INDIAN INSTITUTE OF INFORMATION TECHNOLOGY

DESIGN AND MANUFACTURING KANCHEEPURAM,

CHENNAI - 600 127

INTERNAL AUDIT MANUAL

2023

A Guide for
Planning, Performing and Reporting in Internal Audit

(For Official Use)

INTERNAL AUDIT MANUAL

 CONTENTS
1 Introduction
Definition of Internal Audit
1.1 Overview
1.2 Background
1.3 Need for Internal Audit
1.4 Purpose of this Manual
1.5 Applicability
1.6 Amendments
2 Internal Audit Approach
2.1 Internal Audit Mechanism
2.2 Position and mission of Internal Audit
2.3 Duties and responsibilities of Internal Audit
3 Audit objective, scope and methodology
4 Internal Audit Structure
4.1 Organizational structure
5 Professional standards
6 Audit Planning
7 Initiating an Audit
8 Audit execution / Conduct of Audit
9 Reporting of audit findings
10 Follow up in Internal Audit

INTERNAL AUDIT MANUAL

 1. INTRODUCTION
The Institute of Chartered Accountants of India (ICAI) defined, Internal Audit as “an
independent management function, which involves a continuous and critical appraisal
of the functioning of an entity with a view to suggest improvements thereto and add
value to and strengthen the overall governance mechanism of the entity, including the
entity’s strategic risk management and internal control system.”

1.1 Overview
The Indian Institute of Information Technology Design and Manufacturing Kancheepuram
(IIIDMK) was established through an Act of Parliament in the year 2007. It renders human services
to a cause of higher education by catering to the academic, intellectual and professional needs of
youths in the country. To this extent, it contributes its strength in generating and providing requisite
human resources that India needs to emerge as a vibrant knowledge society.

1.2 Background
The Comptroller & Auditor General of India (CAG) is the statutory auditor of this IITDMK
under Section 30(3) of IIIT ACT 2014, for conducting statutory audit. It conducts Financial Audit
(audit of the annual accounts) and Compliance Audit (audit of transactions) of the Institute every
year. Report on the financial audit termed as ‘Separate Audit Report’ is laid before both the houses
of the Parliament, where as the result of compliance audit termed as ‘Inspection Reports’ are
pursued till final settlement.

1.2.1 Scope of Internal Audit

Pre-audit of all the proposals, files for approval by the Competent Authority and
pre-audit of all the transactions for payment of the Institute on a regular basis. Pay fixation, arrear
claims etc. are also pre-audited. Annual account is also checked by the Internal Audit before
submission to CAG for Audit. In the Institute. Internal audit is being conducted in pre-audit system
by Internal Audit Officer engaged as Consultants.

1.3 Need for Internal Audit

As per Rule 70 of the General Financial Rules (GFRs) 2017 the duties and responsibilities
of the Head of the Institute who is the Chief Accounting Authority of the Institute shall: -

● Be responsible and accountable for financial management of the Institute;

● Ensure that the public funds released to the Institute are used for the purpose for
which they were meant;
● Be responsible for the effective, efficient, economic and transparent use of

INTERNAL AUDIT MANUAL

 resources of the Institute in achieving the stated objectives of the Institute, while
complying with the performance standards;
● Be responsible for preparation of expenditure and other statements relating to the
Institute as required by Regulations, guidelines or directives issued by the
Administrative Ministry, Government of India;
● Shall ensure that the Institute maintains full and proper records of financial
transactions and adopts systems and procedures that will at times afford internal
controls;
● Shall ensure that the Institute follows the Government approved procedure for
execution of works, as well as for procurement of services and suppliers and
implements it in a fair, equitable, transparent and cost effective manner;
● Shall take effective and appropriate steps to ensure: - (a) collect all money due to
the Institute/ Government and (b) avoid un-authorized, irregular and wasteful
expenditure.

Thus, an independent internal audit would help the Head of the Institute to discharge all of
these functions in effective manner. Internal audit should, therefore, aim at looking both at the
financial and non-financial aspects of the Institute operations and providing an assurance on
achievement of the vision and mission of the Institute as well as short/long term targets set by the
Ministry of Education (MoE).

Internal Audit would help the Institute in improving economy, efficiency, effectiveness
and transparency in Institute’s administration in general and financial administration in particular.
It will also help in maintaining a sound record keeping system with adequate checks and balances
to ensure a sound information system for decision making by the Executives.

1.4 Purpose of this Manual

This Internal Audit Manual is developed to guide/assist the internal audit wing of the
Institute to provide independent, objective, value-added and advisory services to the executive
authority in various wings/ schools/ sections of the Institute in order to improve the achievement
level. More specifically this manual is intended to provide internal audit wing with tools and
information for assessing risk in processes and activities, developing an appropriate internal
auditing work program and planning, performing and reporting on internal audit engagements.
This Manual is intended to:
i. Act as a handbook for internal auditors,
ii. Identify roles & responsibilities of members of the internal audit team,
iii. Shift the focus of internal audit from detection to solution,
iv. Introduce the annual plan and programme for post-audit through risk based assessment
v. Develop the concept of systematic sampling,

INTERNAL AUDIT MANUAL

 vi. Standardize conduct of audit and reporting mechanism to improve audit effectiveness.
1.5 Applicability
This manual is designed for the Internal Audit staff /Consultant (Internal Auditor) who are
primarily responsible for carrying out the internal audit function across different wings/ schools/
sections of the Institute.
Each of the wing/ section/ school is involved in different functions assigned to them and
hence the scope of operation of these wing/ section/ school differs from one to another on various
aspects. This manual contains guidance of a generic nature and outlines common procedures for
conduct of internal audit in these wings/ sections/ schools.
1.6 Amendments
The provisions of this Manual will be subject to amendment with the approval of FC/BOG
as per changing environment and future challenges.

The manual is intended for internal use in the Institute.

INTERNAL AUDIT MANUAL

 2. INTERNAL AUDIT APPROACH

2.1 Internal Audit Mechanism

Internal auditing is an independent, objective assurance and consulting activity designed
to add value and improve the operation of an organization. It helps an organization to accomplish
its objectives by bringing a systematic and disciplined approach to evaluate and improve the
effectiveness of risk management, control, and governance processes. Thus, Internal Audit and
Internal Controls are integral part of a sound financial management system. Following are the
prerequisites for functioning of Internal Audit.
(i) Independence
(ii) Accountability and transparency
(iii)Ethics
(iv) Quality assurance

Independence of Internal Audit is established by the organizational and reporting structure.

Objectivity is achieved by an appropriate mindset.
The internal audit activity evaluates risk exposures relating to the organization’s governance,
operations and information systems, in relation to:

● Efficiency and effectiveness of operations,

● Reliability and integrity of financial and operational information;
● Safeguarding of assets;
● Compliance with laws, regulations and contracts

Based on the result of the risk assessment, the internal auditors evaluate the adequacy and
effectiveness of how risks are identified and managed / mitigated in the above areas, The Internal
Auditors are expected to provide recommendations for improvement in those areas where
opportunities or deficiencies are identified. While management is responsible for internal controls,
the internal audit activity provides assurance to the management that internal controls are effective
and working as intended.

2.2 Position & Mission of Internal Audit

Internal Audit Team has to work as ‘PARTNERS’ with the wings/ sections/ schools to
strengthen financial management systems, build capacities of the audit/accounts personnel of the
Institute and to guide them in achieving their objectives /targets in a more efficient manner.
The services of internal auditor should be utilized by all levels of management in the
investigation of any special problem/function.

2.3 Duties and responsibilities of Internal Audit

The duties and responsibilities of an internal auditor are wide. It is difficult for an internal
auditor to ascertain the extent to which his appraisal should go and where his responsibility ceases

INTERNAL AUDIT MANUAL

while appraising a particular operation. A conscientious internal auditor with good imagination
and practical experience can render valuable service to the management.
With commitment to integrity and accountability, internal auditing provides value to
governing bodies and senior management as an objective source of independent advice. The
Internal Audit serves as a “THIRD EYE’ for the management to control and watch the efficiency
and working of various units under them.
Major duties and responsibilities of internal audit functionaries are summarized as below:

● Determining internal audit scope and developing annual audit plans.

● Study of accounting procedures, including maintenance of records in the institute
with a view to ensuring that they are correct, adequate and free from any defects
or lacunae;
● Reports risk management issues and internal controls deficiencies identified
directly to the Finance Committee through the Director and provides
recommendations for improving the organization’s operations,
● Provides support to the institute's anti-fraud programs;
● Watch over the implementation of the prescribed procedures and the instructions/
orders issued from time to time;
● Scrutiny and check of payments and accounting work of the accounting units;
● Investigation of important arrears in accounting and other connected records;
● Periodical review of all accounts including cash book, bank reconciliation
statement and store records as well as physical verification of stores;
● Conduct follow up audit to monitor management’s intervention.
● Pursuance/settlement of objections taken in test audit notes issued by statutory
audit offices and other matters relating to statutory audit;
● To examine and report on points or irregularities brought to its notice by the
statutory audit;
● To examine the contracts and agreements executed by the institute.

2.4 Role of Internal Audit Wing

The role of Internal Audit Wing of the Institute are as envisaged below:

2.4.1 System Strengthening

Internal audit should aim at strengthening of systems in the auditee. It includes review of
established systems like accounting procedures, procurement procedures, internal control
mechanisms and any other system operating in the auditee. Suitable recommendations shall be
given for strengthening of the existing system for better management of the office and achievement
of the set goals.

2.4.2 Financial Compliance

INTERNAL AUDIT MANUAL

 Internal Audit should focus on financial compliance while conducting different types of
audits as mentioned below:

(i) Transaction audit includes examination of all relevant vouchers of receipts and expenditure
as per the cashbook /Bank statement to establish the expenditure with reference to the
activities.
(ii) Compliance audit means examination of documents as to whether applicable Rules/
Regulations/ Instructions issued by the competent authority/ administrative Ministry/
Government of India have been duly complied with.
(iii)Pre-audit: means conducting audit prior to release of payment. This includes examining the
process of tendering and evaluation before issue of Purchase Order/ Work Order.
(iv) Financial review: includes examination of Income & Expenditure account, Balance Sheet
etc. of the Institute as per applicable Accounting Standards/ Guidelines before submission
to the Director for approval.
2.4.3 Capacity Building

Internal Audit shall also support in building capacities of the accounts staff and strengthen
financial management within the auditee. They should facilitate skill transfer by sharing of
knowledge on better accounting practices.

INTERNAL AUDIT MANUAL

 3. AUDIT OBJECTIVES, SCOPE AND METHODOLOGY

3.1 Objectives of Internal Audit

The internal audit would be conducted with the objectives to assess whether:

● Planning and budgetary mechanism is in place, adequate and effective;

● Funds were utilized in an economic, efficient and effective manner for the intended
purpose;
● Procurement was made in a transparent and fair manner and were effectively
utilized;
● Assets were created in economic, efficient and effective manner;
● Statutory provisions of law and administrative instructions such as applicable law,
rules and regulation various orders issued by the Institute have been duly complied
with;
● The system of internal control exists and is working effectively;

Annual accounts have been properly drawn up are complete in all respects and are prepared
with adequate disclosures, considered all known liabilities and depict a true and correct picture on
the finances of the Institute.

3.2 Criteria for Internal Audit

Audit criteria for conduct of internal audit will be the extent of compliance with the following
codal provisions/ documents:

● The IIIT Act 2014, and Statutes as amended from time to time;
● Decisions of the EC, FC and other statutory committees of the Institute and
guidelines/ office orders issued by the Institute from time to time;
● Rules framed and Instructions / Guidelines / Office Memorandum issued by the
MoE/ MoF/ DoPT/ DoP&PW as are applicable to the Institute;
● General Financial Rules 2017, DFPR 1978, CVC guidelines, CGA Receipt and
Payment Rules 1983 and Manual for Procurement of Goods/ works/ consultancy
and other services, CPWD manual prescribed by the Government of India as
amended from time to time;
● Conditions mentioned in the Grants-in-Aid sanction order and financing
agreements;
● Memorandum of Understandings /Agreements, contracts executed by the Institute
with other organizations, Consultants, agencies and contractors,
● Income Tax Act, Goods and Services Tax Rules/ orders and other statutory Acts
and Rules.

INTERNAL AUDIT MANUAL

3.3 Scope of Internal Audit

The scope of internal auditing within an organization is broad and may involve topics such as
the efficiency of operations, the reliability of financial reporting, deterring and investigating fraud,
safeguarding assets, and compliance with laws and regulations.
Internal auditing frequently involves measuring compliance with the entity's policies and
procedures. However, internal auditors are not responsible for the execution of Institute activities;
they advise management and the Internal Audit enjoys reasonable freedom in the discharge of its
functions.

The appraisal of past transactions and happening probing into deviation from established
policies and procedures, detection and prevention of errors and frauds, proper utilization of assets
or safeguarding them and assessing the effective control in operations, to preserve the entire
organization against wasteful operations are included in the protective functions of the internal
audit.

The broad scope of internal audit activity would be:

● Planning and execution of Annual Audit Programme

● Assessment of Internal Controls within the Institute
● Risk Assessment and Sampling to narrow down areas of focus
● Tracking audit objections and monitoring compliance
● Pre-auditing of procurement activities with special reference to economy,
efficiency and effectiveness
● Ensure/Suggest adequate Capacity Building measures to the Accounts and other
staff
● Strengthening of Financial Management System

3.4 Audit Methodology of the Internal Audit

Audit methodology would include

● Pre-audit of all purchase proposals, payment proposals, arrear payments, pay

fixation and any other cases referred by the Registrar/ Director through
examination of concerned files/ documents;
● Any audit advice sought by the schools/section/wing on examination of concerned
Act/ Rule/ instructions /guidelines issued by the Government of India and by the
Institute
● Post audit of the schools/ department/section concerned with prior intimation and
examination of accounts and other all records maintained therein including log
books of equipment/ vehicles/ telephone, budget control register, stock registers,

INTERNAL AUDIT MANUAL

 annual physical inspection reports, bio-metric attendance, student attendance
sheets, adjunct faculty attendance sheets, leave records, etc.
● Verification of physical verification report of fixed assets.
● Collection and analysis of information / data (including electronic data) at Internal
Audit Cell centrally;
● All records requisitioned by the Internal audit team must be produced as quickly
as possible and should not be denied without explicit permission of the Director
Any other cases of non-production of records would also be brought to the notice
of the Director by the Internal Auditor and would be mentioned in the Annual
Internal Audit Report as a separate paragraph;
● Internal Auditor would follow all ethical standards and confidentially, as
prescribed in this Manual.

3.5 Goal of Internal Audit

Goal of Internal audit is to

● Facilitate reduction of statutory audit observations by

(i) Identifying system weakness and bottlenecks in implementation of the
plans/programmes;
(ii) Recommending suggestions to improve the system; and
(iii)Monitoring the compliance on recommendations.
● Facilitate settlement of statutory audit observations / paras raised by the C&AG
and others.

3.6 Frequency of Internal Audit

The Internal audit is proposed to be a concurrent audit of all proposals, files for approval
and bills for payment. Hence, all the sections submitting any proposals for approval are required
to send the relevant files for verification and scrutiny for obtaining the concurrence of audit before
approval by Registrar and Director. Similarly, all payments need to be concurred by the audit
before approval of the payment by Registrar

INTERNAL AUDIT MANUAL

 4. INTERNAL AUDIT STRUCTURE
4.1 Organizational set up
The organizational set up of internal audit wing in the Institute is to be as under:

DIRECTOR

REGISTRAR

INTERNAL Assistant
AUDIT Registrar
OFFICER (Accounts)
Audit section / Other audit staff

Note: - Internal Audit Wing will function under the direct control of the Director. The Internal
Audit Officer would report to the Director through the Registrar.

INTERNAL AUDIT MANUAL

 5. PROFESSIONAL STANDARDS OF INTERNAL AUDITOR

5.1 Professional Standards

Professional Standards prescribe the norms, principles and practices, which the Internal
Auditors shall adhere to during the course of audit. These standards shall act as a guide to internal
auditors and overall audit function, thereby ensuring efficiency in operations and professional
conduct.

The Auditors are expected to maintain the following professional standards:

I. Objectivity: Auditors should acknowledge and incorporate all information received from
the Auditee without withholding any information which may distort the reporting of
activities under review. Auditors shall be fair in reporting and any improper activities and
transactions noticed should be reported without fear or favour.
II. Competency: They should possess thorough knowledge of the audit process, applicable
rules and orders and objectives of the audit. They should continually engage in improving
their proficiency in audit procedures and techniques by attending training sessions, reading
rules, manuals and instructions issued by the Institute/ Government of India from time to
time.
III. Confidentiality: Auditors should not disclose the information acquired during audit to any
person unless there is a legal or professional obligation to do so. They should not use the
information for any personal gain or in any other manner, which is detrimental to the
Institute.
IV. Integrity: Auditors should comply with ethical principles and code of conduct governing
the auditor’s professional behavior and responsibilities, which include; Integrity,
Objectivity and fairness, Confidentiality and Technical Standards.

5.2 Audit Quality Evaluation

CAG of India reviews the quality, adequacy and effectiveness of the Internal Audit available in
the Institute and comment on the same in its Separate Audit Report each year. Such evaluation is
to be considered by the Institute and effective step may be taken on its recommendations.

INTERNAL AUDIT MANUAL

 6. AUDIT PLANNING

This section deals with steps involved in selection of auditee units annually for the purpose of
audit and planning the annual audit programme (other than those covered under pre-audit). The
Institute may not have resources to audit all the transactions of all units/schools/ wings/ sections
during the course of one year; hence, Head of the Internal Audit shall select audit units for audit
in each year on the basis of a systematic framework of risk assessment.

6.1 Annual Audit Planning through Risk Assessment

The record of all the Wings/ Schools/Units/Sections is required to be checked by the internal
audit wing every year. Since, it is not possible to audit all transactions / records of units/schools/
wings/ sections every year hence a scientific method should be in place to select units/schools/
wings/ sections and specific areas within those, cautiously for the purpose of audit. Since the
objective of conducting internal audit is to ensure effective conduct of activities and achievement
of desired goal by the Institute, hence offices (units/schools/ wings/ sections) shall be selected on
the basis of degree of risk parameters.
The Head of the Internal Audit is responsible for selection of offices for audit and to prepare
an Annual Internal Audit Plan for the Institute for each financial year considering the norm and
frequency prescribed.

6.2 Annual Internal Audit plan

Annual Internal Audit Plan would be prepared indicating the units selected for audit during the
year and duration of audit. Same will be put up to the Director, well before the end of the preceding
financial year.
In-addition, existing system of pre-audit would continue to be conducted on concurrent basis
preferably by the Head of Internal Audit Wing.

6.3 Communication of Audit Programme

The Head of the Internal Audit will communicate the programme of audit to the concerned
Unit head well in advance preferably before 15 days indicating name of the Internal Auditor, period
of accounts to be audited, date of commencement of audit and number of working days allotted
for completion of audit. This can be sent by e-mail. A copy of this communication will be marked
to the Auditor to take up and complete the audit within the stipulated time. In view of time limit
fixed, the Unit head will be requested to extend their cooperation for completion of audit in due
time. Before commencing audit, the internal auditors need to list the activities to be taken up during
the course of audit.

6.4 Coordination with the Head of Auditee

Audit Team Head /In-Charge shall seek cooperation of the Head of School (HoS) / Asst
Registrars, Professor-in-Charge, Warden, President, Gymkhana and other office personnel

INTERNAL AUDIT MANUAL

responsible for maintaining accounts / records for smooth conduct of audit. For that purpose, an
Open-meeting / Introductory meeting may be conducted with Head of Office and other staff, on
the date of commencement of audit.

7. INITIATING AN AUDIT

It is the responsibility of Internal auditor to take necessary steps to initiate the audit as planned
in annual audit plan/ Quarterly programme. Before proceeding to conduct the audit they shall
ensure that below mentioned steps are taken.

7.1 Planning Individual Audits

While planning individual audits, due considerations should be given to the information available
in previous audit files of the auditee. In case of first audit, sufficient time should be given to the
audit team to gain knowledge on the working of the Wing/ unit/school. Preliminary planning
involves:
● Gaining an understanding of the Auditee functions: Auditor should have fairly good
knowledge of the organization and its operations. This includes understanding the rationale
behind establishing the school/unit, structure of the school/unit and functions of the said
school, wing, unit. Primary source of information about the unit can be obtained through
Previous Internal Audit Report, CAG’s Inspection Report, Budget/Revised Estimate,
Actual Expenditure, nature of expenditure, working environment, internal control
mechanism, management information system etc.;
● Understanding Controls: The Auditor, in determining the extent and scope of the audit,
should study and evaluate the reliability of internal controls in place in the unit. After
gaining understanding of the organization/wing, auditor should identify key control areas
in the wing/ school/section. IAO may examine and evaluate the existence and operation of
control systems specified in the various codes, manuals and government orders relating to
the accounting and other procedures.
● Analyzing the earlier audit reports: Analysis of the earlier audit reports are needed to verify
the wing/schools’ compliance on the recommendations of the internal audit. Following
issues needs to be verified to understand the environment:
(i) Errors corrected at the instance of audit,
(ii) Remedial recourse or penal actions taken on the recommendation of the audit,
(iii)Improvements in internal control systems in response to auditor’s recommendations
● Identifying legal compliances to be made: Auditor should acquaint himself with the
applicable legal provisions like adherence to Acts, Rules, Codes and various government
orders;
● Sharing and finalizing the areas of the audit in discussion with the Auditee: Based on the
understanding of Auditee functions and environment, detailed scope of audit will be
finalized;
● Providing an overview of the audit process to the Auditee: Once the areas of Audit are
finalized, the Auditor shall provide an overview of the audit process to be carried out.

INTERNAL AUDIT MANUAL

 Requirements, support or any other information or disclosures required from the auditee
may be obtained.
7.2 Assessment of Internal Controls

Internal control mechanism is an integral process operated by an organization, designed to

address risks and to provide a reasonable assurance in pursuit of organization’s mission. Following
general objectives are achieved by the process of Internal Control:
● Execution of orderly, ethical, economical, efficient and effective operations;
● Fulfilling of accountability obligations;
● Compliance with applicable laws and regulations;
● Safeguarding resources against loss, misuse and damage.

Auditors shall do an assessment of Internal Controls to ensure that an adequate internal control
framework is in existence and operating as designed by the Institute and errors, if any, to be located
with the operation of established internal controls. Internal Control Assessment will help Auditors
to know the following:

● Reliability of records and registers maintained by the auditee unit;

● The extent and the depth of the examination that needs to be carried out in the different
areas of accounting;
● What are the areas where controls are weak and where it is unnecessarily excessive;
● Whether suggestions can be given to improve the control systems.
● Whether the internal controls are sufficient
● Whether the internal controls are followed

7.2.1 Category of controls

Generally, there are two category of internal controls such as:

(i) Preventive Control: This type of internal control would prevent a risk from occurring. For
example:

a) All transactions and events are initiated on proper authorizations and approvals.
b) Segregation of functions/ duties among the official as far as practicable to prevent
risk.
c) Control over access to resources and records to prevent unauthorized or improper
use of resources.

(ii) Detective Control: Detective controls are measures that would point to any loss/ misdeeds/
misappropriation that is taking place in the organization. Any kind of reconciliation (bank
reconciliation), analytical reviews, post audit, etc. would fall under this category as they
help to detect if something had gone wrong. Some examples of such control activities are:

INTERNAL AUDIT MANUAL

 a) Verifications: Transactions or events are verified to ensure correctness and validity.
Personal records / service books etc. are periodically verified to ensure their
correctness.

b) Reconciliations: This is one of the most commonly used and effective control measure.
Reconciliation of one set of records with another are made to ascertain correctness of
the transactions or facts.

7.2.2 Tests of Internal Controls

Through audit procedures the effectiveness of the Auditee’s internal control systems is
assessed. The Auditors should make a list of internal controls which are in operation in the Auditee.
Then Auditors shall perform tests of controls to assess the existence and adequacy of internal
controls. However, the Auditor may not be required to test all the internal controls, he may select
some sample controls based on the results of the risk assessment and professional judgment.
The Auditors may initially check the controls by conducting a compliance testing that is,
testing to assess compliance with the internal control. Substantive testing is required to obtain
evidence to ensure the completeness, accuracy and validity of the data produced by the accounting
system.
The Internal Auditor after assessing controls shall give his recommendation (in Internal Audit
Report) on the operation of the internal controls, whether operation of internal controls is
satisfactory or needs improvement or is not in existence.

8. AUDIT EXECUTION/CONDUCT OF AUDIT

While conducting audit (other than pre-audit), Internal Auditors are required to visit various
units, schools, wings and sections. Further, field audit involves verification of accounts, relevant
records and compliance to rules, codes and various orders; however, the responsibility of the
Auditor is not limited to verification of accounts and procedures but also to give recommendations
to improve the financial management system of the auditee.
Any discrepancies noticed while conducting audit or non-production of any record or non-
cooperation by any Head of Unit/ Officer-In Charge shall be brought to the notice of the Unit Head
by way of issue of Internal Audit Observation Memos. In case there is non-compliance even after
intervention of the Unit Head, the matter may be reported to the office of the Director and then
included in the Internal Audit Report.
Whenever any loss of money or stores is detected by means of any mis-appropriation or fraud,
the fact shall be reported promptly through an Interim Report to the Finance Officer/ Director who
shall consider the gravity of the case and take appropriate actions.

INTERNAL AUDIT MANUAL

 Auditors are expected to continuously update themselves with the various instructions and
other guidelines issued by the Institute/MoE/ Government of India from time to time concerning
audit.

8.1 Audit of Receipts

The receipts of the Institute mainly consist of government grant as well as revenue derived
from fees, fines, penalties, rents of Institute’s buildings and lands, receipts of loans, advances and
deposits, interest or any other receipts.
During audit of receipts, the principal aim is to ascertain that adequate regulations and
procedures have been framed to secure an effective check on the assessment, and collection and
to see that such regulations and procedure are being followed. The Auditor shall also ascertain the
adequacy of compliance with regulations and procedures for effective receipt, remittance,
reconciliation and accounting of receipts.
Audit shall also be diligent in detection of irregularities, leakage or loss, fraudulent and forged
receipts, other types of omissions or commissions in the process of levy and collection of taxes,
fees, fines etc.
Auditor shall carefully verify any dues of the Institute left outstanding and suggest to the
Appropriate authorities for effecting the recovery.

8.2 Audit of Payments

Payments made by the Institute are normally classified as revenue and capital expenditure,
payment of loans and advances etc.
As major sources of finance of the Institute is Government grants, it is necessary to comply
with the provisions of GFR and other instructions issued by Ministries/ Departments of the
Government of India and the Administrative Ministry (MoE).

The procedure for incurring expenditure from the Government grant required:

● Provision - Competent authority should make provision of funds and fix limits for incurring
expenditure;
● Sanction – There should exist appropriate administrative and expenditure sanction
accorded by a competent authority, authorizing the expenditure;
● Propriety – Expenditure should be incurred with due regard to cannons of financial
propriety

Auditors should verify the above mentioned procedures apart from verifying accounting aspect of
expenditure while auditing.
Audit of expenditure should not merely be confined to see that the expenditure is covered by a
sanction; but should also verify that the authority according the financial sanction is empowered
to do so by virtue of powers vested in it by the constitution, laws and rules governing the Institute
(in Act and Statutes) or by delegation.

INTERNAL AUDIT MANUAL

Auditors shall verify the payments made by the Auditee with reference to the following
documents:
● The office copies of the paid vouchers / journal vouchers;
● Copies of e-cheques/ online payments print outs.
● Copies of bank scrolls /statements;
● Supporting bills, receipts and Approvals;
● Stock entries in respect of procurement of goods;
● Installation reports.
● Performance reports in respect of procurement of services.
● Muster rolls, proof of remittance of the statutory payments by contractor.
● Payment with reference to purchase order/ work order.

While checking each payment, Internal Auditors shall also check the mode of the payments.
Whether cash transaction has been stopped and digital payments are ensured in all cases is also to
be examined and deviation, if any is to be reported.

8.3 Audit of Grants-in-Aid

The main aim of audit of grants-in-aid is to ensure that (i) the amounts sanctioned as grants by
GoI/ MoE has been utilized for the purposes for which those are sanctioned, (ii) they are not mis-
utilized and (iii) standards of financial propriety are maintained in expending of those resources.
Audit can be applied to the original grant itself or to the expenditure which is subsequently incurred
out of the grant. Audit of the grant shall be conducted according to the general principles/rules laid
down for the expenditure as indicated in preceding paragraph.

Following documents and registers are to be verified during the audit of grants in-aid:

● Order sanctioning the grants,

● Register of grants,
● Bank statement and receipt entry in electronic cash book/bank book,
● Ledger indicating utilization of grants (budget head wise-separate for revenue and capital)
● Utilization certificates (UCs).
● In respect of R&D projects, the Auditor should verify the following aspects while auditing
grants-in-aid released by different departments of Government of India (GoI):
i. The nature of grant should be verified from Grants-in-aid sanction orders specifying
normal grants or special purpose grants. If it is of special in nature, then auditor
must see that the circumstance under which grant was sanctioned continues to exist
and the expenditure was made for the said purpose only.
ii. Whether proposals for grants–in– aid are prepared with proper estimations.
iii. Whether grant has been utilized for the intended purpose (separately for equipment
and recurring expenses).
iv. Whether project accounts are maintained, reconciled and properly closed.
v. Whether excess expenditure if any incurred has been recovered.

INTERNAL AUDIT MANUAL

 vi. Ascertain the achievement of overall objectives of the project for which grants-in-
aid are sanctioned and there is no wasteful expenditure.
vii. Whether utilization certificates (UCs) furnished for all the sanctioned grants.
viii. Ascertain whether any unused portion of grants were refunded after completion of
the project or not.
ix. Ascertain whether grant-in-aid is transferred and utilized for any other purposes,
without prior sanction of the competent authority.
x. Ascertain whether institute overhead in R&D, consultancy projects were duly
deposited in Institute Corpus Fund and all statutory dues have been duly deposited
with appropriate authorities in time.

8.4 Audit of Public Works

The Public Works includes buildings, roads, structures, their construction, maintenance and
repairs, etc. In audit of Works expenditure, Auditor shall examine whether the expenditure has
been incurred as per the procedure prescribed under the Central Public Works Accounts Code,
MOU/ Contract agreement. As in this Institute, execution of major capital works has been
entrusted to Central Public Works Department (CPWD), the UCs and statement of accounts
furnished by the CPWD and certified by the estate section of the Institute is to be examined.
In respect of repair or maintenance work, construction of temporary structure for convocation/
meetings etc., following routine audit checks would be applied by the internal auditor depending
on the nature and volume of such transaction:

● Whether administrative approvals, expenditure sanction and technical sanctions have been
accorded by the competent authority and provision of funds have been made.
● The procedures of calling for tenders and allotment of the work is to be examined to verify
transparency in the system.
● Whether the rate paid for the work done are as per the rates allowed in the contract
agreement.
● Scrutiny of Measurement books in respect of work done with value as per contract.
● Recoveries like Security deposit, liquidated damage etc. from the contractors are made at
the correct rates.
● Advances given to CPWD are as per proper sanctions and are adjusted timely.
● Whether final payment is made on obtaining completion report of work or not.
● Fixation and timely collection of rent on buildings to be reviewed and any undue delays
should be reported.
● In the absence of contract agreements, the manner of release of payments and rates thereon
needs to examined with reference to the schedule of rates prevalent.
● Whether payments in excess or in contravention of the terms of the contract causing undue
financial aid to the contractor have been made.
● Cases involving financial loses to the Institute and undue financial aid to the contractors
are to be specially examined.
● Payments for deviations in the work made with due approval and rate of payment whether
correct or not.

INTERNAL AUDIT MANUAL

 ● Quality control tests of materials, plain/ reinforced cement concrete etc. whether conducted
conforming to relevant Indian Standards.
● Penalty levied if any for non-completion of work in time as per agreement.
● Extension of time and extra payments for that if any whether, as per rules.

8.5 Audit of Procurements (Goods and Services)

Procurement Audit also termed as pre-audit and conducted for purchase of both goods and
services.

8.5.1 Scope of Procurement Review (Pre-audit of purchases)

In Procurement review, Internal Auditors shall assess whether:

The contract terms and conditions for procurement of goods and services were comprehensively
drawn up, and was unambiguous, free from uncertainties, indefinite liability, misinterpretation and
serve to protect interest of the Institute;
● The tender documents are comprehensively prepared, adequately addressed the interest of
the Institute and ensured evaluation of bids on equitable and fair basis in a transparent
manner;
● Equal opportunity has been given to all bidders;
● The system is tamper proof while receiving tenders;
● The system ensures complete transparency in Opening of Tenders;
● The procurements are of specified quality and are made at competitive rates;
● Rates finalized are reasonable and were arrived after due justification based on earlier
Purchase Orders or Manufacturers price list;
● Quantities purchased are not in excess of requirement (more than indented quantity) so as
to avoid wasteful expenditure;
● Advance payments made if any, were un-avoidable and was done with suitable safeguards
to fully protect interest of the Institute;
● Adequate measures were taken to avoid loss to Institute in the event of non- performance
by the supplier (performance guarantee whether provided or not in the contract);
● Priority was accorded to post contract follow up so as to avoid time and cost over runs, loss
to Govt. and/ or un due benefit to suppliers;
● Provisions of GFR 2017, Manual of procurement of Goods 2017 and Purchase Manual of
the Institute (if available) were duly complied with.

8.5.2 Verification of Stores and stock, library books

The Auditee is required to carry out annual physical verification of stores and stock as well as
library books as per Rule 213 and 215 of GFR 2017 and record certificate of such verifications in
the stock register. If no physical verification of stock is done at all, the Auditor shall undertake
random verification of stock to ascertain the actual position of stock in few cases.

INTERNAL AUDIT MANUAL

 The Auditor is to ascertain that the regulations / guidelines prescribed by the Institute,
provisions of GFR 2017 governing purchase, receipt and issue, custody, condemnation, sale and
stock-taking of stores are properly carried out. He/she should bring to the notice of Institute any
important deficiencies noticed during verification of stores or any grave defects in the system of
control.

During Audit of physical verification report Auditors shall test check the physical stock
position with reference to stock balance of the stock register.

8.6 Audit of draft annual accounts

Internal audit will examine the draft annual accounts prepared by Finance & Accounts Section
before its submission to the Independent Auditor and the Director. Compliance with the applicable
Accounting Standards and guidelines (format of accounts) issued by the MoE would also be
examined. Deficiencies / omissions noticed would be rectified with proper documentation before
submission to Independent Auditor.

8.7 Audit Working papers

Working Papers shall be kept in audit file for future reference and verification. Working papers
shall not be attached to the report, but shall stand as proof that required due diligence was exercised
before reporting any Audit observation. The Audit file may however, contain a list of Working
papers referred / prepared to during the course of Audit. Generally working papers consists of;

● Audit plan
● Audit Schedule
● Previous Internal audit reports
● Outstanding CAG audit paragraphs
● The financial statements of the Auditee
● Physical verification reports of cash/stock and store etc.
● Bank reconciliation statements
● Data relating to budget provision and actual expenditure for the period of audit
● Analysis of performance of specific projects both physical and financial
● Audit evidences relating to key audit findings
● Internal Audit Observation Memos and compliance received from the Auditee and
● Draft Internal Audit Report

INTERNAL AUDIT MANUAL

 9. REPORTING OF INTERNAL AUDIT FINDING

The audit is treated as concluded once all the audit procedures and checks are completed.
The Auditor shall finally review the working papers to see that the audit has been conducted
according to plan and it has achieved its objectives. He should make note of any audit procedures
that could not be completed due to non-production of records by the auditee unit or due to lack of
time.

9.1 Internal Audit Observation Memo

After audit of each unit, Internal Audit Observation Memo (IAOM) showing the observations
of audit along with action taken on previous year’s observations, if any, is to be issued to the unit
head for compliance. No objection shall be booked or reflected in draft internal audit report without
issue of an Internal Audit Observation Memo.

9.2 Compliance to IAOMs

The IAOMs issued by auditors shall be complied by the Unit heads promptly. Compliance/
Replies to the IAOMs should be furnished by the unit heads within 15 days of the date of receipt
and IAOMs in original returned to the Internal Auditor under the signature of the head of the
school/ unit. Wherever satisfactory compliances would be received, same would not be included
in the final Internal Audit Report.

In case the reply of the officer is found to be satisfactory, the objection need not be incorporated
in the Internal Audit Report (IAIR). The original audit memos with reply thereon shall be appended
with the Audit Inspection Report for reference. The Auditor shall mark dropped with red ink on
the memo with date and signature. IAIR would be issued, whenever considered necessary,
considering the nature and gravity of audit finding.

If IAOM is not returned within stipulated time or returned with unsatisfactory replies, the Auditor
shall incorporate the objection in the Internal Audit report without waiting for an indefinite period
for the reply. The duplicate copy of the memo shall be attached with the Report / documented in
the file to substantiate the Audit views.

9.3 Annual Internal Audit Report

At the end of the financial year, considering the compliances furnished and action taken on
audit observations raised, Internal Audit Wing would prepare an INTERNAL AUDIT REPORT,
which it would place before the Director, with recommendations for improvement, if any.
Paragraphs of IAIR and Annual IAR would be pursued with the auditee, till final settlement.

INTERNAL AUDIT MANUAL

9.4 Qualities of a good report

The Auditors should exercise due professional care to ensure that the internal audit report, inter
alia, is:
● Clear and not ambiguous
● Factual – presents all significant matters with disclosure of material facts
● Specific
● Concise
● Timely and
● Complies with generally accepted audit procedures

9.5 Content of the Internal Audit Report (IAR)

The content of the IAR would be as under:

Introduction: Period covered under Audit, units covered, duration of audit, name of the Unit heads
(with period), scope and objective are to be mentioned.
Audit Observations and Recommendations: Audit criteria (what should be done), fact (what has
been done), deviation, impact and recommendation Auditors on each audit observation shall be
detailed out. This Section shall further be divided into three parts viz internal control review, major
irregularities and minor irregularities.
A. Internal Controls Review: Internal Controls assessment results i.e. adequacy and
effectiveness of the existing internal controls shall be mentioned in this section, with
recommendations for improvement, wherever found necessary.
B. Major Irregularities: All major irregularities noticed during the course of audit shall be
mentioned separately in this section. The Auditors shall also report consequences for non-
compliance of the same. Reference evidence and memos shall be attached as annexure.
Some examples of major irregularities are mentioned below:
● Fraudulent withdrawal from bank accounts / double payments
● Bogus payment and non-payment to beneficiaries
● Misappropriation of cash and stocks
● Any excess payments /excess or extra liability
● Irregularities in procurement involving excess or irregular payments or extra liability
● Loss in revenue and fee realization
● Irregularities in revenue and fee collections and utilizations
● Any un-authorized expenditure
● Statutory violations involving Income tax/ GST (non/ short collection, non/short
remittances, delayed remittances including penalties etc.

C. Other Irregularities: Here Auditor shall report the observations on irregularities noticed
while conducting audit. On each item of verification as mentioned below, separate
observations will be given on irregularities.
● Physical Verification of assets, Stock and other items
● Receipts

INTERNAL AUDIT MANUAL

 ● Payments
● Contingencies
● Grants-in Aid
● Execution of works
● Contracts
● Stores
● Procurements
● Reconciliations
● Utilization Certificate Review
● Budget and Actual Review

D. Recommendations: In this section, Auditor shall provide the necessary recommendations

for remedial action for the lapses noticed during the audit. The Auditor shall provide the
list of the areas needing improvement and recommendations for implementation along with
a proposed time line.

9.6 Monitoring the quality of Internal Audit Reports

The management of the Institute shall check the adequacy and efficiency of the Internal audit on
review of following documents:

● Internal Audit Plan

● Basic Principles Governing Internal Audit.
● Internal Audit Documentation
● Internal Audit Evidence.
● Consideration of Fraud in an Internal Audit.
● Internal Control Evaluation.
● Communication with audited units
● Reporting Standard

INTERNAL AUDIT MANUAL

 10. FOLLOW UP IN INTERNAL AUDIT

10.1 Follow up to Internal Audit Observation Memos

The internal audit wing will regularly pursue the Internal Audit Observation Memos issued to
each unit/ wing/ school/section till the necessary action is taken there against and the observation
of internal audit is settled with the approval of the competent authority.

10.2 Follow up to paragraphs of Internal Audit Reports

Internal Audit will regularly pursue the paragraphs included in both the Internal Audit
Inspection Report and Annual Internal Audit Report till final settlement.

10.3 Coordination with External Audit /Statutory Audit

The Internal audit wing will also coordinate with the CAG Audit and would monitor
production of records and information requisitioned by CAG auditors and in examining and
finalizing compliances furnished by different wings/ sections/ schools to the observations issued
by CAG Auditors. These compliances will be submitted to Internal Audit with the approval of the
Competent Authority. The Internal Auditor would act as the nodal officer of the Institute to
coordinate with the CAG Audit.

10.4 Follow up action on CAG Audit observations

Internal audit will regularly pursue the paragraphs /observations contained in inspection reports
of CAG with concerned unit/ wing/ department till necessary action is taken there against and
necessary compliance report is submitted to CAG Audit with the approval of the competent
authority. These matters would be pursued with concerned sections/ departments, till the
observation of CAG audit paragraphs are finally settled.

The status of unsettled paragraphs of CAG Audit as well as internal Audit will be placed before
the Finance Committee (FC) / BOG every year.

INTERNAL AUDIT MANUAL