As per the standard laid down by The Institute of Chartered Accountants of India (ICAI), Internal Audit is broadly defined as a Risk Management Function independently carried out to assist the Management of an organization. It is carried out internally at the behest of the Management and different from External or Statutory Audit.
Internal Audit helps in identifying gaps and loopholes in implementation of policies and procedures laid down by the organization in various day to day functions like Finance, Risk, HR, Statutory compliances etc. It also does critical appraisal of internal controls and helps in implementing the best industry practices to meet corporate objectives.
When is Internal Audit required?
- Increased size and complexity of business.
- Compliance of Statutory requirement.
- Use of Information technology on large scale.
- Internal controls for risk management.
- Establish sound corporate governance and use of best industry practices.
Key Features Internal Audit
- Internal audit is an independent management function, in order to provide an unbiased and impartial report.
- It studies the existing internal controls and standard operating procedures with the objective of determining whether they are properly carried out.
- It helps in improving internal control structures and promote better corporate governance.
- It identifies threat and opportunities and designs controls to manage the risks and taking advantage of opportunities.
Functions of Internal Auditor
- Review operations, policies, and procedures and assist management in establishing better policies and procedures
- Certify risks being managed within acceptable limits as laid down by the Board of Directors.
- Examining and evaluating continuous effectiveness of the internal control system and making recommendations, if any, for improving internal control mechanism.
- Help the management in identifying frauds and preventing them.
As per Securities and Exchange Board of India (SEBI), there is a statutory clause 49 of the Listing agreement which requires any listed entity to ensure that
- Internal audit function is being made functional.
- Weaknesses found in internal controls are reported.
- Finding and reporting of suspected frauds or irregularity as a result of failure of internal control mechanism.
- Certification and taking of responsibility by the CEO and the CFO to the Board of Directors for the effectiveness of internal controls, and steps taken by them to improve upon the deficiencies in internal control to the auditors and the audit committee.
As per section 138 of the internal audit, Chapter IX -Accounts of Companies, Companies Act,2013, it clearly states that every listed company and unlisted company having share capital of Fifty Crores INR, or Turnover of Two hundred crores INR or Bank Loans exceeding One hundred crores INR, outstanding deposits of Twenty- Five crores INR or more at any point of time, they are required to appoint an internal auditor or a firm of internal auditors. These auditors need to be either Chartered accountant or Cost accountant or any other professional as decided by the Board of Directors in order to conduct at regular intervals, internal audit of the various functions and activities of different departments of the organization.