Auditing and Assurance Standards

In 1977, the International Federation of Accountants (IFAC) was set up with a

view to bringing harmony in the profession of accountancy on an international scale.
In pursuing this mission, the IFAC Board has established the International Auditing and
Assurance Standards Board (IAASB) to develop and issue, in the public interest and
under its own authority, high quality auditing and assurance standards for use around
the world. The IFAC Board has determined that designation of the IAASB as the
responsible body, under its own authority and within its stated terms of reference,
best serves the public interest in achieving this aspect of its mission. The IAASB
functions as an independent standard-setting body under the auspices of IFAC.
Auditing and Assurance Standards Board: The Institute of Chartered
Accountants of India is a member of the IFAC and is committed to work towards the
implementation of the guidelines issued by the IFAC. The Institute of Chartered
Accountants of India constituted the Auditing Practices Committee (APC) in 1982. The
main function of the APC is to review the existing auditing practices in India and to
develop Statements on Standard Auditing Practices (SAPs) so that these may be
issued by the Council of the Institute. While formulating the SAPs in India, the APC
gives due consideration to the international auditing guidelines issued by the IAPC and
then tries to integrate them to the extent possible in the light of the conditions and
practices prevailing in India. While formulating the SAPs, the APC takes into
consideration the applicable laws, customs, usages and business environment in
India.
Evolution of Auditing and Assurance Standards-
When we look at the evolution of standards, broadly, there are three types of
standards which the accounting profession should talk about - accounting standards,
auditing standards, and naturally the quality control standards, which are considered
as a part of auditing standards. If you look at the past, there used to be national
standards, international accounting standards, and US-GAAP. Over a period of time, it
was found that the international standards and USGAAP were going in different
directions. So, it was felt appropriate to start with IFRS (International Financial
Reporting Standards). Every country in the world which has got its own regulatory
body would normally evolve its own standards, like we have done in India. These were
accounting standards, and the auditing standards. In India, it is the Institute of
Chartered Accountants of India (ICAI) which is standard setting body and the
Companies Act has adopted those standards, initially through NACAS (National
Advisory Committee on Accounting Standards) and now NFRA (National Financial
Reporting Authority). They have the authority to formulate the standards, but the
basic standards come from the ICAI.
Basic Principles of Governing an Audit
This Auditing and Assurance Standard was the first standard on auditing issued
by the Institute. This Standard describes the basic principles which govern the
auditor’s professional responsibilities and which should be complied with whenever an
audit is carried out.
1. Integrity, Objectivity and Independence:
The auditor should be straightforward, honest and sincere in his approach to his
professional work. He must be fair and must not allow prejudice or bias to override his
objectivity. He should maintain an impartial attitude and both be and appear to be
free of any interest which might be regarded, whatever its actual effect, as being
incompatible with integrity and objectivity.
2. Confidentiality:
The auditor should respect the confidentiality of information acquired in the course of
his work and should not disclose any such information to a third party without specific
authority or unless there is a legal or professional duty to disclose.
3. Skills and Competence:
The audit should be performed and the report should be prepared with due
professional care by persons who have adequate training, experience and
competence in auditing. The auditor requires specialized skills and competence which
are acquired through a combination of general education, technical knowledge
obtained through study and formal courses concluded by a qualifying examination
recognized for this purpose and practical experience under proper supervision.

4. Work Performed by Others:

When the auditor delegates work to assistants or uses work performed by other
auditors and experts, he will continue to be responsible for forming and expressing his
opinion on the financial information. However, he will be entitled to rely on work
performed by others, provided he exercises adequate skill and care and is not aware
of any reason to believe that he should not have so relied.
5. Documentation:
The auditor should document matters which are important in providing evidence that
the audit was carried out in accordance with the basic principles.
Audit Evidence:
The auditor should obtain sufficient appropriate audit evidence through the
performance of compliance and substantive procedures to enable him to draw
reasonable conclusions there from on which to base his opinion on the financial
information. Compliance procedures are tests designed to obtain reasonable
assurance that those internal controls on which audit reliance is to be placed are in
effect. Substantive procedures are designed to obtain evidence as to the
completeness, accuracy and validity of the data produced by the accounting system.
They are of two types:
a) tests of details of transactions and balances;
b) analysis of significant ratios and trends including the resulting enquiry of unusual
fluctuations and items.
Documentation
Auditor should document matters which are important in providing evidence that
the audit was carried out in accordance with the generally accepted auditing
standards in India. The Standard explains as to what constitute working papers as well
as need for working papers. The Standard also touches upon: Form and Content: This
includes factors affecting form and content, quantum of working papers, permanent
audit file, and current audit file. Documentation is considered the backbone of an
audit. The work that the auditor performs, the explanations given to the auditor, the
conclusions arrived at, are all evidenced by documentation. Poor documentation may
depict poor performance in an audit. The auditor may have executed appropriate
audit procedures, however, if there is no documentation to prove, it may put question
on the work done, in case any
material misstatement is reported.
Audit Evidence
The purpose of this AAS is to establish standards on the basic principle that the
auditor should obtain sufficient appropriate audit evidence through compliance and
substantive procedures to enable him to draw reasonable conclusions there from on
which to base his opinion on the financial information. The AAS also explains the
concept of sufficient appropriate audit evidence, factors affecting it as also the various
types of assertions, internal vis-a-vis external evidence. The Standard also deals with
the methods of obtaining evidence, namely, inspection, observation, inquiry and
confirmation, computation and analytical review.
Audit evidence is all the information used by the auditor in arriving at the
conclusions on which the audit opinion is based and includes the information
contained in the accounting records underlying the financial statements and other
information. Auditors are not expected to examine all information that may exist.
Importance of Audit Planning
Planning is an aid to good management. Adequate audit planning establishes the
intended means of achieving the objectives of the audit. It assists in the direction and
control of the work. It ensures that attention is devoted to critical aspects of the audit.
It also ensures that the work is completed expeditiously. Thus the auditor, before
taking final decisions about the manner in which a particular audit is to be conducted,
should consider the audit approach proposed to be adopted. He has to estimate the
extent to which reliance may be placed on internal controls of the company. He has to
identify any aspects of the audit which need special attention and take note of any
additional work which has been agreed to be undertaken.

Internal Control System

Internal control is a mechanism, set of rules and procedures imparted by company
or organization to make sure that the integrity of financial and accounting information
promotes accountability and prevents fraudulent activities.
Internal control is extremely important for the organization because it reduces
errors, brings efficiency in the operations of the organization. It also improves
reliability of accounting information and financial information. Internal control is a
process which is effected by the entities board of directors, management and other
personnel, designed to provide reasonable assurance regarding, achievement of
entities objectives on efficiency of operations, reliability of financial reporting and
compliance with various legal requirements of the organization.
Nature of Internal Control
Internal control is a system established by the management for proper conduct of
various activities of the organization. It is not only a internal check or internal audit
but also a system of control financially and otherwise in order to carry out business in
efficient manner. It is useful for the organization to safeguard the business and serve
the accounting purpose more efficiently and reliably.
Internal control is the overall control environment established by management of
an enterprise for effective and efficient monitoring and control of its operations. It
aims at adherence to management policies, safeguarding of assets of the enterprise,
proper accounting and record of the business transactions. Internal check and internal
control are vital components of the control system.
The auditor should properly understand and assess the internal control system to
determine the degree of reliance to be placed on it and accordingly to plan the
nature, timing and extent of audit procedures to be performed by him. If the internal
control is found to be effective, the auditor may resort to selective verification.
However, when internal control system is weak auditor has to verify the transactions
in detail.
Features of Internal Control:
At a minimum, an entity should consider how its internal controls program should
be : assess activity and process-level risk, design and implement internal controls,
monitor whether controls are operating as designed, and evaluate control efficacy.
These program elements are the four pillars of internal controls. Some of the other
characteristics of internal control are:
 Guard against the frauds
 Communicating managements integrity
 Competent and trustworthy personnel
 Proper separation of duties
 Supervision
 Good records maintenance
 Accounting control
Scope of Internal Control
The scope of internal control in auditing is vast and covers various aspects of an
organization's operations. It includes the control environment, risk assessment,
control activities, information and communication, and monitoring activities. In India
Internal control in auditing is influenced by the rules and regulations and Auditing and
Assurance Standards issued by the Institute of Chartered Accountants of India (ICAI).
The key aspects of the internal control are as follows:
1. Applicable Standards:
Auditors in India follow the Auditing and Assurance Standards issued by ICAI.
AAS 6, “Risk Assessment and Internal Control”; as per this standard the auditor has
to identify and assess the risks to the material misstatement by understanding the
organization and its environment.

2. Risk Assessment:
Auditor assesses the risks of material misstatement in the financial statements due
to errors and frauds this involves understanding of the business, industry,
internal control environment and identifying areas where internal controls are
important for mitigating risks.
Audit Risks:
Audit risk is the risk when auditor gives wrong opinion on the basis of wrong
financial statements. It is very necessary that financial statements should free from
material misstatements. If there is material misstatement, there may be inappropriate
audit opinion. On this opinion, there may be big loss of interested parties of audited
financial statements.
a) Inherent Risk
Inherent risk is the chance of future loss because there is not any internal control
system or there is fault in internal control system. At that time, auditor may give
wrong audit opinion. Inherent risk may happen on the basis of nature of business or
transactions. For example, if there are millions of cash transactions in a day in any
business, there is chance of fraud or mistake. So, inherent risk may happen.
b) Control Risk
Control risk is the audit risk which happens when fraud or error is not deducted by
internal control system. Whether a good internal control system but cheater is may
take the benefit of small weakness of this internal control system. Due to this, control
risk may happen.
c) Detection Risk
Detection risk happens when auditor uses wrong or incorrect audit procedure. In
above two risks happen due to the fraud or mistake or misstatement by company. But
detection risk happens due to mistake of auditor and his auditing procedure.
Limitations of Internal Control:
a) Internal Control System involves expenditure of time and money. Management’s
consideration that internal control system should be costeffective weakens the
effectiveness of the system.
b) Internal control is more concerned with the transactions of routine nature, so
unusual and irregular transactions may be overlooked.
c) It has the potential for human error especially when a new employee is involved in
the internal control system without proper orientation.
d) Possible collusion may circumvent internal control system Internal Control system
involves division of duties between employees of the organization. Collusions among
employees may perpetuate the frauds within an organization.
Internal Audit vs. Internal Control
a) Internal Audit is an independent review of internal controls, accounting record and
actual performance. And Internal Control is an arrangement of duties allocated in such
a way that the work of one employee is automatically checked by another.
b) An objective of the audit is to detect errors and frauds already committed are
discovered and objective of internal control is devised in such manner that errors and
frauds are minimized.
c) In internal audit the work of a clerk is checked by an internal auditor only after the
former has completed his work and In internal control the work is allocated to
different employees in such a way that one person is independently checked by other,
d) In internal audit a separate staff is specially engaged for carrying out the work and
in Internal control there is no such separate staff engaged to carry out system.
e) Internal audit checks the work done in the light of policies and procedures laid
down by the management and internal control is device for doing work.
Specific Types of Audit
Cost audit is prescribed for the companies engaged in production, processing,
manufacturing or mining activities. Similarly it is expected to verify the utilization of
material, labour and overheads. In the earlier companies Act, 1956, section 233 B was
introduced for governing cost audit. As per the companies Act, 2013, section 148
provides the areas of maintenance of cost records. Tax audit is conducted in respect
of business or profession from the point of view of income tax. Section 44AB of
Income Tax Act, 1961 gives the provisions pertaining to tax audit. Particularly this
type of audit is for ascertaining correctness of taxes paid and returns field by the
assesses.
Cost Audit
Cost audit, as a statutory provision was introduced in 1965 by an amendment to
the Companies Act 1956, which empowered the Central Government to direct any
company to maintain proper cost records in the prescribed manner. In 1968, the
Companies Act was again amended empowering the government to order for a cost
audit. The Companies Act, 1956 was further amended by the Companies Amendment
Act, 1974 introducing section 233B empowering the Central Government to order
audit of cost accounts for which maintenance of Cost Accounts
was prescribed relating to utilization of material, labour or other items of cost in
respect of companies engaged in production, processing, manufacturing or mining
activities under section 209(1) (d).
The cost audit is conducted in addition to the financial audit. The Cost Audit
represents the verification of cost accounts and a check on the adherence of Cost
Accounting Standards. Cost audit is concerned with the verification of the correctness
of the cost records maintained in a business concern. The terminology issued by the
CIMA defines Cost Audit as “the verification of
the correctness of cost accounts and of the adherence to the cost accounting plan”.
Objectives of Cost Audit
The principal object of the audit is to see that the cost data placed before the
management are verified and reliable and they are prepared in such detail as will
serve the purpose of the management in taking appropriate decisions. It aims to
identify the undue wastage or losses and ensure that costing system determines the
correct and realistic cost of production. The subsidiary objectives are-
1. Verification of the arithmetical accuracy of cost books.
2. Ensuring that the cost accounts are maintained as per costing principles,
predetermined
norms and concepts of Cost Accounting.
3. Confirming that the management is using all cost data for decision-making.
4. Detection of errors and frauds.
5. Making internal control more effective.
6. Verification of the adequacy of the books of accounts and the accounting system.
7. Correct valuation of work-in-progress and finished goods.
8. Verification of the total cost of each product, process, operation and job.
Scope of Cost Audit
From the practical point of view, the scope of cost audit is much wider than the
financial audit. The cost audit includes verification and checking of the following -
1. Utilization of materials, power, fuel, water, steam, electricity etc.
2. Employment records such as wages and salaries, allocation of work, attendance,
overtime, idle time etc.
3. Works overheads, office & administration overheads and selling & distribution
overheads, allocation of joint overheads, reconciliation of the cost records with that of
financial records, overhead recovery rates, basis for allocation of cost between fixed
and variable etc.
4. Fixed assets register with quantitative details, physical existence, method of
calculating depreciation, allocation of depreciation in respect of the common assets
etc.
5. Production reports, comparison with past records and budgeted targets, normal and
abnormal losses, work in-progress etc.
6. Work records such as job cards, work order, cost ledger, valuation of materials,
work-in-progress, finished goods etc.
Advantages of a Cost Audit
The main advantage of cost audit is that, it ensures the accuracy of cost accounting,
on the basis of which management takes major decisions.
 It ensures that the organization keeps a close check on wastages and misuses of
materials, labour, stores etc. as well as, points out such wastages if any. When such
wastages are discovered the company can take corrective steps.
 It helps in pointing out inefficiencies in every cost centre and uneconomic activities.
 It reveals irregularities and frauds in cost records.
. Comparison of actual expenditures with the standards enables to know favourable
and unfavourable variances. This helps management to know reasons behind these
variances and can take appropriate actions.
 A cost audit actually helps the statutory auditor. A statutory auditor can rely on
audited costing data.
 Helps in fixing individual responsibility of higher or lower performance.
Cost Audit Financial Audit
.It is used mostly in manufacturing It is used in all types of organizations.
organizations. The primary object is to find whether the
.The primary object is to control the cost of final accounts show true and fair view.
output. It is verification of Profit & Loss Account
It is verification of total cost, cost per unit and Balance Sheet
of output, cost of each process etc. It is related to all income and expenditures
It is mainly related to cost of output, as well as assets and liabilities.
process, The purpose is to see whether concerned
department etc. laws and principles are followed or not.
The main purpose is to test working This audit is done by owners of the
efficiency organisation.
of the organisation. Financial Auditor sees whether the proper
This audit can be done by external parties valuation of the stock is done or not.
such Financial Auditor sees whether the proper
as Government, Customer, Trade valuation of the stock is done or not.
Associations, Tribunals etc.
Cost Audit sees that the stock is not more
than
the required quantum and it is valued at cost.
Cost Audit sees that the stock is not more
than the required quantum and it is valued at
cost
Tax Audit
There are various laws in India that govern different kinds of audit. The Income
Tax Law requires the taxpayer to get the the accounts audited of their business or
profession from the view point of Income-tax. The provisions for an Income Tax audit
are covered under section 44AB of the Income Tax Act of 1961. This section gives the
provisions concerned to the class of taxpayers who are required to get their accounts
audited. Tax audit aims to ascertain the factual veracity of returns filed and the
accomplishment of other requirements as per applicable rules. The auditor
performing the tax audit has to submit all the findings and observations in the
prescribed form of an audit report to the Income Tax Authority.
The audit conducted by the chartered accountant of the accounts of the taxpayer
in pursuance of the requirement of section 44AB of the Income Tax Act 1961 is called
as Tax Audit.
Objectives of Tax Audit
Tax Audit is conducted to achieve the following objectives:
 To ensure proper maintenance and correctness of books of accounts and
certification of the same by a tax auditor.
 To ensure that the total income and the claims for deduction are correctly and
accurately entered by the businessperson.
 To report findings, observations and discrepancies noted by tax auditor
 To report required information and compliance of various provisions of income tax
law.
 To verify the correctness of income tax returns filed by the taxpayer.
 To check frauds and malpractices in filing income tax returns
 To restricts the chance of fraudulent practices.

Management Audit
Management audit is a new concept in auditing. It is different from the
conventional audit. It is an audit of overall performance of management. It covers all
functions of management like planning, organizing, co-ordination, control, etc. It aims
to find out inefficiencies and weaknesses of the management as well as to detect and
diagnose the problems in the governance of an organization and suggests various
means to avoid and solve these problems. It assesses methods and policies of an
organization and the use of resources including human resources, strategic planning,
and organizational improvement. Thus, Management audit is audit of the
management of a business organisation.

“Management Audit can be defined as an objective and independent appraisal of the

effectiveness of managers and the effectiveness of the corporate structure in the
achievement of company objectives and policies. Its aim is to identify existing and
potential management weaknesses within an organization and to recommend ways to
rectify these weaknesses”.
Scope of Management Audit
The scope of Management Audit has no limitations.
 The suitability, practicability and present compliance of the organization with its
objects and aims.
 The current reputation of the organization in relation to the general public and
within its own particular industrial or commercial field.
 Profitability and the rate of return on capital.
 Relationship of the business with its own shareholders, investors, customers,
suppliers and public in general.
 Operating efficiency.
 The relationship between management and staff within the business.
 The effectiveness of management at its various levels.
 Financial policies and control relating to production, sales and distribution and in
other functions of the organization.
Limitations of Management Audit
1. Lack of awareness among directors and managers of the objectives of the
organization and the extent to which these are being achieved,
2. Failure to define clearly the objectives and responsibilities of individual managers.
3. Inadequate steps taken to provide adequate finance.
4. Lack of technical competence of managers.
5. Retaining authority by managers for matters which ought to have been delegated.
6. Lack of clear and identifiable management style in the organization.
7. Lack of proper staff / management training.
8. Failure on the part of managers to measure and assess the performance of their
subordinates.
9. Inadequacy of the management information system.
Social Audit
The social audit movement was first started in U.S.A. in the middle of the last
century i.e. in 1950s. Later it gathered momentum in U.K., Japan and in other western
countries. In India, it attracted the interest of public and government in the beginning
of this decade and found a place in company legislation. There is difference of
opinions among the experts as to the exact meaning and components of this concept.
Social Audit is a technique to understand, measure, verify, report on and to improve
the social performance of the organization. It values the voice of stakeholders and is
taken up for the purpose of enhancing governance, particularly for strengthening
accountability and transparency.
Social audit is an extension of the principle of public disclosure to which
corporations are subject.
Audit of Various Entities
Audit of Departmental Commercial Undertakings Government run various
commercial undertakings mainly to provide services or certain supplies. Such
undertakings are directly under the concerned Ministry or Department and these are
to follow strict government rules and prescribed procedure. Examples of such
undertakings are India Security Press and Currency Note Press. These undertakings
maintain their accounts on the single entry system. However, they also prepare
Proforma Trading and Profit and Loss Account and Proforma Balance Sheet annually.
The main objectives of audit of such public sector undertakings are –
1. To examine whether the commercial accounts present a full and true picture of the
financial results of the undertakings in terms of concepts of liabilities and assets, debit
and credit, profit and loss.
2. To ensure that the subsidiary accounts are prepared so as to render it possible to
compare, as far as may be, the relative efficiency of government trading and
manufacturing organisations with one another or with similar institutions not
controlled by the government.
3. To verify the correctness of allocation of expenditures between capital and
revenue, reason, ability of valuation of assets and adequacy of provisions for
depreciation and bad debts.
Audit of Statutory Corporations
Government of India has set up number of Statutory Corporations by special
Acts of the Legislature such as Damodar Valley Corporation, RBI, SBI, IDBI,
Nationalised Banks, Export-Import Bank, NABARD, LIC etc. The provisions of audit of
such organisations differ from one corporation to another according to the nature of
the business of the undertakings. In some cases C&AG has statutory responsibility of
audit whereas, in some cases, chartered accountants are appointed for the purpose.
However, all the basic principles of audit of government undertakings discussed
above are applicable to audit of such corporations.
Types of Audit of Public Sector Undertakings
1. Financial Audit – Financial audit of PSUs is mainly conducted to express an audit
opinion on the financial statements and enhance the degree of confidence of intended
users in the financial statements
2. Compliance Audit – Compliance audit is an independent assessment of whether a
given subject matter is in compliance with the applicable criteria. It is carried out by
assessing whether all activities, financial transactions and related information comply
in all material respects with the concerned laws governing the PSU.
3. Performance Audit - Performance Audit means the audit of efficiency, economy and
effectiveness with which PSUs operate and fulfil their objectives and goals. A
performance audit is an objective and systematic examination of evidences to verify
the performance of PSUs in respect of any programme, activity or function in order to
improve public accountability of PSU, facilitate better decision making and to initiate
corrective action if it is deviating from principles.
4. Comprehensive Audit - Comprehensive Audit verifies whether the undertakings
have fulfilled the objectives for which they have been established, whether value for
money spent has been obtained, whether the targets have been achieved etc. It
locates the areas of weakness including review of the decisions taken by the
management and a comprehensive appraisal of the performance of the undertaking.
5. Propriety Audit - Propriety Audit is directed towards an examination of management
decisions in sales, purchases, contracts etc. to see whether these have been taken in
the best interests of the undertaking and conform to accepted principles of financial
propriety.