Unit 3: Internal Control

Internal Control
Internal Control- Meaning

 Internal controls are accounting and auditing processes used in a

company's finance department that ensure the integrity of financial
reporting and regulatory compliance.
 Internal controls help companies to comply with laws and regulations, and
prevent fraud. They also can help improve operational efficiency by
ensuring that budgets are adhered to, policies are followed, capital
shortages are identified, and accurate reports are generated for leaders.
 Importance of Internal Control

 - It establishes the processes: Internal control defines the roles

and responsibilities of employees, managers and auditors, and
provides clear guidelines on how to perform their tasks and report
their activities. Internal control also ensures that changes to
policies and procedures are communicated and documented in a
timely manner.
 - It improves process performance: Internal control helps to
monitor and measure the efficiency and effectiveness of business
processes, and identify areas for improvement and optimization.
Internal control also helps to ensure that resources are allocated
and used appropriately, and that budgets are followed and
Cont…
 - It improves operational efficiency: Internal control helps to
reduce waste, duplication and errors, and increase productivity
and quality. Internal control also helps to ensure that financial and
operational information is accurate, complete and timely, and that
reports are generated and delivered to the relevant stakeholders.
 - It keeps duties separated: Internal control helps to prevent
conflicts of interest, collusion and fraud by ensuring that different
functions are performed by different people or departments, and
that there is adequate supervision and oversight. Internal control
also helps to ensure that transactions are authorized, recorded
and reconciled properly, and that assets are safeguarded and
accounted for.
Cont…
 - It mitigates business risk: Internal control helps to identify,
assess and manage the risks that may affect the achievement of
business objectives, such as market risk, credit risk, operational
risk, legal risk, reputational risk and compliance risk. Internal
control also helps to establish contingency plans and crisis
management protocols in case of emergencies or disruptions.
 - It organizes information: Internal control helps to collect,
store, process and distribute information in a secure, consistent
and accessible manner. Internal control also helps to maintain
data quality, integrity and confidentiality, and protect information
from unauthorized access, modification or disclosure.
Cont…
 - It produces timely financial statements: Internal control
helps to ensure that financial statements are prepared in
accordance with generally accepted accounting principles (GAAP)
or other relevant standards, and that they reflect the true financial
position and performance of the company. Internal control also
helps to facilitate external audits by providing sufficient evidence
and documentation to support the financial statements.
 - It reduces errors: Internal control helps to detect, correct and
prevent errors that may arise from human mistakes, system failures
or fraudulent activities. Internal control also helps to implement
corrective actions and preventive measures to avoid recurrence of
errors.
Cont…
 - It enhances accountability: Internal control helps to assign roles
and responsibilities for each business activity, and establish
performance indicators and evaluation criteria. Internal control also
helps to track progress and results, provide feedback and recognition,
and enforce rewards and sanctions.
 - It supports decision making: Internal control helps to provide
relevant, reliable and timely information for decision making at all
levels of the organization. Internal control also helps to analyze data,
generate insights and recommendations, and communicate findings
and outcomes.
 - It fosters a culture of ethics: Internal control helps to promote a
culture of honesty, integrity and professionalism among employees,
managers and auditors. Internal control also helps to establish a code
of conduct, a whistle-blower policy, an anti-fraud policy
Elements of an effective internal control system
1 Control environment

 This is sometimes referred to as the ‘tone at the top’ of the

organisation. It describes the ethics and culture of the
organisation, which provide a framework within which other
aspects of internal control operate. The control environment is
set by the tone of management, its philosophy and
management style, the way in which authority is delegated,
the way in which staff are organised and developed, and the
commitment of the board of directors.
2 Risk assessment

 There is a connection between the objectives of an

organisation and the risks to which it is exposed. In order
to make an assessment of risks, objectives for the
organisation must be established. Having established the
objectives, the risks involved in achieving those objectives
should be identified and assessed, and this assessment
should form the basis for deciding how the risks should be
managed.
3 Control activities
 These are policies and procedures that ensure that the
decisions and instructions of management are carried out.
Control activities occur at all levels within an
organisation, and include authorisations,
verifications, reconciliations, approvals, segregation
of duties, performance reviews and asset security
measures. These control activities are commonly referred
to as internal controls.
4 Information and communication

 An organisation must gather information and

communicate it to the right people so that they can
carry out their responsibilities. Managers need both
internal and external information to make informed
business decisions and to report externally. The quality
of information systems is a key factor in this aspect of
internal control.
5 Monitoring
 It is critical that the internal control system is reviewed
and monitored frequently.
 It is the role of management to implement board policies
on risk and control; part of these duties is to monitor the
internal control system, identify deficiencies and report
these findings to senior management and the board
of directors.
 The board may delegate some of its duties in this context
to the Audit Committee/Risk Committee with the former
having a review of Internal Financial Controls as part of its
role.
Evaluation of Internal Control System

 The evaluation of the internal control system is a

critical aspect of the audit process, and it involves
assessing the effectiveness and reliability of
an organization's internal controls. This
evaluation is crucial for auditors to gain assurance
about the accuracy of financial reporting,
safeguarding of assets, and compliance with
relevant laws and regulations.
The evaluation typically includes the
following steps:

 Understanding the Control Environment:

 Auditors begin by understanding the control environment, which
includes the overall tone set by management, the organization's
commitment to integrity and ethical values, and the effectiveness of
the board of directors.
 Risk Assessment:
 Identify and assess the risks that may impact the achievement of
organizational objectives. This involves understanding the business
environment, internal and external factors affecting the organization,
and potential areas of vulnerability.
Cont…

 Control Activities:
 Evaluate the design and implementation of specific control activities.
These may include segregation of duties, authorization procedures,
physical controls, and IT controls. The goal is to ensure that controls
are effectively preventing or detecting errors and fraud.
 Information and Communication:
 Assess the information and communication processes within the
organization. This involves reviewing how information is
communicated across different levels of the organization and
ensuring that relevant information is accessible to those who need it.
Cont…

 Monitoring Activities:
 Evaluate the ongoing monitoring activities that assess the
effectiveness of internal controls. This may involve regular
management reviews, internal audits, and continuous monitoring
procedures to identify and address control deficiencies.
 Documentation:
 Document the understanding and evaluation of the internal control
system to provide a basis for the audit opinion. This documentation
ensures transparency and accountability in the audit process.
Internal Control Questionnaire
(ICQ):

 An Internal Control Questionnaire (ICQ) is a tool used by

auditors to systematically gather information about an
organization's internal controls. It consists of a series of
questions designed to assess the presence and
effectiveness of key controls within specific processes. The
ICQ covers various control areas, such as authorization,
segregation of duties, physical controls, and information
systems.
Key features of an ICQ include:

 Structured Format:
 ICQs are typically structured with a list of questions categorized by
control objectives or specific business processes. Each question seeks
information about the existence and effectiveness of a particular
control.
 Yes/No Responses:
 Respondents (usually management or process owners) provide yes or
no responses to each question, indicating whether the described
control is in place and functioning effectively.
 Follow-up Inquiries:
 Depending on the responses, follow-up inquiries may be necessary to gather
additional information or clarification. This helps auditors gain a more
comprehensive understanding of the control environment.
 Comprehensive Coverage:
 ICQs are designed to cover various aspects of internal controls, including those
related to financial reporting, operational efficiency, and compliance with laws
and regulations.
 Customization:
 Auditors may customize ICQs based on the specific risks and characteristics of
the organization being audited. This ensures that the questionnaire is tailored
to the unique aspects of the business.
By utilizing an ICQ, auditors can systematically assess the strength of an
organization's internal control environment, identify potential weaknesses,
and tailor audit procedures accordingly. The responses obtained from an ICQ
contribute valuable information to the overall evaluation of internal controls.
 General controls Information
processing controls
 Support the continued proper  Relate to the processing of
operation of the IT environment information in IT applications
 Examples include:
E.g. controls over:  Batch total checks- number of
 • Access − Preventing unauthorised invoices actually entered.
access to applications, databases,  Sequence checks- no items are
operating system, networks. missing.
  Matching master files to
• Program changes or other changes
to the IT environment – Segregation of transaction records- sales invoices
duties, system development, data with price list
 Arithmetic checks- accuracy.
conversion.
 Existence checks- check
 • Process to manage IT operations employees exist.
– job scheduling, job monitoring,  Authorisation of transaction entries
backup and recovery.  Exception reporting –unusual -
Internal Check
Meaning of Internal Check:

Internal check means that check imposed in such a way on a

day to day transaction that work of one person is checked
by another person automatically in this way the chances of
frauds and errors minimizes. Because the errors or mistake
made by one person is detected by another.
 Fundamental Principles of a Good
Internal Check System

 1. Responsibility: Responsibility of each individual must be properly

defined and fixed. The work of the business should be allocated amongst
various clerks in such a manner that their duties and responsibilities are
clearly and judiciously divided.
 2. Completion: The work should be divided in such a way that no single
person is allowed to complete the work solely by himself from the
beginning to the end. However, there should be no duplication of work.
 3. Rotation of employees: A good system of internal check should not
allow person having custody of assets to have access to the books of
account. A system of transfer or rotation of employees from one seat of
work to another must be followed by the business.
4. Automatic check: A good system of internal check must provide for
an automatic checking of the work of one clerk by the other.

5. Reliance: No clerk of the business should be relied upon too much.

6. Safeguards: Safeguards should be prescribed to keep un-used cheque

books, files and securities etc.

7. Supervision: A strict supervision should be exercised to ensure that

the prescribed internal checks and procedures are fully operative.

8. Formal sanction: No deviation should be allowed from the established

procedures till it is formally sanctioned by the top official.

9. Periodical review: The system of internal check is reviewed from time

to time to introduce improvements
 Difference between Internal Check and Internal
Control
Internal Check
Nature: It is a system within an organization
where duties and responsibilities are
segregated among employees to create
checks and balances. It relies on the division
of tasks to prevent and detect errors and
fraud.
Execution: Internal check is implemented
through the organization's organizational
structure and the segregation of duties. It is
inherent in the day-to-day operations and
business processes.
Focus: The primary focus of internal check is
on the prevention and early detection of errors
and fraud through the division of
responsibilities among employees.
Internal Control
Nature: It is a broader framework
encompassing policies, procedures, and
practices implemented by management to
ensure the achievement of organizational
objectives. It includes the entire system for
safeguarding assets and enhancing the
accuracy and reliability of financial
information.
Execution: Internal control involves the
design and implementation of policies,
procedures, and systems to manage risks,
ensure compliance with laws and regulations,
and enhance the efficiency and effectiveness
of operations.
Focus: The primary focus of internal control is
on achieving organizational objectives by
providing reasonable assurance regarding the
effectiveness and efficiency of operations,
reliability of financial reporting, and
compliance with laws and regulations.
Internal Check with regards wages

 The system of internal check for wages should be devised in a careful and planned
way, especially in manufacturing concerns, employing large number of workers,
possibilities of frauds are always there. Thus efforts should be made to prevent such
frauds with the help of some suitable arrangements of internal check which should
be revised from time to time in the light of experience gained. System should be
actively enforced and supervised by some responsible official.
 The Objectives are as follows:
 a) To avoid inclusions of dummy workers in the list of workers.
 b) To avoid incorrect time or piece work records.
 c) To avoid fraudulent manipulation of wage-sheet and misappropriation of money
etc.
Maintenance of Wage Records

1. Time Records: Workers are paid their wages normally on the basis
of time. Thus the time spent by each worker should be correctly
recorded in the time record book and for this purpose the following
methods are in practice.
a) The time recording clock: The time recording clock is placed at
the gate under the charge of a timekeeper. As soon as worker
enters the gate, the time keeper inserts his time into the clock
which records the time. It is recorded when the worker leaves the
factory.

b) Brass token: The workers are given brass token bearing

their numbers. At the gate, a time board is maintained on which each
worker hangs his token as soon as he enters in the factory. The time
keeper is thus able to record the time of workers entering the factory.
He should be vigilant enough to see that no workers hang the token
of others who are late or absent
c) Attendance cards/punching machine: Each worker is provided
with a time card with his name, number, department and wages rate
mentioned on it. He should punch card at the time of his arrival and
departure. The punching or card must be supervised by the time-
keeper. Foreman of each department should also be asked to keep the
time records of his workers. The time keeper and foreman should
separately prepare the time records and the name of absentees at the
end of the day.

d) Computers: This method is the most popular method now

especially with the multinationals. An identity card is issued to each
worker and when the employee enters the factory and leaves the
factory, he puts his identity card in the slot of the time recording
machine. This machine is controlled by the computer. So the
computer records the time the employee spends in the office. Another
advantage of this method is that only with a proper identity card, the
employee can enter the office. That is only if the identity card is the
authorized one, then only the door will open for the employee.
2. Piece-work records: Where the workers are paid on the basis of the
wages system, proper books for actual work done by workers should be
maintained. Each worker should be provided with a job card or piece
work return form bearing his name, job number, nature of work should be
recorded on this card which should be countersigned by the foreman of
the department. Store-keeper to whom the goods manufactured are
handed over, should sign this card. It should be finally checked by piece
work reviewer along with quality of goods.

3. Overtime records: Ordinarily overtime work should not be

encouraged. No worker should be allowed to work overtime unless he is
authorized to do so by the authorized official of the organization. Strict
check must be kept on loiterers at the place of work. Overtime slips
should be sanctioned in advance. Such slips should bear the name and
number of worker, overtime put in the job or the department in which he
is engaged. At the weekend such slips should be sent to the department
in and the job or the department in which he is engaged. At the weekend
such slips should be sent to the time-keeper who will forward them to the
wage office.
4. Pass-out records: The workers should not be allowed to leave the factory before the
scheduled time. But if sometimes, a worker wants to go out of the factory on his personal work
during working hours he should not be allowed to go out of the factory premises without
obtaining permission from authorized official who should issue passout slips. Such slips are
handed over to gatekeeper wage office should also be given copy of such slips. In case a worker
leaves the factory before time on his own account, it should be properly accounted.
5. Preparation of wage sheets: The preparation of wage sheets should be done by a
separate department. This work should be done by five clerks to minimize the irregularities.
Information regarding attendance can be had from the attendance register, job cards, piece
work register, overtime slips, pass out slips etc,. For time workers and piece rage workers,
separate wage sheet should be used. In big factories loose wage sheet should be used so that
the work may be distributed amongst various clerks easily. All the essential particulars should be
entered in the wage slips which should have columns for:
a) Name
b) Number/code number allotted to him and his address
c) Total time worked
d) Details of work
e) Rate
f) Total amount of wages
g) Bonus
h) Overtime, if any
i) Deductions
j) Net amount payable
The whole work is to be divided in various parts to be done by separate
clerks in the wage department.

i. Two clerks should examine the time and piece wage records, over time
records and other statements received from the foreman.

ii. The third clerk is to prepare individual employee statement i.e., name
of the worker, code number allotted to him and his address, total time
worked and rate of wages.

iii. The fourth clerk is to check the calculations and deduct the permissible
amount i.e. rent, provident fund, income tax, installment of loans and
other permissible deductions under the PAYMENT OF WAGES ACT, 1936.
From the gross wages to arrive at the net amount to be paid to the
workers.

iv. The fifth clerk is to check the whole work thoroughly.

v. All these clerks should initial the wage slips before these are signed by
some responsible officer, such as director or works manager
Internal Check with regard to Cash:

 The risk of misappropriation of cash needs no emphasis. The chances of fraud

are numerous in cash transactions. For example, receipts may not be entered in
the cash-book: records of cash received may be understated by preparing
duplicate receipt for amounts less than the original. Cash sales may be treated
as credit sales charging the amount to fictitious debtors, etc. The following are
the points that should be taken into consideration while devising a good and
proper system of internal checks for cash transactions:
 Cash Sales:
 Cash Sales are of three types:
 a. Sales at Counter / Counter Sales
 b. Sales by travelling Salesmen.
 c. Postal sales.
1. Sales at Counter / Counter Sales:

 The following procedure may be of great use in regard to cash sales:

 a) A specific number, name or work may be allotted to every salesman.
 b) Every salesman is supplied with a separate book containing blank copies
of cash memo. 4
 c) Cash memos should be printed in numerical sequence.
 d) Cash memos are printed in different colours for salesman at different
counters.
 e) When the sales man sells goods to a customer he prepares four copies of
the Cash Memo. These copies are checked by the senior clerk.
 f) Three copies of the cash memo are handed over to the customer and the
fourth is retained by the salesman.
g) The customer should hand over three copies of the cash memos to the cashier, who
after collecting the amounts and recording it in his cash register, returns two copies to
the customer duly stamp marked “cash paid”.

h) So the cashier collects the amount and records it in his cash register.

i) The customer should present two copies of the cash memos at the counter where the
goods purchased by him are to be delivered.

j) Here the customer will get the goods purchased by him are to be delivered to him.

k) The Clerk, at the delivery counter, checks the sales and delivers the goods to the
customer and also keeps one copy of the cash memos.

l) In big business houses, the customer’s copy of the cash memo may be checked by
the security staff before the customer is allowed to check out of the place.

m) At the end of the day, each counter salesman, cashier and the delivery counter clerk
should prepare summaries of Cash Sales.
n) The cash sales summary prepared by the cashier should be verified with the
cash sales summary of each salesman and the delivery counter clerk.

o) The differences if any should be immediately enquired into.

p) If the summaries tally, accounts are certified as correct. Then it is sent to the
General Manager and another copy is sent to accounts department.

q) Daily cash receipts should be deposited into the bank on the same day.

r) Where cash recording machines are used, the total cash received as shown by
the machine should be checked with the amount actually banked.
2. Sales by Travelling Salesmen:

 In big business houses, generally Travelling salesmen are employed to push

sales and to collect debts. These Salesmen collect debts from old customers and
accept advances for new ones. Ordinarily debtors will be asked to send the
remittances by post and not to hand over the cash to any representative of the
enterprise. But in exceptional circumstances travelling Salesmen may be
permitted to collect cash from the debtors. For example, where it is necessary
for enforcement of the terms of credit or where refusal by travelling salesman to
collect cash from a debtor may be regarded as a bad policy. Whatever the case
may be, a good system of check over these salesmen is vitally essential. So the
following precautions must be taken:
 a) Travelling salesmen should be issued with pre-numbered, rough receipt books.
 b) Final receipt against receipt of cash by travelling salesman should be issued
either from the branch or head office to which the salesman is attached.
c) Customers should be asked to contact the head office or branch office if the final
receipt is not mailed to them within a stipulated period.

d) Travelling salesmen should be instructed to remit the entire cash collected by

them to the head office or branch office to which they are attached, without making
any deduction towards salary or commission payable to them.

e) Head office or branch office should regularly send the statement of accounts to
keep them informed of the latest position as to their liability.

f) Special attention should be paid to customer’s accounts that have become

overdue.

g) There should be surprise transfers of travelling Salesmen from one area to

another. This will increase the efficiency of the agents and will also reduce the
chances of fraud.
3. Postal Sales or Value Payable Post
(V.P.P) sales:

The following points should be noted in this regard:

 a) There should be a separate register to record sales by post of VALUE PAYABLE POST.
 b) When cash is received against V.P.P sales, it should be entered in the V.P.P register
and then it should be posted to the cash book.
 c) Separate bank pay-in-slips should be used to deposit cash received against post
sales.
 d) An offer should be deputed to check carefully this register an special attention
should be given to those goods that have been returned and those against which
payments has not been received .
 e) Cash book and orders received should be checked and order received should bed
properly filed too.
Internal Check with regard to Cash
Purchases

 1. Requisition: The procedure for issuing purchase requisitions should

be specified. The head of the department, who is in the need of goods,
should fill in a requisition slip duly signed and then should send it to the
purchases department. The details about the quantity, is quality and the
time by which the goods must be supplied be clearly mentioned in the
requisition slip.
 2. Enquiry: Purchase department makes an enquiry about the terms
and conditions of purchases from different suppliers. For this purpose
tender are generally invited. But, who shall open and accept the
tenders, should be clearly specified. At a rule, the lowest tender should
be accepted and accordingly a decision be taken.
3. Purchase Order: The Purchase Department places orders which should be
recorded in the Purchase Order book. Four copies of purchase order should be
prepared. One copy will be sent to the vendor, second to the store department,
third copy to the Accounts department and fourth one will be retained by the
purchase department itself. A responsible officer should review the purchase
order, before signing by the authorized person or director

4. Receipt of Goods: On receipt of goods, the purchase department should

properly inspect them, and there after an entry in the goods inward (Receipt)
book, the same should be sent to the stores. Concerned department should be
informed about the receipt of the goods.

5. Making the Payments: The Purchase Department should thoroughly check

the invoices and send the same to accounting department for payment. The
accounting department should compare the invoice with the purchase order and
Incoming Inspection Report and should also verify the calculation. The Accounts
Department should enter the invoice in the Purchase Book. Only responsible
official should draw cheque for the payment of invoice. At the time of signing, a
signing authority must verify that correct payment is made. If some portion of
the goods is returned to the supplier, a proper entry must be made in the
Purchase Return Book. A Credit Note to that effect must be obtained from the
supplier and accounts section must adjust the payment accordingly.
A good system of internal check with regard to purchase will
prevent the following types of irregularities, errors and frauds.

a) Fictitious Payment: Fictitious Purchase may be recorded in the

purchase book and the payments withdrawn may be misappropriated.
b) Double Payment: Some invoices may be recorded twice and double
payment made may be misappropriated.
c) Artificial inflation in profits: Goods purchased may not be entered in
the period so as to inflate profits.
d) Artificial reduction in profits: Goods not received in one period may be
entered as purchases so as to show profits less than the actual.
Internal check with regard to Stores
(Stock)

 The Stores Department has the charge of preserving and issuing stores to
different departments. Proper control of stores is very much essential to prevent
pilferage (small theft) and misuse. Therefore, the internal check system in
relation to stores must be given careful attention. The following general rules
may be followed to ensure effective check on the stores.
 1. Location of stores: Store should be located at a convenient place. It should
have proper stores facilities so that goods may not be misplaced, misused or
wasted.
 2. Receipts of stores: On receiving stores, the Stores Department will prepare
a “Goods Received Note’ in triplicate. One copy will be sent to the Purchase
Department. Second copy will be sent to Accounts Department. The third will be
retained by the Stores Department itself. All the details about stores should be
noted on the note. Stores should be properly checked after their receipt.
3. Preservation of stores: Goods received should be stored at their allotted
racks. The system of Bin Cards should be used to show the receipts, issues and
balance of stores. Such Bin Cards may be kept hanging on the places where
stores are preserved. Stores inventory software may be used on computer for
item stored.

4. Issue of stores: No item from the stores should be issued to any person
without formal requisition or demand note from some authority. Only authorized
person should be allowed to remove articles from the stores according to the
requisition. The Stores Officer should be seated near the gate so that all issues
may be made under his supervision. For the materials or stores returned from the
job or the department. Material return note should be written and properly
accounted for. Likewise, Material Transfer Notes should be used for the materials
transferred form one department or job to another. The gate keeper should be
instructed not to allow any material out of the factory without necessary permit
from the Store-Keeper or Invoice of Sales Department.

5. Recording: After the issue of materials from the stores, the Store Issue
Requisition should be sent to the Stores Accounts Section for proper records
there. The Bin Cards should be checked out compared from time to time with
stores records.
Internal Audit:

 Internal audit is an independent, objective assurance and

consulting activity designed to add value and improve an
organization's operations. It helps an organization accomplish
its objectives by bringing a systematic, disciplined approach
to evaluate and improve the effectiveness of risk
management, control, and governance processes.
Importance of Internal Audit

 Increase productivity: By continuously monitoring and reviewing the

organization processes, internal auditor can identify the control
recommendation to improve the efficiency and effectiveness of these
processes and they also help to an organization to dependent on
processes rather than on people.
 Evaluate Risk and protect the assets: A regular internal audit assess
a company control and help to uncover evidence of frauds, help to
identify any gaps in the environment and allow for a remediation plan to
take place. Internal audit program will help to an organization to track
and document any changes that have been made to environment and
ensure the mitigation of any found risks
• Quality Control: Internal auditor help the organization,
identify how well system and process are designed and
keep the company goals on track and also provide the
consulting on how to improve those system and processes
if and when necessary.

• Independent and unbiased insight: Internal audit

provides unbiased view into how effective the internal
controls are in the business. If an organization has limited
resources and they are unable to setup an independent
audit team, they could cross-train employees to audit each
other’s departments.

• Good Corporate Governance: Internal audits evaluate a

company’s internal controls, including its corporate
governance and accounting processes. They ensure
compliance with laws and regulations, accurate and timely
financial reporting and data collection. They also help
Limitations of Internal Audit

 Limited Independence:
 Internal auditors are employees of the organization, potentially
impacting their independence and objectivity.
 Limited Expertise:
 Internal auditors may lack specialized knowledge in certain areas
compared to external experts.
 Risk of Bias:
 Familiarity with colleagues and processes may introduce
unintentional bias in assessments.
Cont…

 Resource Constraints:
 Internal audit departments may face limitations in staffing, time, and
budget.
 Limited Focus on Strategic Risks:
 Internal audits may not always adequately address strategic risks
crucial for long-term success.
 Potential for Fraud and Irregularities:
 Detecting fraud may be challenging, and there may be reluctance to
report such issues internally.
 Difference between Internal Audit
and Statutory Audit
Internal Audit
Nature:
Internal audit is an independent,
objective assurance and consulting
activity designed to add value and
improve an organization's
operations. It is conducted by
internal auditors who are
employees of the organization.
Statutory Audit
Nature:
Statutory audit is a legally
mandated audit of an
organization's financial statements.
It is conducted by external auditors
who are independent professionals
appointed by the shareholders or
regulatory authorities.
 Internal Audit
Purpose:
The primary purpose of internal
audit is to evaluate and improve
the effectiveness of risk
management, control, and
governance processes within an
organization. It focuses on
providing insights and
recommendations for internal
process enhancements.
Scope:
The scope of internal audit is
flexible and can cover various
aspects, including financial,
operational, compliance, and
strategic areas. Internal audits are
often tailored to the specific
needs and risks of the
organization.
Statutory Audit
Purpose:
The primary purpose of a statutory
audit is to provide an independent
and objective opinion on the fairness
and accuracy of the financial
statements. It ensures that the
financial statements present a true
and fair view in accordance with
applicable accounting standards and
regulations
Scope:
The scope of a statutory audit is
specifically focused on the
financial statements and related
disclosures. It aims to provide
reasonable assurance that the
financial information is free from
material misstatements, whether
due to fraud or error.
 Internal Audit
Frequency:
Internal audits are conducted
periodically throughout the year,
based on the organization's
internal audit plan. The frequency
may vary depending on the
organization's size, industry, and
risk profile.
Reporting Line:
Internal auditors report to the
management or the board of
directors. Their reporting is
designed to facilitate internal
decision-making and enhance
organizational performance.
Statutory Audit
Frequency:
Statutory audits are typically
conducted annually, and their
frequency is determined by legal
requirements or regulatory
standards applicable to the
organization. Public companies are
often required by law to undergo
an annual statutory audit.
Reporting Line:
External auditors report their
findings to the shareholders of the
company and relevant regulatory
authorities. The audit report is an
essential part of the company's
annual financial statements and is
made available to the public.
END