Internal Audit Services
Our core consulting team would focus on;
-
Ensuring internal controls
-
Incorporating SOPs (Standard operating procedures) for every major function
-
Infusing corporate governance into the scheme of things
-
Advice on structuring of MIS
-
Initiating cost control systems via workable strategies
-
Formulating policy document once internal controls are in place
-
Hand holding and monitoring implementation of policies
Risk Based Internal Audit
Internal Risk
Internal risks arise due to events occurring Inside the business organisation. Such events are generally control of the management. Hence, determining the likelihood of the resulting risks can be done with accuracy
Internal factors giving rise to such risks include:
-
Human factors as strikes and lock-outs by trade unions; negligence and dishonesty of an employee; accidents or deaths in the factory, etc.
-
Technological factors unforeseen changes in the techniques of production or distribution resulting into technological obsolescence, etc.
-
Physical factors as fire in the factory, damages to goods in transit, etc.
External Risk
External risks arise due to events occurring outside the business organisation. Such events are generally beyond the control of the management. Hence, determining the likelihood of the resulting risks cannot be done with accuracy
External factors giving rise to such risks include:
-
Economic factors as price fluctuations, changes in consumer preferences, inflation, etc.
-
Natural factors as natural calamities such as earthquake, flood, cyclone, etc.
-
Political factors as fall or change in the Government resulting into changes in government policies and regulations, communal violence or riots, hostilities with the neighbouring countries, etc.
All Risks Have Two Attributes
Likelihood of Risk Occurrence
Risk consequence
The measurement of the likelihood of risk is normally against five levels on a scale of 5, viz.
+ Remote (score 1)
+ Unlikely (score 2)
+ Possible (score 3)
+ Likely (score 4)
+ Almost certain (score 5)
As a result of the above risks operating , either singly, or in two’s and three’s, or jointly, gives rise to Financial or operational strain to the Entity and its operations.
Risks can be classified into:
Strategic (exposure of the company in pursuing particular business model or adopting a specific strategy – too much dependence on one line of business or a failed acquisition, etc)
Operational (risks arising from inadequate business or manufacturing processes, ineffective usage of available resources, inefficient personnel, mismanagement of affairs, etc)
Compliance (breach of law/regulatory requirement, etc)
However, being part of the target entity, the Management as well as the top decision making core group would not be able to gauge the gravity of risks and its possible impacts on the entity.
An Internal Audit function would provide the “third eye” perspective – also known as the inner eye is a mystical and esoteric concept which provides perception beyond ordinary sight.
This would be rendered possible because of the unbiased and professional approach which is enabled by the very positioning of the function and unrelated nature of the independent “third eye” entity.
The functions that would be undertaken by our I/A team would be:
-
Understanding the prevalent risks faced by the Company
-
Understanding the types and the potency of the risks
-
Understand the likelihood of risks materialising
-
Company’s ability to reduce the incidence and impact on business risks that it is facing now
-
Cost benefit anaylsis of enabling controls over risks
-
Need for risk management :
-
Sustainable profit growth to meet stakeholders’ expectation
-
Dynamic internal, external and everchanging macro environment
-
The expectation towards greater transparency and corporate governance matrix
The entire ethos of Corporate Internal Control can be comprehensively explained in the following COSO (Committee of Sponsoring Organizations of the Treadway Commission, which is a premier body of Internal Auditors in the international arena) control chart.
We will start out scoping key areas by understanding the activities of the process (inputs, outputs and systems) and identifying the objectives in collaboration with process owners and senior management. This will include agreeing with process owners and senior management about the scope of work. Once the scope is agreed, we will commence by reviewing policies & organizational structure.
Key Objectives
Safeguarding of Assets
Reliability & Integrity Of financial and operating information
Effectiveness & Efficiency of Operations
Compliance with laws And regulations
Above objectives are aligned to ensure ‘Value Addition’ to the stakeholders
Specific Scope of Work:
-
Studying the Process flow in respect of stock movement, production, input-output ratio.
-
Assessing the optimum stock requirement good enough not to truncate production flow
-
Initiation of Standard Costing computation for each of the products
-
Arriving at BEP (Break – even point) on an overall basis and narrowing down to the product level
-
Attempt at computing the variances between Actual costs and Standard costs
-
Planning for “Opportunistic Turnover” in order to boost operating margins
-
Framing realistic and dynamic budgets and Forecasts
-
Advice on Judicious appropriation of funds – with Long term and Short term objectives and outlays in place
-
Conducting monthly Review meetings
-
Streamlining F and A functions to draw the best possible results in respect of funds management, best corporate practices, framing internal control mechanism, drawing up meaningful accounts / financials and driving efficiency into operations.
The Final goal of an Effective and Efficient Internal Control mechanism:
Criteria |
What should be the case? |
Condition |
What is the current case? |
Cause |
What is the reason for the current case? |
Consequence (Effect) |
What is the impact? |
Corrective Action (Recommendation) |
What should precisely be done to reach the ‘should be’ scenario? • Be specific rather than being general • Solution should be actionable rather than theoretical |