearances.
4. Check if there is adequate follow up done to ensure timely receipt of all clearances.
5. Check if the renewal process is started on timely basis for the clearances nearing expiry.

29.TA.19 Administration and contracts - Disposal of waste, hazardous chemicals and


other by products
Control Objective Disposal of waste, Hazardous chemicals and other by products as per
statutory requirements.
Nature of Work Step Analysis/Verification
Risk Statutory non-compliance.
Nature of Control Automated/Manual
1. Use T-Code CG54 to check that Company has a well-defined disposal plan for disposal of
hazardous waste.
2. Use T-Code CG54 to check that waste is processed before disposition so as to cause minimum
damage.
3. Check compliance with ISO manual for disposal of waste causing water and air pollution.
4. Use T-Code CG54 to check whether a disposal is done as per the statutory requirements and
guidelines prescribed for disposal.
5. Use T-Code CG54 to check whether company has obtained all required certificate and
clearances for disposal.

449
Audit Checklist

29.TA.20 Administration and contracts - Administration


Control Objective To ensure timely and cost effective administrative procurement
Nature of Work Step Analysis/Verification
Risk 1. Inadequate cost incurred on administrative procurement.
2. Delay in administrative procurement.
Nature of Control Automated/Manual
1. Use T-Code KSBL to check that budgets have been prepared in line with the future requirement
and duly approved as per DOP.
2. Use T-Code 'S_ALR_87013558 to check separate budgets have been prepared for CAPEX and
OPEX and monitored on regular basis.
3. Use T-Code 'S_ALR_87013532 to check whether there is process of ensuring actual performance
against the budgeted performance.
4. Check the reason for deviation, if any. Check whether adequate steps have been taken to
mitigate such deviation.
5. Check on sample basis whether the procurement process followed for admin procurement is in
line with company policy.
6. Use T-Code MMBE to check whether distribution of admin items is properly recorded.
7. Use T-Code MMBE, MB52, MB5B to check if procurement is done on need basis and proper
controls are in place to avoid wastages.

29.TA.21 Administration and contracts - Contracts


Control Objective Formulation and execution of contracts
Nature of Work Step Verification
Risk 1. Unauthorized awarding of contracts
2. Non-monitoring of contractual terms
Nature of Control Manual
1. To check the contracts for Crude oil transportation, Labor Supply (Listed / Unlisted), Services,
Major global contract (For services)
2. To ensure proper process exists for awarding and monitoring of contracts
3. Use transaction code ME3J, ME5A to check that contracts are being effectively implemented
4. Use ME3N to check for approval of any deviation observed while executing the contract and/or
any action taken (e.g. imposition of LD/revision of contract cost etc.).
5. To check whether there was any price escalation, if any, was paid as per contract.
6. Use S_ALR_87012167 to check whether Retention money is deducted from each running bill as
per Contract terms
7. To verify that the contract is approved by a competent authority.
8. To check the number of incidents of contractors failure to provide promised services

29.TA.22 Administration and contracts - Contracts


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Non- monitoring may lead to delay in implementation or ineffective
implementation
Nature of Control Manual
1. Use transaction code VL04 to check that there is effective monitoring of crude oil transportation
2. To check if hindrance register has been maintained
3. Use transaction code VL06O to ensure proper checks are being maintained on quantity at
loading point and unloading point

450
Audit Checklist

4. Use transaction code VL06O to ensure that a check is maintained on crude oil pilferages/
leakages while transportation
5. Use transaction code MCXB, MCXD to check if quality sampling is being done (Daily/ Fortnightly)
6. To check that SES entries are done based on bill certification by respective user section
7. To check the existence of dual documentation/ dual record maintenance on account of
existence of both SAP and manual processes.

29.TA.23 Operations - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

29.TA.24 Operations - Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013422 to check whether the utilization of equipment is
reviewed regularly.
2. Use T-Code IP24 to check whether there is a maintenance schedule (preventive/regular) for
equipment and its compliance.
3. Use T-Code IP24, IW33, IW39 to check whether monitoring over turnaround time as per
schedule and actual time taken for maintenance of equipment is done.
4. Use T-Code QA33 to check whether the equipment are calibrated regularly.
5. Use T-Code IW23, IW29, IW33, IW39 to verify that minor repairs are handled on a timely basis
at the site by appropriate staff.
6. Use T-Code MMBE, MB52, MB5B to verify that adequate spares are maintained at the site to
facilitate repairs and maintenance.
7. Use T-Code IE03, IH08 to verify that replacements of equipment are undertaken timely before
the specified life expires.
8. Use T-Code IA07 to check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

29.TA.25Operations - Maintenance
Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Conduct a walkthrough of the process of getting requests for maintenance and identify gaps, if
any.
2. Use T-Code IW23, IW29 to check whether the requests received only through SAP.
3. Use T-Code IW23, IW29 to check whether there is a creation of maintenance order.

451
Audit Checklist

4. In case of manual request, check the process of recording and monitoring the requests received.
5. Use T-Code IW23, IW29 to check whether an analysis is done for the time taken for closing a
request.
6. Use T-Code IW23, IW29 to see that proper notification is given about defects.
7. Check if root cause analysis is done for delays and steps are taken to avoid the same in future.

29.TA.26 Operations - Maintenance of pipelines


Control Objective Timely maintenance for least damage
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IP24, IW33, IW39 to check that timely maintenance of pipelines is done.
2. Use T-Code IP24 to check whether control is present in SAP to prompt due date of maintenance.
3. Use T-Code IP03,QA33 to check the periodicity and results of maintenance works performed.
4. Use T-Code IP24, IW33, IW39 to check any delay in maintenance schedule due to non-
availability of manpower.

29.TA.27 Operations - Issuing material for replacement


Control Objective Minimum downtime during replacement
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Use T-Code IE03, IH08 to check that pipelines are replaced on time.
2. Use T-Code IW23, IW29 to check the time taken from lodging a complaint to actual replacement
of pipelines.
3. Check the number of cases of leakage and financial loss suffered due to it.
4. Use T-Code MB52, MB5B, MMBE to check whether spares are issued on FIFO basis and no new
spare has been purchased which was already present in store.

29.TA.28 Operations - Breakdown analysis


Control Objective No downtime or breakdown
Nature of Work Step Analysis/Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. Use T-Code IW39 to check the total number of hours of downtime.
2. Check the action taken to avoid frequent breakdowns.

29.TA.29 Operations - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- Compliance to Safety Procedures and Guidelines.
Nature of Control Automated/Manual
1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and
no one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.

452
Audit Checklist

4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

29.TA.30 Operations - Training to workers


Control Objective Providing on site and off site training
Nature of Work Step Verification
Risk Untrained employees may lead to delay in completion of projects/
accidents at site.
Nature of Control Manual
1. Check if the training is scheduled for all employees based on need identification.
2. Check steps taken to update workers with new machinery and technology.
3. Check if all mandatory and statutory trainings are provided to all workers.
4. Check if performance is analyzed and training needs are identified on the basis of same.

29.TA.31 Operations - Statutory compliances


Control Objective To ensure compliance to various statutory requirements
Nature of Work Step Verification
Risk Statutory non-compliance
Nature of Control Manual
1. Check that a checklist is maintained for all statutory compliances along with the due dates of
complying the same.
2. Check that license related to power has been obtained and updated regularly.
3. Check that statutory compliance checklist is analyzed and updated regularly.
4. Check whether all the statutory compliances are ensured by the department.

29.TA.32 Operations - Tools, spares and other expenses


Control Objective To ensure adequate controls over expenses
Nature of Work Step Verification
Risk Inadequate control over expenses.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013542 to check if expenses are incurred within the approved budget.
2. Use T-Code ME53N, ME5A to check if all indenting is approved as per DOP.
3. Use T-Code MB52 to check if all the material issues are duly approved and recorded.
4. Use T-Code ME53N, ME5A, ME23N, ME2N to check all procurement is carried out as per
defined company policy.
5. Check if amount spent is adequately utilized for the purpose.

29.TA.33 Operations - HSE compliances


Control Objective Compliance with HSE laws
Nature of Work Step Verification
Risk Non-compliance to HSE Laws.
Nature of Control Automated/Manual
1. Use T-Code S_ALN_01001342 to check that all HSE norms are complied with.
2. Use T-Code S_SH8_72000002 to check that health of workers is not compromised on any
count.
3. Use T-Code S_ALN_01001342 to check that adequate safety measures are available within the
premise and workers are asked to adhere to the same.

453
Audit Checklist

29.TA.34 Installations - SOP compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis/Verification
Risk 1. Non-compliance to SOP.
2. Non-Compliance to ISO guidelines.
Nature of Control Manual
1. Check that company has a well defined SOP for servicing.
2. Check that all process are being followed as per SOP.
3. Check any deviation from SOP and document the reason given for same.
4. Check that ISO standards have been met with.

29.TA.35.1 Installations - Operations


Control Objective Collection of Gas
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code MCPD to verify if the daily production reports are being maintained on regular
basis for the wells.
2. Verify if production targets are planned and the details communicated to the respective GCS.
3. Use T-Code S_ALR_87013142, S_ALR_87013143 to verify actual production meets planned
targets on daily/monthly/quarterly/annual basis.

29.TA.35.2 Installations - Operations


Control Objective Pumping to Customer
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code VL06C to verify if gas is pumped to the customers as per the agreed time schedule
/ MOU.
2. Use T-Code QC31 to verify that the gas intake certificate is obtained from the customer.
3. Verify that product reconciliation is regularly carried out with customers.

29.TA.35.3 Installations - Operations


Control Objective Other operations
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013421 to verify that gas received at the gas compression
plant is compressed to required pressure.
2. Verify that the LPG plant extracts LPG from the gas supplied to it.
3. Verify the availability of the agreed upon custody transfer procedures in customer agreements.
4. Check if calibration of custody transfer meters are done in presence of customer
representative.

29.TA.36 Installations - Safety


Control Objective Availability of protective devices, strict adherence to safety measures
Nature of Work Step Verification
Risk Non- Compliance to safety procedures and guidelines.

454
Audit Checklist

Nature of Control Automated/Manual


1. Use T-Code IP24 to check the maintenance service schedule.
2. Use T-Code IE03, IH08 to check whether safety devices are kept for maintenance people and
no one is allowed entry without them.
3. Use T-Code IA07 to check whether safety guidelines are defined for maintenance function and
the same are followed.
4. Use T-Code IPMD to check permit is issued and approved by designated authority before
performing critical maintenance activity.

29.TA.37 Installations - Testing of flow lines


Control Objective Ensure effectiveness of testing procedures
Nature of Work Step Analysis/Verification
Risk Leakage of gas.
Nature of Control Automated/Manual
1. Use T-Code QP08 to verify if that inspection plans exist for maintenance of flow lines and lines
are regularly tested and inspected for damage or blockages.
2. Use T-Code IP24, IW23, IW39 to verify if maintenance of feeder and collector lines is done by
designated personnel.
3. Verify losses during transmission in the feeder lines.

29.TA.38Installations - Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Decreased life of equipment.
Nature of Control Automated/Manual
1. Use T-Code IK07, IK17, S_ALR_87013422 to check whether the utilization of equipment is
reviewed regularly.
2. Use T-Code IP24 to check whether there is a maintenance schedule (preventive/regular) for
equipment and its compliance.
3. Use T-Code IP24, IW33, IW39 to check whether monitoring over turnaround time as per
schedule and actual time taken for maintenance of equipment is done.
4. Use T-Code QA33 to check whether the equipment are calibrated regularly.
5. Use T-Code IW23, IW29, IW33, IW39 to verify that minor repairs are handled on a timely basis
at the site by appropriate staff.
6. Use T-Code MMBE, MB52, MB5B to verify that adequate spares are maintained at the site to
facilitate repairs and maintenance.
7. Use T-Code IE03, IH08 to verify that replacements of equipment are undertaken timely before
the specified life expires.
8. Use T-Code IA07 to check whether monitoring is done for compliance to OEM guidelines for
operating equipment.

455
Audit Checklist

29.TA.39 Installations - Maintenance


Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Analysis/Verification
Risk Operational delays
Nature of Control Automated/Manual
1. Conduct a walkthrough of the process of getting requests for maintenance and identify gaps, if
any.
2. Use T-Code IW23, IW29 to check whether the requests received only through SAP.
3. Use T-Code IW23, IW29 to check whether there is a creation of maintenance order.
4. In case of manual request, check the process of recording and monitoring the requests
received.
5. Use T-Code IW23, IW29 to check whether an analysis is done for the time taken for closing a
request.
6. Use T-Code IW23, IW29 to see that proper notification is given about defects.
7. Check if root cause analysis is done for delays and steps are taken to avoid the same in future.

29.TA.40 Installations - ITF


Control Objective ITF
Nature of Work Step Verification
Risk 1. Supply of oil not as per standards defined
2. Delay in supply
Nature of Control Manual
1. Use transaction code MCXB, MCXD to check that oil is transferred to pumps only after the
sample sent to laboratory for analysis is found to be acceptable.
2. To check that formation water at all installations is disposed as per standards.
3. Use transaction code VL04 to check that dispatch of crude oil is not delayed by more than 24
hours then BS&W content increases.
4. Use transaction code IP24, IW23, IW39 to check that NDT (Non-destructive test) is done
frequently to avoid corrosion of tanks.
5. To check that oil is collected at ITF, before pumping to pipeline, to improve the quality (BS & W
content) of the oil.

29.TA.41 Water Injection


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Non-Monitoring may lead to delay in implementation or ineffective
implementation
Nature of Control Manual
1. To check that there are no procedural delays
2. To verify pilferage / losses of water during transmission
3. Use transaction code IP23 to check if inspection plans exist for maintenance of flow lines and
lines are regularly tested and inspected for damage or blockages.
4. To verify if there is surveillance, servicing, inspection of flow lines
5. To verify onshore operations team has a water injection plan and if the same has been
communicated to the WIP In charge.
6. Use transaction code MCXB, MCXD To verify that water to be pumped into the well is properly
treated prior to pumping
7. Use transaction code CO09 To verify availability of potable water

456
Audit Checklist

8. To verify that the equipment in use are appropriate in terms of present technology and new
technology is proposed on the basis of cost-benefit analysis.
9. To verify availability of chemicals & consumables while conducting operations
10. Use transaction code COOIS to verify that the demulsifying agents being used in the process are
of the right quality and have been quality checked prior to usage.
11. To verify losses during transmission in the feeder lines.
12. Use transaction code MCXB, MCXD to verify whether water is treated properly before its
discharge into sea water.
13. Use KSBL to check that planning on new water injection stations is done in advance.

29.TA.42 Utility
Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Non-Monitoring may lead to delay in implementation or ineffective
implementation
Nature of Control Manual
1. Use MD04 To ensure that there are sufficient vehicles to supply steam
2. To ensure that appropriate licenses are obtained to run BB / Mobile vans

29.TA.43 WSS - Well stimulation services


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Non-Monitoring may lead to delay in implementation or ineffective
implementation
Nature of Control Manual
1. To verify that the WSS work is carried out in a systematic and scientific way.
2. To verify that the choice of the stimulation technique and capacity of the equipment to enable
the job is the best in given circumstances
3. To ensure there is compliance to the safety requirement
4. To verify that there is minimum time lag between receiving of an indent from project personnel
and actual start of WSS
5. To verify that there exist a seamless coordination between different departments for effectively
performing the WSS jobs.
6. To verify that there is an inbuilt system to enable constant monitoring of the performance of
WSS.
7. To verify that the services to third parties is undertaken without affecting the in-house
requirement
8. Use CO09 to verify availability of consumables/stores while conducting operations.
9. Use MCXB, MCXD to verify that consumables/stores used in operations is of good quality and as
per the need of the operation being conducted.
10. To verify that adequate insurance is obtained wherever necessary to cover risks.
11. To check that there is no loss of tool string inside the well bore
12. To ensure that no logistics issues emerge
13. Use MB52 To ensure there is no shortage of nitrogen or critical spares
14. Use VL06O To check that there are no delays in deployment of the vehicles

457
Audit Checklist

29.TA.44 WSS - Work over operation


Control Objective Effective utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Inefficient utilization of equipment
Nature of Control Automatic/Manual
1. To check if down hole information is available before the start of work over
2. Use transaction code IE03 To check that surface and sub-surface equipment is available.
3. To check for the condition of surface production facilities

458
Audit Checklist

30. Production Projects – Technical Audit


Scope
Audit Areas
1 Preparation of surface plan / layout
Preparation of detailed equipment layout & piping
2 drawings
3 Environment, Health and Safety Compliance
4 Statutory clearances and compliance
5 Equipment & materials design & procurement
6 Contractor / Vendor
7 Contract procedures
8 Issuance of materials/spares items
9 Project implementation/ Project execution
10 Commissioning
11 Handing over of project
12 Monitoring framework
13 Projects investment
14 PR tracking
15 Creation of Service Entry Sheet (SES)
16 Manpower planning

459
Audit Checklist

30.TA.1 Preparation of surface plan / layout


Control Objective Adequate planning, Accuracy in making the surface Layout, appropriate
approvals, inputs from user department
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Non compliance to DOP.
Nature of Control Manual
1. Check whether surface plan / layout is prepared for a production project activities.
2. Check whether such surface plan / layout is reviewed and approved as per the DOP.
3. Check whether such surface plan / layout is monitored on regular basis and changes, if any are
made after obtaining approvals as per DOP.
4. Check whether provisions of additional space are made considering statutory requirements for
any future expansion.
5. Check whether the adequate contractor selection evaluations are carried out before selection
and awarding of contract.
6. Ensure that alteration to project plan/design during and after the installation is not very
frequent as it results in impacting cost, time and effectiveness of the project.
7. Check whether user department's feedback is obtained before finalization of surface plan /
layout.

30.TA.2 Preparation of detailed equipment layout & piping drawings


Control Objective Adequate planning, Avoiding any reconstruction cost
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Non compliance to DOP.
3. Cost Over runs.
Nature of Control Automated/Manual
1. Use T-Code IH08 to check whether detailed equipment layout & piping drawings are prepared
and list of equipment, instruments, fittings etc. to be used are identified.
2. Use T-Code IE03, IH08 to display equipment details to ensure correct specifications are given for
equipment.
3. Check whether such equipment layout plan & piping drawings are reviewed and approved as
per the DOP.
4. Check whether any changes made in equipment layout plan & piping drawings are approved as
per the DOP.
5. Check whether user department's feedback is obtained before finalization of detailed
equipment layout & piping drawings etc.

460
Audit Checklist

30.TA.3 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Analysis/Verification
Risk Non- Compliance to HSE laws.
Nature of Control Manual
1. Check whether there is a compliance framework related to statutory requirement for EH&S.
2. Check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. Check whether compliance of Safety Manual is ensured and documented.
4. Check whether required documents/report/returns are filed on monthly/ quarterly/ annually
basis to Govt./State Govt. authorities.
5. Check whether necessary approvals/clearances (e.g. DGMS, MOEF) were obtained before start
of construction activities.

30.TA.4 Equipment & materials design & procurement


Control Objective Adequate planning, efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk 1. Inappropriate approvals.
2. Non compliance to DOP.
3. Inefficient utilization of equipment.
Nature of Control Automated/Manual
1. Use T-Code KSBL to display plan and check whether the plan of Production project department
is complete and all-inclusive for man, materials, equipment.
2. To ensure timely procurement/ ordering.
3. Use T-Code KSBL to check whether such plan is approved by competent authority as per DOP.
4. Use T-Code KSBL to check whether any amendments in such plan is approved by competent
authority as per DOP.
5. Use T-Code S_ALR_87013532 to view actual vs. budget analysis and check whether actual
expenses are monitored / compared with planned expenses on periodic basis against such plan.
6. Use T-Code IE03, IH08 to view equipment characteristics and check whether equipment used
for are in line with crude characteristics & Operating Conditions or to check whether equipment
are allocated as per project requirement.
7. Use T-Code IK17 and enter the equipment code to check whether the utilization of equipment is
reviewed regularly.
8. Use T-Code IP24 and enter equipment number to check whether there is a maintenance
schedule (preventive/regular) for equipment and its compliance.
9. Use T-Code IP24, IW33/IW39 to display the PM orders and check whether monitoring over turn-
around time as per schedule and actual time taken for maintenance of equipment is done.
10. Use T-Code IW33 and enter equipment number and check whether the equipment are
calibrated regularly.
11. Check whether monitoring is done for compliance to OEM guidelines for operating equipment.

30.TA.5 Issuance of materials/spares items


Control Objective Avoiding stock out situation, adequate approvals for issuance, inventory
controls
Nature of Work Step Analysis/Verification
Risk 1. Stock-out situation.

461
Audit Checklist

2. Inadequate approvals as per DOP.


Nature of Control Automated/Manual
1. Use T-Code MB52 to view stock on posting date, MMBE to view stock overview, MB5B to view
stocks at various warehouses and ensure whether inventory levels of materials/spares items are
monitored and for materials below threshold levels and the required PR has been raised.
2. To conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
3. Use T-Code MB5B, MB52 to check whether approvals for issue of materials/spares items are
taken as per DOP.
4. Use T-Code MC46 to view the slow moving items and ensure whether there is a process for
monitoring over obsolete / slow / nonmoving / materials or spares and appropriate decisions
are taken for the same.

30.TA.6.1 Project implementation/ Project execution


Control Objective Adequate monitoring over execution, timely completion of execution,
Reducing mobilization time of contractor
Nature of Work Step Analysis/Verification
Risk 1. Inadequate monitoring leading to cost overrun.
2. Delay in execution.
3. Low quality of deliverable.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether project activity chart/project execution schedule is
prepared and its compliance is ensured.
2. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether progress report is prepared
and shared with the concerned stakeholders on a regular basis.
3. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether quality inspection of project
executed is performed as per laid down procedures/contract.
4. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether project execution is
performed as per agreed terms and conditions of contract agreed with the contractor.
5. Check whether contract was awarded to the contractor within a reasonable time.
6. Use T-Code MB52 to check that there is adequate stock of materials and supplies to avert
material shortage.
7. Use T-Code ME4S to view service sheet dump for the audit period to check the delivery of the
services by the contractor.
8. Check whether project is executed as per approved surface plan / layout and detailed
equipment layout & pipeline drawings etc.
9. Check whether approvals as per DOP are obtained if project is executed with some change in
approved surface plan / layout and detailed equipment layout & pipeline drawings etc.

462
Audit Checklist

30.TA.6.2 Project implementation/ Project execution


Control Objective Locality/ Public Problems
Nature of Work Step Verification
Risk Operational delays.
Nature of Control Manual
1. Check whether there is liaison with local public and initiatives are taken to maintain cordial
relations.
2. Check CSR activities are performed in relation to the project as per company policies and
decisions time to time.

30.TA.6.3 Project implementation/ Project execution


Control Objective Cost and Time Overruns
Nature of Work Step Analysis / Verification
Risk 1. Cost Overrun.
2. Delay in completion of project.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether adequate Man, Material, Equipment is deployed by
contractor as per contract. Also check whether there is adequate monitoring done by Oil on the
same.
2. Use T-Code CJ20N to check whether there is levying of LD etc. as per Contract Clause.
3. Check whether there is adequate project planning and monitoring to avert cost and time
overruns.
4. Use T-Code CJ20N to check whether the time overruns are due to delays in obtaining the
required approvals.
5. Use T-Code MB52 and CJ20N to check whether time overruns are due to delays in material
availability and ineffective monitoring of project.

30.TA.6.4 Project implementation/ Project execution


Control Objective Cost recovery
Nature of Work Step Analysis / Verification
Risk Inadequate cost recovery.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013562 to check whether there is effective project monitoring for
execution of turnkey project.
2. Check if the material/services supplied by the Company for the Turnkey projects are adequately
and timely recovered.

30.TA.6.5 Project implementation/ Project execution


Control Objective Insurance claim
Nature of Work Step Verification
Risk Delay in insurance claims. Settlement for all type of insured losses.
Nature of Control Manual
1. Check whether there is any delay in filing the insurance claims and ensuring timely settlement.
2. Check whether insurance claim is filed for all material lost/damaged/stolen and third party
claims.

463
Audit Checklist

30.TA.6.6 Project implementation/ Project execution


Control Objective Project management
Nature of Work Step Verification
Risk Weak project management may lead to cost and time over runs.
Nature of Control Manual
1. Check whether Governance and escalation framework are defined to ensure that there is not
weak control over project execution and management.

30.TA.7.1 Commissioning
Control Objective Avoid defects and faulty work
Nature of Work Step Analysis / Verification
Risk Defects and faults in work completed.
Nature of Control Automated/Manual
1. Use T-Code CJ20N and enter WBS code to view project details to check whether there is
adequate testing, inspection & monitoring.
2. Use T-Code CJ20N to check whether there is deduction for faulty work as per contract clause.
3. Check the adequacy of process of issuing commissioning certificate.

30.TA.7.2 Commissioning
Control Objective Avoid equipment Failure
Nature of Work Step Analysis / Verification
Risk Equipment failure.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether proper inspection of equipment is carried out.
2. Use T-Code CJ20N to check whether Hydro testing is done prior to commissioning of equipment
and pipelines.
3. Use T-Code MB52 to check whether adequate spares including warranty spares and supplies are
maintained.
4. Use T-Code IE03 to view equipment details to check whether there is warranty provided by
equipment supplier.

30.TA.8 Handing over of project


Control Objective Timely handing over of project, documentation, certifications etc.
Nature of Work Step Analysis / Verification
Risk 1. Delay in completion.
2. Cost over-run.
Nature of Control Automated/Manual
1. Check whether a certification of commissioning is obtained from the concerned department/
contractor.
2. Check whether user department clearance is obtained for project handing over.
3. Use T-Code CJ20N to check whether completion report is prepared for the project and the same
is documented and reviewed.
4. Use T-Code CJ20N to check whether there is adequate testing / inspection at the time of
handing over of project.
5. Use T-Code CJ20N to check whether project work is handed over as per schedule and reasons
are documented and approved in case of delay.

464
Audit Checklist

30.TA.9.1 Monitoring framework


Control Objective Quality of execution.
Nature of Work Step Analysis / Verification
Risk Low quality work.
Nature of Control Automated/Manual
1. Use T-Code MCXB and MCXD to view quality results to check whether there are adequate
specifications, good quality material and monitoring to ensure that quality of execution is good.
2. Use T-Code CJ20N to check whether the reporting is correct and there is adequate process of
recording and monitoring of project expenditure.

30.TA.9.2 Monitoring framework


Control Objective Reducing financial loss
Nature of Work Step Analysis / Verification
Risk Financial Loss.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether there are adequate controls on project material
accounting, recording, reconciliation and monitoring.

30.TA.9.3 Monitoring framework


Control Objective Material Reconciliation
Nature of Work Step Analysis / Verification
Risk Pilferage of materials.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether there is before start and after completion monitoring.
2. Check whether material reconciliations are prepared and monitored on timely basis to identify
any material losses.

30.TA.9.4 Monitoring framework


Control Objective HSE
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Manual
1. Check whether there is monitoring of HSE compliance by contractors / internal staff during
execution.

30.TA.10 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before

465
Audit Checklist

creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

466
Audit Checklist

31. Projects – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory approvals
3 Environment, Health and Safety Compliance
4 Contracting
5 Project Implementation/ Project Execution
6 Commissioning
7 Handing over of project
8 Monitoring framework
9 Projects investment
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

467
Audit Checklist

31.TA.1.1 Project Implementation/ Project Execution


Control Objective Adequate monitoring over execution, timely completion of execution,
Reducing mobilization time of contractor
Nature of Work Step Analysis / Verification
Risk 1. Inadequate monitoring leading to cost overrun.
2. Delay in execution.
3. Low quality of deliverable.
Nature of Control Automated / Manual
1. Use T-Code CJ20N to check whether project activity chart/project execution schedule is
prepared and its compliance is ensured.
2. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether progress report is prepared
and shared with the concerned stakeholders on a regular basis.
3. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether quality inspection of project
executed is performed as per laid down procedures/contract.
4. Use T-Code S_ALR_87015124, S_ALR_87015125 to check whether project execution is
performed as per agreed terms and conditions of contract agreed with the contractor.
5. To check whether contract was awarded to the contractor within a reasonable time.
6. Use T-Code MB52 to check that there is adequate stock of materials and supplies to avert
material shortage.
7. Use T-Code ME4S to view service sheet dump for the audit period to check the delivery of the
services by the contractor.
8. To check whether project is executed as per approved surface plan / layout and detailed
equipment layout & pipeline drawings etc.
9. To check whether approvals as per DOP are obtained if project is executed with some change in
approved surface plan / layout and detailed equipment layout & pipeline drawings etc.

31.TA.1.2 Project Implementation/ Project Execution


Control Objective Locality/ Public Problems
Nature of Work Step Verification
Risk Operational delays.
Nature of Control Manual
1. To check whether there is liaison with local public and initiatives are taken to maintain cordial
relations.
2. To check CSR activities are performed in relation to the project as per company policies and
decisions time to time.

468
Audit Checklist

31.TA.1.3 Project Implementation/ Project Execution


Control Objective Cost and Time Overruns
Nature of Work Step Analysis / Verification
Risk 1. Cost overrun.
2. Delay in completion of project.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether adequate Man, Material, Equipment is deployed by
contractor as per contract. Also check whether there is adequate monitoring done by Oil on the
same.
2. Use T-Code CJ20N to check whether there is levying of LD etc. as per Contract Clause.
3. Check whether there is adequate project planning and monitoring to avert cost and time
overruns.
4. Use T-Code CJ20N to check whether the time overruns are due to delays in obtaining the
required approvals.
5. Use T-Code MB52 and CJ20N to check whether time overruns are due to delays in material
availability and ineffective monitoring of project.

31.TA.1.4 Project Implementation/ Project Execution


Control Objective Cost recovery
Nature of Work Step Analysis / Verification
Risk Inadequate cost recovery.
Nature of Control Automated/Manual
1. Use T-Code S_ALR_87013562 to check whether there is effective project monitoring for
execution of turnkey project.
2. To check if the material/services supplied by the Company for the turnkey projects are
adequately and timely recovered.

31.TA.1.5 Project Implementation/ Project Execution


Control Objective Insurance claim
Nature of Work Step Verification
Risk Delay in insurance claims and settlement for all type of insured losses.
Nature of Control Manual
1. Check whether there is any delay in filing the insurance claims and ensuring timely settlement.
2. Check whether insurance claim is filed for all material lost/damaged/stolen and third party
claims.

31.TA.1.6 Project Implementation/ Project Execution


Control Objective Project management
Nature of Work Step Verification
Risk Weak project management may lead to cost and time over runs.
Nature of Control Manual
1. Check whether Governance and escalation framework are defined to ensure that there is not
weak control over project execution and management.

469
Audit Checklist

31.TA.2.1 Commissioning
Control Objective Avoid defects and faulty work
Nature of Work Step Analysis/Verification
Risk Defects and faults in work completed.
Nature of Control Automated/Manual
1. Use T-Code CJ20N and enter WBS code to view project details to check whether there is
adequate testing, inspection & monitoring.
2. Use T-Code CJ20N to check whether there is deduction for faulty work as per contract clause.
3. Check the adequacy of process of issuing commissioning certificate.

31.TA.2.2 Commissioning
Control Objective Avoid equipment Failure
Nature of Work Step Analysis/Verification
Risk Equipment Failure.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether proper inspection of equipment is carried out.
2. Use T-Code CJ20N to check whether Hydro testing is done prior to commissioning of equipment
and pipelines.
3. Use T-Code MB52 to check whether adequate spares including warranty spares and supplies are
maintained.
4. Use T-Code IE03 to view equipment details to check whether there is warranty provided by
equipment supplier.

31.TA.3 Handing over of project


Control Objective Timely handing over of project, documentation, certifications etc.
Nature of Work Step Analysis/Verification
Risk 1. Delay in completion.
2. Cost overrun.
Nature of Control Automated/Manual
1. Check whether a certification of commissioning is obtained from the concerned department/
contractor.
2. Check whether user department clearance is obtained for project handing over.
3. Use T-Code CJ20N to check whether completion report is prepared for the project and the same
is documented and reviewed.
4. Use T-Code CJ20N to check whether there is adequate testing / inspection at the time of
handing over of project.
5. Use T-Code CJ20N to check whether project work is handed over as per schedule and reasons
are documented and approved in case of delay.

31.TA.4.1 Monitoring framework


Control Objective Quality of execution
Nature of Work Step Analysis/Verification
Risk Low quality work.
Nature of Control Automated/Manual
1. Use T-Code MCXB and MCXD to view quality results to check whether there are adequate
specifications, good quality material and monitoring to ensure that quality of execution is good.
2. Use T-Code CJ20N to check whether the reporting is correct and there is adequate process of
recording and monitoring of project expenditure.

470
Audit Checklist

31.TA.4.2 Monitoring framework


Control Objective Reducing financial loss
Nature of Work Step Analysis/Verification
Risk Financial Loss.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether there are adequate controls on project material
accounting, recording, reconciliation and monitoring.

31.TA.4.3 Monitoring framework


Control Objective Material Reconciliation
Nature of Work Step Analysis/Verification
Risk Pilferage of materials.
Nature of Control Automated/Manual
1. Use T-Code CJ20N to check whether there is before start and after completion monitoring.
2. To check whether material reconciliations are prepared and monitored on timely basis to
identify any material losses.

31.TA.4.4 Monitoring framework


Control Objective HSE
Nature of Work Step Verification
Risk Non-Compliance to HSE laws.
Nature of Control Manual
1. Check whether there is monitoring of HSE compliance by contractors / internal staff during
execution.

31.TA.5 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

471
Audit Checklist

33. Research Development – Technical Audit


Scope
Audit Scope
1 SOP Compliance
2 R&D budget
3 R&D activities
4 Procurement and AMC contracts
5 Testing & Inventory management
6 Issuance of materials/spares items
7 Statutory Requirements
8 Confidentiality
9 PR tracking
10 Creation of Service Entry Sheet (SES)
11 Manpower planning

472
Audit Checklist

33.TA.1 SOP Compliance


Control Objective Compliance of SOP
Nature of Work Step Analysis
Risk Non compliance to SOP and internal policy may lead incorrect
practices.
Nature of Control Manual
1. Check that company has a well-defined SOP for R&D activities.
2. To check that all process are being followed as per SOP.
3. To check any deviation from SOP and document the reason given for same. Analyze its
reasonability and quote.
4. Check that ISO standards have been met with.

33.TA.2 R&D budget


Control Objective Adequate monitoring and approval of budgets
Nature of Work Step Analysis / Verification
Risk 1. Inappropriate approvals.
2. Non monitoring of budget.
Nature of Control Automated/Manual
1. Use T-Code KSBL to Check the approvals over budget sanctioned for research and development
work as per DOP.
2. Use of T-Code KSBL to Check whether any revision were initiated during the period of the
budget. Check for the approvals from the authorized personnel as per DOP.
3. Use of T-Code - S_ALR_87013557 to analyze the actual vs. budgeted expenditure for research
and Development work. In case of any variation, check the deviation / exceptional approvals
from authorized personnel as per DOP.
4. Use of T-Code - CJ20N to check if R&D expenditure is spent as per the mandatory requirements.
5. Check if the reason of short/ excess expenditure are documented and approved.
6. Check if action plan is prepared to avoid deviations in future.

33.TA.2.1 R&D activities


Control Objective Continuous R&D to support efficient operations
Nature of Work Step Analysis / Verification
Risk Due to lack of R&D support it may hamper the overall operations which
may lead to loss.
Nature of Control Automated/Manual
1. Use of T-Code - KSBL to check the approvals and clearances for annual plans as per DOP.
2. Use of T-Code - KSBL to check if R&D activities are planned in advance considering the changing
needs and requirements of the business.
3. Check if the process exist for tracking of user requests for R&D and action plan formulated by
R&D to address those requests.
4. Use of T-Code - KSBL to check the status of the targets met against the annual plans formulated.
5. Use of T-Code - KSBL to check whether revisions in the annual plans were initiated considering
the changing business requirements.
6. Identify the R&D work obsoleted till date. Conduct the root cause analysis for obsoleting the
work done.

473
Audit Checklist

33.TA.3 Procurement and AMC contracts


Control Objective Technologically upgraded, Cost effectiveness, Timely procurement of
lab equipment’s, Annual Maintenance of lab equipment
Nature of Work Step Analysis / Verification
Risk 1. Delay in procurement may hamper the operations.
2. Lack of AMC can result break down of equipment which hamper
operations.
Nature of Control Automated/Manual
1. Use of T-Code - ME5A, ME2J, ME2S to extract the report and to check if all the procurement is
done in accordance to the procurement policy.
2. Check whether latest technology and developments are considered for procurement of
equipment.
3. Use of T-Code - MB52 to check the timelines for the receipt of the scheduled delivery /delivered
lab equipment.
4. Use of T-Code - ML95 to extract the report and to check the maintenance of a list of AMC
contracts in chronological order. Check the timely renewal of the AMC contracts.
5. Use of T-Code - ML95 to check the periodicity of AMC services provided and follow ups
conducted with the vendors.

33. TA.4 Issuance of materials/spares items


Control Objective Avoiding stock out situation, adequate approvals for issuance,
inventory controls
Nature of Work Step Analysis / Verification
Risk 1. Stock-out situation.
2. Inadequate approvals as per DOP.
Nature of Control Automated/Manual
1. Use T-Code MB52 to view stock on posting date, MMBE to view stock overview, MB5B to view
stocks at various warehouses and ensure whether inventory levels of materials/spares items are
monitored and for materials below threshold levels, the PR has been raised.
2. To conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
3. Use T-Code MB5B, MB52 to check whether approvals for issue of materials/spares items are
taken as per DOP.
4. Use T-Code MC46 to view the slow moving items and ensure whether there is a process for
monitoring over obsolete / slow / nonmoving / materials or spares and appropriate decisions
are taken for the same.

33. TA.5 Statutory Requirements


Control Objective Compliance with the Statutory Guidelines.
Nature of Work Step Verification
Risk Statutory Non-compliance.
Nature of Control Manual
1. Check if the required approvals and clearances are obtained and renewed on timely basis for
carrying out the R&D activities.
2. Check if the tracking mechanism is in place to ensure timely renewal of all approvals.
3. Check if Central Pollution Control Board (CPCB) guidelines are monitored and followed. T-Code -
S_SH8_72000033.

474
Audit Checklist

33. TA.6 Confidentiality


Control Objective Avoid leakage of confidential information.
Nature of Work Step Verification
Risk Possibility of sharing confidential information.
Nature of Control Manual
1. Check if the critical and confidential R&D information/ documents are identified.
2. Check if the physical copies of the confidential information is stored in lock in key with access to
authorized person only.
3. Check if critical R&D data maintained in soft form is stored in encrypted form and access is
provided to authorized person only.

33. TA.7Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

33. TA.8Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

475
Audit Checklist

34. Safety Environment – Technical Audit


Scope
Audit Areas
1 Compliances with HSE standards
2 Training of Employees
3 Periodic Audits & Inspections
4 Statutory Clearances and permission
5 Disposal of waste, Hazardous chemicals and other by products
6 PR Tracking
7 Creation of Service Entry Sheet (SES)
8 Manpower Planning
9 Fire Safety Plan
10 Fire Safety training
11 Fire fighting Equipments testing
12 Incident Management
13 Procurement of Fire safety equipments

476
Audit Checklist

34. TA.1 HSE - Compliances with HSE standards


Control Objective Checklist of HSE norms, compliances of same on time
Nature of Work Step Verification
Risk Non Compliance to HSE Norms.
Nature of Control Manual
1. To check if the comprehensive checklist of various HSE compliances is maintained.
2. To check if there exist approved HSE/ Safety policy and employees are aware of the same.
3. To check if the checklist of compliances is monitored and updated on continuous basis.
4. To check if there exists the mechanism of ensuring the compliances to all statutory
requirements (including but not limited to) :
a. Mines Act
b. Oils and Mines regulations
c. Explosive Act and Rules
d. OISD standards.
e. Environment protection Act
f. Water & Air Act.
g. Water cess Act
h. Hazardous waste management Act
i. E. Waste
j. Petroleum Act.
k. Explosive Act and rules etc.
5. To check if the action plan is documented and adhered for the identified non compliances.
6. To check if various statutory reports and MIS are correctly prepared.
7. To check if various statutory reports and MIS are submitted timely to various statutory
authorities.

34. TA.2HSE - Training of Employees


Control Objective Employees are trained, aware of the safety equipment's, zero accidents
Nature of Work Step Verification
Risk Employee accidents and dissatisfaction.
Nature of Control Manual
1. To check whether employees are trained for compliance to safety requirements.
2. To check accidents due to lack of training maintenance of equipment.
3. To check the number of accidents occurred during the year and the reasons for same are
documented and analyzed for not repeating in future.
4. To check whether any personal injury was caused due to lack of proper training.
5. To check whether any loss to asset was made due to improper training.
6. To check whether all the statutory training required under any act are planned and conducted.
7. To check control measures adapted to control any incident in future.
8. Ensure that the employees on field duty are provided with Personal Protection Equipment
(PPE).

477
Audit Checklist

34.TA.3 HSE - Periodic Audits & Inspections


Control Objective Pollution complaints, statutory penalties and other environmental losses
Nature of Work Step Verification
Risk 1. Non-performance of periodic audits.
2. Legal problems.
Nature of Control Manual
1. To check if any complaint has been registered against the company for causing pollution of any
kind like Air, water etc.
2. To check whether adequate steps are taken by company against the complaints filed against the
Company.
3. To check whether periodic audits regarding environment safety has been conducted and the
observations of such audits.
4. To check whether periodic inspection has been conducted internally and results are monitored.
5. To check if checklist / manual of compliances is updated with the deviations noted during
various audits.

34.TA.4 HSE - Statutory Clearances and permission


Control Objective Availability of all Statutory Clearances and permission
Nature of Work Step Verification
Risk Non-compliance to Statutory norms/permissions.
Nature of Control Manual
1. To check if the tracker is maintained to monitor the clearances to be obtained by the
department.
2. To check if all the required clearances have been obtained by the department.
3. To check if there exists a checklist of the documents required to be filed for the required
clearances.
4. To check if there is adequate follow up done to ensure time receipt of all clearances.
5. To check if the renewal process is started in timely basis for the clearances nearing expiry.

34.TA.5 HSE - Disposal of waste, Hazardous chemicals and other by products


Control Objective Disposal of waste, Hazardous chemicals and other by products as per
statutory requirements
Nature of Work Step Verification
Risk Inappropriate disposal of hazardous waste leading to legal problems.
Nature of Control Manual
1. To check that company has a well defined disposal plan for disposal of hazardous waste.
2. To check that waste is processed before disposition so as to cause minimum damage.
3. To check compliance with ISO manual for water and air pollution.
4. To check whether a disposal is done as per the statutory requirements and guidelines
prescribed for disposal.
5. To check whether company has obtained all required certificate and clearances for disposal.
6. Check whether the invoicing of sale is as per the contract and revenue is recognized properly.

478
Audit Checklist

34.TA.6 HSE - Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

34.TA.7 Fire Safety Department - Fire Safety Plan


Control Objective Availability of fire safety plan and its display indicating the emergency
fire exits.
Nature of Work Step Verification
Risk Unavailability of fire safety plan.
Nature of Control Manual
1. To check that company has a well defined fire safety plan in line with ISO policies.
2. To check that safety plan has been placed near the exits.
3. To check that fire exits are available and clearly indicated in the Company.
4. To check all statutory compliances have been complied like placing of fire extinguishers at
reasonable distances.

34.TA.8 Fire Safety Department - Fire Safety training


Control Objective Register of training provided, occasional drills and awareness program.
Nature of Work Step Verification
Risk Lack of Fire Safety Training.
Nature of Control Manual
1. To check that security guards are provided with regular training for being equipped with fire
fighting instruments.
2. To check that employees are provided with training and mock drills are conducted. Check that
dates of such drills are recorded in the register.
3. To check that employees are aware of the fire safety plan and fire exits.

479
Audit Checklist

34.TA.9 Fire Safety Department - Firefighting Equipment testing


Control Objective Refilling of fire fighters, availability in critical areas
Nature of Work Step Verification
Risk Malfunctioning/ unavailability of fire fighting equipment.
Nature of Control Manual
1. To check whether management has identified critical areas for fire like near the machinery.
2. To check that fire fighters are available in risk areas.
3. To check if there exist a mechanism to ensure upkeep of fire safety equipment.
4. To check that fire fighters are not expired and water pressure is maintained in water gauges.

34.TA.10 Fire Safety Department - Incident Management


Control Objective Timely action to minimize loss
Nature of Work Step Verification
Risk Delay in minimizing loss.
Nature of Control Manual
1. To check if there is a mechanism of recording all fire complaints.
2. To check if the action is taken on timely basis for all reported incidents.
3. To check if root cause analysis if done and action plan documented for past failures (if any).
4. To check if adequate documentation is maintained for all the incidents included the statutory
requirements for the same.

480
Audit Checklist

36. Transport – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation and release of purchase requisition
3 Deployment of vehicles
4 Passenger vehicle
5 Inspection
6 Certification of bills of vendor
7 Health, Safety & Environment
8 Maintenance
9 Inventory control of maintenance / spares items
10 PR tracking
11 Creation of Service Entry Sheet (SES)
12 Manpower planning

481
Audit Checklist

36.TA.1 Inspection
Control Objective Statutory Compliance, Complete documentation
Nature of Work Step Analysis/Verification
Risk 1. Non-Compliance to statutory framework.
2. Inadequate documentation.
Nature of Control Manual
1. To check whether there is a process of monitoring contractual compliance w.r.t. hired vehicles.
2. To check whether all the documents w.r.t statutory compliance e.g. insurance, driver's license,
pollution check etc. are checked regularly.
3. To check whether there is a database of monitoring all the above mentioned details.
4. To check whether Company initiates reminder process in case, the expiry/renewal date for
license/pollution check/insurance etc. is approaching.
5. For hired manpower, check whether the Company checks the ESI and PF payment made by the
contractor.

36.TA.2 Certification of bills of vendor


Control Objective Authorized and appropriate payment, No duplicity payments
Nature of Work Step Analysis/Verification
Risk Unauthorized payments.
Nature of Control Automated/Manual
1. Conduct a walkthrough of certification of bills of vendor.
2. To check whether vendor's invoices are paid only after proper supporting have been verified
and approval is taken as per DOP. Use T-Codes FBL1N, MIR4.
3. To check whether advance payment made to the vendor is adjusted while making payment of
invoice, if applicable. Use T-Codes FBL1N, MIR4.
4. To check that there is no over payment/ duplicate payment/ unauthorized payment to the
vendors. Use T-Codes FBL1N.
5. To check that there is correct certification of contractor bills. Use T-Codes FBL1N, MIR4.
6. To check whether payment is made only against liability created in SAP. Use T-Codes FBL1N,
MIR4.

36.TA.3.1 Maintenance
Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Analysis/Verification
Risk Operational risk.
Nature of Control Automated/Manual
1. To conduct a walkthrough of the process of getting requests for maintenance of vehicles/buses
and identify gaps, if any. Use T-Codes IW29, IW23, IW33, IW39.
2. To check whether the requests received only through SAP. Use T-Codes IW29, IW23, IW33,
IW39.
3. To check whether there is a creation of maintenance order/MR/PR for the required spares. Use
T-Codes IW29, IW23, IW33, IW39, ME53N, ME5A.
4. In case of manual request, check the process of recording and monitoring of the requests
received.
5. To check whether an analysis is done for the time taken for closing a request.
6. To see that proper notification is given about defects. Use T-Codes IW29.

482
Audit Checklist

7. To check if root cause analysis is done for delays and steps are taken to avoid the same in
future.

36.TA.3.2 Maintenance
Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Inefficient utilization of equipment.
Nature of Control Automated/Manual
1. To check whether PM schedule has been displayed for every equipment/vehicle. Use T-Codes
IP24, IP10.
2. To check that there is display of the PM checklist in the workplace near vehicle. Use T-Codes
IA07.
3. To check whether there is a maintenance schedule for equipment and its compliance. Use T-
Codes IP24, IA07.
4. To check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Codes IP24 IW23, IW29, IW33, IW39.
5. To check whether the maintenance equipment are calibrated regularly. Use T-Codes IP24, IW33,
IW39.
6. To check whether the equipment/vehicles are tested under appropriate conditions and in
presence/by experience individual after completion of maintenance services. Use T-Codes
QA33, QGP2.
7. To check whether there is increase in fuel consumption due to delay in maintenance of vehicles.
8. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment. Use T-Codes IA07.

36.TA.4 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

483
Audit Checklist

37. Well logging – Technical Audit


Scope
Audit Areas
1 Data collection and its storage
2 Interpretation
3 Planning and budgeting process (Equipment, manpower etc.)
4 Planning and administration
5 Purchase requisition
6 Issuance of stores/spares items
7 Open hole/ cased hole
8 Logging equipment management and maintenance
9 Environment, Health and Safety Compliance
10 Certification of bills of vendor
11 Buy vis a vis Hiring of well logging equipment
12 Training
13 Creation of Service Entry Sheet (SES)
14 Manpower planning

484
Audit Checklist

37.TA.1 Data collection and its storage


Control Objective Timely and accurate data acquisition
Nature of Work Step Analysis/Verification
Risk Non-availability of desired data.
Nature of Control Manual
1. To check whether the signed requisition for logs to be recorded is available with the
department.
2. To ensure there is timely receipt of data by the G&R department.
3. To check whether the timely planning is initiated for logging jobs in terms of man, materials,
logs required.
4. To check whether monitoring over plan for logging jobs in terms of man, materials, logs
required.
5. To check whether the logging equipment/spares/accessories are maintained and ready as per
schedule.
6. To check if there are any delays due to non-availability of equipment's/spares/accessories.
Ensure reasoning analysis is done for the same.
7. To check whether there are any delays in data collection. Ensure reasoning analysis is done for
the same.
8. To conduct a walk through of the data collection process Open hole/Cased hole and identify
gaps.
9. To check whether there exists a process of revalidating the accuracy of data collected.
10. To check whether there is a process for storage and back up process of log data.

37.TA.2 Interpretation
Control Objective Accuracy of interpretation
Nature of Work Step Analysis/Verification
Risk Incorrect interpretation.
Nature of Control Manual
1. To ensure there is correct interpretation of data.
2. To ensure correct logs are recorded.
3. To ensure security of data.

485
Audit Checklist

37.TA.4 Planning and administration


Control Objective Procurement, production testing, stock, statutory compliance
Nature of Work Step Analysis/Verification
Risk 1. Non-adherence to statutory framework.
2. Non-availability of material.
Nature of Control Automated/Manual
1. Use T-Code ME5A to view the list of PRs and ME2N to view the list of POs. Check that there is no
delay in procurement of materials and oil well explosives.
2. Use T-Code MS04/MS05 to check whether planned production testing is carried out, so that
high consumption of explosives does not occur.
3. Use T-Code MB51, MMBE to check the movement of inventory at departmental storage
location.
4. To check there is monitoring of receiving, consumption, stock of explosives on monthly basis as
a measure of statutory compliance.
5. Check whether timely quarterly submission of return on explosives and detonators consumed
as a measure of statutory compliance is done.

37.TA.6 Issuance of stores/spares items


Control Objective Avoid or minimize pilferage/loss, Avoid or minimize loss on account of
obsolete equipment's
Nature of Work Step Analysis/Verification
Risk 1. Inefficient usage of resources.
2. Frequent breakdowns.
Nature of Control Automated/Manual
1. Check whether there is a process for review of inventory levels of stores/spares (maintenance)
items.
2. To conduct a walkthrough of the issuance process spares (maintenance) items from stores and
identify gaps.
3. Use T-Code MB5B to check whether there is timely availability of critical spares.
4. Use T-Code MB51 to check whether approvals for issue of stores/spares (maintenance) items
are taken as per DOP.
5. Analyze past quality issues and report to ensure that sub-quality spare parts are not used,
leading to frequent break downs.
6. Use T-Code MC46 and MC50 to check whether there is a process for monitoring over
obsolete/slow/non moving spares/materials and appropriate decisions are taken for the same.

486
Audit Checklist

37.TA.7 Open hole/ cased hole


Control Objective Avoidance of financial loss
Nature of Work Step Analysis/Verification
Risk Financial Risk.
Nature of Control Manual
1. To ensure that there are no delays in recording of data due to non-availability of
equipment's/spares/accessories.
2. To ensure that non utilization of logging unit/ tools does not occur.
3. To check if there is inaccurate reporting/ processing of information due to lack of interface
between applications and well logging equipment.
4. To ensure that there is segregation of duties so that there is no instance of inaccurate reporting.

37.TA.8 Logging equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Verification
Risk Inefficient utilization of resources.
Nature of Control Automated/Manual
1. To check whether the utilization of equipment's if reviewed regularly.
2. To check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance.
3. Use T-Code IP10 and IP30 to ensure that tool breakdown is averted through maintenance and
no delay in operations is caused on this account.
4. Use T-Code IP10 and IP30 to check whether monitoring over turn around time as per schedule
and actual time taken for maintenance of equipment is done.
5. To check whether the equipment's are calibrated regularly.
6. Use T-Code IW29 and IW39 to check that there are no delays in providing maintenance services
which could otherwise impact operational efficiency.
7. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment.

37.TA.9 Environment, Health and Safety Compliance


Control Objective No penalties or imprisonment as applicable under the rules/provisions
Nature of Work Step Verification
Risk Non-compliance to statutory requirements.
Nature of Control Manual
1. To check the compliance of the statutory requirements for radioactive/explosive items.
2. To check the compliance of the standard operating procedures of EHS.
3. To check whether monthly/quarterly/annual reports are timely filed with the Govt./State Govt.
Authorities/AERB etc.

487
Audit Checklist

37.TA.10 Certification of bills of vendor


Control Objective Authorized payment, No duplicity payments
Nature of Work Step Verification
Risk Unauthorized Payments, Duplicity of payments
Nature of Control Automated/Manual
1. Conduct a walkthrough of certification of bills of vendor.
2. Use T-Code FBL3N/FBL1N to view vendor payments. For sample invoices check whether
vendor's invoices are paid only after proper supporting's have been verified and approval is
taken as per DOP.
3. Use T-Code FBL3N/FBL1N to check whether advance payment made to the vendor is adjusted
while making payment of invoice, if applicable.
4. To ensure there is correct certification of bills leading to correct payments.
5. Use T-Code FBL3N/FBL1N to check whether payment is made only against liability created in
SAP.

37.TA.12 Training
Control Objective Develop trained and skilled manpower
Nature of Work Step Analysis/Verification
Risk Untrained Manpower.
Nature of Control Manual
1. To check whether there is a training schedule to train the employees on a regular basis.

37.TA.13 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES.
Check whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance
before creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in
the contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid
similar delays.

488
Audit Checklist

37.TA.14 Manpower planning


Control Objective To ensure manpower is adequate for all the departmental activities
Nature of Work Step Verification/Analysis
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual
1. Check whether there is adequate manpower to carry out all the operations of the
department - administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

489
Audit Checklist

38. Business Development – Technical Audit


Scope
Audit Areas
1 Asset acquisitions
2 New opportunities
3 Monitoring
4 PR tracking
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

490
Audit Checklist

38.TA.1.1 Asset acquisitions


Control Objective Approvals are obtained as per delegation
Nature of Work Step Verification
Risk Non Compliance to the delegation of authority matrix.
Nature of Control Manual
1. Check whether the opportunity was evaluated as per the approved checklist.
2. Check whether approvals have been obtained to pursue the opportunity as per delegation of
powers.

38.TA.1.2 Asset acquisitions


Control Objective Confidentiality of data is maintained
Nature of Work Step Verification
Risk Confidentiality of data is not maintained.
Nature of Control Manual
1. Check whether confidentiality agreements are in place duly signed by appropriate authority
before data sharing.
2. Ensure that proper back-up procedures are there for any data in soft or hard form.

38.TA.1.3 Asset acquisitions


Control Objective Hiring of consultants is as per contracts manual
Nature of Work Step Verification
Risk Consultant hiring is not as per contracts manual, CVC guidelines not followed
while hiring contractors.
Nature of Control Manual
1. Check the procedures followed for appointment of any technical or commercial consultant to
evaluate opportunity is in line with Contracts Manual.
2. Ensure all CVC guidelines have been followed in hiring of contractor.

38.TA.2 New opportunities


Control Objective Appropriate evaluation of opportunity
Nature of Work Step Verification/Analysis
Risk Opportunities not being evaluated appropriately.
Nature of Control Manual
1. Check if approval of appropriate authority is available before finalization of opportunity.
2. Check whether proposed benefits have been identified and documented for opportunity.
3. Check whether payback period has been calculated and monitoring plan has been prepared.
Check suitability of the method applied for calculation of payback period.
4. In case of opportunity win or loss check that appropriate filing is done for the documents
pertaining to opportunity and same are readily accessible for any future reference.
5. Ensure that all legal and statutory requirements are considered while evaluating any
opportunity.
6. Ensure appropriate negotiations are done before finalizing the deal.

491
Audit Checklist

42. PHQ OIL Movement – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Costs
3 Environment, Health and Safety Compliance
4 Forward transfers
5 Reverse transfers
6 Reconciliation
7 Maintenance
8 Oil Transportation Contract
9 Billing
10 Service contract management
11 Closure of service contract
12 PR tracking
13 Manpower planning
14 Creation of Service Entry Sheet (SES)

492
Audit Checklist

42.TA.1 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Verification
Risk Non Compliance to EH&S.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Manual is ensured and documented.
4. To check whether required documents/report/returns are filed on monthly/ quarterly/annually
basis to Govt./State Govt./Authorities/ Atomic Energy Regulatory Board (AERB).

42.TA.2 Forward transfers


Control Objective Custody transfers
Nature of Work Step Analysis/Verification
Risk 1. No monitoring on transit losses.
2. No monitoring on the internal/external transfers.
Nature of Control Automated/Manual
1. To check whether internal/ external transfers are done as per proper guidelines/ process.
2. To check whether correct measurement is done during custody transfer.
3. To check whether ratio limit for oil transfer of OIL/ ONGC is entered into SAP.
4. To check whether pilferage of oil while transportation is monitored. Use T-Code VL06F.
5. To check whether the percentage of loss due to transport is monitored.
6. To check whether the percentage of oil is measured both before and after loss due to
evaporation, measurement, leakage etc.
7. To check whether transit losses are within approved limit.
8. To check whether joint samples are taken for BS&W and Custody transfers.
9. To check whether NSPL is able to offtake and deliver as per agreed MOU.

42.TA.3 Reverse transfers


Control Objective Quantity reconciliations
Nature of Work Step Verification
Risk Incorrect quantity reconciliations.
Nature of Control Manual
1. To check process of reverse transfer and quantity reconciliations for the same.

42.TA.4 Reconciliation
Control Objective Loss minimization
Nature of Work Step Verification
Risk No measures to minimize losses.
Nature of Control Manual
1. To check whether reconciliation is done at pipeline.
2. To check whether there is reconciliation done between production and off-take.
3. To check if there is penalty for raw material on reduced off take.

42.TA.5 Maintenance
Control Objective Timeliness

493
Audit Checklist

Nature of Work Step Verification


Risk Delay in maintenance of pipelines.
Nature of Control Automated/Manual
1. To check whether blockages in pipelines are timely reported and unblocked. Use T-Codes IP24,
IW23, IW39.

42.TA.6 Oil Transportation Contract


Control Objective Compliance to the terms of contract
Nature of Work Step Verification
Risk Non-compliance to contract terms.
Nature of Control Automated/Manual
1. To check whether there is compliance to contractual terms. Use T-Code ME2N and ME33K.
2. To check whether the terms of the contract are reviewed periodically and corrective measures
are taken to ensure that cost benefits are achieved.
3. To check whether the contract is validated by Legal cell for checking Company's interest.

42.TA.7 Service contract management


Control Objective Recording of justification in case of extension
Nature of Work Step Analysis/Verification
Risk Non-compliance as per DOP.
Nature of Control Automated/Manual
1. To check whether the extension of the contract period and waiver of liquidated damage are
approved as per DOP. Use T-Code ME3J and ME33K.
2. To check whether reasons for extension of contract period are recorded and analyzed for any
further action.
3. To check whether in case any Approving committee finds it necessary to revise its own earlier
decision of imposing liquidated damages and to waive recovery thereof, ensure approval of the
next higher Authority is obtained as per DOP. Use T-Code ME3J.

42.TA.8 Closure of service contract


Control Objective Full and final settlement before closure of contract
Nature of Work Step Verification
Risk Improper full and final closure.
Nature of Control Automated/Manual
1. To check whether before closing of a Contract the following has been ensured:
a. Satisfactory completion of the work.
b. Payment reconciliation, Stores reconciliation, No dues/claims certificate from the Heads
of Department concerned, for the release of final payment.
c. Satisfactory completion of defects liability period and return of Security Deposit or
Performance Security. Use T-Codes CJ20N.

42.TA.9 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated

494
Audit Checklist

1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

495
Audit Checklist

43. PHQ Pipeline – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation of Service Entry Sheet (SES)
3 Environment, Health and Safety Compliance
Maintenance of sub surface pipelines including
4
surface facilities (Routine jobs)
Maintenance of sub surface pipelines including
5
surface facilities (Non routine jobs)
6 Health inspection of pipelines
7 Inventory control of maintenance / spares items
8 Certification of bills of vendor
9 Maintenance of Crude Oil Delivery (COD) Lines
10 Maintenance
11 Training
12 PR tracking
13 Manpower planning

496
Audit Checklist

43.TA.1 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material/services
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/Automated
1. To check whether status of work completion in manual records is updated. Use T-code
ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

43.TA.2 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
To check whether EH&S compliance framework is monitored and reviewed on regular basis.
2. To check whether compliance of Safety Manual is ensured and documented.
3. To check whether required documents/report/returns are filed on monthly/ quarterly/annually
basis to Govt./State Govt./Authorities/Atomic Energy Regulation Board (AERB).
4. To ensure adequate measures are undertaken to mitigate the risk in case of pipeline burst.

43.TA.3 Maintenance of sub surface pipelines including surface facilities (Routine jobs)
Control Objective Entering into proper contracts
Nature of Work Step Analysis/Verification
Risk Absence of proper contracts.
Nature of Control Manual
1. Ensure that conditions to the contracts are being complied. Report deviations if any.

497
Audit Checklist

43.TA.4 Maintenance of sub surface pipelines including surface facilities (Non routine
jobs)
Control Objective Adequate internal handling
Nature of Work Step Verification
Risk Inadequate internal handling.
Nature of Control Manual
1. To check whether non routine jobs are adequately and timely handled through internal
resources.

43.TA.5 Health inspection of pipelines


Control Objective Inspection
Nature of Work Step Verification
Risk Non Compliance to OISD guidelines.
Nature of Control Manual
1. To check whether the health inspection of pipeline is carried regularly as per OISD norms.

43.TA.6 Inventory control of maintenance / spares items


Control Objective Avoiding stock out situation, adequate approvals for issuance,
inventory controls
Nature of Work Step Verification
Risk Ineffective inventory control.
Nature of Control Automated/Manual
1. To check whether there is a process for review of inventory levels of materials/spares items.
Use SAP Transaction-code MMBE, MB52, MB5B.
2. To conduct a walkthrough of the issuance process of materials/spares items from stores and
identify gaps.
3. To check whether approvals for issue of materials/spares items are taken as per DOP.
4. To check whether there is a process for monitoring over obsolete / slow / non moving /
materials or spares and appropriate decisions are taken for the same. Use T-code MC46 and
MC50.

43.TA.7.1 Maintenance of Crude Oil Delivery (COD) Lines


Control Objective Choke free and free flow of delivery lines
Nature of Work Step Verification
Risk Stoppage of Crude Oil delivery.
Nature of Control Manual
1. To check that pressure is relieved from the pipeline before commencing of maintenance to
ensure that there is no fire.
2. To check that pigging operation of pipeline is conducted as per defined schedule.
3. To check whether there are delays / difficulties in identification of choked line.
4. To check that pressure test is carried out after the repair of the pipeline.

43.TA.7.2 Safety Non Compliance to Environment, Health and Safety.


Control Objective Safety
Nature of Work Step Verification
Risk Non Compliance to Environment, Health and Safety.
Nature of Control Manual

498
Audit Checklist

1. To check that precautionary safety measures are undertaken like using proper PPEs, requisition
of Fire Service on standby duty at site during maintenance and repairs.

43.TA.8.1 Maintenance
Control Objective Timely closure of maintenance requests to avoid operational delays
Nature of Work Step Verification
Risk Operational delays.
Nature of Control Automated/Manual
1. To conduct a walkthrough of the process of getting requests for maintenance of sub surface
pipelines and surface facilities. Use T-code IW29, IW39 if data is maintained in SAP.
2. To check that timely maintenance services are provided.
3. To check whether the requests received only through SAP Use T-Code ME5A This transaction is
use to take PR list generated through SAP.
4. To check whether there is a creation of maintenance order/MR/PR for the required spares. Use
T-Codes ME5A,IW29,IW39.
5. In case of manual requests, check the process of recording and monitoring of the requests
received.
6. To check whether an analysis is done for the time taken for closing a request. Use T-Code ME5A.
7. To see that proper notification is given about defects.
8. To check if root cause analysis is done for delays and steps are taken to avoid the same in
future.

43.TA.8.2 Maintenance
Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Analysis/Verification
Risk Inefficient utilization of equipment.
Nature of Control Automated/Manual
1. To check whether PM schedule has been displayed for every pipeline Use T-Code IP24 This
report gives the list of maintenance plans created for an equipment. To check that there is
display of the PM checklist in the workplace.
2. To check whether there is a maintenance schedule for equipment and its compliance Use T-
Code IP24.ERP. This report gives the list of maintenance plans created for an equipment.
3. To check whether monitoring over turn around time as per schedule and actual time taken for
maintenance of equipment is done. Use T-Code IW29, IW39, IP24 IW29 gives the complete
history of notification along with order. IW39 provides the entire history of equipment along
with maintenance details.
4. To check whether the equipment are calibrated regularly. Use T-code IW29, IW39, IP24. IW29
gives the complete history ho notification along with order. IW39 provides the entire history of
equipment along with maintenance details.
5. To check whether the services equipment are tested in presence/by experience individual.
6. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment.

499
Audit Checklist

43.TA.8.3 Maintenance
Control Objective Updating of equipment master
Nature of Work Step Analysis/Verification
Risk Ineffective maintenance planning
Nature of Control Automated/Manual
1. Check whether equipment master has been updated in SAP. IH01-IH08
2. Compare equipment master maintained in excel sheet / hard copy with the equipment master
maintained in SAP.
3. Check on sample basis whether equipment available on site have been updated in SAP.
4. Check on sample basis, whether status and details maintained in equipment master is correct.
5. Check on site, if any inactive equipment is available. Compare with status in equipment master.

43.TA.9 Training
Control Objective Trained workforce
Nature of Work Step Verification
Risk Lack of training
Nature of Control Manual
1. To check whether training calendar/schedule for the workforce is planned.
2. To check whether planned training schedule for the workforce is complied with.
3. To check whether all workforce are covered in training schedule.
4. To check whether attendance is recorded for the workforce who attended the trainings.
5. To check whether feedback of the workforce is obtained.
6. To check that adequate training is provided to manpower.
7. To check whether recommendations made by the workforce are considered for evaluation of
training process.

500
Audit Checklist

44. PHQ – Pump Stations – Technical Audit


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Creation of Service Entry Sheet (SES)
3 Environment, Health and Safety Compliance
Maintenance of sub surface pipelines including
4
surface facilities (Routine jobs)
Maintenance of sub surface pipelines including
5
surface facilities (Non routine jobs)
6 Health inspection of pipelines
7 Inventory control of maintenance / spares items
8 Certification of bills of vendor
9 Maintenance of Crude Oil Delivery (COD) Lines
10 Maintenance
11 Training
12 PR tracking
13 Manpower planning

501
Audit Checklist

44.TA.1 Third party custody transfer


Control Objective Sampling, Handover
Nature of Work Step Verification
Risk Improper sampling, delay in handing over, error in measurement.
Nature of Control Manual
1. To check sampling is done as per defined procedures.
2. To check whether there is adequate monitoring of defined parameters (pressure drop, etc.) for
the flow of crude oil in the pipeline.
3. To ensure that auto sampler is readily available.
4. To check that the handover is done within timelines so that pumping can start timely.
5. To check whether there is correct recording during custody transfer.
6. To check proper recording and certification by concerned officers from OIL, IOCL, Government
Authorities.
7. To check that proper joint inspection is done after the tank gets empty i.e. before handover to
IOCL / NRL or taking delivery of ONGC crude at PS Moran / Jorhat.

44.TA.2.1 Assets/ Equipment


Control Objective Utilization
Nature of Work Step Verification
Risk Non-utilization, underutilization.
Nature of Control Manual
1. To ensure effective and efficient utilization of assets/ equipment.

44.TA.2.2 Assets/ Equipment


Control Objective Breakdown support
Nature of Work Step Verification
Risk No breakdown support.
Nature of Control Manual
1. To check whether there is timely support during breakdown.

44.TA.3 Equipment management and maintenance


Control Objective Efficient utilization and increased life of the equipment
Nature of Work Step Verification/Analysis
Risk Inefficient utilization and decreased life of equipment.
Nature of Control Manual/Automated
1. To check whether the utilization of equipment's if reviewed regularly.
2. To check whether there is a maintenance schedule (preventive/regular) for equipment and its
compliance.
3. Use T-Code IP10 and IP30 to ensure that tool breakdown is averted through maintenance and
no delay in operations is caused on this account.
4. Use T-Code IP10 and IP30 to check whether monitoring over turn around time as per schedule
and actual time taken for maintenance of equipment is done.
5. To check whether the equipment's are calibrated regularly.
6. Use T-Code IW29 and IW39 to check that there are no delays in providing maintenance services
which could otherwise impact operational efficiency.
7. To check whether monitoring is done for compliance to OEM guidelines for operating
equipment.

502
Audit Checklist

44.TA.4 Reporting
Control Objective Timeliness
Nature of Work Step Verification
Risk Delay in reporting.
Nature of Control Manual
1. To check that both administrative reporting and functional reporting is done.
2. To check whether there are delays due to dual reporting

44.TA.5 Environment, Health and Safety Compliance


Control Objective Safeguarding interest of Company / employees / public / environment
Nature of Work Step Verification
Risk 1. Non-compliance to EHS guidelines.
2. Statutory Non-Compliance.
Nature of Control Manual
1. To check whether there is a compliance framework related to statutory requirement for EH&S.
2. To check whether EH&S compliance framework is monitored and reviewed on regular basis.
3. To check whether compliance of Safety Manual is ensured and documented.
4. To check whether required documents/report/returns are filed on monthly/quarterly/annually
basis to Govt. / State Govt. / Authorities/Atomic Energy Research Board (AERB).
5. To ensure compliance to the safety requirement.

44.TA.6 Security services


Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Ineffective implementation may lead to pilferage, security lapse, accidents,
social pressures etc.
Nature of Control Manual
1. To ensure there is appropriate security infrastructure and equipment.
2. To ensure there is no delay in providing security services.
3. To check whether the risk from anti-social elements was averted through liasoning with local
police, coordination with CISF and Assam Industrial Security Force (AISF) etc.
4. To check that there is issue of security passes on day to day basis and periodic basis by
CISF/Security department to labors and visitors with recommendations of the user departments
to enter in the restricted area.
5. To check whether inventory of arms and ammunitions are checked and maintenance done on
regular basis.
6. To check whether advance intelligence inputs are gathered.
7. To check whether mock drills of security alertness and preparedness are conducted, up
gradation of security gadgets, access and exit controls, proper documentations exist.

503
Audit Checklist

44.TA.7 Operations
Control Objective Effective implementation of activities
Nature of Work Step Verification
Risk Ineffective implementation may lead to operational delays.
Nature of Control Automated/Manual
1. To check whether there is presence of installation Manager/Site In-Charge.
2. To check whether verification of key personnel like technician, etc. is done as per manpower
contract.
3. To check whether existence of medical facilities within / nearby the pump stations etc.
4. To check availability of maintenance spares. Use transaction code MB52.
5. To verify compliance to pollution control board requirements.
6. To check and verify the deployment of WCLs as per the contract.
7. To verify unused/idle inventory. Use T-codes MC46 and MC50.
8. To check that pump station layout diagram and plan is approved.
9. To check and verify the imprest cash and its records as per DOP. Report deviations if any.

504
Audit Checklist

46. Wind Energy – Technical Audit


Scope
Audit Areas
1 Accounting
2 Maintenance
3 Operations
4 Revenue generation
5 Creation of Service Entry Sheet (SES)
6 Manpower planning

505
Audit Checklist

46.TA.1 Maintenance
Control Objective Adequate preventive maintenance mitigating the risk of undue breakdowns.
Nature of Work Step Verification/Analysis
Risk Preventive maintenance not undertaken as scheduled resulting in increased
downtime and production loss.
Nature of Control Automated/ Manual

1. Use T-Code IP24 to review whether preventive maintenance schedule has been prepared and
approved at the beginning of year.
2. Use T-Code IA07 to extract report and check whether preventive maintenance planned was as
per the guidelines provided by machine manufacture.
3. Use T-Code IW23, IW29, IW33, IW39 to check whether timely corrective action taken on
breakdowns in machines.
4. Ensure that proper analysis is performed for repeated breakdowns in same machinery due to
identical reasons and corrective actions are taken against the same.

46.TA.2 Operations
Control Objective Production is achieved up to maximum achievable capacity of plant.
Nature of Work Step Verification/Analysis
Risk 1. Underutilization of plant.
2. Diseconomies of scale.
Nature of Control Manual
1. Use T-Code CM51, CM52, CM50 to ensure that the production capacity utilizations have been
approved by the designated persons at the beginning of the year.
2. Review whether the capacity utilization limits have been derived on the basis of correct
assumptions.
3. Ensure that the capacity utilization target is achieved.
4. Review whether the reasons for deviations in achieving the capacity utilization targets are
analyzed and proper / timely action is taken against the same.

46.TA.3 Creation of Service Entry Sheet (SES)


Control Objective Timely and accurate receipt of material
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual/ Automated
1. To check whether status of work completion in manual records is updated as per contract
terms. Use T-code ME2S/MSRV1.
2. To check whether confirmation or acknowledgement of work completed is taken from
contractor on manual records.
3. To check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

506
Audit Checklist

ERP

507
Audit Checklist

10. ERP – ERP


Scope
Audit Areas
1 SAP change management
2 Access controls
3 SAP users and licence controls
4 Master data maintenance
5 Audit logs
6 SAP budget and related expenses
7 User training and SAP usage
8 PR tracking
9 Contract monitoring
10 Manpower planning
11 Creation of Service Entry Sheet (SES)

508
Audit Checklist

10.ERP.1 SAP Change management


Control Objective Authorized changes, reason for change are documented and can be tracked
Nature of Work Step Verification
Risk Unauthorized changes.
Nature of Control Automated/Manual
1. Check whether Change Management Policy is available.
2. Obtain list of Change requests / transport requests made through Support Request Portal. If
uploaded in SAP then also use T-code SE10 (solman_workcenter) to check whether the Change
Request Form is raised by the user containing the following information:
a. Details of Change;
b. T-codes impacted;
c. Process flow impacted
d. Comparison of existing and new process after change;
e. Formats and exact details for change;
f. Expected time by when changes to be done;
g. Responsible person from User department;
h. Responsible person from SAP Team
3. Check that Change Request Form is duly authorized as per DOP. (Also check availability of
DOA)
4. Check whether change is analyzed and approved by SAP functional Lead and SAP ABAP lead.
5. Check whether testing is done by ERP team before moving to quality and also check it has
been signed off by user before moving to production.
6. Use T-code SE16N (solman_workcenter) to check whether all change requests are tracked
properly in Solman or Manual system. Tracking should contain:
a. Ticket number;
b. Description of Change;
c. T-Code impacted;
d. Responsible SAP lead both (Functional/ABAP);
e. Expected resolution time;
f. Actual resolution time.
7. On sample basis, check that adequate logical controls and processing controls are built in SAP
and are working effectively.
8. Use T-codes OB52 and MMPV to check that controls that restrict post-dated or back-dated
entries are available.

10.ERP.2 Access controls


Control Objective Access to authorized person and authorized transaction
Nature of Work Step Analysis / Verification
Risk Unauthorized access leading to unauthorized transactions.
Nature of Control Automated / Manual
1. Use T-codes SU03, SUIM and PFCG to check that access controls are provided to authorized
personnel only.
2. Use T-code SUIM to check that access rights available to employees are closed after their
separation from the Company. Obtain HR master, and compare from Active and dormant SAP
iD from HR master.
3. Use T-codes SU03, SUIM and PFCG to check the process of change in access at the time of
transfer or change in role.
4. Use T-codes SU03, SUIM and PFCG to check that access rights granted to a person are
transaction specific.

509
Audit Checklist

10.ERP.3 SAP users and license controls


Control Objective Original SAP license, limited number of users and minimal cost
Nature of Work Step Analysis / Verification
Risk Inefficient usage of SAP license.
Nature of Control Automated/ Manual
1. Check that the SAP license has been purchased from authorized vendors and is updated
regularly.
2. Use T-code SUIM to check the license and to ascertain the number of users for whom license
has been obtained against the actual number of users.
3. Check if any extra cost is being incurred on SAP software due to extra or less users.

10.ERP.4 Master data maintenance


Control Objective Authorized data creation or alteration in master
Nature of Work Step Verification
Risk Unauthorized creation/ alteration of master data.
Nature of Control Manual / Automated
1. Use T-codes SU03 and PFCG to check that master data has been duly authorized as per DOP.
2. Use T-code SUIM to check alterations in master data have been authorized as per DOP.
3. Use T-codes XK03, FK03 and SE16N to check the presence of compulsory fields like Party PAN
No. in SAP which restrict duplication of master data i.e. duplicate entry for same party.

10.ERP.5 Audit logs


Control Objective Track changes and keeping change records
Nature of Work Step Verification
Risk No logs/ records available to verify critical transactions and changes in
master data.
Nature of Control Automated / Manual
1. Use T-Code SM20 to check that audit logs are generated for all critical transactions and master
data changes. Check whether SOP is maintained for review to be done by SAP team for audit
logs.
2. Check if the audit logs are reviewed on periodic basis.
3. Check if audit logs are adequately backed up.

10. ERP.6 SAP budget and related expenses


Control Objective Adherence to budget ensuring cost controls
Nature of Work Step Verification / Analysis
Risk Non-adherence to budget.
Nature of Control Manual / Automated
1. Use T-code S_ALR_87013558 to check whether a budget has been prepared for costs to be
incurred on SAP.
2. Use T-code S_ALR_87013558 to check whether costs incurred on SAP are as per budget and
reason for deviation, if any.
3. Use T-code S_ALR_87013558 to check any costs incurred apart from the purposes mentioned
in budget.

510
Audit Checklist

10. ERP.7 User training and SAP usage


Control Objective Employee training and development
Nature of Work Step Verification
Risk Inadequate SAP support provided to employees.
Nature of Control Manual
1. Check whether SAP training programs are conducted periodically to make employees more
familiar with new changes or patch.
2. Check if the training manuals are documented and available to all employees for easy
reference.
3. Check whether a helpdesk is available to provide employees with backup support for SAP
related problems.
4. Check whether SLAs are defined and monitored to ensure timely resolution of user requests.

10. ERP.8 Contract monitoring


Control Objective To ensure contractual terms are followed by the contractor.
Nature of Work Step Verification
Risk Breach of contractual terms.
Nature of Control Manual / Automated
1. Check if there is a process to ensure regular monitoring of compliance of contractual terms by
contractor.
2. Use T-code ML82 to check whether SES is created timely and after appropriate inspection of the
service procured.
3. Ensure that all the contracts are renewed timely. A tracker is maintained to ensure that the
renewal process is started timely keeping the lead time in mind.

10.ERP.9 Creation of Service Entry Sheet (SES)


Control Objective Exploiting the best option available
Nature of Work Step Analysis / Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Automated/Manual
1. Check whether status of work completion in measurement book is updated. Use T-code
ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on measurement book.
3. Check whether the measurement book is verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays. Check whether cost benefit analysis is done for buying vis a vis hiring of equipment or
tools.

511
Audit Checklist

18. Information Technology – ERP


Scope
Audit Areas
1 Planning, budgeting & monitoring
2 Statutory Compliance
3 User request management
4 Disaster recovery site
5 Process documentation
6 Backup procedures
7 IT administration
8 PR tracking
9 Creation of Service Entry Sheet (SES)
10 Manpower planning
11 Physical access controls
12 Logical controls
13 IT applications
14 ERP solutions
15 Physical access controls
16 IT infrastructure and environmental controls
17 Physical access controls
18 Network security
19 Physical access controls
20 Logical controls
21 IT applications

512
Audit Checklist

18.ERP.1 ITGC - User request management

Control Objectives Proper system for recording and handling complaints


Nature of Work Step Verification
Risk Delay in resolution of complaints and user dissatisfaction.
Nature of Control Manual
1. Check there is proper procedure of recording and resolution of IT complaint.
2. Check the SLAs for IT services are properly defined and monitored.
3. Check if user feedback is obtained and analyzed for future improvement.

18.ERP.2 ITGC - Disaster recovery site


Control Objectives Maintenance of DRS, keeping of data in DRS and backup
files.
Nature of Work Step Verification
Risk Loss to data.
Nature of Control Manual
1. Check whether disaster recovery plan is in place for critical business processes.
2. Check whether disaster recovery site is available and away from the original building.
3. Check whether DRS is equipped with enough safety measures.
4. Check whether backup data is regularly updated at disaster recovery site.
5. Check whether process is in place to ensure the data backup completeness Vis a Vis the
production server.

18.ERP.3 ITGC - Process documentation


Control Objectives Clarity of process, roles completely defined for IT personnel
Nature of Work Step Verification
Risk Risk to security of data and IT infrastructure.
Nature of Control Manual
1. Check whether standard operating procedure are available and are being followed.
2. Check whether IT policy is comprehensively defined to address all aspects of IT (e.g. Network
security, configurations, logical access controls, physical access controls, environmental
controls, licensing, antivirus, backup procedures and Disaster Recovery Plan etc.).
3. Check if the recommendations of various IT and security audits are implemented.
4. Check if there is any deviation in the process followed from the defined IT policy.

18.ERP.4 ITGC - Backup procedures


Control Objectives Data backup, restoration and timely utilization
Nature of Work Step Analysis
Risk Data loss.
Nature of Control Manual

513
Audit Checklist

1. Check whether data backup is taken on periodic basis as per backup policy.
2. Check whether data backup are restored to confirm that entire data has been backed up and
is not corrupted.
3. Check if critical applications like SAP are timely backed up as per defined policy.
4. Check that data backup is kept at a safe place and away from manual or natural intrusions.
5. Check if proper logs are created and monitored for all backups and restoration tests.
6. Check that a set of data backup is kept at remote location.

18.ERP.5 ITGC - IT administration


Control Objectives Adequacy of Budgeting, planning, AMCs and required approvals
Nature of Work Step Analysis
Risk Unauthorized expenditure and non availability of required AMCs
and insurance coverage.
Nature of Control Manual/ Automated
1. Check whether proper budget is available and expenses are incurred in accordance.
2. Check whether all IT procurement is in line with company policy and adequately approved. Use
T-code ME23N and ME53N.
3. Check whether AMC for maintenance services is timely renewed.
4. Check if the SLAs are clearly defined and monitored for the services received from outside
vendors.
5. Check if all adequate insurance coverage is taken and timely renewed for all IT setup and
systems.

18.ERP.6 ITGC - Creation of Service Entry Sheet (SES)


Control Objectives Timely and accurate receipt of material
Nature of Work Step Verification
Risk 1. Delays in payments.
2. Incorrect payments.
Nature of Control Manual /Automated
1. Check whether status of work completion in manual records is updated as per contract terms.
Use T-code ME2S/MSRV1.
2. Check whether confirmation or acknowledgement of work completed is taken from contractor
on manual records.
3. Check whether the manual records are verified and approved by concerned authority.
4. Use T-Code ML84 to view the list of SES's and ML81N to view the details of specific SES. Check
whether the SES for the services received is timely prepared.
5. Check whether proper technical survey/inspection is carried out for quality assurance before
creation of SES.
6. Check whether the technical inspection carried out is approved as per DOP.
7. Check whether there is a process of monitoring the date of completion as mentioned in the
contract w.r.t the actual date of completion/creation of SES.
8. Check whether reasoning analysis is done for the delays and steps are taken to avoid similar
delays.

514
Audit Checklist

18.ERP.7 ITGC - Manpower planning


Control Objectives To ensure manpower is adequate for all the departmental activities
Nature of Work Step Analysis / Verification
Risk 1. Over/Under Utilization of manpower.
2. Operational delays caused due to low manpower.
Nature of Control Manual

1. Check whether there is adequate manpower to carry out all the operations of the department -
administrative and technical.
2. Ensure manpower requisition forms are raised timely and approved as per DOP.
3. Check whether there is a follow up process in place to ensure timely conversion of MPR.

18.ERP.8 Commercial Systems - Logical controls


Control Objectives Authorized access, password protection and original software's
Nature of Work Step Verification
Risk Unauthorized access to system and data.
Nature of Control Manual
1. Check whether access is granted after proper authorization and approval to prevent any
unauthorized access to Information System and Services.
2. Check if process is in place for periodic monitoring and timely removal of access which are not
required.
3. Check if internet access is controlled and adequate security measures are taken to prevent
unauthorized access through internet.
4. Check that strong password protection is provided for all applications.
5. Check that only original software's are installed on the system to protect from data getting
corrupted.
6. Check that whether systems are automatically locked after a fixed time when idle to restrict
unauthorized access.
7. Check if access to removable storage devices is restricted and granted only on exceptional basis
with adequate approvals.
8. Check if all IT systems are prevented with updated antivirus.
9. Check if audit logs for all critical transactions including, access, and denial, services used etc. are
generated, backed up and monitored.
10. Check if administrative password is available to authorized person only.
11. Check is the password policy is implemented and working in all IT systems.
12. Check if file and folder sharing is restricted and used on exceptional basis after adequate
approvals.
13. Check if service packs are timely updated and tested before updation.

515
Audit Checklist

18.ERP.9 Commercial Systems - IT applications


Control Objectives Outward data, QC check and efficiency of SAP
Nature of Work Step Verification
Risk Inefficiency of IT application and threat to data security.
Nature of Control Manual
1. Check whether IT personnel is monitoring the outward data flow.
2. Check if only licensed applications are used and no unauthorized application is installed on any
IT system.
3. Check whether appropriate version control mechanisms are operating.
4. Check that before updating a patch, following process is followed:
a. In case of SAP application, it has been tested and verified on development server and
quality server before moving to production server
b. In case of other applications, it has been tested and verified on independent system before
moving to production system.

18.ERP.10 Commercial Systems - ERP solutions


Control Objectives ABAP and BASIS
Nature of Work Step Verification
Risk Improper tracking and documentation.
Nature of Control Manual
1. Check whether proper tracking is done for all the ERP change management requests.
2. Check whether system is in place to ensure timely resolution of all the requests.
3. Check whether all the changes are duly authorized and approved as per defined process.
4. Check if all the changes are tested and documented before finalization.
5. Check if audit logs for all critical transactions are generated, backed up and monitored.

18.ERP.11 Infrastructure - IT infrastructure and environmental controls


Control Objectives Adequate Temperature maintenance and availability of safety
equipment
Nature of Work Step Verification
Risk Insufficient provisions for power backup and safety of IT
infrastructures.
Nature of Control Manual
1. Check if adequate fire safety measures are taken to safeguard the IT system.
2. Check whether adequate temperate is maintained in the server room to protect any damage to
hardware or software.
3. Check whether server room is located at a safe place and equipped with all safety equipment
and devices.
4. Check all the environmental control required as per IT policy are in place and monitored
regularly.
5. Check if alternate power backup provisions are maintained for server room and Key IT systems.

516
Audit Checklist

18.ERP.12 Network & Communication - Network security


Control Objectives Adequate Network Security
Nature of Work Step Verification/ Analysis
Risk Loss or leakage of data.
Nature of Control Manual
1. Check whether firewalls are in place to prevent any unauthorized access.
2. Check if vulnerable services are blocked on all IT systems.
3. Check whether the confidential documents like network diagram with IP addresses is not easily
accessible to outsider.
4. Check that redundant ports and services are disabled on network equipment.
5. Check whether users have direct access to tools like SQL, TOADS etc.
6. Check if all network equipment's are adequately configured in line with Company's IT policy.

18. ERP.13 Technical Systems - Logical controls


Control Objectives Authorized access, password protection and original software's
Nature of Work Step Verification
Risk Unauthorized access to system and data.
Nature of Control Manual /Automated
1. Check whether access is granted after proper authorization and approval to prevent any
unauthorized access to Information System and Services.
2. Check if process is in place for periodic monitoring and timely removal of access which are not
required.
3. Check if internet access is controlled and adequate security measures are taken to prevent
unauthorized access through internet.
4. Check that strong password protection is provided for all applications.
5. Check that only original software's are installed on the system to protect from data getting
corrupted.
6. Check that whether systems are automatically locked after a fixed time when idle to restrict
unauthorized access.
7. Check if access to removable storage devices is restricted and granted only on exceptional basis
with adequate approvals.
8. Check if all IT systems are prevented with updated antivirus.
9. Check if audit logs for all critical transactions including, access, denial, services used etc. are
generated, backed up and monitored.
10. Check if administrative password is available to authorized person only.
11. Check is the password policy is implemented and working in all IT systems.
12. Check if file and folder sharing is restricted and used on exceptional basis after adequate
approvals.
13. Check if service packs are timely updated and tested before updation.

517
Audit Checklist

18.ERP.14 Technical Systems - IT applications


Control Objectives Outward data, QC check and efficiency of SAP
Nature of Work Step Verification
Risk Inefficiency of IT application and threat to data security.
Nature of Control Manual /Automated
1. Check whether IT personnel is monitoring the outward data flow.
2. Check if only licensed applications are used and no unauthorized application is installed on any
IT system.
3. Check whether appropriate version control mechanisms are operating.
4. Check that before updating a patch, following process is followed:
a. In case of SAP application, it has been tested and verified on development server and
quality server before moving to production server
b. In case of other applications, it has been tested and verified on independent system before
moving to production system.

518
Audit Checklist

24. Materials Management- ERP


Scope
Audit Areas
1 SAP change management
2 Access controls
3 SAP users and license controls
4 Master data maintenance
5 Audit logs
6 SAP budget and related expenses
7 User training and SAP usage
8 PR tracking
9 Contract monitoring
10 Manpower planning
11 Creation of Service Entry Sheet (SES)

519
Audit Checklist

24.ERP.1.1 Operations
Control Objectives Efficiency in operations
Nature of Work Step Analysis / Verification
Risk 1. Inadequate fixation of key performance appraisal.
Nature of Control Manual
1. To ensure that key performance indicators are fixed leading to efficiency in operations.
(Illustrative list of KPI which may be set for MM department. Lead time in converting PR to PO,
No. of defaults in obtaining material delivery on time, lead time for each step).
2. Check whether performance of MM department has been evaluated.

24.ERP.1.2 Operations
Control Objectives To verify authorization controls over materials master creation &
amendment.
Nature of Work Step Analysis / Verification
Risk 1. Distortion of inventory master resulting in delay in procurement,
procurement of wrong items, and wrong classification of material.
2. Operational delays.
3. Incorrect stock valuation.
Nature of Control Manual / Automated

1. Obtain a list of persons authorized to request creation & amendment in MM01 & MM02 of
material master.
2. Obtain a list of persons authorized to create & amend material master.
3. Verify whether the requests for change in master are approved by the appropriate authority.
4. Verify whether the authorizations are in compliance with MM Manual / DOP.
5. Obtain the log of changes to the inventory master and verify whether the changes made are
valid, accurate and processed on a timely manner in accordance with the approved request.
6. Check existence of duplicate record.
7. Obtain the reason for exception and report the same.

24.ERP.1.3 Operations
Control Objectives To verify authorization controls over vendor master creation and
amendment.
Nature of Work Step Analysis / Verification
Risk 1. Distortion of vendor master resulting in delay in procurement,
procurement of wrong items, wrong sourcing.
2. Above may finally result in disruption of operations.
3. Incorrect vendor valuation.
Nature of Control Manual / Automated

520
Audit Checklist

1. Obtain a list of persons authorized to request creation & amendment in MK01 & MK02 of vendor
master.
2. Obtain a list of persons authorized to create & amend vendor master.
3. Verify whether the request for change in master is approved by the appropriate authority.
4. Verify whether the authorizations are in compliance with MM Manual / DOP.
5. Obtain the log of changes to the vendor master and verify whether the changes made are valid,
accurate and processed on a timely manner in accordance with the approved request.
6. Check existence of duplicate record.
7. Obtain the reason for exception and report the same.

521

You might also like