Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: 08 Standard on Internal Audit - SIA 8 Terms of Internal Audit Engagement

  1. #1
    AAS
    Guest

    Default 08 Standard on Internal Audit - SIA 8 Terms of Internal Audit Engagement

    The following is the text of the Standard on Internal Audit (SIA) 8, Terms of Internal Audit Engagement, issued by the Institute of Chartered Accountants of India. The Standard should be read in the conjunction with the "Preface to the Standards on Internal Audit", issued by the Institute.


    In terms of the decision taken by the Council of the Institute at its 260th meeting held in June 2006, the following Standard on Internal Audit shall be recommendatory in nature in the initial period. The Standard shall become mandatory from such date as may be notified by the Council in this regard.

  2. #2
    AAS
    Guest

    Default Introduction of internal audit

    Introduction

    1. The purpose of this Standard on Internal Audit is to establish standards and provide guidance in respect of terms of engagement of the internal audit activity whether carried out in house or by an external agency. A clarity on the terms of the internal audit engagement between the internal auditors and the users of their services (hitherto known as "auditee") is essential for inculcating professionalism and avoiding misunderstanding as to any aspect of the engagement.

    2. The internal auditor and the auditee should agree on the terms of the engagement before the its commencement. The agreed terms would need to be recorded in an engagement letter. Normally, it is the responsibility of the internal auditor to prepare the engagement letter and it is to be signed both by the internal auditors as well as the auditee.

  3. #3
    AAS
    Guest

    Default Terms of Engagement in internal audit

    Terms of Engagement

    3. The terms of engagement of the internal audit inter alia define the scope, authority, responsibilities, confidentiality, limitation and compensation of the internal auditors. The terms of engagement should be approved by the Board of Directors1 or a relevant Committee thereof such as the Audit Committee or such other person(s) as may be authorised by the Board in this regard. The terms should be reviewed by the internal auditor and the audit committee periodically and modified suitably, if required, to meet the changed circumstances.

  4. #4
    AAS
    Guest

    Default Elements of Terms of Engagement of internal audit

    Elements of Terms of Engagement

    4. The following are the key elements of the terms of the internal audit engagement:

    Scope

    Responsibility

    Authority

    Confidentiality

    Limitations

    Reporting

    Compensation

    Compliance with Standards
    Each of these elements has been discussed in the following paragraphs

  5. #5
    AAS
    Guest

    Default Scope of internal audit

    Scope

    5. Paragraph 3.1 of the Preface to the Standards on Internal Audit describes internal audit as "an independent function, which involves a continuous and critical appraisal of the functioning of an entity with a view to suggest improvements thereto and add value to and strengthen the overall governance mechanism of the entity, including the entity's strategic risk management and internal control system."

    6. The terms of the engagement should contain a statement in respect of the scope of the internal audit engagement. It should clearly delineate the broad areas of function of internal audit like evaluating internal controls, review of business process cycle controls, risk management and governance.

    7. It should indicate areas where internal auditors are expected to make their recommendations and value added comments.

    8. The terms of engagement should clearly mention that the internal auditor would not, ordinarily, be involved in the preparation of the financial statements of the auditee. It should also be made clear that the internal audit would not result in the expression, by the internal auditor, of an opinion, or any other form of assurance on the financial statements or any part thereof of the auditee.

    9. The scope of the terms of the engagement, after delineating the broad areas of function of internal audit, should clarify that any additional services that are not encompassed by the engagement letter shall be performed only on mutual agreement and with separate engagement letter.

  6. #6
    AAS
    Guest

    Default Responsibility of internal audit

    Responsibility

    10. The terms of the engagement should clearly mention the responsibility of the auditee vis a vis the internal auditor. The auditee is responsible for establishing, maintaining and ensuring operating effectiveness of a system of internal control. The auditee would also be responsible for timely communication of material weaknesses or other significant issues relating to internal controls, misstatements in the financial information or similar matters to its external auditors, the Audit Committee, the Board of Directors, regulators and to those to whom the auditee is required to so communicate.

    11. The management of the auditee is responsible for providing timely and accurate data, information, records, personnel etc., and for extending co-operation to the audit team.

    12. Similarly, where the internal auditor has a specific responsibility, say that arising out of a law or a regulation or a professional standard applicable to the internal auditor, to communicate directly, the above mentioned issues to an appropriate authority or someone within the entity or a regulator, the terms of the engagement should contain a clear mention of such responsibility.

    13. The internal auditor has the responsibility to inform the management before commencement of the assignment about the engagement team and the audit plan.

  7. #7
    AAS
    Guest

    Default Authority of internal audit

    Authority

    14. The terms of engagement should provide the internal auditor with requisite authority, including unrestricted access to all departments, records, property and personnel and authority to call for information from concerned personnel in the organisation.

    15. The internal auditor should have full authority on his technologies and other properties like hardware and audit tools he may use in course of performing internal audit.

  8. #8
    AAS
    Guest

    Default Confidentiality in internal audit

    Confidentiality in internal audit

    Confidentiality of Working Papers

    16. The terms of engagement should be clear that the ownership of the working papers rests with the internal auditor and not the auditee. It should also be made clear that the internal auditor may, upon a request received in this regard from the auditee, provide copies of non proprietary working papers to the auditee. The terms should lay down the policy and the procedures to be followed regarding requests received for internal auditor's working papers from third parties including external auditors.

    17. The internal audit engagement may also be subject to a peer review by a regulator, requiring the internal auditor to disclose his working papers to the peer reviewer without the permission of the auditee. The engagement letter should bring out this fact clearly.

    Confidentiality of the Report

    18. The engagement letter should contain a condition that the report of the internal auditor should not be distributed or circulated by the auditee or the internal auditor to any party other than that mutually agreed between the internal auditor and the auditee unless there is a statutory or a regulatory requirement to do so.

  9. #9
    AAS
    Guest

    Default Limitations in internal audit

    Limitations

    19. The terms of engagement should specify clearly the limitations on scope, coverage and reporting requirement, if any. It may also mention that the internal auditor or any of his employees shall not be liable to the auditee for any claims, damages, liabilities or expenses relating to the engagement exceeding the aggregate amount of compensation agreed upon by both the parties.

  10. #10
    AAS
    Guest

    Default Reporting in internal audit

    Reporting in internal audit

    20. The terms of the engagement should clearly lay down the requirements as to the manner, frequency of reporting and the list of intended recipients of the internal audit report.

Tags for this Thread

Bookmarks

Posting Permissions

  • Register / Login to post new threads
  • Register / Login to post replies
  • Register / Login to post attachments
  • You may not edit your posts
  •