CA FINAL

PAPER 3
ADVANCED AUDITING,
ASSURANCE & PROFESSIONAL ETHICS

MODULE - 2

Author: Mahamood Shaik

ACA, CMA,ISA
(AIR -7 & AIR -17)

Contact me:
Mobile: +91 9398068045
Email: fingainsacademy@[Link]
 INDEX

CHAPTER NAME PAGE NO

13. SPECIALISED AREAS 13.1 – 13.15
14. RELATED SERVICES 14.1 – 14.9
15. REVIEW OF FINANCIAL INFORMATION 15.1 – 15.28
16. PROSPECTIVE FINANCIAL INFORMATION AND OTHER ASSURANCE 16.1 – 16.19
SERVICES
17. DIGITAL AUDITING AND ASSURANCE 17.1 – 17.27
18. GROUP AUDIT 18.1 – 18.13
19. INTERNAL AUDIT 19.1 – 19.13
20. DUE DILIGENCE, INVESTIGATION & FORENSIC ACCOUNTING 20.1 – 20.49
21. SUSTAINABLE DEVELOPMENT GOALS(SDG) & ENVIRONMENT, 21.1 – 21.17
SOCIAL AND GOVERNANCE (ESG) ASSURANCE
 13. SPECIALISED AREAS
There are three separate SAs dealing with the specialised areas as under:

• SA 800 deals with special considerations applicable in respect of the audit of financial
statements prepared in accordance with the special purpose framework.
• SA 805 deals with special considerations applicable to an audit of a single financial statement or
of a specific element, account or item of a financial statement.
• SA 810 deals with responsibilities of an auditor when undertaking an engagement to report on
summary financial statements derived from financial statements audited in accordance with SAs
by that same auditor.

SA 800 - SPECIAL CONSIDERATIONS - AUDITS OF FINANCIAL STATEMENTS PREPARED IN

ACCORDANCE WITH SPECIAL PURPOSE FRAMEWORKS

A. SPECIAL PURPOSE FRAMEWORK:

1. SA 800 defines special purpose framework as a financial reporting framework designed to
meet the financial information needs of specific users.
2. The financial reporting framework may be a fair presentation framework or a compliance
framework.
3. The requirements of the applicable financial reporting framework determine the form and
content of the financial statements and what constitutes a complete set of financial
statements.
4. Examples of Special purpose frameworks are: -
a. The cash receipts and disbursements basis of accounting for cash flow information that
an entity may be requested to prepare for creditors.
b. The financial reporting provisions established by a regulator to meet the requirements
of that regulator.
c. The financial reporting provisions of a contract, such as a bond indenture, a loan
agreement, or a project grant.

B. CONSIDERATIONS WHEN ACCEPTING SUCH ENGAGEMENT:

1. In the case of special purpose financial statements, the financial information needs of the
intended users are a key factor in determining the acceptability of the financial reporting
framework applied in the preparation of the financial statements.
2. Financial reporting standards established by an organisation:
a. The applicable financial reporting framework may encompass the financial reporting
standards established by an organisation that is authorised or recognised to promulgate
standards for special purpose financial statements.
b. In that case, those standards will be presumed acceptable for that purpose if the
organisation follows an established and transparent process involving deliberation and
consideration of the views of relevant stakeholders.
3. Financial reporting framework prescribed by law or regulation:

Specialised Areas 13.1

 a. Some laws or regulations may prescribe the financial reporting framework to be used by
management in the preparation of special purpose financial statements for a certain
type of entity.
For example, a regulator may establish financial reporting provisions to meet the
requirements of that regulator. In the absence of indications to the contrary, such a
financial reporting framework is presumed acceptable for special purpose financial
statements prepared by such an entity.
b. Where the financial reporting standards referred to above are supplemented by
legislative or regulatory requirements, SA 210 requires the auditor to determine whether
any conflicts between the financial reporting standards and the additional requirements
exist and prescribes actions to be taken by the auditor if such conflicts exist.
4. Financial reporting framework prescribed by contact:
a. The applicable financial reporting framework may encompass the financial reporting
provisions of a contract or sources other than those described in the preceding paras.
b. In that case, the acceptability of the financial reporting framework in the circumstances
of the engagement is determined by considering whether the framework exhibits
attributes normally exhibited by acceptable financial reporting frameworks in
accordance with the requirements of SA 210.
c. In the case of a special purpose framework, the relative importance to a particular
engagement of each of the attributes normally exhibited by acceptable financial
reporting frameworks is a matter of professional judgment.

C. CONSIDERATIONS WHEN PLANNING AND PERFORMING SUCH AUDIT:

1. SA 200 requires the auditor to comply with
a. relevant ethical requirements, including those pertaining to independence, relating to
financial statement audit engagements, and
b. all SAs relevant to the audit.
2. It also requires the auditor to comply with each requirement of an SA unless, in the
circumstances of the audit, the entire SA is not relevant or the requirement is not relevant
because it is conditional and the condition does not exist.
3. In exceptional circumstances, the auditor may judge it necessary to depart from a relevant
requirement in an SA by performing alternative audit procedures to achieve the aim of that
requirement.
4. Application of some of the requirements of the SAs in an audit of special purpose financial
statements may require special consideration by the auditor.
For example, in SA 320, judgments about matters that are material to users of the financial
statements are based on a consideration of the common financial information needs of users
as a group. In the case of an audit of special purpose financial statements, however, those
judgments are based on a consideration of the financial information needs of the intended
users.
5. In the case of special purpose financial statements, such as those prepared in accordance
with the requirements of a contract, management may agree with the intended users on a

Specialised Areas 13.2

 threshold below which misstatements identified during the audit will not be corrected or
otherwise adjusted.
6. The existence of such a threshold does not relieve the auditor from the requirement to
determine materiality in accordance with SA 320 for purposes of planning and performing
the audit of the special purpose financial statements.
7. SA 260 requires the auditor to determine the appropriate person(s) within the entity’s
governance structure with whom to communicate.
8. SA 260 notes that, in some cases, all of those charged governance are involved in managing
the entity, and the application of the communication requirements is modified to recognize
this position.
9. When a complete set of general purpose financial statements is also prepared by the entity,
those person(s) responsible for the oversight of the preparation of the special purpose
financial statements may not be the same as those charged with governance responsible for
the oversight of the preparation of those general purpose financial statements.
10. Forming an opinion and reporting considerations in such an audit : When forming an
opinion and reporting on special purpose financial statements, the auditor shall apply the
requirements in Revised SA 700.

D. DESCRIPTION OF THE APPLICABLE FINANCIAL REPORTING FRAMEWORK:

1. Revised SA 700 requires the auditor to evaluate whether the financial statements
adequately refer to or describe the applicable financial reporting framework.
2. In the case of financial statements prepared in accordance with the provisions of a contract,
the auditor shall evaluate whether the financial statements adequately describe any
significant interpretations of the contract on which the financial statements are based.
3. Revised SA 700 deals with the form and content of the auditor’s report. In the case of an
auditor’s report on special purpose financial statements: -
a. The auditor’s report shall also describe the purpose for which the financial statements
are prepared and, if necessary, the intended users, or refer to a note in the special
purpose financial statements that contain that information; and
b. If management has a choice of financial reporting frameworks in the preparation of such
financial statements, the explanation of management’s responsibility for the financial
statements shall also make reference to its responsibility for determining that the
applicable financial reporting framework is acceptable in the circumstances.

E. ALERTING READERS THAT THE FINANCIAL STATEMENTS ARE PREPARED IN ACCORDANCE WITH
A SPECIAL PURPOSE FRAMEWORK:
1. The special purpose financial statements may be used for purposes other than those for
which they were intended.
For example, a regulator may require certain entities to place the special purpose financial
statements on public record.
2. To avoid misunderstandings, the auditor alerts users of the auditor’s report that the financial
statements are prepared in accordance with a special purpose framework and, therefore,
may not be suitable for another purpose.

Specialised Areas 13.3

F. RESTRICTION ON DISTRIBUTION OR USE:
1. In addition to the alert required as discussed above, the auditor may consider it appropriate
to indicate that the auditor’s report is intended solely for the specific users.
2. Depending on the law or regulation applicable, this may be achieved by restricting the
distribution or use of the auditor’s report.
3. In these circumstances, the paragraph alerting the readers may be expanded to include
these other matters, and the heading modified accordingly.

SA 805-SPECIAL CONSIDERATIONS—AUDITS OF SINGLE FINANCIAL STATEMENTS AND SPECIFIC

ELEMENTS, ACCOUNTS OR ITEMS OF A FINANCIAL STATEMENT

A. WHAT IS A SINGLE FINANCIAL STATEMENT?

A single financial statement is to be distinguished from a complete set of financial statements.
For example, a cash flow statement is a single financial statement.

B. WHAT IS THE ELEMENT OF A FINANCIAL STATEMENT?

1. “Element of a financial statement” or “element” means an “element, account or item of a
financial statement.”
For example,
• Accounts receivable, allowance for doubtful accounts receivable, inventory, the liability
for accrued benefits of a private pension plan, the recorded value of identified intangible
assets, or the liability for “incurred but not reported” claims in an insurance portfolio,
including related notes.
• A schedule of externally managed assets and income of a private pension plan, including
related notes.
• A schedule of net tangible assets, including related notes.
• A schedule of disbursements in relation to a lease property, including explanatory notes.

A single financial statement or a specific element of a financial statement includes the related
notes ordinarily comprising a summary of significant accounting policies and other explanatory
information relevant to the financial statement or to the element.

C. CONSIDERATIONS WHEN ACCEPTING SUCH ENGAGEMENT:

1. Application of Sa’s:
a. SA 200 requires the auditor to comply with all SAs relevant to the audit.
b. In the case of an audit of a single financial statement or of a specific element of a
financial statement, this requirement applies irrespective of whether the auditor is also
engaged to audit the entity’s complete set of financial statements.
c. If the auditor is not also engaged to audit the entity’s complete set of financial
statements, the auditor shall determine whether the audit of a single financial statement
Specialised Areas 13.4
 or of a specific element of those financial statements in accordance with SAs is
practicable.
d. SA 200 requires the auditor to comply with
• relevant ethical requirements, including those pertaining to independence relating
to financial statement audit engagements, and
• all SAs relevant to the audit.
e. It also requires the auditor to comply with each requirement of an SA unless, in the
circumstances of the audit, the entire SA is not relevant or the requirement is not
relevant because it is conditional and the condition does not exist.
f. In exceptional circumstances, the auditor may judge it necessary to depart from a
relevant requirement in an SA by performing alternative audit procedures to achieve the
aim of that requirement.
g. Compliance with the requirements of SAs relevant to the audit of a single financial
statement or of a specific element of a financial statement may not be practicable when
the auditor is not also engaged to audit the entity’s complete set of financial statements.
h. In such cases, the auditor often does not have the same understanding of the entity and
its environment, including its internal control, as an auditor who also audits the entity’s
complete set of financial statements.
i. The auditor also does not have audit evidence about the general quality of the
accounting records or other accounting information that would be acquired in an audit
of the entity’s complete set of financial statements.
j. Accordingly, the auditor may need further evidence to corroborate audit evidence
acquired from the accounting records.
k. In the case of an audit of a specific element of a financial statement, certain SAs require
audit work that may be disproportionate to the element being audited.
For example, although the requirements of SA 570 are likely to be relevant in the
circumstances of an audit of a schedule of accounts receivable, complying with those
requirements may not be practicable because of the audit effort required.
l. If the auditor concludes that an audit of a single financial statement or of a specific
element of a financial statement in accordance with SAs may not be practicable, the
auditor may discuss with management whether another type of engagement might be
more practicable.

2. Acceptability of the Financial Reporting Framework:

a. SA 210 requires the auditor to determine the acceptability of the financial reporting
framework applied in the preparation of the financial statements.
b. In the case of an audit of a single financial statement or of a specific element of a
financial statement, this shall include whether application of the financial reporting
framework will result in a presentation that provides adequate disclosures to enable the
intended users to understand the information conveyed in the financial statement or the
element, and the effect of material transactions and events on the information conveyed
in the financial statement or the element.

Specialised Areas 13.5

 c. A single financial statement or a specific element of a financial statement may be
prepared in accordance with an applicable financial reporting framework that is based
on a financial reporting framework established by an authorised or recognised standards
setting organisation for the preparation of a complete set of financial statements.
d. If this is the case, determination of the acceptability of the applicable framework may
involve considering whether that framework includes all the requirements of the
framework on which it is based that are relevant to the presentation of a single financial
statement or of a specific element of a financial statement that provides adequate
disclosures.

G. CONSIDERATIONS WHEN PLANNING AND PERFORMING THE AUDIT:

1. In planning and performing the audit of a single financial statement or of a specific element
of a financial statement, the auditor shall adapt all SAs relevant to the audit as necessary in
the circumstances of the engagement.
2. When auditing a single financial statement or a specific element of a financial statement in
conjunction with the audit of the entity’s complete set of financial statements, the auditor
may be able to use audit evidence obtained as part of the audit of the entity’s complete set
of financial statements in the audit of the financial statement or the element.
3. SAs, however, require the auditor to plan and perform the audit of the financial statement
or element to obtain sufficient appropriate audit evidence on which to base the opinion on
the financial statement or on the element.
4. The individual financial statements that comprise a complete set of financial statements,
and many of the elements of those financial statements, including their related notes, are
interrelated. Accordingly, when auditing a single financial statement or a specific element of
a financial statement, the auditor may not be able to consider the financial statement or the
element in isolation.
5. Consequently, the auditor may need to perform procedures in relation to the interrelated
items to meet the objective of the audit.
6. Furthermore, the materiality determined for a single financial statement or for a specific
element of a financial statement may be lower than the materiality determined for the
entity’s complete set of financial statements, this will affect the nature, timing and extent of
the audit procedures and the evaluation of uncorrected misstatements.

H. FORM OF OPINION:
1. SA 210 requires that the agreed terms of the audit engagement include the expected form
of any reports to be issued by the auditor. In the case of an audit of a single financial
statement or of a specific element of a financial statement, the auditor shall consider
whether the expected form of opinion is appropriate in the circumstances.
2. The form of opinion to be expressed by the auditor depends on the applicable financial
reporting framework and any applicable laws or regulations. In accordance with Revised SA
700:

Specialised Areas 13.6

 a. When expressing an unmodified opinion on a complete set of financial statements
prepared in accordance with a fair presentation framework, the auditor’s opinion, unless
otherwise required by law or regulation, uses one of the following phrases:
(i) the financial statements present fairly, in all material respects, in accordance with
the applicable financial reporting framework or
(ii) the financial statements give a true and fair view in accordance with the
applicable financial reporting framework and
b. When expressing an unmodified opinion on a complete set of financial statements
prepared in accordance with a compliance framework, the auditor’s opinion states that
the financial statements are prepared, in all material respects, in accordance with the
applicable financial reporting framework.
3. In the case of a single financial statement or of a specific element of a financial statement,
the applicable financial reporting framework may not explicitly address the presentation of
the financial statement or of the element. This may be the case when the applicable financial
reporting framework is based on a financial reporting framework established by an
authorised or recognised standards setting organisation for the preparation of a complete
set of financial statements.
4. The auditor therefore considers whether the expected form of opinion is appropriate in the
light of the applicable financial reporting framework.
5. Factors that may affect the auditor’s consideration as to whether to use the phrases
“presents fairly, in all material respects”, or “gives a true and fair view” in the auditor’s
opinion include:
a. Whether the applicable financial reporting framework is explicitly or implicitly restricted
to the preparation of a complete set of financial statements.
b. Whether the single financial statement or the specific element of a financial statement
will:
i. Comply fully with each of those requirements of the framework relevant to the
particular financial statement or the particular element, and the presentation of the
financial statement or the specific element of a financial statement include the
related notes and disclosures
ii. If necessary to achieve fair presentation, provide disclosures beyond those
specifically required by the framework or, in exceptional circumstances, depart from
a requirement of the framework.
6. The auditor’s decision as to the expected form of opinion is a matter of professional
judgment. It may be affected by whether use of the phrases “presents fairly, in all material
respects”, or “gives a true and fair view” in the auditor’s opinion on a single financial
statement or on a specific element of a financial statement prepared in accordance with a
fair presentation framework is generally accepted in the particular jurisdiction.

I. FORMING AN OPINION AND REPORTING CONSIDERATIONS:

1. When forming an opinion and reporting on a single financial statement or on a specific
element of a financial statement, the auditor shall apply the requirements in Revised SA 700,
adapted as necessary in the circumstances of the engagement.

Specialised Areas 13.7

 2. If the auditor undertakes an engagement to report on a single financial statement or on a
specific element of a financial statement in conjunction with an engagement to audit the
entity’s complete set of financial statements, the auditor shall express a separate opinion
for each engagement.
3. An audited single financial statement or an audited specific element of a financial statement
may be published together with the entity’s audited complete set of financial statements.
4. If the auditor concludes that the presentation of a single financial statement or of the
specific element of a financial statement does not differentiate it sufficiently from the
complete set of financial statements, the auditor shall ask management to rectify the
situation.
5. The auditor shall also differentiate the opinion on the single financial statement or on the
specific element of a financial statement from the opinion on the complete set of financial
statements.
6. The auditor shall not issue the auditor’s report containing the opinion on the single financial
statement or on the specific element of a financial statement until satisfied with the
differentiation.
7. If the opinion in the auditor’s report on an complete set of financial statements is
modified:
a. If the opinion in the auditor’s report on an entity’s complete set of financial statements
is
• modified, or
• includes an Emphasis of matter paragraph or other matter paragraph,
the auditor shall determine the effect that this may have on the auditor’s report on a
single financial statement or on a specific element of those financial statements.
b. When deemed appropriate, the auditor shall modify the opinion on the single financial
statement or on the specific element of a financial statement, or include an Emphasis of
matter paragraph or other matter paragraph in the auditor’s report, accordingly.
8. If the opinion in the auditor’s report on an complete set of financial statements is adverse
or disclaimer of opinion:
a. If the auditor concludes that it is necessary to express an adverse opinion or disclaim an
opinion on the entity’s complete set of financial statements as a whole, SA 705 does not
permit the auditor to include in the same auditor’s report an unmodified opinion on a
single financial statement that forms part of those financial statements or on a specific
element that forms part of those financial statements.
b. This is because such an unmodified opinion would contradict the adverse opinion or
disclaimer of opinion on the entity’s complete set of financial statements as a whole.
c. If the auditor concludes that it is necessary to express an adverse opinion or disclaim an
opinion on the entity’s complete set of financial statements as a whole but, in the
context of a separate audit of a specific element that is included in those financial
statements, the auditor nevertheless considers it appropriate to express an unmodified
opinion on that element, the auditor shall only do so if:
i. The auditor is not prohibited by law or regulation from doing so;

Specialised Areas 13.8

 ii. That opinion is expressed in an auditor’s report that is not published together with
the auditor’s report containing the adverse opinion or disclaimer of opinion; and
iii. The specific element does not constitute a major portion of the entity’s complete set
of financial statements.
d. Even when the modified opinion on the entity’s complete set of financial statements,
Emphasis of matter paragraph or Other matter paragraph does not relate to the audited
financial statement or the audited element, the auditor may still deem it appropriate to
refer to the modification in an Other matter paragraph in an auditor’s report on the
financial statement or on the element.

Note:
1. The single financial statement or the specific element, account or item of a financial statement
may be prepared in accordance with a general or special purpose framework. If prepared in
accordance with a special purpose framework, SA 800 also applies to the audit.
2. SA 805 does not apply to the report of a component auditor issued as a result of work performed
on the financial information of a component at the request of a group engagement team for
purposes of an audit of group financial statements.

SA 810 - ENGAGEMENTS TO REPORT ON SUMMARY FINANCIAL STATEMENTS

A. SUMMARY FINANCIAL STATEMENTS: Summary financial statements

• reflect historical financial information that is derived from financial statements,
• but that contains less detail than the financial statements
• while still providing a structured representation consistent with that provided by the
financial statements
• of the entity’s economic resources or obligations at a point in time or the changes therein
for a period of time.

B. ENGAGEMENT ACCEPTANCE:
1. The auditor shall, ordinarily, accept an engagement to report on summary financial
statements in accordance with this SA only when the auditor has been engaged to conduct
an audit in accordance with SAs of the financial statements from which the summary
financial statements are derived.
2. If the auditor has not also audited the financial statements from which the summary
financial statements are derived, the auditor shall not have the necessary knowledge to
discharge his responsibilities in relation to the summary financial statements in accordance
with this SA.
3. Before accepting an engagement to report on summary financial statements, the auditor
shall:

a. Determine whether the applied criteria are acceptable:

i. Applied criteria refer to the criteria applied by management in the preparation of the
summary financial statements. Management is responsible for the determination of
Specialised Areas 13.9
 the information that needs to be reflected in the summary financial statements so
that they are consistent, in all material respects, with or represent a fair summary of
the audited financial statements.
ii. Factors affecting the auditor’s determination of the acceptability of the applied
criteria:
• The nature of the entity
• The purpose of the summary financial statements
• The information needs of the intended users of the summary financial
statements and
• Whether the applied criteria will result in summary financial statements that are
not misleading in the circumstances.
iii. If the auditor concludes that the applied criteria are unacceptable or is unable to
obtain the agreement of management as discussed above, the auditor shall not
accept the engagement to report on the summary financial statements, unless
required by law or regulation to do so.

b. Obtain the agreement of management that it acknowledges and understands its

responsibility:
i. For the preparation of the summary financial statements in accordance with the
applied criteria.
ii. To make the audited financial statements available to the intended users of the
summary financial statements without undue difficulty (or, if law or regulation
provides that the audited financial statements need not be made available to the
intended users of the summary financial statements and establishes the criteria for
the preparation of the summary financial statements, to describe that law or
regulation in the summary financial statements).
iii. The auditor’s evaluation whether the audited financial statements are available to
the intended users of the summary financial statements without undue difficulty is
affected by factors such as whether:
• The summary financial statements describe clearly from whom or where the
audited financial statements are available
• The audited financial statements are on public record; or
• Management has established a process by which the intended users of the
summary financial statements can obtain ready access to the audited financial
statements.
iv. To include the auditor’s report on the summary financial statements in any
document that contains the summary financial statements and that indicates that
the auditor has reported on them.

c. Agree with management on the form of opinion to be expressed on the summary

financial statements.

Specialised Areas 13.10

C. NATURE OF PROCEDURES TO BE PERFORMED BY AUDITOR:
The auditor shall perform the following procedures, and any other procedures that the auditor
may consider necessary, as the basis for the auditor’s opinion on the summary financial
statements:
a. Evaluate whether the summary financial statements adequately disclose their summarised
nature and identify the audited financial statements.
b. When summary financial statements are not accompanied by the audited financial
statements, evaluate whether they describe clearly:
i. From whom or where the audited financial statements are available; or
ii. The law or regulation that specifies that the audited financial statements need not be
made available to the intended users of the summary financial statements and
establishes the criteria for the preparation of the summary financial statements.
c. Evaluate whether the summary financial statements adequately disclose the applied criteria.
d. Compare the summary financial statements with the related information in the audited
financial statements to determine whether the summary financial statements agree with or
can be re-calculated from the related information in the audited financial statements.
e. Evaluate whether the summary financial statements are prepared in accordance with the
applied criteria.
f. Evaluate, in view of the purpose of the summary financial statements, whether the summary
financial statements contain the information necessary, and are at an appropriate level of
aggregation, so as not to be misleading in the circumstances.
g. Evaluate whether the audited financial statements are available to the intended users of the
summary financial statements without undue difficulty, unless law or regulation provides
that they need not be made available and establishes the criteria for the preparation of the
summary financial statements as discussed already.

D. FORM OF OPINION:
1. When the auditor has concluded that an unmodified opinion on the summary financial
statements is appropriate, the auditor’s opinion shall, unless otherwise required by law or
regulation, use one of the following phrases:
a. The summary financial statements are consistent, in all material respects, with the
audited financial statements, in accordance with the applied criteria or
b. The summary financial statements are a fair summary of the audited financial
statements, in accordance with the applied criteria.
2. If law or regulation prescribes the wording of the opinion on summary financial statements
in terms that are different from those described above, the auditor shall:
a. Apply the procedures discussed earlier and any further procedures necessary to enable
the auditor to express the prescribed opinion and
b. Evaluate whether users of the summary financial statements might misunderstand the
auditor’s opinion on the summary financial statements and, if so, whether additional
explanation in the auditor’s report on the summary financial statements can mitigate
possible misunderstanding.

Specialised Areas 13.11

 3. If, the auditor concludes that additional explanation in the auditor’s report on the summary
financial statements cannot mitigate possible misunderstanding, the auditor shall not accept
the engagement, unless required by law or regulation to do so.

E. AUDITOR’S REPORT ON SUMMARY FINANCIAL STATEMENTS:

The auditor’s report on summary financial statements shall include the following elements:
a. A title clearly indicating it as the report of an independent auditor.
b. An addressee: If the addressee of the summary financial statements is not the same as the
addressee of the auditor’s report on the audited financial statements, the auditor shall
evaluate the appropriateness of using a different addressee. Factors that may affect the
auditor’s evaluation of the appropriateness of the addressee of the summary financial
statements include the terms of the engagement, the nature of the entity, and the purpose
of the summary financial statements.
c. An introductory paragraph:
(i) Identifies the summary financial statements on which the auditor is reporting,
including the title of each statement included in the summary financial statements.
When the auditor is aware that the summary financial statements will be included in
a document that contains other information, the auditor may consider, if the form of
presentation allows, identifying the page numbers on which the summary financial
statements are presented. This helps readers to identify the summary financial
statements to which the auditor’s report relates.
(ii) Identifies the audited financial statements.
(iii) Refers to the auditor’s report on the audited financial statements, the date of that
report, and, in cases other than where audited financial statements contain modified
opinion, emphasis of matter paragraph and other matter paragraph, the fact that an
unmodified opinion is expressed on the audited financial statements.
(iv) If the date of the auditor’s report on the summary financial statements is later than
the date of the auditor’s report on the audited financial statements, states that the
summary financial statements and the audited financial statements do not reflect
the effects of events that occurred subsequent to the date of the auditor’s report on
the audited financial statements and
(v) A statement indicating that the summary financial statements do not contain all the
disclosures required by the financial reporting framework applied in the preparation
of the audited financial statements, and that reading the summary financial
statements is not a substitute for reading the audited financial statements.
d. A description of management’s responsibility for the summary financial statements,
explaining that management is responsible for the preparation of the summary financial
statements in accordance with the applied criteria.
e. A statement that the auditor is responsible for expressing an opinion on the summary
financial statements based on the procedures required by this SA.
f. A paragraph clearly expressing an opinion.

Specialised Areas 13.12

 g. The auditor’s signature along with the firm registration number, wherever applicable, and
the membership number assigned by the Institute of Chartered Accountants of India.
Besides, UDIN is required to be stated.
h. The date of the auditor’s report: The auditor shall date the auditor’s report on the summary
financial statements no earlier than:
(i) The date on which the auditor has obtained sufficient appropriate evidence on which
to base the opinion, including evidence that the summary financial statements have
been prepared and those with the recognised authority have asserted that they have
taken responsibility for them; and
(ii) The date of the auditor’s report on the audited financial statements.
i. The place of signature

F. MODIFICATIONS TO THE OPINION, EMPHASIS OF MATTER PARAGRAPH OR OTHER MATTER

PARAGRAPH IN THE AUDITOR’S REPORT ON THE AUDITED FINANCIAL STATEMENTS:
1. When the auditor’s report on the audited financial statements contains a qualified opinion,
an Emphasis of Matter paragraph, or an Other Matter paragraph, but the auditor is satisfied
that the summary financial statements are consistent, in all material respects, with or are a
fair summary of the audited financial statements, in accordance with the applied criteria,
the auditor’s report on the summary financial statements shall, also contain followings: -
a. State that the auditor’s report on the audited financial statements contains a qualified
opinion, an Emphasis of Matter paragraph, or an Other Matter paragraph; and
b. Describe:
(i) The basis for the qualified opinion on the audited financial statements, and that
qualified opinion; or the Emphasis of Matter or the Other Matter paragraph in
the auditor’s report on the audited financial statements; and
(ii) The effect thereof on the summary financial statements, if any.
c. When the auditor’s report on the audited financial statements contains an adverse
opinion or a disclaimer of opinion, the auditor’s report on the summary financial
statements shall, additionally: -
i. State that the auditor’s report on the audited financial statements contains an
adverse opinion or disclaimer of opinion;
ii. Describe the basis for that adverse opinion or disclaimer of opinion; and
iii. State that, as a result of the adverse opinion or disclaimer of opinion, it is
inappropriate to express an opinion on the summary financial statements.
2. Modified Opinion on the Summary Financial Statements: If the summary financial
statements are not consistent, in all material respects, with or are not a fair summary of the
audited financial statements, in accordance with the applied criteria, and management does
not agree to make the necessary changes, the auditor shall express an adverse opinion on
the summary financial statements.

G. RESTRICTION ON DISTRIBUTION OR USE OR ALERTING READERS TO THE BASIS OF

ACCOUNTING: When distribution or use of the auditor’s report on the audited financial

Specialised Areas 13.13

 statements is restricted, or the auditor’s report on the audited financial statements alerts
readers that the audited financial statements are prepared in accordance with a special purpose
framework, the auditor shall include a similar restriction or alert in the auditor’s report on the
summary financial statements.

H. COMPARATIVES:
a. Comparatives in the audited financial statements may be regarded as corresponding figures
or as comparative financial information.
b. Summary financial statements do not contain comparatives:
i. If the audited financial statements contain comparatives, but the summary financial
statements do not, the auditor shall determine whether such omission is reasonable in
the circumstances of the engagement.
ii. The auditor shall determine the effect of an unreasonable omission on the auditor’s
report on the summary financial statements.
c. Summary financial statements contain comparatives: If the summary financial statements
contain comparatives that were reported on by another auditor, the auditor’s report on the
summary financial statements shall also contain the matters that SA 710 requires the auditor
to include in the auditor’s report on the audited financial statements.

I. UNAUDITED SUPPLEMENTARY INFORMATION PRESENTED WITH SUMMARY FINANCIAL

STATEMENTS:
1. The auditor shall evaluate whether any unaudited supplementary information presented
with the summary financial statements is clearly differentiated from the summary financial
statements.
2. If the auditor concludes that the entity’s presentation of the unaudited supplementary
information is not clearly differentiated from the summary financial statements, the auditor
shall ask management to change the presentation of the unaudited supplementary
information.
3. If management refuses to do so, the auditor shall explain in the auditor’s report on the
summary financial statements that such information is not covered by that report.

J. OTHER INFORMATION IN DOCUMENTS CONTAINING SUMMARY FINANCIAL STATEMENTS:

1. The auditor shall read the other information included in a document containing the
summary financial statements and related auditor’s reports to consider whether there is a
material inconsistency between the other information and the summary financial
statements.
2. If the auditor identifies a material inconsistency, the auditor shall determine whether the
summary financial statements or the other information needs to be revised.
3. If, the auditor becomes aware that the other information needs to be revised, the auditor
shall discuss the matter with management.

K. AUDITOR ASSOCIATION:

Specialised Areas 13.14

 1. If the auditor becomes aware that the entity plans to state that the auditor has reported on
summary financial statements in a document containing the summary financial statements,
but does not plan to include the related auditor’s report, the auditor shall request
management to include the auditor’s report in the document.
2. If management does not do so, the auditor shall determine and carry out other appropriate
actions designed to prevent management from inappropriately associating the auditor with
the summary financial statements in that document.
3. The auditor may be engaged to report on the financial statements of an entity, while not
engaged to report on the summary financial statements. If, in this case, the auditor becomes
aware that the entity plans to make a statement in a document that refers to the auditor
and the fact that summary financial statements are derived from the financial statements
audited by the auditor, the auditor shall be satisfied that:
a. The reference to the auditor is made in the context of the auditor’s report on the audited
financial statements; and
b. The statement does not give the impression that the auditor has reported on the
summary financial statements.
4. If (a) or (b) are not met, the auditor shall request management to change the statement to
meet them, or not to refer to the auditor in the document.
5. Alternatively, the entity may engage the auditor to report on the summary financial
statements and include the related auditor’s report in the document.
6. If management does not change the statement, delete the reference to the auditor, or
include an auditor’s report on the summary financial statements in the document containing
the summary financial statements, the auditor shall advise management that the auditor
disagrees with the reference to the auditor, and the auditor shall determine and carry out
other appropriate actions designed to prevent management from inappropriately referring
to the auditor.

L. TIMING OF WORK AND EVENTS SUBSEQUENT TO THE DATE OF THE AUDITOR’S REPORT ON
THE AUDITED FINANCIAL STATEMENTS: When the auditor reports on the summary financial
statements after the completion of the audit of the financial statements, the auditor
a. is not required to obtain additional audit evidence on the audited financial statements, or
b. report on the effects of events that occurred subsequent to the date of the auditor’s report
on the audited financial statements
since the summary financial statements are derived from the audited financial statements.

Specialised Areas 13.15

 14. RELATED SERVICES

INTRODUCTION:

Chartered Accountants in practice are often asked to provide services to clients which do not involve
the expression of an opinion on the truth and fairness of the financial statements.

For the purpose of standardising the procedures to perform such kind of non-assurance services,
the AASB of ICAI issued two Standards on two different services i.e. Standards on Related Services.

The following standards have been issued under Standards on Related Services: -

• SRS 4400 - Engagements to Perform Agreed-upon Procedures Regarding Financial Information

• SRS 4410 - Compilation Engagements

I. RELATED SERVICES:
1. Assurance engagement” means an engagement in which a practitioner expresses a
conclusion designed to enhance the degree of confidence of the intended users other than
the responsible party about the outcome of the evaluation or measurement of a subject
matter against criteria.
2. It means that the practitioner gives an opinion about specific information due to which users
of information are able to make confident decisions knowing well that chance of information
being incorrect is diminished.
3. Not all engagements performed by practitioners are assurance engagements.
4. Other frequently performed engagements that do not meet the definition of assurance
engagements include: -
a. The preparation of tax returns where no conclusion conveying assurance is expressed.
b. Consulting (or advisory) engagements such as management and tax consulting.
c. Engagements covered by Standards for Related Services, such as agreed-upon
procedures engagements and compilations of financial or other information.
5. The above engagements are in nature of related services.

II. AGREED-UPON PROCEDURES:

1. In an engagement to perform agreed-upon procedures, the auditor is engaged by the client
to issue a report of factual findings, based on specified procedures performed on specified
subject matter of specified elements, accounts or items of a financial statement.
For example, an engagement to perform agreed-upon procedures may require the auditor
to perform certain procedures concerning individual items of financial data, say, accounts
payable, accounts receivable, purchases from related parties and sales and profits of a
segment of an entity, or a financial statement, say, a balance sheet or even a complete set
of financial statements.

Related Services 14.1

 2. However, a person performing related services need not necessarily be the auditor of the
entity’s financial statements.

SRS 4400 ENGAGEMENTS TO PERFORM AGREED-UPON PROCEDURES REGARDING FINANCIAL

INFORMATION

A. OBJECTIVE:
1. The objective of an agreed-upon procedures engagement is for the auditor to carry out
procedures of an audit nature to which the auditor and the entity and any appropriate third
parties have agreed and to report on factual findings.
2. As the auditor simply provides a report of the factual findings of agreed upon procedures,
no assurance is provided by him in his report. Instead, users of the report assess for
themselves the procedures and the findings reported by the auditor and draw their own
conclusions from the work done by the auditor.
3. The report is usually restricted to those parties that have agreed to the procedures to be
performed since others, unaware of the reasons for the procedures, may misinterpret the
results.

B. AUDIT VS. AGREED-UPON PROCEDURES:

1. A key difference between an audit and agreed-upon procedures relates to assurance.
2. An audit expresses an opinion and provides assurance to users.
3. However, in an agreed-procedures engagement, only a report of the factual findings of
agreed-upon procedures is provided. No assurance is given to users. Instead, users draw
their own conclusions based on factual findings stated in the report.
4. For example, an agreed upon procedures engagement to evaluate validity of accounts
payable may state the following:
a. Comparing of names of major suppliers and the amounts outstanding as on a date to the
related names and amounts in the trial balance.
b. Obtaining suppliers statements or confirmations from suppliers to confirm balances
outstanding on a date
c. Comparison of such statements or confirmations to the amounts in trial balance.

C. GENERAL PRINCIPLES OF AN AGREED-UPON PROCEDURES ENGAGEMENT:

1. Ethical Requirements:
a. The auditor should comply with the Code of Ethics, issued by the Institute of Chartered
Accountants of India. Ethical principles governing the auditor’s professional
responsibilities for this type of engagement include
i. Integrity
ii. Objectivity
iii. professional competence and due care
iv. confidentiality
v. professional conduct and
vi. technical standards.
Related Services 14.2
 b. Independence is not a requirement for agreed-upon procedures engagement. However,
the terms or objective of the engagement may require the auditor to comply with the
independence requirements of the Code of Ethics issued by the Institute of Chartered
Accountants of India.
c. Where the auditor is not independent, a statement to that effect should be made in the
report of factual findings.

2. Defining the Terms of the Engagement:

a. The auditor should ensure with representatives of the entity and, ordinarily, other
specified parties who will receive copies of the report of factual findings, that there is a
clear understanding regarding the agreed procedures and the conditions of the
engagement.
b. Matters to be agreed include the following: -
i. Nature of the engagement including the fact that the procedures performed will not
constitute an audit or a review and that accordingly no assurance will be expressed.
ii. Stated purpose for the engagement.
iii. Identification of the financial information to which the agreed-upon procedures will
be applied.
iv. Nature, timing and extent of the specific procedures to be applied.
v. Limitations on distribution of the report of factual findings. When such limitation
would be in conflict with the legal requirements, if any, the auditor would not accept
the engagement.
c. It is in the interests of both the client and the auditor that the auditor sends an
engagement letter documenting the key terms of the appointment. An engagement
letter confirms the auditor’s acceptance of the appointment and helps avoid
misunderstanding regarding such matters as the objectives and scope of the
engagement, the extent of the auditor’s responsibilities and the form of reports to be
issued.
d. Matters that would be included in the engagement letter include: -
i. A listing of the procedures to be performed as agreed-upon between the parties.
ii. A statement that the distribution of the report of factual findings would be restricted
to the specified parties who have agreed to the procedures to be performed.

3. Planning: The auditor should plan the work so that an effective engagement will be
performed.
4. Procedures and Evidence: The auditor should carry out the procedures agreed-upon and
use the evidence obtained as the basis for the report of factual findings. The procedures
applied in an engagement to perform agreed-upon procedures may include:
a. Inquiry and analysis
b. Re computation, comparison and other clerical accuracy checks
c. Observation
d. Inspection
e. Obtaining confirmations

Related Services 14.3

D. REPORTING:
1. The report on an agreed-upon procedures engagement needs to describe the purpose and
the agreed-upon procedures of the engagement in sufficient detail to enable the reader to
understand the nature and the extent of the work performed. The report should also clearly
mention that no audit or review has been performed.
2. The report of factual findings should contain: -
a. Title
b. Addressee (ordinarily, the appointing authority)
c. Identification of specific financial or non-financial information to which the agreed upon
procedures have been applied
d. A statement that the procedures performed were those agreed-upon with the recipient
e. A statement that the engagement was performed in accordance with the Standard on
Related Services applicable to agreed-upon procedures engagements
f. Identification of the purpose for which the agreed-upon procedures were performed
g. A listing of the specific procedures performed
h. A description of the auditor’s factual findings including sufficient details of errors and
exceptions found
i. A statement that the procedures performed do not constitute either an audit or a review
and, as such, no assurance is expressed
j. A statement that had the auditor performed additional procedures, an audit or a review,
other matters might have come to light that would have been reported
k. A statement that the report is restricted to those parties that have agreed to the
procedures to be performed
l. A statement (when applicable) that the report relates only to the elements, accounts,
items or financial and non-financial information specified and that it does not extend to
the entity’s financial statements taken as a whole
m. Date of the report
n. Place of signature and
o. Auditor’s signature

E. DOCUMENTATION: The auditor should document matters which are important in providing
evidence to support the report of factual findings, and evidence that the engagement was
carried out in accordance with this SRS and the terms of the engagement.

SRS 4410 COMPILATION ENGAGEMENTS

A. COMPILATION ENGAGEMENT:
1. Compilation engagement is an engagement in which
• a practitioner applies accounting and financial reporting expertise
• to assist management in the preparation and presentation of financial information of an
entity
• in accordance with an applicable financial reporting framework and
Related Services 14.4
 • issues a report.
2. Management may request a professional accountant in public practice to assist with the
preparation and presentation of financial information of an entity.
3. A compilation engagement is not an assurance engagement. A compilation engagement
does not require the practitioner to verify the accuracy or completeness of the information
provided by management for the compilation, or otherwise to gather evidence to express
an audit opinion or a review conclusion on the preparation of the financial information.
4. Financial information that is the subject of a compilation engagement may be required for
various purposes including:
a. To comply with mandatory periodic financial reporting requirements established in law
or regulation, if any or
b. For purposes unrelated to mandatory financial reporting under relevant law or
regulation, including for example:
• For management or those charged with governance, prepared on a basis appropriate
for their particular purposes (such as preparation of financial information for internal
use).
• For periodic financial reporting undertaken for external parties under a contract or
other form of agreement (such as financial information provided to a funding body
to support provision or continuation of a grant).
• For transactional purposes, for example to support a transaction involving changes
to the entity’s ownership or financing structure (such as for a merger or acquisition).

B. OBJECTIVES: The practitioner’s objectives in a compilation engagement under this SRS are to: -
1. Apply accounting and financial reporting expertise to assist management in the preparation
and presentation of financial information in accordance with an applicable financial
reporting framework based on information provided by management and
2. Report in accordance with the requirements of this SRS.

C. SCOPE OF COMPILATION ENGAGEMENTS:

1. The scope of a compilation engagement will vary depending on the circumstances of the
engagement.
2. However, in every case it will involve assisting management in the preparation and
presentation of the entity’s financial information in accordance with the financial reporting
framework, based on information provided by management.
3. In some compilation engagements, management may have already prepared the financial
information itself in a draft or preliminary form.
4. Management retains responsibility for the financial information and the basis on which it is
prepared and presented. That responsibility includes
a. application by management of the judgment required for the preparation and
presentation of the financial information,
b. the selection and application of appropriate accounting policies and,
c. where needed, developing reasonable accounting estimates.

Related Services 14.5

 5. Different financial reporting frameworks can be used to prepare and present financial
information, ranging from a simple entity-specific basis of accounting to established financial
reporting standards.
6. The financial reporting framework adopted by management to prepare and present the
financial information will depend on the nature of the entity and the intended use of the
information.

D. ETHICAL REQUIREMENTS:
1. The practitioner shall comply with relevant ethical requirements. In complying with the Code
of Ethics, threats to the practitioner’s compliance with relevant ethical requirements are
required to be identified and appropriately addressed.
2. Being in nature of non-assurance engagement, independence requirements do not apply to
compilation engagements. However, laws or regulations may specify requirements or
disclosure rules pertaining to independence.

E. ENGAGEMENT ACCEPTANCE AND CONTINUANCE:

1. The practitioner shall not accept the engagement unless the practitioner has agreed the
terms of engagement with management, and the engaging party if different, including: -
a. The intended use and distribution of the financial information, and any restrictions on
either its use or its distribution where applicable.
b. Identification of the applicable financial reporting framework.
c. The objective and scope of the compilation engagement
d. The responsibilities of the practitioner, including the requirement to comply with
relevant ethical requirements
e. The responsibilities of management for:
i. The financial information, and for the preparation and presentation thereof, in
accordance with a financial reporting framework that is acceptable in view of the
intended use of the financial information and the intended users
ii. Design, implementation and maintenance of such internal control as management
determines is necessary to enable the preparation of financial statements that are
free from material misstatement, whether due to fraud or error
iii. The accuracy and completeness of the records, documents, explanations and other
information provided by management for the compilation engagement and
iv. Judgments needed in the preparation and presentation of the financial information,
including those for which the practitioner may provide assistance in the course of
the compilation engagement.
f. The expected form and content of the practitioner’s report.
2. The practitioner shall record the agreed terms of engagement in an engagement letter or
other suitable form of written agreement, prior to performing the engagement.
3. On recurring compilation engagements, the practitioner shall evaluate whether
circumstances, including changes in the engagement acceptance considerations, require the
terms of engagement to be revised and whether there is need to remind management of
the existing terms of engagement.

Related Services 14.6

F. PERFORMING THE ENGAGEMENT:
1. Obtain an understanding: The practitioner shall obtain an understanding of the following
matters sufficient to be able to perform the compilation engagement:
a. The entity’s business and operations, including the entity’s accounting system and
accounting records and
b. The applicable financial reporting framework, including its application in the entity’s
industry.
2. Compile the financial information: The practitioner shall compile the financial information
using the records, documents, explanations and other information, including significant
judgments, provided by management.
3. Discuss with management regarding estimates:
a. The practitioner shall discuss with management, or those charged with governance as
appropriate, those significant judgments, for which the practitioner has provided
assistance in the course of compiling the financial information.
b. If, in the course of the compilation engagement, the practitioner becomes aware that
the records, documents, explanations or other information, including significant
judgments, provided by management for the compilation engagement are incomplete,
inaccurate or otherwise unsatisfactory, the practitioner shall bring that to the attention
of management and request the additional or corrected information.
4. Read the compiled financial statements prior to completion: Prior to completion of the
compilation engagement, the practitioner shall read the compiled financial information in
light of the practitioner’s understanding of the entity’s business and operations, and of the
applicable financial reporting framework.
5. Practitioner is unable to complete the engagement: If the practitioner is unable to complete
the engagement because management has failed to provide records, documents,
explanations or other information, including significant judgments, as requested, the
practitioner shall withdraw from the engagement and inform management and those
charged with governance of the reasons for withdrawing.
6. Propose the amendments to management in certain circumstances:
a. If the practitioner becomes aware during the course of the engagement that:
i. The compiled financial information does not adequately refer to or describe the
applicable financial reporting framework
ii. Amendments to the compiled financial information are required for the financial
information not to be materially misstated; or
iii. The compiled financial information is otherwise misleading,
the practitioner shall propose the appropriate amendments to management.
b. If management declines, or does not permit the practitioner to make the proposed
amendments to the compiled financial information, the practitioner shall withdraw from
the engagement and inform management and those charged with governance of the
reasons for withdrawing.
c. If withdrawal from the engagement is not possible, the practitioner shall determine the
professional and legal responsibilities applicable in the circumstances.

Related Services 14.7

 7. Obtain an acknowledgement from management: The practitioner shall obtain an
acknowledgement from management or those charged with governance, as appropriate,
that they have taken responsibility for the final version of the compiled financial information.

G. COMMUNICATION WITH MANAGEMENT AND THOSE CHARGED WITH GOVERNANCE: The

practitioner shall communicate with management or those charged with governance, as
appropriate, on a timely basis during the course of the compilation engagement, all matters
concerning the compilation engagement that, in the practitioner’s professional judgment, are
of sufficient importance to merit the attention of management or those charged with
governance, as appropriate.

H. THE PRACTITIONER’S REPORT:

1. An important purpose of the practitioner’s report is to clearly communicate the nature of
the compilation engagement, and the practitioner’s role and responsibilities in the
engagement. The practitioner’s report is not a vehicle to express an opinion or conclusion
on the financial information in any form.
2. The practitioner’s report issued for the compilation engagement shall be in writing, and shall
include the following elements: -
a. The report title
b. The addressee(s), as required by the terms of the engagement
c. A statement that the practitioner has compiled the financial information based on
information provided by management
d. A description of the responsibilities of management, or those charged with governance
as appropriate, in relation to the compilation engagement, and in relation to the financial
information
e. Identification of the applicable financial reporting framework and, if a special purpose
financial reporting framework is used, a description or reference to the description of
that special purpose financial reporting framework in the financial information
f. Identification of the financial information, including the title of each element of the
financial information if it comprises more than one element, and the date of the financial
information or the period to which it relates
g. A description of the practitioner’s responsibilities in compiling the financial information,
including that the engagement was performed in accordance with this SRS, and that the
practitioner has complied with relevant ethical requirements
h. A description of what a compilation engagement entails in accordance with this SRS
i. Explanations that: -
(i) Since a compilation engagement is not an assurance engagement, the
practitioner is not required to verify the accuracy or completeness of the
information provided by management for the compilation and
(ii) Accordingly, the practitioner does not express an audit opinion or a review
conclusion on whether the financial information is prepared in accordance with
the applicable financial reporting framework.

Related Services 14.8

 j. If the financial information is prepared using a special purpose financial reporting
framework, an explanatory paragraph that:
(i) Describes the purpose for which the financial information is prepared and, if
necessary, the intended users, or contains a reference to a note in the financial
information that discloses this information and
(ii) Draws the attention of readers of the report to the fact that the financial
information is prepared in accordance with a special purpose framework and
that, as a result, the information may not be suitable for other purposes.
k. The date of the practitioner’s report
l. The practitioner’s signature and
m. The place of signature.

I. ENGAGEMENT LEVEL QUALITY CONTROL: The engagement partner shall take responsibility for:
a. The overall quality of each compilation engagement to which that partner is assigned and
b. The engagement being performed in accordance with the firm’s quality control policies and
procedures.

J. DOCUMENTATION:
1. The practitioner shall include in the engagement documentation: -
a. Significant matters arising during the compilation engagement and how those matters
were addressed by the practitioner
b. A record of how the compiled financial information reconciles with the underlying
records, documents, explanations and other information, provided by management and
c. A copy of the final version of the compiled financial information for which management
or those charged with governance, as appropriate, has acknowledged their
responsibility, and the practitioner’s report.
2. The practitioner may consider also including in the engagement documentation a copy of
the entity’s trial balance, summary of significant accounting records or other information
that the practitioner used to perform the compilation.

Related Services 14.9

 15. REVIEW OF FINANCIAL INFORMATION
INTRODUCTION

WHAT IS REVIEW?
1. “Review” is a limited assurance engagement.
2. Limited assurance is the level of assurance obtained where engagement risk is reduced to a level
that is acceptable in the circumstances of the engagement, but where that risk is greater than
for a reasonable assurance engagement, as the basis for expressing a conclusion.
3. The combination of the nature, timing and extent of evidence gathering procedures is at least
sufficient for the practitioner to obtain a meaningful level of assurance.
4. To be meaningful, the level of assurance obtained by the practitioner is likely to enhance the
intended users’ confidence about the financial statements.
5. In simpler terms, limited assurance engagement provides lower level of assurance than audit. It
involves fewer procedures and, gathers sufficient and appropriate evidence on basis of which
limited conclusions can be drawn up.
6. However, “review” is related to financial statements prepared on basis of historical financial
information just like an audit.

STANDARDS ON REVIEW ENGAGEMENTS:

I. SRE 2400 - Engagements to Review Historical Financial Statements
II. SRE 2410 - Review of Interim Financial Information Performed by the Independent Auditor of
the Entity

SRE 2400 ENGAGEMENTS TO REVIEW HISTORICAL FINANCIAL STATEMENTS

A. WHAT SRE 2400 DEAL WITH?

SRE 2400 deals with:
1. The practitioner’s responsibilities when engaged to perform a review of historical financial
statements, when the practitioner is not the auditor of the entity’s financial statements and
2. The form and content of the practitioner’s report on the financial statements.

B. OBJECTIVES:
The practitioner’s objectives in a review of financial statements in accordance with SRE 2400 are
as under:
a. Obtain limited assurance, primarily by making an inquiry and performing analytical
procedures, about whether the financial statements as a whole are free from material
misstatement, thereby enabling the practitioner to express a conclusion on whether
anything has come to his attention that causes him to believe the financial statements are
not prepared, in all material respects, in accordance with an applicable financial reporting
framework
b. Report on the financial statements as a whole and communicate, as required by this SRE.

Review of Financial Information 15.1

 Note: In all cases when limited assurance cannot be obtained and a modified conclusion in the
practitioner’s report is insufficient in the circumstances, this SRE requires that the practitioner
• either to disclaim a conclusion in the report issued for the engagement or,
• where appropriate to withdraw from the engagement if withdrawal is possible under
applicable law or regulations.

C. COMPLIANCE WITH ETHICAL REQUIREMENTS AND ENGAGEMENT LEVEL QUALITY CONTROL:

1. The practitioner shall comply with relevant ethical requirements, including those pertaining
to independence and the engagement partner is responsible for overall quality of each
review engagement.
2. Factors affecting Acceptance and Continuance of Client Relationships and Review
Engagements: Unless required by law or regulation, the practitioner shall not accept a
review engagement if:
a. The practitioner is not satisfied:
i. That there is a rational purpose for the engagement.
ii. That a review engagement would be appropriate in the circumstances.
b. The practitioner has reason to believe that relevant ethical requirements, including
independence, will not be satisfied.
c. The practitioner’s preliminary understanding of the engagement circumstances indicates
that information needed to perform the review engagement is likely to be unavailable
or unreliable.
d. The practitioner has cause to doubt management’s integrity such that it is likely to affect
proper performance of the review or
e. Management or those charged with governance impose a limitation on the scope of the
practitioner’s work in the terms of a proposed review engagement such that the
practitioner believes that the limitation will result in the practitioner disclaiming a
conclusion on the financial statements.

D. PRECONDITIONS FOR ACCEPTING A REVIEW ENGAGEMENT:

1. Prior to accepting a review engagement, the practitioner shall: -
a. Determine whether the financial reporting framework applied in the preparation of the
financial statements is acceptable including, in the case of special purpose financial
statements, obtaining an understanding of the purpose for which the financial
statements are prepared and of the intended users, and;
b. Obtain the agreement of management that it acknowledges and understands its
responsibilities:
(i) For the preparation of the financial statements in accordance with the applicable
financial reporting framework, including, where relevant, their fair presentation.
(ii) For such internal control as management determines is necessary to enable the
preparation of financial statements that are free from material misstatement,
whether due to fraud or error; and
(iii) To provide the practitioner with:

Review of Financial Information 15.2

 a. Access to all information of which management is aware that is relevant to
the preparation of the financial statements, such as records, documentation
and other matters;
b. Additional information that the practitioner may request from management
for the purpose of the review; and
c. Unrestricted access to persons within the entity from whom the practitioner
determines it necessary to obtain evidence.
2. If the practitioner is not satisfied as to any of the matters set out above as preconditions for
accepting a review engagement, the practitioner shall discuss the matter with the
management or those charged with governance.
3. If changes cannot be made to satisfy the practitioner as to those matters, the practitioner
shall not accept the proposed engagement unless required by law or regulation to do so.
However, an engagement conducted under such circumstances does not comply with this
SRE. Accordingly, the practitioner shall not include any reference within the practitioner’s
report to the review having been conducted in accordance with this SRE.
4. If it is discovered after the engagement has been accepted that the practitioner is not
satisfied as to any of the above preconditions, the practitioner shall discuss the matter with
the management or those charged with governance and shall determine:
a. Whether the matter can be resolved.
b. Whether it is appropriate to continue with the engagement and
c. Whether and, if so, how to communicate the matter in the practitioner’s report.

E. AGREEING TO THE TERMS OF ENGAGEMENT:

1. The practitioner shall agree to the terms of the engagement with the management or those
charged with governance, as appropriate, prior to performing the engagement.
2. The agreed terms of engagement shall be recorded in an engagement letter or other suitable
form of written agreement.
3. On recurring review engagements, the practitioner shall evaluate whether circumstances,
including changes in the engagement acceptance considerations, require the terms of
engagement to be revised and whether there is a need to remind management or those
charged with governance, as appropriate, of the existing terms of engagement.
4. If, prior to completing the review engagement, the practitioner is requested to change the
engagement to an engagement for which no assurance is obtained, the practitioner shall
determine whether there is reasonable justification for doing so.
5. The practitioner shall not agree to a change in the terms of the engagement where there is
no reasonable justification for doing so.
6. If the terms of engagement are changed during the course of the engagement, the
practitioner and the management or those charged with governance, as appropriate, shall
agree on and record the new terms of engagement in an engagement letter or any other
suitable form of written agreement.

Review of Financial Information 15.3

F. OVERVIEW OF PERFORMING THE REVIEW ENGAGEMENT AFTER ITS ACCEPTANCE IN
ACCORDANCE WITH SRE2400:

1. Determine materiality for financial statements:

a. The practitioner shall determine materiality for the financial statements as a whole and
apply this materiality in designing the procedures and in evaluating the results obtained
from those procedures.
b. The practitioner’s judgment about what is material in relation to the financial statements
as a whole is the same regardless of the level of assurance obtained by a practitioner as
the basis for expressing the conclusion on the financial statements.
c. The practitioner shall revise materiality for the financial statements as a whole in the
event of becoming aware of any information during the review that would have caused
the practitioner to have determined a different amount initially.

2. Obtaining Understanding of the Entity: The practitioner shall obtain an understanding of

the entity and its environment and the applicable financial reporting framework to identify
areas in the financial statements where material misstatements are likely to arise and
thereby provide a basis for designing procedures to address those areas.

3. Designing and Performing Procedures:

a. In obtaining sufficient appropriate evidence as the basis for a conclusion on the financial
statements as a whole, the practitioner shall design and perform inquiry and analytical
procedures:
i. To address all material items in the financial statements, including disclosures and
ii. To focus on addressing areas in the financial statements where material
misstatements are likely to arise.
b. Inquiry:
i. In a review, inquiry includes seeking information from management and other
persons within the entity, as the practitioner considers appropriate in the
engagement circumstances.
ii. Inquiries may include matters such as those relating to
• making of accounting estimates,
• identification of related parties,
• about significant, complex or unusual transactions,
• existence of any actual, suspected or alleged fraud,
• events occurring between the date of the financial statements and practitioner’s
report,
• basis for management’s assessment of the entity’s ability to continue as a going
concern,
• events or conditions that appear to cast doubt on the entity’s ability to continue
as a going concern,

Review of Financial Information 15.4

 • material commitments, contractual obligations or contingencies that have
affected or may affect the entity’s financial statements including disclosures and
material non-monetary transactions or
• transactions for no consideration in the financial reporting period under
consideration.
iii. The practitioner may also extend Inquiries to obtain non-financial data if
appropriate. Evaluating the responses provided by the management is integral to the
inquiry process.
iv. Depending on the engagement circumstances, inquiries may also include inquiries
about:
• Actions taken at meetings of owners, those charged with governance and
committees thereof, and proceedings at other meetings, if any, that affect the
information and disclosures contained in the financial statements.
• Communications the entity has received, or expects to receive or obtain, from
regulatory agencies.
• Matters arising in the course of applying other procedures.
c. Analytical procedures:
i. In designing analytical procedures, the practitioner shall consider whether the data
from the entity’s accounting system and accounting records are adequate for the
purpose of performing the analytical procedures.
ii. In a review of financial statements, performing analytical procedures assists the
practitioner in:
• Obtaining or updating the practitioner’s understanding of the entity and its
environment, including to be able to identify areas where material
misstatements are likely to arise in the financial statements.
• Identifying inconsistencies or variances from expected trends, values or norms in
the financial statements such as the level of congruence of the financial
statements with key data, including key performance indicators.
• Providing corroborative evidence in relation to other inquiries or analytical
procedures already performed.
• Serving as additional procedures when the practitioner becomes aware of
matters that cause the practitioner to believe that the financial statements may
be materially misstated.

An example of such an additional procedure is a comparative analysis of monthly revenue

and cost figures across profit centres, branches or other components of the entity, to
provide evidence about financial information contained in line items or disclosures made
in the financial statements.

4. Why inquiry is important is review:

a. Evidence obtained through inquiry is often the principal source of evidence about
management intent.

Review of Financial Information 15.5

 b. However, information available to support management’s intent may be limited. In that
case, understanding management’s past history of carrying out its stated intentions,
management’s stated reasons for choosing a particular course of action, and
management’s ability to pursue a specific course of action may provide relevant
information to corroborate the evidence obtained through inquiry.
c. Application of professional scepticism in evaluating responses provided by management
is important to enable the practitioner to evaluate whether there are any matters that
would cause the practitioner to believe the financial statements may be materially
misstated.
d. Performing inquiry procedures also assists the practitioner in obtaining or updating the
practitioner’s understanding of the entity and its environment, to be able to identify
areas where material misstatements are likely to arise in the financial statements.

5. Procedures to Address Specific Circumstances

a. Related parties:
i. During the review, the practitioner shall remain alert for arrangements or
information that may indicate the existence of related party relationships or
transactions that the management has not previously identified or disclosed to the
practitioner.
ii. If the practitioner identifies significant transactions outside the entity’s normal
course of business during the course of review, the practitioner shall inquire with the
management about the nature of those transactions, possible involvement of related
parties and the business rationale (or lack thereof) of those transactions.
b. Fraud and non-compliance with laws or regulations:
i. When there is an indication that fraud or non-compliance with laws or regulations,
or suspected fraud or non-compliance with laws or regulations, has occurred in the
entity, the practitioner shall communicate that matter to the appropriate level of
senior management or those charged with governance as appropriate and request
management’s assessment of the effects, if any, on the financial statements.
ii. The practitioner has to consider the effect, if any, of management’s assessment of
the effects of fraud or non-compliance with laws or regulations communicated to
him on his conclusion on the financial statements and on his report and determine
whether there is a responsibility to report the occurrence or suspicion of fraud or
illegal acts to a party outside the entity.
c. Going concern:
i. A review of financial statements includes consideration of the entity’s ability to
continue as a going concern.
ii. If, during the performance of the review, the practitioner becomes aware of events
or conditions that may cast significant doubt about the entity’s ability to continue as
a going concern, the practitioner shall:
• Inquire of management about plans for future actions affecting the entity’s ability
to continue as a going concern and about the feasibility of those plans, and also

Review of Financial Information 15.6

 whether management believes that the outcome of those plans will improve the
situation regarding the entity’s ability to continue as a going concern.
• Evaluate the results of those inquiries, to consider whether management’s
responses provide a sufficient basis to: -
(i) Continue to present the financial statements on the going concern basis
if the applicable financial reporting framework includes the assumption
of an entity’s continuance as a going concern or
(ii) Conclude whether the financial statements are materially misstated, or
are otherwise misleading regarding the entity’s ability to continue as a
going concern and
iii. Consider management’s responses in light of all relevant information of which the
practitioner is aware as a result of the review.
d. Use of work performed by others:
i. In performing the review, it may be necessary for the practitioner to use work
performed by other practitioners, or the work of an individual or organization
possessing expertise in a field other than accounting or assurance.
ii. If the practitioner uses work performed by another practitioner or an expert in the
course of performing the review, the practitioner shall take appropriate steps to be
satisfied that the work performed is adequate for the practitioner’s purposes.
iii. When the practitioner is engaged to review the financial statements of a group of
entities, the planned nature, timing and extent of the procedures for the review are
directed at achieving the practitioner’s objectives for the review engagement in
accordance with this Standard but in the context of the group financial statements.

6. Additional procedures when the practitioner becomes aware that the financial statements
may be materially misstated:
a. If the practitioner becomes aware of matters that causes the practitioner to believe that
the financial statements may be materially misstated, the practitioner shall design and
perform additional procedures sufficient to enable the practitioner to:
i. Conclude that the matter(s) is not likely to cause the financial statements as a whole
to be materially misstated or
ii. Determine that the matter(s) causes the financial statements as a whole to be
materially misstated.
b. Additional procedures focus on obtaining sufficient appropriate evidence to enable the
practitioner to form a conclusion on matters that the practitioner believes may cause the
financial statements to be materially misstated. The procedures may be:
i. Additional inquiry or analytical procedures, for example, being performed in greater
detail or being focused on the affected items (i.e. amounts or disclosures concerning
the affected accounts or transactions as reflected in the financial statements); or
ii. Other types of procedures, for example, substantive test of details or external
confirmations.
c. Example explaining when additional procedures may be necessary in Review:

Review of Financial Information 15.7

 In course of performing inquiry and analytical procedures for review, analysis of accounts
receivable shows a material amount of past due accounts receivable, for which there is
no allowance for bad or doubtful debts. This causes the practitioner to believe that the
accounts receivable balance in the financial statements may be materially misstated. The
practitioner then inquire of management whether there are uncollectible accounts
receivable that would need to be shown as being impaired.
Depending on management’s response, the practitioner’s evaluation of the response
may:
i. Enable the practitioner to conclude that the accounts receivable balance is not likely
to be materially misstated. In that case, no further procedures are required.
ii. Enable the practitioner to determine that the matter causes the financial statements
to be materially misstated. No further procedures are required, and the practitioner
would form the conclusion that the financial statements as a whole are materially
misstated.
iii. Lead the practitioner to continue to believe that the accounts receivable balance is
likely to be materially misstated, while not providing sufficient appropriate evidence
for the practitioner to determine that they are in fact misstated.
In that case, the practitioner is required to perform additional procedures, for
example, requesting from management an analysis of amounts received for those
accounts after the balance sheet date to identify uncollectible accounts receivable.
The evaluation of the results of the additional procedures may enable the practitioner
to get to (a) or (b) above.

If not, the practitioner is required to: -

(i) Continue performing additional procedures until the practitioner reaches
either (a) or (b) above or
(ii) If the practitioner is not able to either conclude that the matter is not likely to
cause the financial statements as a whole to be materially misstated or to
determine that the matter does cause the financial statements as a whole to
be materially misstated, then a scope limitation exists and the practitioner is
not able to form an unmodified conclusion on the financial statements.
d. Additional procedures in case of subsequent events:
i. If the practitioner becomes aware of events occurring between the date of the
financial statements and the date of the practitioner’s report that require
adjustment of, or disclosure in, the financial statements, the practitioner shall
request management to correct those misstatements.
ii. The practitioner has no obligation to perform any procedures regarding the financial
statements after the date of the practitioner’s report. However, if, after the date of
the practitioner’s report but before the date the financial statements are issued, a
fact becomes known to the practitioner that, had it been known to the practitioner
at the date of the practitioner’s report, may have caused the practitioner to amend
the report, the practitioner shall: -

Review of Financial Information 15.8

 a) Discuss the matter with management or those charged with governance, as
appropriate
b) Determine whether the financial statements need amendment and
c) If so, inquire how management intends to address the matter in the financial
statements.
iii. If management does not amend the financial statements in circumstances where the
practitioner believes they need to be amended, and the practitioner’s report has
already been provided to the entity, the practitioner shall notify management and
those charged with governance not to issue the financial statements to third parties
before the necessary amendments have been made.
iv. If the financial statements are nevertheless subsequently issued without the
necessary amendments, the practitioner shall take appropriate action to prevent
reliance on the practitioner’s report.

7. Written Representations:
a. The practitioner shall request management to provide a written representation that
management has fulfilled its responsibilities described in the agreed terms of
engagement. The written representation shall include that: -
i. Management has fulfilled its responsibility for the preparation of financial
statements in accordance with the applicable financial reporting framework,
including where relevant their fair presentation, and has provided the practitioner
with all relevant information and access to information as agreed in the terms of the
engagement; and
ii. All transactions have been recorded and are reflected in the financial statements.
b. If law or regulation requires management to make written public statements about its
responsibilities, and the practitioner determines that such statements provide some or
all of the representations required above, the relevant matters covered by such
statements need not be included in the written representation.
c. In addition to the written representations required under this SRE, the practitioner may
consider it necessary to request other written representations about the financial
statements.
d. The practitioner shall also request management’s written representations that
management has disclosed to the practitioner: -
i. The identity of the entity’s related parties and all the related party relationships and
transactions of which management is aware;
ii. Significant facts relating to any frauds or suspected frauds known to management
that may have affected the entity;
iii. Known actual or possible non-compliance with laws and regulations for which the
effects of non-compliance affect the entity’s financial statements;
iv. All information relevant to use of the going concern assumption in the financial
statements;

Review of Financial Information 15.9

 v. That all events occurring subsequent to the date of the financial statements and for
which the applicable financial reporting framework requires adjustment or
disclosure, have been adjusted or disclosed;
vi. Material commitments, contractual obligations or contingencies that have affected
or may affect the entity’s financial statements, including disclosures;
vii. Material non-monetary transactions or transactions for no consideration undertaken
by the entity in the financial reporting period under consideration.
e. If management does not provide one or more of the requested written
representations, the practitioner shall: -
i. Discuss the matter with management and those charged with governance, as
appropriate;
ii. Re-evaluate the integrity of management, and evaluate the effect that this may have
on the reliability of representations (oral or written) and evidence in general; and
iii. Take appropriate actions, including determining the possible effect on the conclusion
in the practitioner’s report in accordance with this SRE.
f. The practitioner shall disclaim a conclusion on the financial statements, or withdraw
from the engagement if withdrawal is possible under applicable law or regulation, as
appropriate, if:
i. The practitioner concludes that there is sufficient doubt about the integrity of
management such that the written representations are not reliable or
ii. Management does not provide the required representations in respect of its
responsibilities for preparation of financial statements and recording of all
transactions in financial statements.

8. Evaluating evidence obtained from the procedures performed:

a. The practitioner shall evaluate whether sufficient appropriate evidence has been
obtained from the procedures performed and, if not, the practitioner shall perform other
procedures judged by the practitioner to be necessary in the circumstances to be able
to form a conclusion on the financial statements.
b. In some circumstances, the practitioner may not have obtained the evidence that the
practitioner had expected to obtain through the design of primarily inquiry and
analytical procedures and procedures addressing specific circumstances.
c. In these circumstances, the practitioner considers that the evidence obtained from the
procedures performed is not sufficient and appropriate to be able to form a conclusion
on the financial statements. The practitioner may:
• Extend the work performed or
• Perform other procedures judged by the practitioner to be necessary in the
circumstances.
d. Where neither of these is practicable in the circumstances, the practitioner will not be
able to obtain sufficient appropriate evidence to be able to form a conclusion and is
required by this SRE to determine the effect on the practitioner’s report, or on the
practitioner’s ability to complete the engagement.

Review of Financial Information 15.10

 For example, if a member of management is unavailable at the time of the review to
respond to the practitioner's inquiries on significant matters.
e. If the practitioner is not able to obtain sufficient appropriate evidence to form a
conclusion, the practitioner shall discuss with management and those charged with
governance, as appropriate, the effects such limitations have on the scope of the review.
f. Inability to perform a specific procedure does not constitute a limitation on the scope of
the review if the practitioner is able to obtain sufficient appropriate evidence by
performing other procedures.
g. Limitations on the scope of the review imposed by management may have other
implications for the review, such as for the practitioner’s consideration of areas where
the financial statements are likely to be materially misstated, and engagement
continuance.

9. Forming the practitioner’s conclusion on the financial statements:

a. In forming conclusion, the practitioner shall also consider the impact of:
i. Uncorrected misstatements identified during the review, and in the previous year’s
review of the entity’s financial statements, on the financial statements as a whole
ii. Qualitative aspects of the entity’s accounting practices, including indicators of
possible bias in management’s judgments.
b. If the financial statements are prepared using a fair presentation framework, the
practitioner’s consideration shall also include:
i. The overall presentation, structure and content of the financial statements in
accordance with the applicable framework and
ii. Whether the financial statements, including the related notes, appear to represent
the underlying transactions and events in a manner that achieves fair presentation
or gives a true and fair view, as appropriate, in the context of the financial statements
as a whole.

c. Unmodified Conclusion:
i. The practitioner shall express an unmodified conclusion in the practitioner’s report
on the financial statements as a whole when the practitioner has obtained limited
assurance to be able to conclude that nothing has come to the practitioner’s
attention that causes the practitioner to believe that the financial statements are not
prepared, in all material respects, in accordance with the applicable financial
reporting framework.
ii. When the practitioner expresses an unmodified conclusion, the practitioner shall,
unless otherwise required by law or regulation, use one of the following phrases, as
appropriate: -
a) “Based on our review, nothing has come to our attention that causes us to believe
that the financial statements do not give a true and fair view (or do not present
fairly, in all material respects), in accordance with the applicable financial
reporting framework,” (for financial statements prepared using a fair
presentation framework); or

Review of Financial Information 15.11

 b) “Based on our review, nothing has come to our attention that causes us to believe
that the financial statements are not prepared, in all material respects, in
accordance with the applicable financial reporting framework,” (for financial
statements prepared using a compliance framework).

d. Modified Conclusion:
i. Circumstances in which a modified opinion is issued: The practitioner shall express
a modified conclusion in the practitioner’s report on the financial statements as a
whole when:
a) The practitioner determines, based on the procedures performed and the
evidence obtained, that the financial statements are materially misstated or
b) The practitioner is unable to obtain sufficient and appropriate evidence in
relation to one or more items in the financial statements that are material in
relation to the financial statements as a whole.
ii. Change the title: When the practitioner modifies the conclusion expressed on the
financial statements, the practitioner shall:
a) Use the heading “Qualified Conclusion,” “Adverse Conclusion” or “Disclaimer of
Conclusion,” as appropriate, for the conclusion paragraph in the practitioner’s
report and
b) Provide a description of the matter giving rise to the modification, under an
appropriate heading (for example, “Basis for Qualified Conclusion,” “Basis for
Adverse Conclusion” or “Basis for Disclaimer of Conclusion,” as appropriate) in a
separate paragraph in the practitioner’s report immediately before the
conclusion paragraph (referred to as the basis for conclusion paragraph).
iii. If the practitioner determines that the financial statements are materially
misstated, the practitioner shall express:
a) A qualified conclusion, when the practitioner concludes that the effects of the
matter(s) giving rise to the modification are material, but not pervasive to the
financial statements; or
b) An adverse conclusion, when the effects of the matter(s) giving rise to the
modification are both material and pervasive to the financial statements.
iv. Usage of phrases in case of qualified conclusion: When the practitioner expresses a
qualified conclusion on the financial statements because of a material misstatement,
the practitioner shall, unless otherwise required by law or regulation, use one of the
following phrases, as appropriate: -
a) “Based on our review, except for the effects of the matter(s) described in the
Basis for Qualified Conclusion paragraph, nothing has come to our attention that
causes us to believe that the financial statements do not give a true and fair view
(or do not present fairly, in all material respects), in accordance with the
applicable financial reporting framework,” (for financial statements prepared
using a fair presentation framework) or
b) “Based on our review, except for the effects of the matter(s) described in the
Basis for Qualified Conclusion paragraph, nothing has come to our attention that

Review of Financial Information 15.12

 causes us to believe that the financial statements are not prepared, in all material
respects, in accordance with the applicable financial reporting framework,” (for
financial statements prepared using a compliance framework).
v. Usage of phrases in case of adverse conclusion: When the practitioner expresses an
adverse conclusion on the financial statements, the practitioner shall, unless
otherwise required by law or regulation, use one of the following phrases, as
appropriate:
a) “Based on our review, due to the significance of the matter(s) described in the
Basis for Adverse Conclusion paragraph, the financial statements do not give a
true and fair view (or do not present fairly, in all material respects), in accordance
with the applicable financial reporting framework,” (for financial statements
prepared using a fair presentation framework); or
b) “Based on our review, due to the significance of the matter(s) described in the
Basis for Adverse Conclusion paragraph, the financial statements are not
prepared, in all material respects, in accordance with the applicable financial
reporting framework,” (for financial statements prepared using a compliance
framework).
vi. Quantification of misstatements in case of qualified and adverse conclusion: In the
basis for conclusion paragraph, in relation to material misstatements that give rise
to either a qualified conclusion or an adverse conclusion, the practitioner shall: -
a) Describe and quantify the financial effects of the misstatement if the material
misstatement relates to specific amounts in the financial statements (including
quantitative disclosures), unless impracticable, in which case the practitioner
shall so state;
b) Explain how disclosures are misstated if the material misstatement relates to
narrative disclosures; or
c) Describe the nature of omitted information if the material misstatement relates
to the non-disclosure of information required to be disclosed. Unless prohibited
by law or regulation, the practitioner shall include the omitted disclosures where
practicable to do so.
vii. Auditor unable to obtain sufficient and appropriate audit evidence: If the
practitioner is unable to form a conclusion on the financial statements due to the
inability to obtain sufficient appropriate and evidence, the practitioner shall:
a) Express a qualified conclusion if the practitioner concludes that the possible
effects on the financial statements of undetected misstatements, if any, could be
material but not pervasive or
b) Disclaim a conclusion if the practitioner concludes that the possible effects on
the financial statements of undetected misstatements, if any, could be both
material and pervasive.
c) The practitioner shall withdraw from the engagement if the following conditions
are present: -
(i) Due to a limitation on the scope of the review imposed by management after
the practitioner has accepted the engagement, the practitioner is unable to

Review of Financial Information 15.13

 obtain sufficient appropriate and evidence to form a conclusion on the
financial statements.
(ii) The practitioner has determined that the possible effects on the financial
statements of undetected misstatements are material and pervasive and
(iii) Withdrawal is possible under applicable law or regulation.
viii. Usage of phrases when auditor express a qualified conclusion due to non-
availability of audit evidence: When the practitioner expresses a qualified
conclusion on the financial statements due to inability to obtain sufficient and
appropriate evidence, the practitioner shall, unless otherwise required by law or
regulation, use one of the following phrases, as appropriate:
a) “Based on our review, except for the possible effects of the matter(s) described
in the Basis for Qualified Conclusion paragraph, nothing has come to our
attention that causes us to believe that the financial statements do not give a
true and fair view (or do not present fairly, in all material respects) in accordance
with the applicable financial reporting framework,” (for financial statements
prepared using a fair presentation framework); or
b) “Based on our review, except for the possible effects of the matter(s) described
in the Basis for Qualified Conclusion paragraph, nothing has come to our
attention that causes us to believe that the financial statements are not
prepared, in all material respects, in accordance with the applicable financial
reporting framework,” (for financial statements prepared using a compliance
framework).
ix. Usage of phrases in case of disclaiming of conclusion: When disclaiming a
conclusion on the financial statements the practitioner shall state in the conclusion
paragraph that:
a) Due to the significance of the matter(s) described in the Basis for Disclaimer of
Conclusion paragraph, the practitioner is unable to obtain sufficient appropriate
evidence to form a conclusion on the financial statements; and
b) Accordingly, the practitioner does not express a conclusion on the financial
statements.
c) In the basis for conclusion paragraph, in relation to either the qualified
conclusion due to inability of obtaining sufficient and appropriate evidence or
when the practitioner disclaims a conclusion, the practitioner shall include the
reason(s) for the inability to obtain sufficient and appropriate evidence.

10. The Practitioner’s Report: The practitioner’s report for the review engagement shall be in
writing and shall contain the following elements:
a. A title, which shall clearly indicate that it is the report of an independent practitioner for
a review engagement
b. The addressee(s), as required by the circumstances of the engagement
c. An introductory paragraph that:

Review of Financial Information 15.14

 1) Identifies the financial statements reviewed, including identification of the title of
each of the statements contained in the set of financial statements and the date and
period covered by each financial statement
2) Refers to the summary of significant accounting policies and other explanatory
information and
3) States that the financial statements have been reviewed.
d. A description of the responsibility of management for the preparation of the financial
statements, including an explanation that management is responsible for:
1) Their preparation in accordance with the applicable financial reporting framework
including, where relevant, their fair presentation;
2) Such internal control as management determines is necessary to enable the
preparation of financial statements that are free from material misstatement,
whether due to fraud or error.
e. If the financial statements are special purpose financial statements:
1) A description of the purpose for which the financial statements are prepared and, if
necessary, the intended users, or reference to a note in the special purpose financial
statements that contains that information; and
2) If management has a choice of financial reporting frameworks in the preparation of
such financial statements, a reference within the explanation of management’s
responsibility for the financial statements to management’s responsibility for
determining that the applicable financial reporting framework is acceptable in the
circumstances.
f. A description of the practitioner’s responsibility to express a conclusion on the financial
statements including reference to this SRE and, where relevant, applicable law or
regulation.
g. A description of a review of financial statements and its limitations, and the following
statements:
1) A review engagement under this SRE is a limited assurance engagement.
2) The practitioner performs procedures, primarily consisting of making inquiries of
management and others within the entity, as appropriate, and applying analytical
procedures, and evaluates the evidence obtained and
3) The procedures performed in a review are substantially less than those performed in
an audit conducted in accordance with Standards on Auditing (SAs), and, accordingly,
the practitioner does not express an audit opinion on the financial statements.
h. A paragraph under the heading “Conclusion” that contains:
1) The practitioner’s conclusion on the financial statements as a whole as appropriate
and
2) A reference to the applicable financial reporting framework used to prepare the
financial statements.
i. When the practitioner’s conclusion on the financial statements is modified:
1) A paragraph under the appropriate heading that contains the practitioner’s modified
conclusion as appropriate and

Review of Financial Information 15.15

 2) A paragraph, under an appropriate heading, that provides a description of the
matter(s) giving rise to the modification.
j. A reference to the practitioner’s obligation under this SRE to comply with relevant
ethical requirements.
k. The date of the practitioner’s report: The practitioner shall date the report no earlier
than the date on which the practitioner has obtained sufficient appropriate evidence as
the basis for the practitioner’s conclusion on the financial statements, including being
satisfied that: -
1) All the statements that comprise the financial statements under the applicable
financial reporting framework, including the related notes where applicable, have
been prepared and
2) Those with the recognized authority have asserted that they have taken
responsibility for those financial statements.
l. The practitioner’s signature and
m. The place of signature.

G. EMPHASIS OF MATTER AND OTHER MATTER PARAGRAPHS IN THE PRACTITIONER’S REPORT:

1. Emphasis of matter:
a. The practitioner may consider it necessary to draw users’ attention to a matter presented
or disclosed in the financial statements that, in the practitioner’s judgment, is of such
importance that it is fundamental to users’ understanding of the financial statements.
b. In such cases, the practitioner shall include an Emphasis of Matter paragraph in the
practitioner’s report, provided the practitioner has obtained sufficient appropriate
evidence to conclude that the matter is not likely to be materially misstated as presented
in the financial statements.
c. Such paragraph shall refer only to the information presented or disclosed in the financial
statements.
d. The practitioner shall include an Emphasis of Matter paragraph immediately after the
paragraph that contains the practitioner’s conclusion on the financial statements under
the heading “Emphasis of Matter,” or other appropriate heading.
2. Other matter paragraph: If the practitioner considers it necessary to communicate a matter
other than those that are presented or disclosed in the financial statements that, in the
practitioner’s judgment, is relevant to users’ understanding of the review, the practitioner’s
responsibilities or the practitioner’s report and this is not prohibited by law or regulation,
the practitioner shall do so in a paragraph in the practitioner’s report with the heading
“Other Matter” or other appropriate heading.

H. OTHER REPORTING RESPONSIBILITIES: A practitioner may be requested to address other

reporting responsibilities in the practitioner’s report on the financial statements that are in
addition to the practitioner’s responsibilities under this SRE to report on the financial
statements. In such situations, those other reporting responsibilities shall be addressed by the
practitioner in a separate section in the practitioner’s report headed “Report on Other Legal and

Review of Financial Information 15.16

 Regulatory Requirements,” or otherwise as appropriate to the context of the section, following
the section of the report headed “Report on the Financial Statements.”

I. DOCUMENTATION:
1. The preparation of documentation for the review provides evidence that the review was
performed in accordance with this SRE along with legal and regulatory requirements where
relevant and a sufficient and appropriate record of the basis for the practitioner’s report.
2. The practitioner shall document the following aspects of the engagement in a timely
manner, sufficient to enable an experienced practitioner, having no previous connection
with the engagement, to understand:
a. The nature, timing, and extent of the procedures performed to comply with this SRE and
applicable legal and regulatory requirements
b. Results obtained from the procedures, and the practitioner’s conclusions formed on the
basis of those results and
c. Significant matters arising during the engagement, the practitioner’s conclusions
reached thereon, and significant professional judgments made in reaching those
conclusions.
3. While documenting the nature, timing and extent of procedures performed as required in
this SRE, the practitioner shall record:
a. Who performed the work and the date such work was completed and
b. Who reviewed the work performed for the purpose of quality control for the
engagement, and the period and extent of the review.
4. The practitioner shall also document discussions with the management, those charged with
governance, and others as relevant to the performance of the review of significant matters
arising during the engagement, including the nature of those matters.
5. If, in the course of the engagement, the practitioner identified information that is
inconsistent with the practitioner’s findings regarding significant matters affecting the
financial statements, the practitioner shall document how the inconsistency was addressed.

J. AUDIT VS. REVIEW: An audit engagement has many similarities with a review engagement.
However, there are certain important areas of distinction relating to the nature of engagement,
its performance, objective and reporting highlighted under:
Audit Review
Audit is a type of reasonable assurance Review is a type of limited assurance
engagement providing reasonable level of engagement providing a lower level of
assurance. assurance than reasonable assurance
engagement.
It performs elaborate and extensive It performs fewer procedures primarily
procedures including tests of controls and focusing on inquiry and analytical
substantive procedures. procedures.
It draws reasonable conclusions on the basis It draws limited conclusions on the basis of
of sufficient appropriate evidence. sufficient appropriate evidence.

Review of Financial Information 15.17

 It provides an assurance opinion. The It provides an assurance conclusion. The
language of assurance opinion is positively language of assurance conclusion is
worded. negatively worded.

SRE 2410 REVIEW OF INTERIM FINANCIAL INFORMATION PERFORMED BY THE INDEPENDENT

AUDITOR OF THE ENTITY

A. INTERIM FINANCIAL INFORMATION: Interim financial information is

• financial information that is prepared and presented in accordance with an applicable
financial reporting framework and
• comprises either a complete or a condensed set of financial statements
• for a period that is shorter than the entity’s financial year.
For example, interim financial information may relate to financial statements of a quarter of
financial year.

B. OBJECTIVE:
1. The objective of an engagement to review interim financial information is to enable the
auditor to express a conclusion whether, on the basis of the review, anything has come to
the auditor’s attention that causes the auditor to believe that the interim financial
information is not prepared, in all material respects, in accordance with an applicable
financial reporting framework.
2. The auditor makes inquiries and performs analytical and other review procedures in order
to reduce to a moderate level risk of expressing an inappropriate conclusion when the
interim financial information is materially misstated.
3. The objective of a review of interim financial information differs significantly from that of an
audit conducted in accordance with Standards on Auditing (SAs). A review of interim
financial information does not provide a basis for expressing an opinion on whether the
financial information gives a true and fair view, or is presented fairly, in all material respects,
in accordance with an applicable financial reporting framework.

C. AGREEING THE TERMS OF THE ENGAGEMENT:

1. The auditor and the client should agree on the terms of the engagement.
2. The agreed terms of the engagement are ordinarily recorded in an engagement letter.
3. Such communication helps to avoid misunderstandings regarding the nature of the
engagement and, in particular, the objective and scope of the review, management’s
responsibilities, the extent of the auditor’s responsibilities, the assurance obtained, and the
nature and form of the report.

D. UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT INCLUDING ITS INTERNAL CONTROL:

Review of Financial Information 15.18

 1. The auditor should have an understanding of the entity and its environment, including its
internal control, as it relates to the preparation of both annual and interim financial
information, sufficient to plan and conduct the engagement so as to be able to:
a. Identify the types of potential material misstatement and consider the likelihood of their
occurrence and
b. Select the inquiries, analytical and other review procedures that will provide the auditor
with a basis for reporting whether anything has come to the auditor’s attention that
causes the auditor to believe that the interim financial information is not prepared, in all
material respects, in accordance with the applicable financial reporting framework.
2. Some of the procedures performed by the auditor to update the understanding of the entity
and its environment, including its internal control, ordinarily include the following:
a. Reading the documentation, to the extent necessary, of the preceding year’s audit and
reviews of prior interim period(s) of the current year and corresponding interim
period(s) of the prior year, to enable the auditor to identify matters that may affect the
current-period interim financial information.
b. Considering any significant risks, including the risk of management override of controls,
that were identified in the audit of the prior year’s financial statements.
c. Reading the most recent annual and comparable prior period interim financial
information.
d. Considering materiality with reference to the applicable financial reporting framework
as it relates to interim financial information to assist in determining the nature and
extent of the procedures to be performed and evaluating the effect of misstatements.
e. Considering the nature of any corrected material misstatements and any identified
uncorrected immaterial misstatements in the prior year’s financial statements.
f. Considering significant financial accounting and reporting matters that may be of
continuing significance such as material weaknesses in internal control.
g. Considering the results of any audit procedures performed with respect to the current
year’s financial statements.
h. Considering the results of any internal audit performed and the subsequent actions
taken by the management.
i. Inquiring of management about the results of management’s assessment of the risk that
the interim financial information may be materially misstated as a result of fraud.
j. Inquiring of management about the effect of changes in the entity’s business activities.
k. Inquiring of management about any significant changes in internal control and the
potential effect of any such changes on the preparation of interim financial information.
l. Inquiring of management of the process by which the interim financial information has
been prepared and the reliability of the underlying accounting records to which the
interim financial information is agreed or reconciled.

E. INQUIRIES, ANALYTICAL AND OTHER REVIEW PROCEDURES:

1. The auditor should make inquiries, primarily of persons responsible for financial and
accounting matters, and perform analytical and other review procedures to enable the
auditor to conclude whether, on the basis of the procedures performed, anything has come

Review of Financial Information 15.19

 to the auditor’s attention that causes the auditor to believe that the interim financial
information is not prepared, in all material respects, in accordance with the applicable
financial reporting framework.
2. The auditor’s understanding of the entity and its environment including its internal control,
the results of the risk assessments relating to the preceding audit and the auditor’s
consideration of materiality as it relates to the interim financial information, affects the
nature and extent of the inquiries made, and analytical and other review procedures
applied.
3. The auditor ordinarily performs the following procedures: -
a. Reading the minutes of the meetings of shareholders, those charged with governance,
and other appropriate committees to identify matters that may affect the interim
financial information, and inquiring about matters dealt with at meetings for which
minutes are not available that may affect the interim financial information.
b. Considering the effect, if any, of matters giving rise to a modification of the audit or
review report, accounting adjustments or unadjusted misstatements, at the time of the
previous audit or reviews.
c. Communicating, where appropriate, with other auditors who are performing a review of
the interim financial information of the reporting entity’s significant components.
d. Inquiring of members of management responsible for financial and accounting matters,
and others as appropriate about the following:
i. Whether the interim financial information has been prepared and presented in
accordance with the applicable financial reporting framework.
ii. Whether there have been any changes in accounting principles or in the methods of
applying them.
iii. Whether any new transactions have necessitated the application of a new
accounting principle.
iv. Whether the interim financial information contains any known uncorrected
misstatements.
v. Unusual or complex situations that may have affected the interim financial
information, such as a business combination or disposal of a segment of the
business.
vi. Significant assumptions that are relevant to the fair value measurement or
disclosures and management’s intention and ability to carry out specific courses of
action on behalf of the entity.
vii. Whether related party transactions have been appropriately accounted for and
disclosed in the interim financial information.
viii. Significant changes in commitments and contractual obligations.
ix. Significant changes in contingent liabilities including litigation or claims.
x. Compliance with debt covenants.
xi. Matters about which questions have arisen in the course of applying the review
procedures.
xii. Significant transactions occurring in the last several days of the interim period or the
first several days of the next interim period.

Review of Financial Information 15.20

 xiii. Knowledge of any fraud or suspected fraud affecting the entity involving
management, employees who have significant roles in internal control or others
where the fraud could have a material effect on the interim financial information.
xiv. Knowledge of any allegations of fraud, or suspected fraud, affecting the entity’s
interim financial information communicated by employees, former employees,
analysts, regulators, or others.
xv. Knowledge of any actual or possible non-compliance with laws and regulations that
could have a material effect on the interim financial information.
e. Applying analytical procedures to the interim financial information designed to identify
relationships and individual items that appear to be unusual and that may reflect a
material misstatement in the interim financial information.
f. Reading the interim financial information, and considering whether anything has come
to the auditor’s attention that causes the auditor to believe that the interim financial
information is not prepared, in all material respects, in accordance with the applicable
financial reporting framework.
4. The auditor may perform many of the review procedures before or simultaneously with the
entity’s preparation of the interim financial information.
For example, it may be practicable to update the understanding of the entity and its
environment, including its internal control, and begin reading applicable minutes before the
end of the interim period.
5. Performing some of the review procedures earlier in the interim period also permits early
identification and consideration of significant accounting matters affecting the interim
financial information.
6. The auditor may obtain evidence that the interim financial information agrees or reconciles
with the underlying accounting records by tracing the interim financial information to:
a. The accounting records, such as the general ledger, or a consolidating schedule that
agrees or reconciles with the accounting records; and
b. Other supporting data in the entity’s records as necessary.
7. Litigations and claims:
a. A review of interim financial information ordinarily does not require corroborating the
inquiries about litigation or claims.
b. It is, therefore, ordinarily not necessary to send an inquiry letter to the entity’s lawyer.
c. Direct communication with the entity’s lawyer with respect to litigation or claims may,
however, be appropriate if a matter comes to the auditor’s attention that causes the
auditor to question whether the interim financial information is not prepared, in all
material respects, in accordance with the applicable financial reporting framework, and
the auditor believes the entity’s lawyer may have pertinent information.
8. Subsequent events: The auditor should inquire whether management has identified all
events up to the date of the review report that may require adjustment to or disclosure in
the interim financial information. It is not necessary for the auditor to perform other
procedures to identify events occurring after the date of the review report.
9. Going concern:

Review of Financial Information 15.21

 a. The auditor should inquire whether management has changed its assessment of the
entity’s ability to continue as a going concern.
b. When, as a result of this inquiry or other review procedures, the auditor becomes aware
of events or conditions that may cast significant doubt on the entity’s ability to continue
as a going concern, the auditor should:
i. Inquire of management as to its plans for future actions based on its going concern
assessment, the feasibility of these plans, and whether management believes that
the outcome of these plans will improve the situation and
ii. Consider the adequacy of the disclosure about such matters in the interim financial
information.
c. Events or conditions which may cast significant doubt on the entity’s ability to continue
as a going concern may have existed at the date of the annual financial statements or
may be identified as a result of inquiries of management or in the course of performing
other review procedures.
d. When such events or conditions come to the auditor’s attention, the auditor inquires of
management as to its plans for future action, such as
• its plans to liquidate assets,
• borrow money or restructure debt,
• reduce or delay expenditures, or
• increase capital.
e. The auditor also inquires as to the feasibility of management’s plans and whether
management believes that the outcome of these plans will improve the situation.
10. Material adjustments to interim financial information: When a matter comes to the
auditor’s attention that leads the auditor to question whether a material adjustment should
be made for the interim financial information to be prepared, in all material respects, in
accordance with the applicable financial reporting framework, the auditor should make
additional inquiries or perform other procedures to enable the auditor to express a
conclusion in the review report.
For example, if the auditor’s review procedures lead the auditor to question whether a
significant sales transaction is recorded in accordance with the applicable financial reporting
framework, the auditor performs additional procedures sufficient to resolve the auditor’s
questions, such as discussing the terms of the transaction with senior marketing and
accounting personnel, or reading the sales contract.

F. EVALUATION OF MISSTATEMENTS:
1. The auditor should evaluate, individually and in the aggregate, whether uncorrected
misstatements that have come to the auditor’s attention are material to the interim financial
information.
2. Misstatements which come to the auditor’s attention, including inadequate disclosures, are
evaluated individually and in the aggregate to determine whether a material adjustment is
required to be made to the interim financial information for it to be prepared, in all material
respects, in accordance with the applicable financial reporting framework.

Review of Financial Information 15.22

 3. The auditor exercises professional judgment in evaluating the materiality of any
misstatements that the entity has not corrected.

G. MANAGEMENT REPRESENTATIONS: The auditor should obtain written representation from

management that: -
1. It acknowledges its responsibility for the design and implementation of internal control to
prevent and detect fraud and error.
2. The interim financial information is prepared and presented in accordance with the
applicable financial reporting framework.
3. It believes the effect of those uncorrected misstatements aggregated by the auditor during
the review are immaterial, both individually and in the aggregate, to the interim financial
information taken as a whole. A summary of such items is included in or attached to the
written representations.
4. It has disclosed to the auditor all significant facts relating to any frauds or suspected frauds
known to management that may have affected the entity.
5. It has disclosed to the auditor the results of its assessment of the risks that the interim
financial information may be materially misstated as a result of fraud.
6. It has disclosed to the auditor all known actual or possible non-compliance with laws and
regulations whose effects are to be considered when preparing the interim financial
information.
7. It has disclosed to the auditor all significant events that have occurred subsequent to the
balance sheet date and through to the date of the review report that may require
adjustment to or disclosure in the interim financial information.

H. AUDITOR’S RESPONSIBILITY FOR ACCOMPANYING INFORMATION:

1. The auditor should read the other information that accompanies the interim financial
information to consider whether any such information is materially inconsistent with the
interim financial information.
2. If the auditor identifies a material inconsistency, the auditor considers whether the interim
financial information or the other information needs to be amended.
3. If an amendment is necessary in the interim financial information and management refuses
to make such amendment, the auditor considers the implications for the review report.
4. If an amendment is necessary in the other information and management refuses to make
such amendment, the auditor considers including in the review report an additional
paragraph describing the material inconsistency, or taking other actions, such as withholding
the issuance of the review report or withdrawing from the engagement.
5. If a matter comes to the auditor’s attention that causes the auditor to believe that the other
information appears to include a material misstatement of fact, the auditor should discuss
the matter with the entity’s management.
6. While reading the other information for the purpose of identifying material inconsistencies,
an apparent material misstatement of fact may come to the auditor’s attention (i.e.,
information, not related to matters appearing in the interim financial information, that is
incorrectly stated or presented).

Review of Financial Information 15.23

 7. When discussing the matter with the entity’s management, the auditor considers the validity
of the other information and management’s responses to the auditor’s inquiries, whether
valid differences of judgment or opinion exist and whether to request management to
consult with a qualified third party to resolve the apparent misstatement of fact.
8. If an amendment is necessary to correct a material misstatement of fact and management
refuses to make the amendment, the auditor considers taking further action as appropriate,
such as notifying those charged with governance and obtaining a legal advice.

I. COMMUNICATION:
1. Auditor becomes aware of a matter that requires the material adjustment to the interim
financial information:
a. When, as a result of performing the review of interim financial information, a matter
comes to the auditor’s attention that causes the auditor to believe that it is necessary to
make a material adjustment to the interim financial information, the auditor should
communicate this matter as soon as practicable to the appropriate level of management.
b. When, in the auditor’s judgment, management does not respond appropriately within a
reasonable period of time, the auditor should inform those charged with governance.
The communication is made as soon as practicable, either orally or in writing.
c. The auditor’s decision whether to communicate orally or in writing is affected by factors
such as the nature, sensitivity and significance of the matter to be communicated and
the timing of such communications. If the information is communicated orally, the
auditor documents the communication.
d. When, in the auditor’s judgment, those charged with governance do not respond
appropriately within a reasonable period, the auditor should consider:
i. Whether to modify the report or
ii. The possibility of withdrawing from the engagement and
iii. The possibility of resigning from the appointment to audit the annual financial
statements.

2. Auditor becomes aware of a matter that causes him to believe existence of fraud and non
compliance with laws and regulations:
a. When, as a result of performing the review of interim financial information, a matter
comes to the auditor’s attention that causes the auditor to believe in the existence of
fraud or noncompliance by the entity with laws and regulations, the auditor should
communicate the matter as soon as practicable to the appropriate level of management.
b. The determination of which level of management is the appropriate one is affected by
the likelihood of collusion or the involvement of a member of management.
c. The auditor also considers the need to report such matters to those charged with
governance and considers the implication for the review. The auditor should
communicate relevant matters of governance interest arising from the review of interim
financial information with those charged with governance.

Review of Financial Information 15.24

 3. As a result of performing the review of the interim financial information, the auditor may
become aware of matters that in the opinion of the auditor are both important and relevant
to those charged with governance in overseeing the financial reporting and disclosure
process, the auditor communicates such matters to those charged with governance.

J. REPORTING THE NATURE, EXTENT AND RESULTS OF THE REVIEW OF INTERIM FINANCIAL
INFORMATION:
The auditor should issue a written report that contains the following:
a. An appropriate title.
b. An addressee, as required by the circumstances of the engagement.
c. Identification of the interim financial information reviewed, including identification of the
title of each of the statements contained in the complete or condensed set of financial
statements and the date and period covered by the interim financial information.
d. If the interim financial information comprises a complete set of general-purpose financial
statements prepared in accordance with a financial reporting framework designed to
achieve fair presentation, a statement that management is responsible for the preparation
and fair presentation of the interim financial information in accordance with the applicable
financial reporting framework.
e. In other circumstances, a statement that management is responsible for the preparation and
presentation of the interim financial information in accordance with the applicable financial
reporting framework.
f. A statement that the auditor is responsible for expressing a conclusion on the interim
financial information based on the review.
g. A statement that the review of the interim financial information was conducted in
accordance with Standard on Review Engagements (SRE) 2410, “Review of Interim Financial
Information Performed by the Independent Auditor of the Entity,” and a statement that that
such a review consists of making inquiries, primarily of persons responsible for financial and
accounting matters, and applying analytical and other review procedures.
h. A statement that a review is substantially less in scope than an audit conducted in
accordance with Standards on Auditing and consequently does not enable the auditor to
obtain assurance that the auditor would become aware of all significant matters that might
be identified in an audit and that accordingly no audit opinion is expressed.
i. If the interim financial information comprises a complete set of general purpose financial
statements prepared in accordance with a financial reporting framework designed to
achieve fair presentation, a conclusion as to whether anything has come to the auditor’s
attention that causes the auditor to believe that the interim financial information does not
give a true and fair view, or does not present fairly, in all material respects, in accordance
with the applicable financial reporting framework.
j. In other circumstances, a conclusion as to whether anything has come to the auditor’s
attention that causes the auditor to believe that the interim financial information is not
prepared, in all material respects, in accordance with the applicable financial reporting
framework
k. The date of the report.

Review of Financial Information 15.25

 l. Place of Signature.
m. The auditor’s signature and membership number assigned by the Institute of Chartered
Accountants of India (ICAI).
n. The Firm’s registration number of the member of the Institute, wherever applicable, as
allotted by ICAI.
o. UDIN has also to be generated and stated for review engagement as it is also in nature of an
assurance engagement.

K. DEPARTURE FROM THE APPLICABLE FINANCIAL REPORTING FRAMEWORK:

1. The auditor should express qualified or adverse conclusion when a matter has come to the
auditor’s attention that causes the auditor to believe that a material adjustment should be
made to the interim financial information for it to be prepared, in all material respects, in
accordance with the applicable financial reporting framework.
2. If matters have come to the auditor’s attention that cause the auditor to believe that the
interim financial information is or may be materially affected by a departure from the
applicable financial reporting framework, and management does not correct the interim
financial information, the auditor modifies the review report.
3. The modification describes the nature of the departure and, if practicable, states the effects
on the interim financial information.
4. If the information that the auditor believes is necessary for adequate disclosure is not
included in the interim financial information, the auditor modifies the review report and, if
practicable, includes the necessary information in the review report.
5. The modification to the review report is ordinarily accomplished by adding an explanatory
paragraph to the review report and qualifying the conclusion.
6. When the effect of the departure is so material and pervasive to the interim financial
information that the auditor concludes a qualified conclusion is not adequate to disclose the
misleading or incomplete nature of the interim financial information, the auditor expresses
an adverse conclusion.

L. LIMITATION ON SCOPE: A limitation on scope ordinarily prevents the auditor from completing
the review. When the auditor is unable to complete the review, the auditor should
communicate, in writing, to the appropriate level of management and to those charged with
governance the reason why the review cannot be completed and consider whether it is
appropriate to issue a report.

1. Limitation on Scope Imposed by Management:

a. The auditor does not accept an engagement to review the interim financial information
if the auditor’s preliminary knowledge of the engagement circumstances indicates that
the auditor would be unable to complete the review because there will be a limitation
on the scope of the auditor’s review imposed by the management of the entity.

Review of Financial Information 15.26

 b. If, after accepting the engagement, management imposes a limitation on the scope of
the review, the auditor requests the removal of that limitation.
c. If management refuses to do so, the auditor is unable to complete the review and
express a conclusion. In such cases, the auditor communicates, in writing, to the
appropriate level of management and those charged with governance the reason why
the review cannot be completed.
d. The auditor also considers the legal and regulatory responsibilities, including whether
there is a requirement for the auditor to issue a report.
e. If there is such a requirement, the auditor disclaims a conclusion, and provides in the
review report the reason why the review cannot be completed.
2. Other Limitations on Scope:
a. A limitation on scope may occur due to circumstances other than a limitation on scope
imposed by management. In such circumstances, the auditor is ordinarily unable to
complete the review and express a conclusion.
b. There may be, however, some rare circumstances where the limitation on the scope of
the auditor’s work is clearly confined to one or more specific matters that, while
material, are not in the auditor’s judgment pervasive to the interim financial
information. In such circumstances, the auditor modifies the review report by indicating
that, except for the matter which is described in an explanatory paragraph to the review
report, the review was conducted in accordance with this SRE, and by qualifying the
conclusion.
c. The auditor may have expressed a qualified opinion on the audit of the latest annual
financial statements because of a limitation on the scope of that audit. The auditor
considers whether that limitation on scope still exists and, if so, the implications for the
review report.

M. GOING CONCERN AND SIGNIFICANT UNCERTAINTIES:

1. If, as a result of inquiries or other review procedures, a material uncertainty relating to an
event or condition comes to the auditor’s attention that may cast significant doubt on the
entity’s ability to continue as a going concern, and adequate disclosure is made in the interim
financial information the auditor modifies the review report by adding an emphasis of
matter paragraph.
2. The auditor may have modified a prior audit or review report by adding an emphasis of
matter paragraph to highlight a material uncertainty relating to an event or condition that
may cast significant doubt on the entity’s ability to continue as a going concern. If the
material uncertainty still exists and adequate disclosure is made in the interim financial
information, the auditor modifies the review report on the current interim financial
information by adding a paragraph to highlight the continued material uncertainty.
3. If a material uncertainty that casts significant doubt about the entity’s ability to continue as
a going concern is not adequately disclosed in the interim financial information, the auditor
should express a qualified or adverse conclusion, as appropriate.
4. The report should include specific reference to the fact that there is such a material
uncertainty.

Review of Financial Information 15.27

N. OTHER CONSIDERATIONS:
1. The terms of the engagement include management’s agreement that where any document
containing interim financial information indicates that such information has been reviewed
by the entity’s auditor, the review report will also be included in the document.
2. If management has not included the review report in the document, the auditor considers
seeking legal advice to assist in determining the appropriate course of action in the
circumstances.
3. If the auditor has issued a modified review report and management issues the interim
financial information without including the modified review report in the document
containing the interim financial information, the auditor considers seeking legal advice to
assist in determining the appropriate course of action in the circumstances, and the
possibility of resigning from the appointment to audit the annual financial statements.
4. Interim financial information consisting of a condensed set of financial statements does not
necessarily include all the information that would be included in a complete set of financial
statements, but may rather present an explanation of the events and changes that are
significant to an understanding of the changes in the state of affairs and performance of the
entity since the annual reporting date.
5. This is because it is presumed that the users of the interim financial information will have
access to the latest audited financial statements, such as is the case with listed entities.
6. In other circumstances, the auditor discusses with management the need for such interim
financial information to include a statement that it is to be read in conjunction with the latest
audited financial statements.
7. In the absence of such a statement, the auditor considers whether, without a reference to
the latest audited financial statements, the interim financial information is misleading in the
circumstances, and the implications for the review report.

O. DOCUMENTATION: The auditor should prepare review documentation that is sufficient and
appropriate to provide a basis for the auditor’s conclusion and to provide evidence that the
review was performed in accordance with this SRE and applicable legal and regulatory
requirements.

Review of Financial Information 15.28

 16. PROSPECTIVE FINANCIAL INFORMATION AND
OTHER ASSURANCE SERVICES
INTRODUCTION

WHAT IS ASSURANCE ENGAGEMENT?

An assurance engagement may relate to examination of subject matters other than examination of
financial statements prepared on basis of “historical financial information”. In such type of
assurance engagements, examination may relate to prospective financial information or to
providing assurance regarding non-financial matters like design and operation of internal control in
an entity.

Standards on Assurance Engagements deal with responsibilities of professional accountants in

assurance engagements dealing such matters. The level of assurance provided by these Standards
on Assurance Engagements is moderate.

Following Standards on Assurance Engagements have been issued: -

• SAE 3400 - The Examination of Prospective Financial Information
• SAE 3402 - Assurance Reports on Controls at a Service Organisation
• SAE 3420 - Assurance Engagements to Report on the Compilation of Pro Forma Financial
Information Included in a Prospectus

SAE 3400 THE EXAMINATION OF PROSPECTIVE FINANCIAL INFORMATION

A. DEFINITIONS:

1. Prospective financial information:

a. “Prospective financial information” is Financial information based on:
• Assumptions about events that may occur in the future and
• Possible actions by an entity.
b. It is highly subjective in nature and its preparation requires the exercise of considerable
judgment.
c. Prospective financial information can be in the form of :
• a forecast,
• a projection,
• or a combination of both (for example a 1-year, forecast plus a 5-year, projection.)

2. Forecast: Forecast means Prospective Financial Information prepared on the basis of:
a. Assumptions as to future events which management expects to take place and
b. The actions management expects to take as of the date the information is prepared.
c. Best-estimate assumptions: An assumption that reflects anticipated experience with
no provision for risk of adverse deviation.

Prospective Financial Information and other Assurance services 16.1

 Example: In present market conditions, supply availability, historical buying patterns and
seasonal trends, the CFO of a X ltd a expects sales to increase by 5% over the next quarter.
Therefore, a 5% sales increase is his financial forecast for the period.

3. Projection: Prospective Financial Information prepared on the basis of:

a. Hypothetical assumptions about future events and management actions which are
not necessarily expected to take place, such as when some entities are in a start-up
phase or are considering a major change in the nature of operations; or
b. A mixture of best-estimate and hypothetical assumptions (imagined or suggested).

Examples:
1. X Ltd may project a course of action to take when one or more hypothetical situations
arise, such as creating a new product to meet the demand of expected market
growth. As a result of assuming the possibility of different events occurring, financial
projections typically serve as an outline for evaluating the desired outcomes x ltd. is
expects to see, including its financial, cash flow and operational outcomes.
2. A company plans to raise funds from a prospective equity investor and has asked a
firm of Chartered Accountants to examine the profit forecast for placing it before
prospective equity investor.
3. A company is in the process of setting up a new plant. It needs financial assistance
from bank in shape of term loan and working capital credit facilities. The company
has prepared a projection of its profits, cash flows for next seven years along with its
underlying assumptions.

B. SCOPE OF THIS STANDARD:

1. The purpose of this Standard on Assurance Engagement (SAE) is to establish standards and
provide guidance on engagements to examine and report on prospective financial
information including examination procedures for best-estimate and hypothetical
assumptions.
2. This SAE does not apply to the examination of prospective financial information expressed
in general or narrative terms, such as that found in management’s discussion and analysis in
an entity’s annual report, though many of the procedures outlined herein may be suitable
for such an examination.
3. Further, the principles laid down in the other Standards on Auditing, issued by the Institute
of Chartered Accountants of India, should be used by the auditor, to the extent practicable,
in applying this SAE.
4. The term “auditor” is used throughout this SAE when describing services involving
examination of prospective financial information. Such reference is not intended to imply
that a member performing such services need necessarily be the statutory auditor of the
entity’s financial statements.

C. NATURE OF ASSURANCE REGARDING PROSPECTIVE FINANCIAL INFORMATION:

Prospective Financial Information and other Assurance services 16.2

 1. Prospective financial information relates to events and actions that have not yet occurred
and might not occur.
2. While evidence may be available to support the assumptions on which the prospective
financial information is based, such evidence is itself generally future- oriented and,
therefore, speculative in nature, as distinct from the evidence ordinarily available in the
examination of historical financial information.
3. Therefore, an opinion as to whether the results shown in the prospective financial
information will be achieved cannot be expressed.

D. RESPONSIBILITY OF PREPARATION AND PRESENTATION OF PROSPECTIVE FINANCIAL

INFORMATION:
1. Management is responsible for the preparation and presentation of the prospective financial
information including the :
a. Identification and disclosure of Prospective Financial Information;
b. Explaining the basis of forecast;
c. Underlying assumptions.
2. Can Professional Accountants be associated with Prospective Financial Information?
a. Clause 3 of the Second Schedule to the Chartered Accountants Act, 1949 states that that
a chartered accountant in practice shall be deemed to be guilty of professional
misconduct, if he permits his name or the name of his firm to be used in connection with
an estimate of earnings contingent upon future transactions in a manner which may lead
to the belief that he vouches for the accuracy of the forecast.
b. The above clause does not preclude a Chartered accountant from associating his name
with prospective financial statements.
c. A chartered accountant can participate in the preparation of profit or financial forecasts
and can review them, provided he indicates clearly in his report the
• sources of information,
• the basis of forecasts and
• also the major assumptions made in arriving at the forecasts and
• so long as he does not vouch for the accuracy of the forecasts.
d. The same also applies to projections made on the basis of hypothetical assumptions
about future events and management actions which are not necessarily expected to take
place so long as vouching for the accuracy of the projection is not made.

E. DUTIES OF MEMBER WHO IS EXAMINING THE PROSPECTIVE FINANCIAL INFORMATION:

In an engagement to examine prospective financial information, the auditor should obtain
sufficient appropriate evidence as to whether:
a. management’s best-estimate assumptions on which the prospective financial information is
based are not unreasonable and, in the case of hypothetical assumptions, such assumptions
are consistent with the purpose of the information;
b. the prospective financial information is properly prepared on the basis of the assumptions;

Prospective Financial Information and other Assurance services 16.3

 c. the prospective financial information is properly presented and all material assumptions are
adequately disclosed, including a clear indication as to whether they are best-estimate
assumptions or hypothetical assumptions; and
d. the prospective financial information is prepared on a consistent basis with historical
financial statements, using appropriate accounting principles.
Note: While examining prospective financial information, principles laid down in other
Standards on Auditing should be applied to the extent practicable.

F. NATURE OF ASSURANCE REGARDING PROSPECTIVE FINANCIAL INFORMATION:

1. Prospective financial information relates to events and actions that have not yet occurred
and might not occur.
2. While evidence may be available to support the assumptions on which the prospective
financial information is based, such evidence is itself generally future- oriented and,
therefore, speculative in nature, as distinct from the evidence ordinarily available in the
examination of historical financial information.
3. Therefore, an opinion as to whether the results shown in the prospective financial
information will be achieved cannot be expressed.

G. ACCEPTANCE OF ENGAGEMENT - PRECAUTIONS TO BE TAKEN BY AUDITOR BEFORE ACCEPTING

SUCH AN ENGAGEMENT:
1. Before accepting an engagement to examine prospective financial information, the auditor
would consider, amongst other things:
a. The intended use of the information.
b. Whether the information will be for general or limited distribution.
c. The nature of the assumptions, that is, whether they are best estimates or hypothetical
Assumptions.
d. The elements to be included in the information.
e. The period covered by the information.
2. Further, the auditor should not accept, or should withdraw from, an engagement when
a. the assumptions are clearly unrealistic or
b. when the auditor believes that the prospective financial information will be
inappropriate for its intended use.
3. The auditor should consider the extent to which reliance on the entity’s historical financial
information is justified. Like in other engagements, it is necessary that terms of engagements
should be agreed with client by sending an engagement letter.

H. EXAMINATION PROCEDURES:
1. When determining the nature, timing and extent of examination procedures, the following
matters should be considered such as:
a. The knowledge obtained during any previous engagements.
b. Management’s competence regarding the preparation of prospective financial
information.
c. The likelihood of material misstatement.

Prospective Financial Information and other Assurance services 16.4

 d. The extent to which the prospective financial information is affected by the
management’s judgment.
e. The sources of information considered by the management for the purpose, their
adequacy, reliability of the underlying data, including data derived from third parties,
such as industry statistics, to support the assumptions.
f. The stability of entity’s business.
g. The engagement team’s experience with the business and the industry in which the
entity operates and with reporting on prospective financial information.
2. In performing these procedures, source and reliability of the evidence supporting
management’s best-estimate assumptions needs to be assessed.
3. Such evidence may be available from varied sources like entity’s budgets, debt agreements,
industry publications etc.
4. When hypothetical assumptions are used, all significant implications of such assumptions
should have been taken into consideration.
For example, if sales are assumed to grow beyond the entity’s current plant capacity, the
prospective financial information will need to include the necessary investment in the
additional plant capacity or the costs of alternative means of meeting the anticipated sales,
such as subcontracting production.
5. It needs to be verified that the hypothetical assumptions are consistent with the purpose of
the prospective financial information and that there is no reason to believe they are clearly
unrealistic.

I. PRESENTATION AND DISCLOSURE:

When assessing the presentation and disclosure of the prospective financial information and
the underlying assumptions, in addition to the specific requirements of any relevant statutes,
regulations as well as the relevant professional pronouncements, it needs to be considered
whether:
a. The presentation of prospective financial information is informative and not misleading.
b. The accounting policies are clearly disclosed in the notes to the prospective financial
information.
c. The assumptions are adequately disclosed in the notes to the prospective financial
information. It needs to be clear whether assumptions represent management’s best-
estimates or are hypothetical and, when assumptions are made in areas that are material
and are subject to a high degree of uncertainty, this uncertainty and the resulting sensitivity
of results needs to be adequately disclosed.
d. The date as of which the prospective financial information was prepared is disclosed.
Management needs to confirm that the assumptions are appropriate as of this date, even
though the underlying information may have been accumulated over a period of time.
e. The basis of establishing points in a range is clearly indicated and the range is not selected
in a biased or misleading manner when results shown in the prospective financial
information are expressed in terms of a range.

Prospective Financial Information and other Assurance services 16.5

 f. If there is any change in the accounting policy of the entity from that disclosed in the most
recent historical financial statements, whether reason for the change and the effect of such
change on the prospective financial information has been adequately disclosed.

J. REPORT ON EXAMINATION OF PROSPECTIVE FINANCIAL INFORMATION:

1. The report for an examination of prospective financial information should contain the
following:
a. Title
b. Addressee
c. Identification of the prospective financial information
d. Reference to the Standards on Auditing applicable to the examination of prospective
financial information
e. Statement that management is responsible for the prospective financial information
including the underlying assumptions
f. When applicable, a reference to the purpose and/or restricted distribution of the
prospective financial information
g. Statement that the examination procedures included examination, on a test basis, of
evidence supporting the assumptions, amounts and other disclosures in the forecast or
projection
h. Statement of negative assurance as to whether the assumptions provide a reasonable
basis for the prospective financial information
i. Opinion as to whether the prospective financial information is properly prepared on the
basis of the assumptions and is presented in accordance with the relevant financial
reporting framework
j. Appropriate caveats concerning the achievability of the results indicated by the
prospective financial information
k. Date of report (which should be the date procedures have been completed)
l. Place of signature and
m. Signature.
2. Such a report would:
a. State whether, based on the examination of the evidence supporting the assumptions,
anything has come to attention, which causes the belief that the assumptions do not
provide a reasonable basis for the prospective financial information.
b. Express an opinion as to whether the prospective financial information is properly
prepared on the basis of the assumptions and is presented in accordance with the
relevant financial reporting framework.
c. State that: -
• Actual results are likely to be different from the prospective financial information
since anticipated events frequently do not occur as expected and the variation could
be material. Likewise, when the prospective financial information is expressed as a
range, it would be stated that there can be no assurance that actual results will fall
within the range and

Prospective Financial Information and other Assurance services 16.6

 • In the case of a projection, the prospective financial information has been prepared
for (intended use), using a set of assumptions that include hypothetical assumptions
about future events and management’s actions that are not necessarily expected to
occur. Consequently, readers are cautioned that the prospective financial
information should not be used for purposes other than the abovementioned
intended use.
3. When it is believed that the presentation and disclosure of the prospective financial
information is not adequate, a qualified or adverse opinion in the report on the prospective
financial information should be expressed or withdrawal from engagement should be made
as appropriate.
An example would be where financial information fails to disclose adequately the
consequences of any assumptions, which are highly sensitive.
4. When it is believed that one or more significant assumptions do not provide a reasonable
basis for the prospective financial information prepared on the basis of best-estimate
assumptions or that one or more significant assumptions do not provide a reasonable basis
for the prospective financial information given the hypothetical assumptions, an adverse
opinion setting out the reasons in the report on the prospective financial information should
be expressed, or withdrawal from the engagement should be made.
5. When the examination is affected by conditions that preclude application of one or more
procedures considered necessary in the circumstances, either withdrawal from the
engagement or disclaimer of the opinion and describing the scope limitation in the report
on the prospective financial information is considered.

K. DOCUMENTATION: Matters, which are important in providing evidence to support report on

examination of prospective financial information, and evidence that such examination was
carried out in accordance with this SAE should be documented.

SAE 3402 ASSURANCE REPORTS ON CONTROLS AT A SERVICE ORGANISATION

A. DEFINITIONS:
1. Service Organisation: Service organization refers to a third-party organization (or segment
of a third-party organization) that provides services to user entities that are likely to be
relevant to user entities internal control as it relates to financial reporting. User entity refers
to an entity that uses a service organization.
2. User auditor: User auditor refers to an auditor who audits and reports on the financial
statements of a user entity.
3. Service auditor: Service auditor refers to a professional accountant in public practice who,
at the request of the service organization, provides an assurance report on controls at a
service organization.

B. WHY CONTROLS OF A SERVICE ORGANIZATION ARE IMPORTANT TO A USER ENTITY’S

INTERNAL CONTROLS RELATING TO FINANCIAL REPORTING?

Prospective Financial Information and other Assurance services 16.7

 1. Controls related to a service organization’s operations and compliance objectives may be
relevant to a user entity’s internal control as it relates to financial reporting. Such controls
may pertain to assertions about presentation and disclosure relating to account balances,
classes of transactions, or disclosures, or may pertain to evidence that the user auditor
evaluates or uses in applying auditing procedures.
For example, a company has outsourced its payroll processing functions to a service
organization. The service organization is responsible for the accurate preparation of payrolls
and timely remittance of statutory dues to government authorities on behalf of the company.
Payroll processing service organization’s controls related to the timely remittance of payroll
deductions to government authorities may be relevant to the company (user entity) as late
remittances could result in interest and penalties resulting in liabilities for the user entity.
2. “Controls at the service organization” includes aspects of user entities’ information systems
maintained by the service organization, and may also include aspects of one or more of the
other components of internal control at a service organization.
3. The determination of whether controls at a service organization related to operations and
compliance are likely to be relevant to user entities’ internal control as it relates to financial
reporting is a matter of professional judgment, having regard to the control objectives set
by the service organization and the suitability of the criteria.

C. SCOPE OF THIS STANDARD:

1. SAE 3402 applies only when the service organization is responsible for, or otherwise able to
make an assertion about, the suitable design of controls.
2. It does not deal with assurance engagements:
a. To report only on whether controls at a service organization operated as described or
b. To report only on controls at a service organization other than those related to a service
that is likely to be relevant to user entities’ internal control as it relates to financial
reporting (for example, controls that affect user entities’ production or quality control).

D. OBJECTIVES OF SERVICE AUDITOR IN ACCORDANCE WITH SAE 3402:

1. The objectives of the service auditor are: -
a. To obtain reasonable assurance about whether, in all material respects, based on
suitable criteria: -
(i) The service organization’s description of its system fairly presents the system as
designed and implemented throughout the specified period (or in the case of a
type 1 report, as at a specified date)
(ii) The controls related to the control objectives stated in the service organization’s
description of its system were suitably designed throughout the specified period
(or in the case of a type 1 report, as at a specified date)
(iii) Where included in the scope of the engagement, the controls operated
effectively to provide reasonable assurance that the control objectives stated in
the service organization’s description of its system were achieved throughout the
specified period.
b. To report on the matters in (a) above in accordance with the service auditor’s findings.

Prospective Financial Information and other Assurance services 16.8

E. TYPE 1 REPORT & TYPE 2 REPORT:
1. Type 1 report: Type 1 report is a report that comprises:
(i) The service organization’s description of its system;
(ii) A written assertion by the service organization that, in all material respects, and
based on suitable criteria:
a. The description fairly presents the service organization’s system as designed and
implemented at the specified date
b. The controls related to the control objectives stated in the service organization’s
description of its system were suitably designed as at the specified date and
(iii) A service auditor’s assurance report that conveys reasonable assurance about the
matters referred to in (ii).

2. Type 2 report: Type 2 report is a report that comprises:

(i) The service organization’s description of its system
(ii) A written assertion by the service organization that, in all material respects, and
based on suitable criteria:
a. The description fairly presents the service organization’s system as designed and
implemented throughout the specified period
b. The controls related to the control objectives stated in the service organization’s
description of its system were suitably designed throughout the specified period
and
c. The controls related to the control objectives stated in the service organization’s
description of its system operated effectively throughout the specified period
and
(iii) A service auditor’s assurance report that: -
a. Conveys reasonable assurance about the matters in (ii) and
b. Includes a description of the tests of controls and the results thereof.

Note: Type 1 report is a report on the description and design of controls at a service organization
whereas type 2 report is a report on the description, design and operating effectiveness of
controls at a service organization.

F. HOW SUCH AN ENGAGEMENT IS PROCEEDED WITH?

1. Compliance with ethical requirements: The service auditor shall comply with relevant
ethical requirements, including those pertaining to independence, relating to assurance
engagements.
2. Determination of Management and those charged with governance and communication
with them: The service auditor shall inquire of, request representations from, communicate
with, or otherwise interact with the service organization wherever required. The service
auditor shall determine the appropriate persons within the service organization’s
management or governance structure with whom to interact.

Prospective Financial Information and other Assurance services 16.9

 3. Acceptance and changes in terms of engagement:
a. Before, accepting such an engagement, it has to be ensured by service auditor that
necessary capabilities and competence to carry out such engagement are possessed by
him.
b. It also needs to be ensured that the criteria to be applied by the service organization to
prepare the description of its system will be suitable and available to user entities and
their auditors and the scope of the engagement and the service organization’s
description of its system will not be so limited that they are unlikely to be useful to user
entities and their auditors.
c. If the service organization requests a change in the scope of the engagement before the
completion of the engagement, the service auditor shall be satisfied that there is a
reasonable justification for the change.
4. Assessing of suitability of the Criteria: The service auditor shall assess whether the service
organization has used suitable criteria in preparing the description of its system, in
evaluating whether controls are suitably designed, and, in the case of a type 2 reports, in
evaluating whether controls are operating effectively.
5. Determination of Materiality: When planning and performing the engagement, the service
auditor shall consider materiality with respect to the fair presentation of the description, the
suitability of the design of controls and, in the case of a type 2 report, the operating
effectiveness of controls.
6. Obtaining an understanding of the Service organization’s system: The service Auditor shall
obtain an understanding of the service organization’s system, including controls that are
included in the scope of engagement.
7. Obtaining evidence regarding the description: The service auditor shall obtain and read the
service organization’s description of its system and evaluate whether those aspects of the
description included in the scope of engagement are fairly presented.
8. Obtaining evidence regarding the design of controls: The service auditor shall determine
which of the controls at the service organization are necessary to achieve the control
objectives stated in the service organization’s description of its system and shall assess
whether those controls were suitably designed.
9. Obtaining evidence regarding operating effectiveness of controls: When providing a type 2
report, the service auditor shall test those controls that the service auditor has determined
are necessary to achieve the control objectives stated in the service organization’s
description of its system, and assess their operating effectiveness throughout the period.
10. Understanding the internal audit function: If the service organization has an internal audit
function, the service auditor shall obtain an understanding of the nature of the
responsibilities of the internal audit function and of the activities performed in order to
determine whether the internal audit function is likely to be relevant to the engagement in
order for the service auditor to use specific work of the internal auditors.
11. Asking for Written Representations: The service auditor shall request the service
organization to provide written representations:
a. That reaffirm the assertion accompanying the description of the system

Prospective Financial Information and other Assurance services 16.10

 b. That it has provided the service auditor with all relevant information and access agreed
to and
c. That it has disclosed to the service auditor any of the following of which it is aware:
(i) Non-compliance with laws and regulations, fraud, or uncorrected deviations
attributable to the service organization that may affect one or more user entities
(ii) Design deficiencies in controls
(iii) Instances where controls have not operated as described and
(iv) Any events subsequent to the period covered by the service organization’s
description of its system up to the date of the service auditor’s assurance report
that could have a significant effect on the service auditor’s assurance report.
12. Subsequent Events: The service auditor shall inquire whether the service organization is
aware of any events subsequent to the period covered by the service organization’s
description of its system up to the date of the service auditor’s assurance report that could
have a significant effect on the service auditor’s assurance report.

G. REPORTING:

1. Contents of the assurance report: The service auditor’s assurance report shall include the
following basic elements:
a. A title that clearly indicates the report is an independent service auditor’s assurance
report.
b. An addressee.
c. Identification of:
(i) The service organization’s description of its system, and the service organization’s
assertion, which includes the matters for a type 2 report, or for a type 1 report.
(ii) Those parts of the service organization’s description of its system, if any, that are
not covered by the service auditor’s opinion.
(iii) If the description refers to the need for complementary user entity controls, a
statement that the service auditor has not evaluated the suitability of design or
operating effectiveness of complementary user entity controls, and that the
control objectives stated in the service organization’s description of its system
can be achieved only if complementary user entity controls are suitably designed
or operating effectively, along with the controls at the service organization.
(iv) If services are performed by a subservice organization, the nature of activities
performed by the subservice organization as described in the service
organization’s description of its system.
d. Identification of the criteria, and the party specifying the control objectives.
e. A statement that the report and, in the case of a type 2 report, the description of tests
of controls are intended only for user entities and their auditors, who have a sufficient
understanding to consider it, along with other information including information about
controls operated by user entities themselves, when assessing the risks of material
misstatements of user entities’ financial statements.
f. A statement that the service organization is responsible for:

Prospective Financial Information and other Assurance services 16.11

 (i) Preparing the description of its system, and the accompanying assertion,
including the completeness, accuracy and method of presentation of that
description and that assertion.
(ii) Providing the services covered by the service organization’s description of its
system.
(iii) Stating the control objectives (where not identified by law or regulation, or
another party, for example, a user group or a professional body) and
(iv) Designing and implementing controls to achieve the control objectives stated in
the service organization’s description of its system.
g. A statement that the service auditor’s responsibility is to express an opinion on the
service organization’s description, on the design of controls related to the control
objectives stated in that description and, in the case of a type 2 report, on the operating
effectiveness of those controls, based on the service auditor’s procedures.
h. A statement that the engagement was performed in accordance with SAE 3402,
“Assurance Reports on Controls at a Service Organization,” which requires that the
service auditor comply with ethical requirements and plan and perform procedures to
obtain reasonable assurance about whether, in all material respects, the service
organization’s description of its system is fairly presented and the controls are suitably
designed and, in the case of a type 2 report, are operating effectively.
i. A summary of the service auditor’s procedures to obtain reasonable assurance and a
statement of the service auditor’s belief that the evidence obtained is sufficient and
appropriate to provide a basis for the service auditor’s opinion, and, in the case of a type
1 report, a statement that the service auditor has not performed any procedures
regarding the operating effectiveness of controls and therefore no opinion is expressed
thereon.
j. A statement of the limitations of controls and, in the case of a type 2 report, of the risk
of projecting to future periods any evaluation of the operating effectiveness of controls.
k. The service auditor’s opinion, expressed in the positive form, on whether, in all material
respects, based on suitable criteria:
(i) In the case of a type 2 report:
a. The description fairly presents the service organization’s system that had
been designed and implemented throughout the specified period.
b. The controls related to the control objectives stated in the service
organization’s description of its system were suitably designed throughout
the specified period.
c. The controls tested, which were those necessary to provide reasonable
assurance that the control objectives stated in the description were achieved,
operated effectively throughout the specified period.
(ii) In the case of a type 1 report:
a. The description fairly presents the service organization’s system that had
been designed and implemented as at the specified date and

Prospective Financial Information and other Assurance services 16.12

 b. The controls related to the control objectives stated in the service
organization’s description of its system were suitably designed as at the
specified date.
l. The date of the service auditor’s assurance report, which shall be no earlier than the
date on which the service auditor has obtained sufficient appropriate evidence on which
to base the opinion.
m. Signature -The report should be signed by the practitioner.
n. The place of signature – the report should name specific location, which is ordinarily the
city where the report is signed.

2. Additional matters requiring reporting in type 2 report:

a. In the case of a type 2 report, the service auditor’s assurance report shall include a
separate section after the opinion, or an attachment, that describes the tests of controls
that were performed and the results of those tests.
b. In describing the tests of controls, the service auditor shall clearly state which controls
were tested, identify whether the items tested represent all or a selection of the items
in the population, and indicate the nature of the tests in sufficient detail to enable user
auditors to determine the effect of such tests on their risk assessments.
c. If deviations have been identified, the service auditor shall include the extent of testing
performed that led to identification of the deviations (including the sample size where
sampling has been used), and the number and nature of the deviations noted.
d. The service auditor shall report deviations even if, on the basis of tests performed, the
service auditor has concluded that the related control objective was achieved.

3. Modified Opinions: If the service auditor concludes that:

a. The service organization’s description does not fairly present, in all material respects, the
system as designed and implemented.
b. The controls related to the control objectives stated in the description were not suitably
designed, in all material respects.
c. In the case of a type 2 report, the controls tested, which were those necessary to provide
reasonable assurance that the control objectives stated in the service organization’s
description of its system were achieved, did not operate effectively, in all material
respects or
d. The service auditor is unable to obtain sufficient appropriate evidence, the service
auditor’s opinion shall be modified, and the service auditor’s assurance report shall
contain a clear description of all the reasons for the modification.

H. DOCUMENTATION:
The service auditor shall prepare documentation that is sufficient to enable an experienced
service auditor, having no previous connection with the engagement, to understand:
a. The nature, timing, and extent of the procedures performed to comply with this SAE and
applicable legal and regulatory requirements.
b. The results of the procedures performed, and the evidence obtained and

Prospective Financial Information and other Assurance services 16.13

 c. Significant matters arising during the engagement, and the conclusions reached thereon and
significant professional judgments made in reaching those conclusions.

SAE 3420 ASSURANCE ENGAGEMENTS TO REPORT ON THE COMPILATION OF PRO FORMA

FINANCIAL INFORMATION INCLUDED IN A PROSPECTUS

A. PRO FORMA FINANCIAL INFORMATION:

1. Pro forma financial information refers to financial information shown together with
adjustments to illustrate the impact of an event or transaction on unadjusted financial
information as if the event had occurred or the transaction had been undertaken at an
earlier date selected for purposes of the illustration.
2. The Pro forma financial information is, normally, used in the offer documents to
demonstrate the effect of a transaction on the financial statements of a company as if those
transactions had occurred at an earlier date.
3. Pro forma financial information does not represent the entity’s actual financial position,
financial performance, or cash flows.

B. OBJECTIVES: The objectives of the practitioner in accordance with SA 3420 are: -

a. To obtain reasonable assurance about whether the pro forma financial information has been
compiled, in all material respects, by the responsible party on the basis of the applicable
criteria and
b. To report in accordance with the practitioner’s findings.

C. COMPILATION OF PRO FORMA FINANCIAL INFORMATION:

1. The compilation of pro forma financial information involves the responsible party gathering,
classifying, summarising and presenting financial information that illustrates the impact of
a significant event or transaction on the unadjusted financial information of the entity as if
the event had occurred or the transaction had been undertaken at the selected date.
2. Steps involved in this process include:-
a. Identifying the source of the unadjusted financial information to be used in compiling
the pro forma financial information, and extracting the unadjusted financial information
from that source.
b. Making pro forma adjustments to the unadjusted financial information for the purpose
for which the pro forma financial information is presented and
c. Presenting the resulting pro forma financial information with accompanying disclosures.

D. NATURE OF THE PRACTITIONER’S RESPONSIBILITY:

1. In such an engagement performed under this SAE, the practitioner has no responsibility to
compile the pro forma financial information for the entity. Such responsibility rests with the
responsible party.
2. The practitioner’s sole responsibility is to report on whether the pro forma financial
information has been compiled, in all material respects, by the responsible party on the basis
of the applicable criteria.

Prospective Financial Information and other Assurance services 16.14

 3. It is a reasonable assurance engagement to report on the compilation of pro forma financial
information involving performing the procedures to assess whether the applicable criteria
used by the responsible party in the compilation of the pro forma financial information
provide a reasonable basis for presenting the significant effects directly attributable to the
event or transaction.

E. STEPS INVOLVED IN SUCH AN ENGAGEMENT:

1. Engagement Acceptance:
a. “Applicable criteria” are criteria used by the responsible party when compiling the pro
forma financial information. Criteria may be established by an authorized or recognized
standard-setting organization or by law or regulation.
b. Where established criteria do not exist, they will be developed by the responsible party.
c. Before agreeing to accept an engagement to report on whether pro forma financial
information included in a prospectus has been compiled, in all material respects, on the
basis of the applicable criteria, the practitioner shall consider matters stated below.
i. Determine that the practitioner has the capabilities and competence to perform the
engagement.
ii. On the basis of a preliminary knowledge of the engagement circumstances and
discussion with the responsible party, determine that the applicable criteria are
suitable and that it is unlikely that the pro forma financial information will be
misleading for the purpose for which it is intended.
iii. Evaluate the wording of the opinion prescribed by the relevant law or regulation, if
any, to determine that the practitioner will likely be able to express the opinion so
prescribed based on performing the procedures specified in this SAE.
iv. Where the sources from which the unadjusted financial information and any
acquiree or divestee financial information have been extracted have been audited or
reviewed and a modified audit opinion or review conclusion has been expressed, or
the report contains an Emphasis of Matter paragraph, consider whether or not the
relevant law or regulation permits the use of, or reference in the practitioner’s report
to, the modified audit opinion or review conclusion or the report containing the
Emphasis of Matter paragraph with respect to such sources.
v. If the entity’s historical financial information has never been audited or reviewed,
consider whether the practitioner can obtain a sufficient understanding of the entity
and its accounting and financial reporting practices to perform the engagement.
vi. If the event or transaction includes an acquisition and the acquiree’s historical
financial information has never been audited or reviewed, consider whether the
practitioner can obtain a sufficient understanding of the acquiree and its accounting
and financial reporting practices to perform the engagement and
vii. Obtain the agreement of the responsible party that it acknowledges and understands
its responsibility for:
(i) Adequately disclosing and describing the applicable criteria to the intended
users if these are not publicly available.

Prospective Financial Information and other Assurance services 16.15

 (ii) Compiling the pro forma financial information on the basis of the applicable
criteria and
(iii) Providing the practitioner with:
a. Access to all information (including, when needed for purposes of the
engagement, information of the acquiree(s) in a business combination),
such as records, documentation and other material, relevant to
evaluating whether the pro forma financial information has been
compiled, in all material respects, on the basis of the applicable criteria
b. Additional information that the practitioner may request from the
responsible party for the purpose of the engagement
c. Access to those within the entity and the entity’s advisors from whom the
practitioner determines it necessary to obtain evidence relating to
evaluating whether the pro forma financial information has been
compiled, in all material respects, on the basis of the applicable criteria;
and
d. When needed for purposes of the engagement, access to appropriate
individuals within the acquiree(s) in a business combination.

2. Planning and Performing the Engagement:

a. The practitioner shall assess whether the applicable criteria are suitable, as required by
the Framework for Assurance Engagements.
b. When planning and performing the engagement, the practitioner shall consider
materiality with respect to evaluating whether the pro forma financial information has
been compiled, in all material respects, on the basis of the applicable criteria.
c. An understanding of how the responsible party has compiled the pro forma financial
Information and other engagement circumstances.
d. The practitioner shall obtain evidence about the appropriateness of the source from
which the unadjusted financial information has been extracted.
e. If there is no audit or review report on the source from which the unadjusted financial
information has been extracted, the practitioner shall perform procedures to be satisfied
that the source is appropriate.
f. The practitioner shall determine whether the responsible party has appropriately
extracted the unadjusted financial information from the source.
g. The practitioner shall obtain evidence about the appropriateness of the pro forma
adjustments. In relation to unadjusted financial information, Pro forma adjustments
include:
i. Adjustments to unadjusted financial information that illustrate the impact of a
significant event or transaction as if the event had occurred or the transaction had
been undertaken at an earlier date selected for purposes of the illustration and
ii. Adjustments to unadjusted financial information that are necessary for the pro
forma financial information to be compiled on a basis consistent with the applicable
financial reporting framework of the reporting entity and its accounting policies
under that framework.

Prospective Financial Information and other Assurance services 16.16

 h. The practitioner shall evaluate the presentation of pro forma financial information.
i. The practitioner shall read the other information included in the Prospectus containing
the pro forma financial information to identify material inconsistencies, if any, with pro
forma financial information.

3. Written Representations: The practitioner shall request written representations from the
responsible party that-
a. In compiling the pro forma financial information, the responsible party has identified all
appropriate pro forma adjustments necessary to illustrate the impact of the event or
transaction at the date or for the period of the illustration and
b. The pro forma financial information has been compiled, in all material respects, on the
basis of the applicable criteria.

4. Opinion:
a. Unmodified Opinion: The practitioner shall express an unmodified opinion when the
practitioner concludes that the pro forma financial information has been compiled, in all
material respects, by the responsible party on the basis of the applicable criteria.
b. Modified Opinion:
i. Where the relevant law or regulation precludes publication of a prospectus that
contains a modified opinion with regard to whether the pro forma financial
information has been compiled, in all material respects, on the basis of the applicable
criteria and the practitioner concludes that a modified opinion is nevertheless
appropriate in accordance with the Framework for Assurance Engagements, the
practitioner shall discuss the matter with the responsible party.
ii. If the responsible party does not agree to make the necessary changes, the
practitioner shall:
• Withdraw from the engagement or
• Consider seeking legal advice.
iii. Where the relevant law or regulation may not preclude publication of a prospectus
that contains a modified opinion with regard to whether the pro forma financial
information has been compiled, in all material respects, on the basis of the applicable
criteria and the practitioner determines that a modified opinion is appropriate in
accordance with the Framework for Assurance Engagements, the practitioner shall
apply the requirements in the Framework for Assurance Engagements regarding
modified opinions.
c. Emphasis of Matter Paragraph:
i. In some circumstances, the practitioner may consider it necessary to draw the user’s
attention to a matter presented or disclosed in the pro forma financial information
or the accompanying explanatory notes.
ii. This would be the case when, in the practitioner’s opinion, the matter is of such
importance that it is fundamental to the user’s understanding of whether the pro
forma financial information has been compiled, in all material respects, on the basis
of the applicable criteria.

Prospective Financial Information and other Assurance services 16.17

 iii. In such circumstances, the practitioner shall include an Emphasis of Matter
paragraph in the practitioner’s report provided that the practitioner has obtained
sufficient appropriate evidence that the matter does not affect whether the pro
forma financial information has been compiled, in all material respects, on the basis
of the applicable criteria.
iv. Such a paragraph shall refer only to information presented or disclosed in the pro
forma financial Information or the accompanying explanatory notes.

5. Preparing the Assurance Report:

The practitioner’s report shall include the following basic elements:
a. A title that clearly indicates that the report is an independent assurance report
b. An addressee(s), as agreed in the terms of engagement
c. Introductory paragraphs that identify: -
(i) The pro forma financial information
(ii) The source from which the unadjusted financial information has been extracted
and whether or not an audit or review report on such a source has been
published
(iii) The period covered by, or the date of, the pro forma financial information and
(iv) A reference to the applicable criteria on the basis of which the responsible party
has performed the compilation of the pro forma financial information, and the
source of the criteria.
d. A statement that the responsible party is responsible for compiling the pro forma
financial information on the basis of the applicable criteria.
e. A description of the practitioner’s responsibilities, including statements that: -
(i) The practitioner’s responsibility is to express an opinion about whether the pro
forma financial information has been compiled, in all material respects, by the
responsible party on the basis of the applicable criteria.
(ii) For purposes of this engagement, the practitioner is not responsible for updating
or reissuing any reports or opinions on any historical financial information used
in compiling the pro forma financial information, nor has the practitioner, in the
course of this engagement, performed an audit or review of the financial
information used in compiling the pro forma financial information and
(iii) The purpose of pro forma financial information included in a prospectus is solely
to illustrate the impact of a significant event or transaction on unadjusted
financial information of the entity as if the event had occurred or the transaction
had been undertaken at an earlier date selected for purposes of the illustration.
Accordingly, the practitioner does not provide any assurance that the actual
outcome of the event or transaction at that date would have been as presented.
f. A statement that the engagement was performed in accordance with SAE 3420,
‘Assurance Engagements to Report on the Compilation of Pro Forma Financial
Information Included in a Prospectus’, which requires that the practitioner comply with
ethical requirements and plan and perform procedures to obtain reasonable assurance

Prospective Financial Information and other Assurance services 16.18

 about whether the responsible party has compiled, in all material respects, the pro
forma financial information on the basis of the applicable criteria.
g. Statements that: -
(i) A reasonable assurance engagement to report on whether the pro forma
financial information has been compiled, in all material respects, on the basis of
the applicable criteria involves performing procedures to assess whether the
applicable criteria used by the responsible party in the compilation of the pro
forma financial information provide a reasonable basis for presenting the
significant effects directly attributable to the event or transaction and to obtain
sufficient appropriate evidence about whether:
• The related pro forma adjustments give appropriate effect to those criteria;
• The pro forma financial information reflects the proper application of those
adjustments to the unadjusted financial information
(ii) The procedures selected depend on the practitioner’s judgment, having regard
to the practitioner’s understanding of the nature of the entity, the event or
transaction in respect of which the pro forma financial information has been
compiled, and other relevant engagement circumstances and
(iii) The engagement also involves evaluating the overall presentation of the pro
forma financial information.
h. Unless otherwise required by law or regulation, the practitioner’s opinion using one of
the following phrases, which are regarded as being equivalent: -
(i) The pro forma financial information has been compiled, in all material respects,
on the basis of the applicable criteria or
(ii) The pro forma financial information has been properly compiled on the basis
stated.
i. The practitioner’s signature
j. The date of the report and
k. The place of signature.

F. DOCUMENTATION: As in case of all assurance engagements, documentation has to be ensured

by the practitioner while performing engagement under SAE 3420.

Prospective Financial Information and other Assurance services 16.19

 17. DIGITAL AUDITING AND ASSURANCE

[Link].1 WHAT IS DIGITAL AUDIT? ALSO STATE ITS KEY FEATURES.

ANSWER:
A. DIGITAL AUDIT: Digital Audit is placing assurance on the effectiveness of the IT systems
implemented in an organization. Technology is becoming an integral part of day-to-day business
operations. It is essential that organizations review their technology-related controls to identify
gaps and risks for continuous improvement and to ensure regulatory compliance. A strong
controls and security position will allow organizations to build trust with their stakeholders.

B. KEY FEATURES OF A DIGITAL AUDIT:

1. Digital audit encourages the auditee to embrace the latest technological advancements and
provides confidence to auditee to stay updated in a constantly evolving environment.
2. A digital audit improves the quality of opinion. This consequently leads to a more reliable
audit report.
3. Digital Audit leads to savings in time, cost and human effort which can be utilized towards
more productive tasks. Many of today’s digitally enabled processes can be orchestrated to
operate autonomously 24x7, driving real-time transactions.
4. Digital Audit allows to standardize processes and allow controls to be implemented to
mitigate risk.
5. The digital audit will help organization gain a more comprehensive overview of end-to-end
processes and how technologies are utilized, controlled and optimized against standards set.
6. The digital audit will help create a future for a digital strategy and paves way for adopting
new technologies such as AI and Robotic, usage of analytics and automation.
7. It can help auditee to make informed decisions.

[Link].2 WHAT ARE THE ADVANTAGES OF DIGITAL AUDIT?

ANSWER:
1. Enhanced Effectiveness & Efficiency: Increased efficiency is one of the key benefits of digital
audit. With the use of tools and automation techniques, auditee can standardize the processes
and routine tasks can be automated like automating a reconciliation process that previously
involved hours increase efficiency and saves time and costs.
2. Better Audit Quality: Technology can correctly evaluate massive volumes of data quickly. This
can assist auditors in determining the areas that require more testing, lowering the chance that
serious misstatements or other problems would go unnoticed.
3. Lower Costs: By automating processes that were previously done manually, technology can
assist with the cost of auditing. This may shorten the time needed to complete an audit, which
may lower the audit's overall cost.
4. Better Analytics: Improved analytics capabilities can aid management and auditors in seeing
trends and patterns that may be challenging to spot manually. For instance, AI can examine a lot
of financial data to spot possible fraud, which is hard for auditors to spot manually.

Digital Auditing and Assurance 17.1

5. Improved Risk Assessment: Creating a number of automations to assist with the audit process
and streamlined testing improves the risk assessment procedure. Management and auditors put
their testing efforts on sites with a higher risk of material misstatement and make informed
decisions.

[Link].3 WHAT ARE THE CONSIDERATIONS AND CHALLENGES OF DIGITAL AUDIT?

ANSWER:

1. Some considerations that organization should keep in mind while using digital techniques &
automation:
a. Know what business benefits the organization wants to achieve with automation.
b. Think people first and do not underestimate change is difficult.
c. Target the right processes – this is a key for successful automation.
d. Automation is not a standalone solution and should be part of a broader digitalization
strategy.
e. Ensure the process works and it is standardised before automating. Bots do not easily adapt
to process change.
f. Automation introduces new challenges for organization. Don’t forget about governance and
data security in the risk framework.
2. As auditors will obtain an understanding of management’s implementation and oversight of new
technologies, they also will perform procedures to understand the changes to the company’s
business, including any changes to the information technology environment. Areas of focus
could include understanding of the following:
a. New activities or changes to existing processes due to new technology (e.g., new revenue
streams, changes in the roles and responsibilities of entity personnel, automation of manual
tasks, changes in staffing levels that affect an entity’s internal control environment).
b. Changes in the way the entity’s systems are developed and maintained and whether these
changes introduce new risks and require new controls to respond to those risks
c. The impact the new technology as how the organization obtains or generates and uses
relevant, quality information to support the functioning of internal control.

[Link].4 EXPLAIN THE CONCEPT OF AUDITING DIGITALLY. ALSO STATE ITS KEY
FEATURES/ADVANTAGES AND CONSIDERATIONS IN AUDITING DIGITALLY.
ANSWER:
A. AUDITING DIGITALLY:
1. Auditing Digitally is using advancements in technology for conducting an effective and
efficient audit. With a rapidly growing IT environment it is essential to adapt technology in
auditing practices.
2. It is time to digitize the way an audit is delivered through automation and innovation.
3. There are new technologies to help capture data, automate procedures, analyse information
and focus on the real risks of the client.

B. EXPECTATIONS FROM AN AUDITOR:

Digital Auditing and Assurance 17.2

 1. Audit teams need to involve the experts on different software applications and technologies.
Having the right level of expertise of new technology (such as RPA, AI, blockchain
technology) allows auditors to provide the highest quality of audit.
2. Investment in digitally upskilling the people is the real secret to quality technology audit.
3. Investment in technology across the profession has largely been focused on developing and
using tools to automate and enhance existing processes, such as data analytics and
collaboration and sharing tools, which help to drive quality in audits today.
4. There are many opportunities where more advanced technologies such as AI and drones
could have an even bigger impact. Such technologies may also play a role in evolving the
scope of the audit (e.g., in using data analytics and machine learning to help identify fraud).

C. KEY FEATURES OR ADVANTAGES OF AUDITING DIGITALLY: Following are key features or

advantages of Auditing Digitally:
1. Improved Quality of Audits: The impact on quality is evident, through automation, data
analytics techniques we can easily move from sample auditing to full population of
transactions being reviewed or re-performed. This ultimately free up time for audit teams
to analyses the information and better understand the business they audit. Technology
requires an element of upfront investment, and it can be challenging to implement with
regards to resources and people, but the value once it is up and running is undeniable.
2. Decreasing human dependency: Using technology minimizes the manual intervention
which ultimately results in reducing the risk of manual errors. Technology helps in
streamlining the process of testing for auditors which decreases the errors which occur from
the judgement of different individuals.
3. Increases Transparency: With the technological advancement transparency has been
increased. New ERPs and tools have audit trail feature available to trace the transaction end
to end. It helps the management or auditors to review the details like the date on which any
change is made, who made the change, what has been changed, all such details are captured
and can be used while performing audit.
4. Automation and Ease: Automating tasks like recording work in repositories, extracting data
and sampling have improved the quality of audit and reduced the manual error. Using
dashboards (e.g., Power BI) for reporting helps in understanding the position and helps the
auditor to form his opinion.
5. Improved Efficiency: What used to take weeks to learn and programme using deep experts,
is now easily available to auditors after some simple training and digital upskilling. The result
may be increased efficiency and fewer errors, but the benefits are wider reaching and
personal. This also results in improved retention of talent and confidence.
6. Better risk assessment: With usage of automation and technology in audit, auditor may
focus on the real challenges and assess the potential risk precisely. It gives time to auditors
to focus on the bigger picture rather than being involved with repetitive tasks. Dashboards,
visual presentations and other tools helps in understanding where the risk lies and what all
areas need more attention.

D. CONSIDERATIONS IN AUDITING DIGITALLY:

Digital Auditing and Assurance 17.3

 While all industry sectors are affected by the emergence of new technologies it is important to
remember that the auditor’s needs are unique. There are few questions it is important to ask
and answer – at all stages of tech journey:
1. What problems are you trying to solve? Continuously evaluate the emerging technologies
and latest tools to see what can benefit the audit. Think about what would make your audit
easier or better and how you will measure return on your investment.
2. Which technology can help you? There are a number of tools available and many vendors
and start-ups using data acquisition, manipulation and visualization tools. Consider how
comfortably these solutions will integrate into your current processes and flag any potential
implementation issues early on.
3. How will you upskill your people to make best use of the technology available? Technology
is only as good as the people using it. Training and development are critical to ensure teams
understand how and why they are using the technology. Reluctance to change is obvious,
however continuous training help them to get better.
4. Range of automated solutions: There is a range of automation solutions, from low to high
sophistication, which helps to standardize the repeatable tasks and optimize the efforts
resulting in doing better. Some of the techniques are using robotics and automation for data
gathering activities, use of data analytics for planning and budgeting and reporting by
dashboards. Below are the examples of automated solutions:
a. Macros and Scripts Rules-based automation within a specific application
b. Business Process Automation (BPA) - Reengineering existing business processes e.g.
workflows
c. Robotic Process Automation (RPA) - Automating labour-intensive, repetitive activities
across multiple systems and interfaces
d. Intelligent Process Automation (IPA) - Combining RPA with artificial intelligence
technologies to identify patterns, learn over time, and optimize workflows.

[Link].5 WHAT SHOULD BE INCLUDED IN THE AUDITORS UNDERSTANDNG THE CLIENTS

AUTOMATED ENVIRONMENT?
ANSWER:
1. Understanding the ways in which the entity relies upon IT and how the IT environment is set up
to support the business. This allows the auditor to better understand where risks might arise
from the entity's use of IT (required as per SA 315).
2. Understanding how IT is used by the entity helps in identifying controls over the entity’s IT
processes.
3. Assessing the complexity of the IT environment helps the teams consider whether to involve IT
specialists or experts in the planning and/or execution of the audit, including initial
consideration of whether to include specialists in the complexity assessment.
4. The auditor’s understanding of the automated environment should include the following:
a. The applications that are being used by the company.
b. Details of the IT infrastructure components for each of the application.
c. The organization structure and governance.
d. The policies, procedures and processes followed.
e. Extent of IT integration, use of service organizations.

Digital Auditing and Assurance 17.4

 f. IT risks and controls.
5. The illustration below is an example of how an auditor can document details of an automated
environment:

Application Used for Database Operating Network Server and

System Storage
SAP ECC/ Integrated Oracle 19c HP-UX LAN, HP Server and
HANA application software WAN NAS
REVS Front Desk, Guest MS-SQL Windows In-house HP Server
Reservations Server 2018 2016 Server developed Internal HDD
KOTS Restaurant and MS-SQL Windows In-house HP Server
Kitchen Orders Server 2018 2016 Server developed Internal HDD
BILLSYS Billing Oracle 12c Windows Packaged HP Server
2016 Server Software Internal HDD

[Link].6 WHAT ARE THE KEY AREAS FOR AN AUDITOR TO UNDERSTAND IT ENVIRONMENT?
ANSWER:
Key Areas for an Auditor to Understand IT Environment are as follows:
1. Understand the flow of transaction:
a. The auditor's understanding of the IT environment may focus on identifying and
understanding the nature and number of the specific IT applications and other aspects of
the IT environment that are relevant to the flows of transactions and processing of
information in the information system.
b. Changes in the flow of transactions, or information within the information system may result
from program changes to IT applications, or direct changes to data in databases involved in
processing or storing those transactions or information.
2. Identification of Significant Systems: The auditor may identify the IT applications and
supporting IT infrastructure concurrently with the auditor's understanding of how information
relating to significant classes of transactions, account balances and disclosures flows into,
through and out the entity's information system.
3. Identification of Manual and Automated Controls:
a. An entity's system of internal control contains manual elements and automated elements
(i.e., manual and automated controls and other resources used in the entity's system of
internal control).
b. An entity's mix of manual and automated elements varies with the nature and complexity
of the entity's use of IT.
c. The characteristics of manual or automated elements are relevant to the auditor's
identification and assessment of the risks of material misstatement.
4. Identification of the technologies used:
a. The need to understand the emerging technologies implemented and the role they play in
the entity's information processing or other financial reporting activities and consider
whether there are risks arising from their use.
b. Given the potential complexities of these technologies, there is an increased likelihood that
the engagement team may decide to engage specialists and/or auditor's experts to help

Digital Auditing and Assurance 17.5

 understand whether and how their use impacts the entity's financial reporting processes
and may give rise to risks from the use of IT.
c. Some examples of emerging technologies are:
• Blockchain, including cryptocurrency businesses (e.g., token issuers, custodial services,
exchanges, miners, investors)
• Robotics
• Artificial Intelligence
• Internet of Things
• Biometrics
• Drone
5. Assessing the complexity of the IT environment:
a. Not all applications of the IT environment have the same level of complexity. The level of
complexity for individual characteristics differs across applications.
b. Complexity is based on the following factors –
• automation used in the organization,
• entity’s reliance on system generated reports,
• customization in IT applications,
• business model of the entity,
• any significant changes done during the year and implementation of emerging
technologies.
c. After considering the above factors for each application the overall complexity is assessed
of the IT environment.

[Link].7 WHAT ARE THE RISKS ARISING FROM THE USE OF IT?
ANSWER:
The following are the risks arising from the use of IT:
1. Unauthorized access to data that may result in destruction of data or improper changes to data,
including the recording of unauthorized or non-existent transactions, or inaccurate recording of
transactions. Particular risks may arise where multiple users access a common database.
2. The possibility of IT personnel gaining access privileges beyond those necessary to perform
their assigned duties thereby breaking down segregation of duties. Unauthorized changes to
data in master files.
3. Unauthorized changes to IT applications or other aspects of the IT environment.
4. Failure to make necessary update IT applications or other aspects of the IT environment.
5. Inappropriate manual intervention.
6. Data loss or data corruption is a major risk which arises from use of IT. If appropriate
cybersecurity controls and protocols not followed it may lead to loss of sensitive data, hackers
might encrypt your system or illegally break into your system. Risk of fraud can arise if users
alter the information or there is a case of physical security breach or theft of sensitive
information.
7. There is a risk of system downtime which is caused by hardware failures, faulty configurations,
cyberattacks or power outage. It means the IT systems will not be operational or will be
unavailable/offline which may hamper the business.

Digital Auditing and Assurance 17.6

8. Risk of system integration and system compatibility:
a. Since companies uses more than one IT systems to support their business system integration
(means integrating one or more systems) and system compatibility comes in place.
b. However, system integration and compatibility have some risks.
c. In case of system failure in one system may also lead to widespread failure in integrated
systems. Or if the integration between two systems is not appropriate the end result would
be incorrect.
d. System compatibility means sharing compatible hardware, software and operating system
while performing the integration.
e. Compatibility risks arises if different versions of same software are used, if the patches are
not upgraded which may lead to bugs.
9. With advancement in usage of IT the risk of regulatory compliances increases. Any change in
the law, order, guidelines or agreements will impact the business, its related costs, investments
etc. A FMCG sector will be subject to different regulatory requirements than a financial
company, however both businesses will need to manage their respective compliance risks.
10. Performance Issues arises with the way requests are processed in the IT systems. Heavy data
load, network usage impacts the application performance and its responsiveness. To overcome
the performance issues of IT systems, resources or hardware can be added to an existing nodes,
which is known as scaling. However, scaling can be expensive therefore an informed decision
should be made in case of adding a hardware or changing the architecture.
Note: It is more likely that there will be more risks arising from the use of IT when the volume or
complexity of automated application controls is higher, and management is placing greater reliance
on those controls for effective processing of transactions or the effective maintenance of the
integrity of underlying information.

[Link].8 HOW THE AUDITOR CAN IDENTIFY THE IT DEPENDENCIES IMPACTING THE AUDIT?
ANSWER:
A. WHY IS IT IMPORTANT TO IDENTIFY IT DEPENDENCIES?
1. Identifying and documenting the entity's IT dependencies in a consistent, clear manner
a. helps to identify the entity's reliance upon IT,
b. understand how IT is integrated into the entity's business model,
c. identify potential risks arising from the use of IT,
d. identify related IT General Controls and
e. enables us to develop an effective and efficient audit approach.

B. HOW IT DEPENDENCIES ARISE?

IT Dependencies are created when IT is used to initiate, authorize, record, process, or report
transactions or other financial data for inclusion in financial statements.
There are five types of IT dependencies as described below:
1. Automated Controls: Automated controls are designed into the IT environment to enforce
business rules.

Digital Auditing and Assurance 17.7

 For example, Purchase order approval via workflow or format checks (e.g., only a particular
date format is accepted), existence checks (e.g., Duplicate customer number cannot exist),
and/or reasonableness checks (e.g., maximum payment amount) when a transaction is
entered.
2. Reports: System generated reports are information generated by IT systems. These reports
are often used in an entity's execution of a manual control, including business performance
reviews, or may be the source of entity information used by us when selecting items for
testing, performing substantive tests of details or performing a substantive analytical
procedure. E.g. (Vendor master report, customer ageing report)
3. Calculations: Calculations are accounting procedures that are performed by an IT system
instead of a person.
For example, the system will apply the 'straight-line' depreciation formula to calculate
depreciation of an asset (i.e., cost of the asset, less the residual value of the asset at the end
of its useful life divided by the useful life of the asset) or the system will calculate the value
of the amount invoiced to a customer by multiplying the item price times the quantity
shipped.
4. Security: Security including segregation of duties is enabled by the IT environment to restrict
access to information and to determine the separation of roles and responsibilities that
could allow an employee to perpetrate and conceal errors or fraud, or to process errors that
go undetected.
5. Interfaces: Interfaces are programmed logic that transfer data from one IT system to
another. For example, an interface may be programmed to transfer data from a payroll sub-
ledger to the general ledger.

C. UNDERSTANDING AND RESPONDING TO RISKS ARISING FROM IT DEPENDENCIES:

1. When auditors identify IT dependencies that are relevant to the entity's flow of transactions
and processing of financial information, they need to understand how management
responds to the associated risks that may arise from them.
2. Management may implement information technology general controls (ITGCs) to address
risks related to IT dependencies.
3. IT dependencies may also affect the design of the entity's controls and how they are
implemented.
4. Therefore, auditors consider IT dependencies relevant to audit and evaluate the related
risks. Auditor should scope in ITGCs to tests when there are IT dependencies identified in
the system.
5. If the controls around IT environment are not implemented or operating effectively it will
result in not relying on ITGCs which means the IT dependencies could not be relied upon.

[Link].9 WHAT IS CYBER RISK/CYBER ATTACK? WHAT ARE THE MOST COMMOM TYPES OF CYBER
ATTACKS?
ANSWER:
A. CYBER RISK/ATTACK: A cyber-attack is an attempt to gain unauthorized access to a computing
system or network with the intent to cause damage, steal, expose, alter, disable, or destroy data.

Digital Auditing and Assurance 17.8

B. MOST COMMON TYPES OF CYBET ATTACKS:

1. Malware : Malware or malicious software is any program or code that is created with the
intent to do harm to a computer, network or server. Malware is the most common type of
cyberattack, its subsets are ransomware, fileless Malware trojans, viruses etc
a. Ransomware: In a ransomware attack, an adversary encrypts a victim’s data and offers
to provide a decryption key in exchange for a payment. Ransomware attacks are usually
launched through malicious links delivered via phishing emails, but unpatched
vulnerabilities and policy misconfigurations are used as well.
b. Fileless Malware: Fileless malware is a type of malicious activity that uses native,
legitimate tools built into a system to execute a cyber-attack. Unlike traditional malware,
fileless malware does not require an attacker to install any code on a target’s system,
making it hard to detect.
c. Trojan: A trojan is malware that appears to be legitimate software disguised as native
operating system programs or harmless files like free downloads. Trojans are installed
through social engineering techniques such as phishing or bait websites.
d. Mobile Malware: Mobile malware is any type of malware designed to target mobile
devices. Mobile malware is delivered through malicious downloads, operating system
vulnerabilities, phishing, smishing, and the use of unsecured Wi-Fi.

2. Denial-of-Service (DoS) Attacks:

a. A Denial-of-Service (DoS) attack is a malicious, targeted attack that floods a network with
false requests in order to disrupt business operations.
b. In a DoS attack, users are unable to perform routine and necessary tasks, such as
accessing email, websites, online accounts or other resources that are operated by a
compromised computer or network.
c. While most DoS attacks do not result in lost data and are typically resolved without
paying a ransom, they cost the organization time, money and other resources in order
to restore critical business operations.

3. Phishing: Phishing is a type of cyberattack that uses email, SMS, phone, social media, and
social engineering techniques to entice a victim to share sensitive information such as
passwords or account numbers or to download a malicious file that will install viruses on
their computer or phone.
a. Spear Phishing: Spear-phishing is a type of phishing attack that targets specific
individuals or organizations typically through malicious emails. The goal of spear
phishing is to steal sensitive information such as login credentials or infect the targets’
device with malware.
b. Whaling: A whaling attack is a type of social engineering attack specifically targeting
senior or C-level executive employees with the purpose of stealing money or information
or gaining access to the person’s computer in order to execute further cyberattacks.
c. Smishing: Smishing is a type of fraudulent practice of sending text messages purporting
to be from reputable companies in order to induce individuals to reveal personal
information, such as passwords or credit card numbers.

Digital Auditing and Assurance 17.9

 d. Vishing: Vishing, a voice phishing attack, is the fraudulent use of phone calls and voice
messages pretending to be from a reputable organization to convince individuals to
reveal private information such as bank details and passwords.

4. Spoofing: Spoofing is a technique through which a cybercriminal disguises themselves as a

known or trusted source. In so doing, the adversary is able to engage with the target and
access their systems or devices with the ultimate goal of stealing information, extorting
money or installing malware or other harmful software on the device.
a. Domain Spoofing: Domain spoofing is a form of phishing where an attacker
impersonates a known business or person with fake website or email domain to fool
people into the trusting them. Typically, the domain appears to be legitimate at first
glance, but a closer look will reveal subtle differences.
b. Email Spoofing: Email spoofing is a type of cyberattack that targets the businesses by
using emails with forged sender addresses. Because the recipient trusts the alleged
sender, they are more likely to open the email and interact with its contents, such as a
malicious link or attachment.

5. Identity-Based Attacks: When a valid user’s credentials have been compromised and an
adversary is pretend to be that user. For e.g., people often use the same user ID and
password across multiple accounts. Therefore, possessing the credentials for one account
may be able to grant access to other, unrelated account.
6. Insider Threats: When current or former employees that pose danger to an organization
because they have direct access to the company network, sensitive data, and intellectual
property (IP), as well as knowledge of business processes, company policies or other
information that would help carry out such an attack.
7. DNS Tunneling: DNS Tunneling is a type of cyberattack that leverages domain name system
(DNS) queries and responses to bypass traditional security measures and transmit data and
code within the network. This tunnel gives the hacker a route to unleash malware and/or to
extract data, IP or other sensitive information by encoding it bit by bit in a series of DNS
responses.
8. IoT-Based Attacks: An IoT attack is any cyberattack that targets an Internet of Things (IoT)
device or network. Once compromised, the hacker can assume control of the device, steal
data, or join a group of infected devices.

[Link].10 WHAT ARE THE STAGES OF CYBER RISKS?

ANSWER:
Following are 3 Stage of cyber risk :
1. STAGE 1 - ASSESSING THE CYBER RISK: No organization is completely immune to a cyber risk.
Different clients will have different levels of risks, even with the same industry. Every
organization should consider at least the common threats:
a. Ransomware disabling their organization (including their plants and manufacturing facilities)
b. Common criminals using email phishing and hacks for fraud and theft.

Digital Auditing and Assurance 17.10

 c. Insiders committing malicious activities or accidental activities resulting in unintended
discourse of information theft and frauds.
2. STAGE 2 - IMPACT OF CYBER RISK: Cyber-attack can impact one, two or more types of risks. The
impact of the attack would vary from organization to organization and most importantly from
an attack to attack. Some of the indicative areas can be
a. Regulatory costs
b. Business interruptions causing an operational challenge for an organization.
c. Data loss, reputational loss and litigation.
d. Ransomware - more common these days where entire systems are encrypted
e. Intellectual property theft which may not only take the competitive advantage, but we may
also result in any impairment/impediment charge because of the loss of IP.
f. Incident response cost which could be for investigations & remediations
g. Breach of Privacy, if personal data of a consumer is hacked it could have a significant impact
on the organization.
h. Fines and penalties
3. STAGE 3 - MANAGING THE CYBER RISK: A strategic approach to cyber risk management can help
an organization to:
a. Gain a holistic understanding of the cyber risks, threats facing their organization and other
financial institutions
b. Assess existing IT and cybersecurity program and capabilities against the relevant regulatory
requirements
c. Align cybersecurity and IT transformation initiatives with strategic objectives and critical
risks
d. Understand accepted risks & documented compensating controls

[Link].11 EXPLAIN IN DETAIL THE CYBER SECURITY FRAMEWORK.

ANSWER:
Cybersecurity framework includes how management is identifying the risk, protecting and
safeguarding its assets (including electronic assets) from the risk. Management preparedness to
detect the attacks, anomalies and responsiveness to the adverse event.
1. IDENTIFY THE RISK:
a. Auditor has to determine whether the entity's risk assessment process considers
cybersecurity risks.
b. Entity should conduct a periodic risk assessment & develop a management strategy which
identifies cybersecurity risks around IT system failure affecting the entity's primary business
or potential loss of data or inability to access data as required, Risk of unauthorized access
to the IT network.
c. The entity should maintain and periodically reviews an inventory of their information assets-
i.e., Asset Management (e.g., intellectual property, patents, copyrighted material, trade
secrets and other intangibles).
d. The entity should classify and prioritize protection of their information assets based on
sensitivity and business value and periodically reviews the systems connected to the
network on which digital assets reside.

Digital Auditing and Assurance 17.11

 e. From the governance perspective management should review how cybersecurity risks affect
internal controls over financial reporting.
f. In case of adverse attack how management is going to assess the impact on the
recoverability of financial data and impact on revenue recognition.
g. Management needs to identify if any established a risk-based cybersecurity program can be
leveraged e.g. (NIST, ISO etc.) To determine overall responsibility for cybersecurity in the
business environment entity should establish roles and responsibilities over cybersecurity
(CISO, CIO).
h. Further the risk assessment should be discussed with those charged with governance (e.g.,
the Audit Committee or Board of Directors).

2. PROTECT THE RISK:

a. Obtained an understanding of the entity's processes for safeguarding of assets subject to
cybersecurity.
b. Entity monitors whether there has been unauthorized access to electronic assets and any
related impact on financial reporting.
c. Formal training should be conducted to make the teams aware of the risk associated with
cyber-attacks.
d. Entity should implement effective controls for data security. Entity should have a process &
procedures in place for identifying material digital/electronic assets on the balance sheet
subject to cybersecurity risk (e.g., intellectual property, patents, copyrighted material, trade
secrets) and prioritizing their protection based on criticality.

3. DETECT THE RISK:

a. Entity should have controls and procedures that enable it to identify cybersecurity risks and
incidents and to assess and analyse their impact on the entity’s business, evaluate the
significance associated with such risks and incidents, and consider timely disclosures.
b. Review entity's processes to monitor and detect security breaches or incidents.
c. If management has implemented anti-virus in the system to secure it from anomalies or if
firewall logs are being continuously monitored to detect any repetitive attacks.
d. A monitoring process should be established to review how many such events have been
denied by the firewall.
e. Monitoring process should also include if any upgrades or updates are required to safeguard
the systems from vulnerabilities.

4. RESPOND TO THE RISK:

a. In case of material cybersecurity or data breach has been identified management should
capture the details of nature of incident and how the incident or data breach was identified.
b. Entity should have a response planning in place to capture the details of nature of incident
and the same needs to be communicated with those who are ultimately responsible for this
framework and with those charge with governance.
c. The security incident response plan helps in analysing the impact and severity of the attack
and helps the organisation in taking the appropriate actions.
d. Management should assess Litigation costs, Regulatory investigation costs and Remediation
costs as a part of mitigation process and improvement management should assess the future
action plans that needs to be taken to safeguard the organisation from such attacks.

Digital Auditing and Assurance 17.12

5. RECOVER FROM RISK:
a. Entity should undertake appropriate actions to recover from the attack and make sure the
business is up and running.
b. Once the impact evaluated and communicated with the regulators the recovery plan needs
to be implemented to overcome the impact.
c. Necessary improvements – like patch upgrades, better controls, improved technology in
terms of firewall, anti-virus, tools etc needs to be implemented to safeguard the entity.

[Link].12 WHAT ARE THE CONTROL CONSIDERATIONS FOR CYBER RISKS?

ANSWER:
Apart from having the cyber security policies, procedures, framework and regular assessment in
place, management should have a strong and updated internal controls to ensure they are covered
from cyber risks:
1. CONTROLS AROUND VENDOR SETUP AND MODIFICATIONS:
a. Certain cyber schemes exist in which changes to bank account or other critical vendor
information are requested through email phishing scams by individuals purporting to be
authorized vendor personnel.
b. Entities have inappropriately dispersed funds to these individuals and therefore
inappropriately reduced the liability owed to the actual vendor, resulting in an impact to the
financial statements (i.e., loss of cash and related expense)
i. Who is responsible for making changes to vendor master data? Is the process centralized
or decentralized?
ii. Are other communication channels, such as email, used to request changes to vendor
master data? (If yes, consider if multi-factor authentication is enabled for email).
iii. What systems and technologies are used to initiate, authorize and process requests
related to changes to vendor master data?
iv. Are authentication protocols defined to verify modifications to vendor master data (e.g.,
call back procedures, multi-factor authentication)?

2. CONTROLS AROUND ELECTRONIC TRANSFER OF FUNDS:

a. Wire transfers or electronic funds transfers, similar to vendor changes noted above, cyber
schemes pertaining to fraudulent requests for wire transfers are made relating to business
transactions and vendor payments, as well as fraudulent requests appearing to come from
financial institutions requesting disbursement from customer asset accounts.
i. Are personnel responsible for wire transfers educated on the relevant threats and
information related to common phishing scams associated with fraudulent requests for
wire transfers?
ii. Are authentication protocols defined to verify wire transfer requests (e.g., call back
procedures, dual-authentication procedures)?
iii. What systems and technologies are used to facilitate the request/initiation,
authorization and release of 0 wire transfers?

Digital Auditing and Assurance 17.13

 3. CONTROLS AROUND PATCH MANAGEMENT:
Cyber and ransomware attacks exploit known security vulnerabilities resulting in the
manipulation or the destruction of data. Exploitations of known security vulnerabilities are
often caused by unapplied patches or upgrades.
i. Does the entity have a patch management program?
ii. Does the entity run periodic vulnerability scans to identify missing/unapplied patches?
iii. How is the entity notified of patches by external vendors (e.g., Microsoft for Windows
patches)?

[Link].13 EXPLAIN THE CONCEPT OF REMOTE AUDIT? ALSO STATE ITS ADVANTAGES AND
DISADVANTAGES.
ANSWER:
A. MEANING:
1. Remote audit or virtual audit is when the auditor uses the online or electronic means to
conduct the audit.
2. It could be partially or completely virtual, auditor engages using technology to obtain the
audit evidence or to perform documentation review with the participation of the auditee.
3. Audit planning and scoping is crucial in every audit. This includes a discussion of the scope
and schedule, and the ways to conduct audit.
4. The COVID-19 pandemic has changed the entire business landscape and processes have
been adjusted to this new situation, where remote audit is appreciated by clients as well.

B. CONSIDERATIONS FOR REMOTE AUDIT: Auditors must develop tailored strategies to ensure the
remote audit meets the requirements and deliver results equivalent to traditional onsite audits.
1. Feasibility and Planning:
a. Planning should involve agreeing on audit timelines, meeting platform (Zoom calls/
Microsoft Teams/Google Meet) to be used for audit sessions, data exchange
mechanisms, any access authorization requests.
b. Ensure feasibility is determining what technology may be used, if auditors and auditees
have competencies and that resources are available.
c. The execution phases of a remote audit involve video/tele conferencing with auditees.
The documentation for audit evidence should be transferred through a document
sharing platform.
2. Confidentiality, Security and Data Protection:
a. To ensure data security and confidentiality, access to document sharing platform should
be sufficiently restricted and secured by encrypting the data that is sent across the
network.
b. The information, once reviewed and documented by auditor, is removed from the
platform, and stored according to applicable archiving standards and data protection
requirements.
c. Auditors should take into consideration legislation and regulations, which may require
additional agreements from both sides (e.g., there will be no recording of sound and
images, or authorizations to using people’s images).

Digital Auditing and Assurance 17.14

 d. Auditors should not take screenshots of auditees as audit evidence. Any screenshots of
documents or records or other kind of evidence should be previously authorized by the
audited organization. In case of accessing the auditee’s IT system auditor should use VPN
(Virtual private network).
e. VPN is a service which creates safe and encrypted online connection. It prevents
unauthorized users to enter into network and allows the users to perform work
remotely.
3. Risk assessment:
a. The communication from auditor as well as auditees need to clear and consistent, and
this becomes crucial during remote audit.
b. The risks for achieving the audit objectives are identified, assessed and managed.
c. The assessment if remote audit would be sufficient to achieve the audit objectives
should be done and documented for each audit involving all members of the audit team
and the audited organization representative.

C. ADVANTAGES:
1. Cost and time effective: No travel time and travel costs involved.
2. Comfort and flexibility to the audit team as they would be working from home environment.
3. Time required to gather evidence can spread over several weeks, instead of concentrated
into a small period that takes personnel from their daily activities.
4. Auditor can get first-hand evidence directly from the IT system as direct access may be
provided.
5. Widens the selection of auditors from global network of experts.

D. DISADVANTAGES:
1. Due to network issues, interviews and meetings can be interrupted.
2. Limited or no ability to visualize facility culture of the organization, and the body language
of the auditees. Time zone issues could also affect the efficiency of remote audit session
3. The opportunity to present doctored documents and to omit relevant information is
increased. This may call for additional planning, some additional/different audit procedures,
Security and confidentiality violation.
4. Remote access to sensitive IT systems may not be allowed. Security aspects related to
remote access and privacy needs to be assessed.
5. Cultural challenges for the auditor. Lack of knowledge for local laws and regulations could
impact audit. Audit procedures like physical verification of assets and stock taking cannot be
performed.

[Link].14 EXPLAIN DATA ANALYTIC TECHNIQUES. EXPLAIN VARIOUS TOOLS USED FOR COMPUTER
ASSISTED AUDITING TECHNIQUES (CAAT).
ANSWER:
A. DATA ANALYTIC TECHNIQUES:
1. Generating and preparing meaningful information from raw system data using processes,
tools, and techniques is known as Data Analytics.

Digital Auditing and Assurance 17.15

 2. Audit analytics or audit data analytics involves analyzing large sets of data to find actionable
insights, trends, draw conclusions and for informed decision making.
3. The use of audit analytics enables greater efficiencies and more accurate findings from the
review process. As a result, businesses will be able to create strategies based on verifiable
data and professional assumptions and auditors can improve the audit quality.
4. It allows auditors to more effectively audit the large amounts of data held and processed in
IT systems in larger clients.
5. Audit analytics helps:
a. To discover and analyze patterns
b. Identifying anomalies
c. Extract other useful information in data.

B. COMPUTER ASSISTED AUDIT TECHNIQUES (CAAT):

1. The data analytics methods used in an audit are known as Computer Assisted Auditing
Techniques or CAATs.
2. It involves use of multiple data analytical tool or visualization tools that can help the auditor
to deep dive into the problem statement and hence increase the audit quality.
3. This also minimizes the scope of missing out on key attributes that might be of a higher risk
to the organization and its respective business.

C. POPULAR TOOLS USED AS CAATs: Auditor performing audit analytics can make use of various
applications and tools that help them to analyse large data sets and obtain insights that help
them to make the quality of the audit better. Some of the popular tools used across the industry
as part of CAATs are listed below:
1. ACL:
a. Audit Command Language (ACL) Analytics is a data extraction and analysis software used
for fraud detection and prevention, and risk management.
b. It samples large data sets to find irregularities or patterns in transactions that could
indicate control weaknesses or fraud.
c. Example: ACL is used to analyse and check complete data sets to perform Trial Balance
reconciliations during the Audits. In such case scenarios, the entity provided the General
Ledger dump and system Trial Balance. Using ACL, the completeness of the data can be
ensured as the data set exceeded beyond the capacity of the excel and basic functions
like record count, sum, pivoting can be performed within ACL where excel could not
perform such actions.
2. Alteryx:
a. Alteryx is used to consolidate financial or operational data to assess controls.
b. A fully transparent audit trail of every action is performed in Alteryx in form of a
workflow which makes it easier for the user to learn as no prior knowledge of coding or
scripting is required.
c. Alteryx can also be leveraged to automate analytics and perform Machine Learning to
search for patterns indicative of fraud or irregularities speed up your processes like
accounting close, tax filings, regulatory reporting, forecast creation etc.

Digital Auditing and Assurance 17.16

 d. It can also be used to automate set procedures that are performed periodically like
reconciliations, consolidations, marketing workflows, system integrations, continuous
audits etc.
e. Example: Alteryx used for logistics organization to recompute the revenue entries
recorded by the system to match with the financials that showcased the expected
revenue turnover. Due to Alteryx’s processing speed and ease to implement functions,
auditors could perform re-computation for all the transactions entry and noted that the
revenue was being understated as the expected revenue was more than the actual
calculated. This was due the fact that the addendum between the logistic company and
the client was not revised in the system and old versions of rates were used to compute
the revenue. Alteryx helped in analysing and recomputing the huge data set and to focus
on actual risk.
3. Power BI:
a. Power Bi is a business intelligence (BI) platform that provides nontechnical business
users with tools for aggregating, analyzing, visualizing and sharing data.
b. From audit perspective, such visualization tools can be used to find the outliers in the
population, it can also be used for reporting purpose (audit reports) in an interactive
dashboard to the higher management.
c. Example: Power BI dashboard used for checking the outliers of the apparel company.
Auditors were required to analyse the trends of the sales during the year. By the use of
Power BI, the sales data provided by the client was further converted into dashboard to
analyse the trends and patterns as per the market standards. In analysis performed on
untimely sales, it was noted that sales transactions were performed during non-business
hours. Illustrative charts below which were utilized as part of the analysis by the auditors.
4. CaseWare:
a. CaseWare is a data analysis software & provide tools that helps in conducting audit and
assurance engagements quickly, accurately and consistently.
b. It shares analytical insights which help in taking better informed decisions.
c. It helps in streamlining processes and eliminating the routine tasks.
d. Used by accounting firms, governments and corporations worldwide, this trusted
platform integrates everything you need to conduct assurance and reporting
engagements.
e. Example: CaseWare provides the solutions to build accounting software which turns any
document, including financial statements into cost effective client ready report. It
automatically links to client data and securely communicate with the client in real time.
Regardless of location, all authorized users have access to the same documents.
Consistency of data is ensured. Refer screenshot below to illustrate audit, review and
compilation process maintained on-screen.

[Link].15 EXPLAIN THE CONCEPT OF INTERNET OF THINGS.

ANSWER:
A. MEANING:
1. IoT is the concept of connecting any device (cell phones, coffee makers, washing machines,
and so on) to the internet.

Digital Auditing and Assurance 17.17

 2. Key components of IoT are data collection, analytics, connectivity, and people and process.
3. IoT not only changes the business model, but also affects the strategic objectives of the
organization.
4. The risk profile of the entity changes with exposure to new laws and regulations.
Examples:
a. Connected Cars, connected manufacturing equipment’s, smart home security, (The options
for home security from doorbell cameras or outdoor cameras - users can view video feeds
when they are away from home).
b. Data from machines can be used to predict whether equipment will break down, giving
manufacturers advance warning to prevent long stretches of downtime.
c. A refrigerator placing an order with a grocery store whenever the supply of eggs falls below
a certain number.
d. Smart oven works by scanning QR or bar codes and connecting to Wi-Fi, which it then uses
to determine the best temperature and time to cook the food to avoid undercooking or
burning.
e. Researchers uses IoT devices to gather data about customer preferences and behavior,
though that can have serious implications for privacy and security.

B. AUDIT IMPLICATIONS:
1. A shift to connected devices and systems may result in auditors not being able to rely only
on manual controls. Instead, auditors may need to scope new systems into their audit.
2. Audit firms may need to train and upskill auditors to evaluate the design and operating
effectiveness of automated controls.
3. Consumer-facing tools that connect to business environments in new ways can impact the
flow of transactions and introduce new risks for management and auditors to consider.
4. Consider payment processing tools that allow users to pay via credit card at a retail location
through a mobile device. This could create a new path for incoming payments that may rely,
in part, on a new service provider supplying and routing information correctly. Auditors
would need to consider the volume of those transactions and the processes and controls
related to it.

C. COMMON RISKS OF IOT: The key risks associated with IoT, including, device hijacking, data
siphoning, denial of service attacks, data breaches and device theft.

[Link].16 EXPLAIN THE CONCEPT OF ARTIFICIAL INTELLIGENCE.

ANSWER:
A. MEANING:
1. Artificial intelligence (AI) refers to a system or a machine that can think and learn.
2. AI systems utilize data analysis and algorithms to make decisions based on predictive
methods.
3. Complex algorithms are developed to propose decisions based on a pattern or behavior
learned over time.
4. Examples:

Digital Auditing and Assurance 17.18

 a. Self-driving cars, manufacturing robots, smart assistants, marketing chatbots, virtual
travel booking agent.
b. The self-deploying robots can determine how much vacuuming there is to do based on a
room’s size, uses AI to scan room size, identify obstacles and remember the most efficient
routes for cleaning.
c. Siri to help find your Air Pods or told Amazon Alexa to turn off the lights, quick commands
to open a phone camera or start a particular playlist.
d. AI to predict when to book the lowest prices for flights, hotels, car and vacation home
rentals.
e. Using historical flight and hotel data, AI will also recommend to the user whether the
booking has reached its lowest price point or if the user should hold out a bit longer for
the price to drop.

B. AUDITOR IMPLICATIONS:
1. Given the invisible nature of algorithms, audits must focus on the logical flow of processes.
2. A review of AI should ascertain whether unintended bias has been added to the algorithms.
3. Auditors should assess the effectiveness of algorithms and whether their output is
appropriately reviewed and approved.
4. Because AI is built on software modules, auditors must also consider cybersecurity and
search for possible bugs and vulnerabilities that can be exploited to impact AI functionality.
5. Auditors should confirm their understanding of how the use of AI affects the entity’s flows
of transactions, including the generation of reports or analytics used by management.
6. Auditors also should consider whether the AI is making decisions or being utilized by
management as part of the decision-making process.
7. If management shifts its focus on oversight by relying on AI, auditors should understand
what shift occurred, how new risks might be addressed, and whether existing risks may not
be getting the same level of attention.
Understanding these changes could drive changes in the audit approach.
C. COMMON RISKS FOR AI:
1. Security is one of the key risks: The more data the system uses, from more sources, the
more entry points and connections are formed and the greater the potential risks.
2. Inappropriate configuration: AI may also be used to diagnose medical conditions. If it is
badly configured or malfunctions, it could harm people before the problem is spotted.
3. Data privacy: The data used and shared should have the necessary explicit consent from
data providers.

[Link].17 EXPLAIN THE CONCEPT OF BLOCKCHIAN.

ANSWER:
A. MEANING:
1. Blockchain is based on a decentralized and distributed ledger that is secured through
encryption. Each transaction is validated by the blockchain participants, creating a block of
information that is replicated and distributed to all participants.

Digital Auditing and Assurance 17.19

 2. All blocks are sequenced so that any modification or deletion of a block disqualifies the
information.
3. Despite resistance, the benefits associated with blockchain technology are being recognized
across a variety of other industries.
Examples: Bitcoin, cryptocurrency transfer application - Blockchain in money transfer,
blockchain smart contracts.

B. AUDIT IMPLICATIONS:
1. Auditors should consider the appropriate governance and security transactions around the
transactions.
2. Although blockchain’s core security premise rests on cryptography, there are risk factors
associated with it.
3. As blockchain interacts with legacy systems and business partners, concerns related to
insecure application programming interfaces (APIs), data confidentiality and privacy cannot
be ignored.
4. Weak blockchain application development protocols are something auditors cannot
overlook.
5. Similarly, data privacy laws and regulations may be area of concern as data are
communicated across geographic boundaries.
6. Auditors must be able to determine whether the data put on blockchain will expose the
enterprise to liability for noncompliance with applicable laws and regulations.

C. COMMON RISKS FOR BLOCKCHAIN TECHNOLOGY:

1. The strengths of blockchain can also be its weaknesses. The inability to reverse transactions
and to access data without the required keys make the system secure, but also mean that
organisations need specific protocols and management processes to ensure that they are
not locked out and have clear contingency plans.
2. Operating through network nodes could also expose the organisation to cyber-attacks and
data hacks, so security issues are important.
3. Auditors should also ensure that the organisation has the necessary data management
processes and complies with regulations.
4. The regulatory landscape is still evolving for blockchain, so audit teams should check that
compliance managers are following developments constantly and adapting processes
accordingly.

[Link].18 EXPLAIN THE CONCEPT OF NON-FUNGIBLE TOKEN(NFT).

ANSWER:
A. MEANING:
1. NFT means something is unique and cannot be replaced.
2. Unlike physical money and cryptocurrencies are fungible (means they can be traded or
exchanged for one another) NFTs are non-fungible tokens.
3. NFTs contains the digital signature which make them unique.
4. NFTs are digital assets, e.g., photos, videos, artwork, sports collectibles etc. NFTs are tokens
used to represent ownership of unique items.

Digital Auditing and Assurance 17.20

 5. NFTs allow their creators to tokenize things like art, collectibles, or even real estate. They are
secured by the blockchain and can only have one official owner at a time.
6. No one can change the record of ownership or copy/paste a new NFT into existence.

B. KEY FEATURES OF NFT:

1. Digital Asset: NFT is a digital asset that represents Internet collectibles like art, music, and
games with an authentic certificate created by blockchain technology that underlies
Cryptocurrency.
2. Unique: It cannot be forged or otherwise manipulated.
3. Exchange: NFT exchanges take place with cryptocurrencies such as Bitcoin on specialist sites.

C. CHALLENGES OF NFT:
NFTs has its own challenges like ownership and copyright concerns, security risks, market is not
that wide, online frauds etc. NFT audit considerations includes comprehensive code review for
verifying the safety of a token, valid contract, data privacy and potential cyber threat.

[Link].19 EXPLAIN THE CONCEPT OF ROBOTIC PROCESS AUTOMATION.

ANSWER:
A. MEANING:
1. RPA is the automation of the repetitive processes performed by users.
2. It is a software technology that emulate humans’ actions interacting with digital systems and
software. Process efficiency, customer experience and control effectiveness contributed to
RPA. Robotic
3. Process Automation software bots can interact with any application or system the same way
people do, except that RPA bots can operate around the clock, nonstop, much faster and
with 100% reliability and precision.

B. AN EXAMPLE OF AI BOT FOR PASSENGER TICKET BOOKING: A large passenger carrier is having
an AI bot for passenger ticket booking with following processes:
1. User Interaction: The bot interacts with passengers through various channels such as a
website, mobile app, or messaging platforms. Passengers can initiate a conversation with
the bot by providing their travel details, preferences, and other required information.
2. Natural Language Processing (NLP): The bot utilizes natural language processing techniques
to understand and interpret the passenger's queries and requests. It can process text or
voice inputs and extract relevant information to facilitate ticket booking.
3. Query Handling: The bot responds to passenger queries related to ticket availability, fares,
train schedules, seat preferences, and other relevant information. It can provide real-time
updates and answers to common passenger questions.
4. Booking Process: Upon receiving a booking request, the bot collects the necessary details
from the passenger, including travel dates, destinations, class preferences, and passenger
information. It validates the inputs, checks seat availability, and calculates fares based on
the carrier's pricing structure.

Digital Auditing and Assurance 17.21

 5. Integration with Booking Systems: The bot interfaces with the carrier's booking systems to
check seat availability, reserve seats, and process payment transactions. It securely
communicates with the backend systems to initiate the booking process.
6. Payment Processing: The bot facilitates secure payment transactions, allowing passengers
to provide payment details and complete the booking. It may integrate with various payment
gateways or services to process credit card payments, net banking, or other payment
methods.
7. Confirmation and Ticket Generation: Once the booking is successfully processed, the bot
generates a booking confirmation along with a unique ticket number. It provides the
passenger with the necessary information, including the ticket details, train information, and
any other relevant instructions.
8. Ancillary Services: The bot may offer additional services such as seat upgrades, meal
selection, travel insurance, or other ancillary offerings. It can provide information and assist
passengers in availing these services during the booking process.
9. Post-Booking Support: The bot can assist passengers with post-booking support, including
itinerary changes, cancellations, or ticket modifications. It handles these requests, checks
the carrier's policies, and processes the necessary changes as per the passenger's
requirements.
10. Integration with Customer Support: The bot may be integrated with customer support
systems to escalate complex queries or issues to human agents when necessary. It can
provide a seamless transition from automated assistance to human interaction, ensuring a
high level of customer service.

C. ILLUSTRATIVE STEPS TO AUDIT THE ABOVE TICKET BOOKING BOT: Following are the illustrative
steps to audit ticket booking bot system:
1. Identify the objectives and goals of auditing the IRCTC ticket booking bot.
2. Determine the scope of the audit, including the specific aspects of the bot's functionality
and operations to be evaluated.
3. Review relevant regulatory and compliance standards applicable to the ticket booking
process, such as data protection and privacy regulations, payment card industry standards,
and any specific industry guidelines.
4. Identify and assess potential risks associated with the ticket booking bot, such as
unauthorized access to customer data, system failures, or inaccurate booking information.
5. Develop a comprehensive set of audit procedures to assess the effectiveness, efficiency, and
compliance of the ticket booking bot.
6. Reviewing the system architecture, design, and documentation.
7. Evaluating the security measures in place, including authentication, access controls, and
encryption.
8. Testing the bot's functionality by simulating booking scenarios and verifying the accuracy of
the results.
9. Assessing the performance of the bot, such as response times and scalability.
10. Analyzing logs and audit trails to detect any unusual or suspicious activities.
11. Examining the data handling processes, ensuring proper encryption, storage, and protection
of customer data.
12. Verifying compliance with relevant regulations, policies, and procedures.

Digital Auditing and Assurance 17.22

 13. Conducting penetration testing or vulnerability assessments to identify potential
weaknesses in the bot's security.
14. Decide on the appropriate sampling methodology to evaluate the bot's performance and
compliance. This may involve selecting a representative sample of booking transactions or
data for analysis.
15. Conduct the audit based on the defined procedures, following best practices and
professional audit standards.
16. Document your findings, including any issues or areas of improvement identified during the
audit.
17. Compile the audit findings into a comprehensive report, detailing the audit objectives,
scope, procedures performed, and results.
18. Provide recommendations for addressing any identified weaknesses, risks, or non-
compliance issues.
19. Present the report to relevant stakeholders, such as management, IT teams, and compliance
officers.
20. Track the implementation of recommended actions and ensure appropriate measures are
taken to address any identified weaknesses.
21. Periodically review and monitor the bot's performance, security, and compliance to ensure
ongoing effectiveness.

D. AUDIT IMPLICATIONS:
1. It is of utmost importance for auditors to understand RPA processes, which include data
extraction, aggregation, sanitization and cleansing.
2. Unless auditors understand these processes, they will not be in a position to initiate an audit.
3. A comprehensive assurance process might demand review of the source code.
4. To perform substantive testing, auditors must have an understanding of the tools used to
develop and maintain RPA.
5. This will be helpful when auditors review logs, configuration controls, privileged access
controls and the like. General IT controls are applicable as always.

E. COMMON RISKS OF RPA:

1. Operational and execution risks:
a. Robots are deployed without proper operating model.
b. Buying the wrong tool, making wrong assumptions, taking shortcuts, and jeopardizing
security and compliance.
c. Assigning proper responsibilities, training and clearly stating about changing roles also
can help you reduce operational risk to a great extent.
2. Change management risks: Not following the change management implementation
lifecycle, improper and incomplete testing (not covering all scenarios) leads to inaccurate
results.
3. RPA Strategy Risk:
a. Setting wrong expectations, improper KPIs, and unrealistic business goals creates an
environment of uncertainty.
b. Management should discuss, and analyse the complete working characteristics,
potential, and limitations of RPA before drafting a robotic process automation.

Digital Auditing and Assurance 17.23

F. RPA TO CHECK IND AS, IFCOFR AND STANDARDS ON AUDITING:
1. Incorporating Standards on Auditing, IFCoFR, IND AS in audit practices ensures accurate
financial reporting, effective internal controls, and reliable audit procedures.
2. Leveraging RPA in conjunction with these frameworks can significantly enhance audit
efficiency, accuracy, and compliance.
3. RPA developers and auditors should collaborate to align RPA workflows with relevant
standards and guidelines, ultimately improving the effectiveness of audits and enhancing
client assurance.

[Link].20 WHAT ARE THE CONTROL CONSIDERATIONS THAT AN AUDITOR SHOULD FOCUS IN CASE
OF AUDITING DIGITALLT?
ANSWER:
Emerging technologies can bring great benefits, but they also come with a varied set of substantial
risks. The strength of the auditing profession is the assessment of risks and controls.
As they address the challenge of assessing technology risk, auditors can and should focus on the
following control considerations:
1. Auditors should gain a holistic understanding of changes in the industry and the information
technology environment to effectively evaluate management’s process for initiating, processing,
and recording transactions and then design appropriate auditing procedures.
2. Auditors, as appropriate, should consider risks resulting from the implementation of new
technologies and how those risks may differ from those that arise from more traditional, legacy
systems.
3. Auditors should consider whether digital upskilling or specialists are necessary to determine
the impact of new technologies and to assist in the risk assessment and understanding of the
design, implementation, and operating effectiveness of controls. E.g., cybersecurity control
experts, IT specialists in the team etc
4. Some examples of technology risks where auditors should test the appropriate controls for
relying on the digital systems:
a. Reliance on systems or programs that are inaccurately processing data, processing
inaccurate data, or both.
b. Unauthorized access to data that might result in destruction of data or improper changes to
data, including the recording of unauthorized or non-existent transactions or inaccurate
recording of transactions (specific risks might arise when multiple users access a common
database).
c. The possibility of information technology personnel gaining access privileges beyond those
necessary to perform their assigned duties, thereby leading to insufficient segregation of
duties.
d. Unauthorized or erroneous changes to data in master files.
e. Unauthorized changes to systems or programs.
f. Failure to make necessary or appropriate changes to systems or programs.
g. Inappropriate manual intervention.
h. Potential loss of data or inability to access data as required.
i. Risks introduced when using third-party service providers.

Digital Auditing and Assurance 17.24

 j. Cybersecurity risks.

[Link].21 WHAT ARE THE KEY STEPS FOR AUDITORS IN A CHANGING TECHNOLOGY
ENVIRONMENT?
ANSWER:
As auditors obtain an understanding of the impact of technology on a company’s business, its
systems of internal control, and its financial reporting, some important reminders include the
following:
1. Maintain sufficient professional skepticism when reviewing management’s risk assessment for
new systems.
2. Understand the direct and indirect effects of new technology and determine how its use by the
entity impacts the auditor’s overall risk assessment.
3. Understand how the technologies impact the flow of transactions, assess the completeness of
the in-scope ICFR systems, and design a sufficient and appropriate audit response.
4. Assess the appropriateness of management’s processes to select, develop, operate, and
maintain controls related to the organization’s technology based on the extent the technology
is used.

[Link].22 EXPLAIN THE CONCEPT OF NEXT GEN AUDIT?

ANSWER:
A. MEANING:
1. The Next Generation Audit is human-led, tech-powered and data-driven. It is based on
combining emerging technologies to redefine how audits are performed.
2. Next Generation Audit aims to the following:
From To
Sampling populations Full population analysis
Multiple datasets One date set
Disconnected tools Integrated ecosystem services
Manual risk assessments Dynamic, data-driven risk assessment
Separated communication Embedded communication
Repetitive tasks High value work and capacity for growth
Manual work Automation
Ad hoc insights Insights from a broader audit
3. We live in an era of fast technological progress, with new digital devices, applications, and
tools being developed almost on a daily basis.
4. 3D printing, augmented reality (AR) and virtual reality (VR), biotechnology, auditing through
drones (also known as an ‘Unmanned Aerial Vehicle’ (UAV)and quantum technology are
some of the most rapidly advancing areas, with many implications for society.

B. SOME OF THE MOST RAPIDLY USED TECHNOLIGIES OF NEXT GEN AUDIT:

1. Drone Technology:
a. Using drone technology in the remote locations for stock counts.

Digital Auditing and Assurance 17.25

 b. Drones have great payload capacity for carrying sensors and cameras, thus they can
photograph and physically examine the count of large quantities of fixed assets and
inventory.
c. Drone captured audit information can be combined with various alternative sources of
information such as QR code readers, handheld bar scanners, manual counts etc. to
optimise quality of deliverables, consolidate audit information and enhance the
execution speed while ensuring correctness and completeness of data.
2. Augmented reality: The technology allows users to view the real-world environment with
augmented (added) elements, generated by digital devices. One famous example was
Pokémon Go, a game for mobile devices in which players chase imaginary digital creatures
(visible on their mobile phones) around physical locations.
3. Virtual reality: VR goes a step forward and replaces the real world entirely with a simulated
environment, created through digitally generated images, sounds, and even touch and
smell. Using special equipment, such as a custom headset, the user can explore a simulated
world or simulate experiences such as flying or skydiving.
4. Metaverse:
a. The metaverse is the emerging 3-D digital space that uses virtual reality, augmented
reality, and other advanced internet technology to allow people to have lifelike personal
and business experiences online.
b. It represents a convergence of digital technology to combine and extend the reach and
use of Cryptocurrency, Artificial Intelligence (AI), Augmented Reality (AR) and Virtual
Reality (VR).
c. The internet offers many experiences today, but tomorrow’s Metaverse will feel more
interconnected than ever before.
d. Some considerations for future
i. Beyond cryptocurrencies, coins, and exchanges, players in the Metaverse will need
to consider how to build digital monetary systems and apply economic principles to
things like digital land.
ii. Governance models will become ever more difficult to balance openness and user
contribution with strategic direction and innovation.
iii. Identity in the digital world has historically been different based on the platform
utilized. The practical challenge of identity will also have to be considered in the
Metaverse (e.g., KYC).
iv. Synchronicity is the ability for aspects of the Metaverse to be multiplayer,
simultaneous, and real-time. This includes transactions and actions happening in the
Metaverse and are dependent on the infrastructure of digital economies, networking
and computing power required to operate a digital world.
e. Case scenarios to illustrate the potential application of the metaverse in the financial
domain:
i. Virtual Banking and Transactions: A forward-thinking financial institution,
establishes a presence in the metaverse to offer virtual banking services. Users can
create virtual bank accounts, access personalized financial dashboards, and perform
transactions using virtual currencies. Customers can seamlessly transfer funds, make
virtual purchases, and engage in virtual commerce, all within the immersive
environment of the metaverse. XYZ Bank leverages the metaverse to provide a

Digital Auditing and Assurance 17.26

 convenient and interactive banking experience, attracting tech-savvy customers who
value digital innovation.
ii. Digital Asset Management: A digital asset management company, recognizes the
growing popularity of virtual assets in the metaverse. They launch a virtual asset
trading platform within the metaverse, allowing users to buy, sell, and trade NFTs
and other digital assets. Investors can diversify their portfolios, participate in virtual
auctions, and even showcase their virtual art collections in virtual galleries. Crypto
Investments Ltd. leverages the metaverse's decentralized and secure infrastructure
to facilitate transparent and efficient transactions of virtual assets.
iii. Virtual Financial Education and Training: A Financial Learning Academy aims to
enhance financial literacy using the metaverse. They create a virtual classroom
environment where participants can attend interactive financial education sessions.
Students can engage in simulated investment activities, learn about budgeting and
financial planning, and gain hands-on experience through virtual trading simulations.
Financial Learning Academy leverages the immersive nature of the metaverse to
provide an engaging and practical financial education platform, preparing
individuals for real-world financial challenges.
iv. Virtual Meetings and Conferences: For a leading industry even an organisation hosts
a virtual conference within the metaverse. Participants from around the world can
access the conference through their virtual avatars. They can attend keynote
speeches, panel discussions, and networking events in virtual conference halls.
Attendees can interact with industry experts, explore virtual exhibition booths, and
establish valuable connections in the financial sector. Global Finance Summit
leverages the metaverse to create a global and inclusive conference experience,
fostering collaboration and knowledge sharing.
v. Data Visualization and Analytics: A company utilizes the metaverse to offer
advanced data visualization and analytics tools to financial professionals. Their
virtual analytics platform allows users to visualize complex financial data in
interactive and immersive 3D environments. Users can explore data trends, conduct
simulations, and analyze financial performance through intuitive interfaces within
the metaverse. Analytics Solutions Inc. leverages the metaverse's immersive
capabilities to enhance data-driven decision-making, enabling financial professionals
to gain deeper insights into market trends and make informed investment decisions.

C. COMMON RISKS ASSOCIATED:

1. Beyond their potential, these technologies also come with challenges such as public safety,
cybersecurity, data privacy, data protection, lack of standards and technical challenges.
2. Since they often track movements and data, massive amounts of data are generated about
the whereabouts of users.
3. It also raises questions about taxation, jurisdiction, and customer protection.
4. Regulators and auditors have to think of the controls around privacy, data security,
governance to make it more regulated.

Digital Auditing and Assurance 17.27

 18. GROUP AUDIT

A. CONSOLIDATED FINANCIAL STATEMENTS:

1. Consolidated Financial Statements are the financial statements of a group in which the
assets, liabilities, equity, income, expenses and cash flows of the parent and its subsidiaries
are presented as those of a single economic entity.
2. In other words, consolidated financial statements present the financial position of an entire
group including the parent and its group companies. Whereas separate financial statements
present the financial position of a single entity for which the financial statements are
prepared.
3. Consolidated financial statements provide a complete overview of the operations and
profitability of the entire group which is controlled by the parent.
4. The formats for preparation of balance sheet, statement of profit and loss and a statement
of change in equity (if applicable) are prescribed under the Schedule III of the Companies
Act, 2013.
5. Consolidated Financial Statements include
a. Consolidated balance sheet
b. Consolidated statement of profit and loss
c. Consolidated cash flow statement
d. Consolidated statement of change in equity (if applicable) and
e. Any explanatory notes annexed to, or forming part thereof.
6. Accounting Standard (AS) 21 ‘Consolidated Financial Statements’ and Indian Accounting
Standard (Ind AS) 110, ‘Consolidated Financial Statements’ lay down principles and
procedures for preparation and presentation of consolidated financial statements under AS
and Ind AS respectively.

B. PROVISIONS OF COMPANIES ACT, 2013 REGARDING CONSOLIDATED FINANCIAL STATEMENTS:

1. According to Section 129(3) of the Companies Act, 2013, where a company has one or more
subsidiaries, including associate company and joint venture, it shall, in addition to its own
financial statements prepare a consolidated financial statement of the company and of all
the subsidiaries in the same form and manner as that of its own.
2. Further, section 129(4) of the said Act, provides that the provisions applicable to the
preparation, adoption and audit of the financial statements of a holding company shall,
mutatis mutandis, also apply to its the consolidated financial statements.
3. The consolidated financial statements shall also be approved by the Board of Directors
before they are signed on behalf of the Board, along with its standalone financial statements
and shall also be laid before the annual general meeting of the company along with the
laying of its standalone financial statement.
4. The company shall also attach along with its financial statement, a separate statement
containing the salient features of the financial statement of its subsidiary(ies) in Form AOC-
1.

Group Audits 18.1

 5. However, the requirement related to preparation of consolidated financial statements shall
not apply to a company if it meets the following conditions:
(i) it is a wholly-owned subsidiary, or is a partially-owned subsidiary of another
company and all its other members, including those not otherwise entitled to vote,
having been intimated in writing and for which the proof of delivery of such
intimation is available with the company, do not object to the company not
presenting consolidated financial statements;
(ii) it is a company whose securities are not listed or are not in the process of listing on
any stock exchange, whether in India or outside India; and
(iii) its ultimate or any intermediate holding company files consolidated financial
statements with the Registrar which are in compliance with the applicable
Accounting Standards.
6. As per section 129(6) of the Companies Act, 2013, the Central Government may, on its own
or on an application by a class or classes of companies, by notification, exempt any class or
classes of companies from complying with any of the requirements of section 129 or the
rules made thereunder, if it is considered necessary to grant such exemption in the public
interest and any such exemption may be granted either unconditionally or subject to such
conditions as may be specified in the notification.
7. Further, an investment entity need not present consolidated financial statements if it is
required, in accordance with paragraph 31 of Ind AS 110, to measure all of its subsidiaries
at fair value through profit or loss. A parent shall determine whether it is an investment
entity.
8. An investment entity is an entity that:
a. obtains funds from one or more investors for the purpose of providing those investor(s)
with investment management services;
b. commits to its investor(s) that its business purpose is to invest funds solely for returns
from capital appreciation, investment income, or both; and
c. measures and evaluates the performance of substantially all of its investments on a fair
value basis.
9. However, as per paragraph 33 of Ind AS 110, the parent of an investment entity shall
consolidate all entities that it controls, including those controlled through an investment
entity subsidiary, unless the parent itself is an investment entity.

C. RESPONSIBILITY OF PARENT:
1. The responsibility for the preparation and presentation of consolidated financial statements,
among other things, is that of the management of the parent. This includes:
a. Identifying components, and including the financial information of the components to
be included in the consolidated financial statements.
b. Where appropriate, identifying reportable segments for segmental reporting;
c. Identifying related parties and related party transactions for reporting;
d. Obtaining accurate and complete financial information from components;
e. Making appropriate consolidation adjustments;
f. Harmonization of accounting policies and accounting framework; and

Group Audits 18.2

 g. GAAP conversion, where applicable.
2. Apart from the above, the parent ordinarily issues instructions to the management of the
component specifying the parent’s requirements relating to financial information of the
components to be included in the consolidated financial statements.
3. The instructions ordinarily cover the accounting policies to be applied, statutory and other
disclosure requirements applicable to the parent, including the identification of and
reporting on reportable segments, and related parties and related party transactions, and a
reporting timetable.

D. RESPONSIBILITY OF THE AUDITOR OF THE CONSOLIDATED FINANCIAL STATEMENTS:

1. The principal auditor of the consolidated financial statements is responsible for expressing
an opinion on whether the consolidated financial statements are prepared, in all material
respects, in accordance with the financial reporting framework under which the parent
prepares the consolidated financial statements in addition to reporting on the additional
matters as required under the Companies Act, 2013 and any other statute to the extent
applicable.
2. Therefore, the auditor's objectives in an audit of consolidated financial statements are:
a. To satisfy himself that the consolidated financial statements have been prepared in
accordance with the requirements of the applicable financial reporting framework.
b. To enable himself to express an opinion on the true and fair view presented by the
consolidated financial statements.
c. To enquire into the matters as specified in section 143(1) of the Companies Act, 2013.
d. To report on the matters given in the section 143(3) of the Companies Act, 2013.
e. The auditor should also validate the requirement of preparation of CFS for the company
as per applicable financial reporting framework.
3. Standards on Auditing, Statements and Guidance Notes on auditing matters issued by the
Institute of Chartered Accountants of India (ICAI) apply in the same manner to audit of
consolidated financial statements as they apply to audit of standalone financial statements.
4. It means that the auditors, while conducting the audit of consolidated financial statements
are, inter alia, expected to:
a. Plan their work to enable them to conduct an effective audit in an efficient and timely
manner.
b. Obtain an understanding of the accounting and internal control systems including IT
system like consolidation tool, sufficient to plan the audit and determine the nature,
timing and extent of his audit procedures. Such an understanding would help the
auditors to develop an effective audit approach.
c. Use professional judgement to assess audit risk and to design audit procedures to ensure
that the risk is reduced to an acceptable level, etc.

E. AUDIT CONSIDERATIONS:
1. The following features of consolidated financial statements have an impact on the related
audit procedures:

Group Audits 18.3

 a. The consolidated financial statements are prepared on the basis of separate financial
statements of the parent and its components, using the consolidation procedures
prescribed by Accounting Standards under applicable financial reporting framework; and
b. The auditor of the consolidated financial statements may use the work of other auditors
as per requirement of Standards on Auditing unless the auditor of consolidated financial
statements is also the auditor of the other components of the group.
2. The consolidated financial statements are prepared using other information also. The ‘other
financial information’ would include
a. disclosures to be made in the consolidated financial statements about the components,
b. proportion of items included in the consolidated financial statements to which different
accounting policies have been applied where permitted,
c. adjustments made for the effects of significant transactions or other events that occur
between the financial statements of parent and its components, as the case may be, etc.
3. If the auditor is of the view that his own participation may not be enough or sufficient, he
should consider using the work of ‘other auditors’.
a. Such ‘other auditors’ might be the statutory auditors of the separate financial statements
of one or more of the components or the auditors appointed specifically for assisting the
auditor of the consolidated financial statements (the principal auditor).
b. The principal auditor, if he decides to use the work of another auditor in relation to the
audit of consolidated financial statements, should comply with the requirements of SA
600.
4. Determination of materiality: In carrying out the audit of the standalone financial
statements, the computation of materiality for the purpose of issuing an opinion on the
standalone financial statements of each component would be done component-wise on a
standalone basis. However, with regard to determination of materiality during the audit of
consolidated financial statements (CFS), the auditor should consider the following:
a. The auditor is required to compute the materiality for the group as a whole. This
materiality should be used to assess the appropriateness of the consolidation
adjustments (i.e. permanent consolidation adjustments and current period
consolidation adjustments) that are made by the management in the preparation of CFS.
b. The parent auditor can also use the materiality computed on the group level to
determine whether the component's financial statements are material to the group to
determine whether they should scope in additional components and consider using the
work of other auditors as applicable.
c. The principal auditor also computes the materiality for each component and
communicates to the component auditor, if he believes is required for a true and fair
view on CFS.
d. The principal auditor also obtains certain confirmations from component auditors like
independence, code of ethics, certain information required for consolidation and
disclosure requirements etc.
5. However, while considering the observations (for instance modification and /or emphasis of
matter in accordance with SA 705/706) of the component auditor in his report on the
standalone financial statements, the principles of SA 600 need to be considered.

Group Audits 18.4

F. AUDITING THE CONSOLIDATION:
1. Before commencing an audit of consolidated financial statements, the auditor should plan
his work to enable him to conduct an effective audit in an efficient and timely manner. The
auditor should make plans, among other things, for the following:
a. Understanding of the group structure and group-wide controls including assessment of
Information Technology (IT) system and related general and applications IT related
controls (manual and automated) for consolidation process.
b. Understanding of accounting policies of the parent and its components as well as of the
consolidation process including the process of translation of financial statements of
foreign components.
c. Determining and programming the nature, timing, and extent of the audit procedures to
be performed based on the assessment of the risk of material misstatement in
consolidation process.
d. Determining the extent of use of other auditor’s work in the audit.
e. Coordinating the work to be performed.
2. The auditor should obtain a listing of all the components included in the consolidated
financial statements and review the information provided by the management of the parent
identifying the components. The auditor should verify that all the components have been
included in the consolidated financial statements unless these components meet criterion
for exclusion.
3. In respect of completeness of this information, the auditor should perform the following
procedures:
a. Review his working papers for the prior years for the known components.
b. Review the parent’s procedures for identification of various components.
c. Make inquiries of the management to identify any new components or any component
which goes out of consolidated financial statements.
d. Review the investments of parent as well as its components to determine the
shareholding in other entities.
e. Review the joint ventures and joint arrangements as applicable.
f. Review the other arrangements entered into by the parent that have not been included
in the consolidated financial statements of the group.
g. Review the statutory records maintained by the parent, for example registers under
section 186, 190 of the Companies Act, 2013.
h. Identify the changes in the shareholding that might have taken place during the
reporting period.
4. The auditor should document procedures performed for assessing completeness of the
components to be consolidated.
5. The auditor shall review the minutes of the board meetings to understand various means by
which control, joint control or significant influence can be obtained.
6. Exclusion of component from the consolidated financial statements:

Group Audits 18.5

 a. Where a component is excluded from the consolidated financial statements, the auditor
should examine the reasons for exclusion and whether such exclusion is in conformity
with the applicable financial reporting framework.
b. There could be two reasons for exclusion of a subsidiary, associate or jointly controlled
entity-one,
i. That the relationship of parent with the subsidiary, associate or jointly controlled
entity is intended to be temporary
ii. The subsidiary, associate or joint venture operates under severe long-term
restrictions which significantly impair its ability to transfer funds to the parent.
c. Similarly, under the Companies Act, 2013, intermediate subsidiary in India is not required
to present consolidated financial statements, if a company meets the certain condition.
7. Change in the status of the component:
a. The auditor should also examine whether there is any change in the status of a
component (e.g., subsidiary to associate, JV to associate or vice – versa).
b. The auditor, in such cases, should examine whether these changes have been
appropriately accounted for in the consolidated financial statements as required by the
relevant accounting standards/Ind AS under the applicable financial reporting
framework.
G. SPECIAL CONSIDERATIONS:

1. Permanent Consolidation Adjustments:

a. Permanent consolidation adjustments are those adjustments that are made only on the
first occasion or subsequent occasions in which there is a change in the shareholding of
a particular entity which is consolidated.
b. Permanent consolidation adjustments are:
i. Determination of goodwill or capital reserve as per applicable accounting standards.
ii. Determination of amount of equity attributable to minority/ non- controlling
interests.
c. The auditor should verify that the above calculations have been made appropriately.
i. The auditor should pay particular attention to the determination of pre-acquisition
reserves of the components. Date(s) of investment in components assumes
importance in this regard.
ii. The auditor should also examine whether the pre-acquisition reserves have been
allocated appropriately between the parent and the minority interests/ non-
controlling interests of the subsidiary.
iii. The auditor should also verify the changes that might have taken place in these
permanent consolidation adjustments on account of subsequent acquisition of
shares in the components, disposal of the components in the subsequent years.
d. It may happen that while working out the permanent consolidation adjustments, in the
case of one subsidiary, goodwill arises and in the case of another subsidiary, capital
reserve arises. The parent may choose to net off these amounts to disclose a single
amount in the consolidated balance sheet where permitted by the applicable financial
reporting framework.

Group Audits 18.6

 e. In such cases, the auditor should verify that the gross amounts of goodwill and capital
reserves arising on acquisition of various subsidiaries have been disclosed in the notes
to the consolidated financial statements to reflect the excess/shortage over the parents’
portion of the subsidiary’s equity.

2. Current Period Consolidation Adjustments:

a. Current period adjustments are those adjustments that are made in the accounting
period for which the consolidation of financial statements is done.
b. Current period consolidation adjustments primarily relate to the elimination of intra-
group transactions and account balances including:
i. Intra-group interest paid and received, or management fees, etc.
ii. Unrealised intra-group profits on assets acquired/ transferred from/ to other
subsidiaries
iii. Record deferred taxes on unrealised intercompany profits elimination in accordance
with Ind AS 12
iv. Intra-group indebtedness
v. Adjustments related to harmonising the different accounting policies being followed
by the parent and its components
vi. Adjustments to the financial statements (of the parent and the components being
consolidated) for recognized subsequent events or transactions that occur between
the balance sheet date and the date of the auditor’s report on the consolidated
financial statements of the group.
vii. Adjustments for the effects of significant transactions or other events that occur
between the date of the components balance sheet and not already recognised in
its financial statements and the date of the auditor’s report on the group’s
consolidated financial statements when the financial statements of the component
to be used for consolidation are not drawn upto the same balance sheet date as that
of the parent.
viii. In case of a foreign component, adjustments to convert a component’s audited
financial statements prepared under the component’s local GAAP to the GAAP under
which the consolidated financial statements are prepared.
ix. Determination of movement in equity attributable to the minorities interest/non-
controlling interest since the date of acquisition of the subsidiary. It should also be
noted that under Ind AS, non-controlling interest can also result in negative balance.
Unlike earlier AS, as per paragraph 28 of Ind AS 27, if the net worth of subsidiary is
negative, non-controlling interest could have deficit balance.
x. Adjustments of deferred tax on account of temporary differences arising out of
elimination of profit and losses resulting from intragroup transactions and
undistributed profits of the component in case of consolidated financial statements
prepared under Ind AS.
c. The adjustments required for preparation of consolidated financial statements are made
in memorandum records kept for the purpose by the parent. The auditor should review

Group Audits 18.7

 the memorandum records to verify the adjustment entries made in the preparation of
consolidated financial statements.
d. Apart from reviewing the memorandum records, the auditor should inter alia:
i. Verify that the intra group transactions and account balances have been eliminated.
ii. Verify that the consolidated financial statements have been prepared using uniform
accounting policies for like transactions and other events in similar circumstances.
iii. Verify that adequate disclosures have been made in accordance with AS 21 in the
consolidated financial statements of application of different accounting policies in
case, it was impracticable to harmonize them. Applying a requirement is
impracticable when the entity cannot apply it after making every reasonable effort
to do so but while preparing CFS under Ind AS, auditors should ensure that
appropriate adjustments are made to that group member’s financial statements in
preparing the consolidated financial statements to ensure conformity with the
group’s accounting policies in accordance with Ind AS 110.
iv. Verify the adjustments made to harmonise the different accounting policies
including adjustments made by management to convert a component’s financial
statements prepared under the component’s GAAP to the GAAP under which the
consolidated financial statements are prepared.
v. Verify the calculation of minorities/non-controlling interest.
vi. Verify adjustments relating to deferred tax on account of temporary differences
arising out of elimination of profit and losses resulting from intergroup transactions
(where the parent’s accounts are maintained in Ind AS).
vii. Verify that income and expenses of the subsidiary are included in consolidated
financial statements from the date it gains control until the date when the entity
ceases to control the subsidiary and further such income and expenses are based on
the amounts of the assets and liabilities recognised in consolidated financial
statements at the acquisition date.
e. Impairment:
i. One of the important adjustment that may be required in the current period is
determination of impairment loss that might exist for goodwill arising on
consolidation.
ii. Goodwill arising on consolidation is carried at the value determined at the date of
acquisition of the component, and the same is to be tested for impairment loss at
every balance sheet date.
iii. The auditor should examine whether any impairment loss has been determined by
the parent. If yes, the auditor should examine the procedure followed for
determination of impairment loss.
iv. The auditor should satisfy himself that the amount of impairment loss determined is
fair.
v. In case the impairment loss in goodwill of a component has been determined in
foreign currency, the auditor should verify if any amount of loss in local currency
need to be adjusted from currency translation reserve on account of movement in
the exchange rate from the date when the goodwill was first accounted for in the

Group Audits 18.8

 consolidated financial statement of parent, to the date of determination of
impairment loss.
f. Financial statements of the components used in the consolidation drawn up to the
date other than the reporting date as that of the parent:
i. The financial statements of the components used in the consolidation should be
drawn up to the same reporting date as that of the parent.
ii. If it is not practicable to draw up the financial statements of one or more components
to such date and, accordingly, those financial statements are drawn up to different
reporting dates, adjustments should be made for the effects of significant
transactions or other events that occur between those dates and the date of the
parent’s financial statements.
iii. In any case, the difference between reporting dates should not be more than six
months in case of financial statements under AS and three months in case of financial
statements under Ind AS.
iv. The auditor of the consolidated financial statements should review other
components’ results between its financial reporting date and that of the parent for
significant transactions or other events that have taken place during the period and,
therefore, need to be reflected in the consolidated financial statements.
v. Recognition should be given by disclosure or otherwise to the effect of intervening
events which materially affect the financial position, results of operations or cash
flows.
g. Disclosures:
1. The auditor should:
a. examine that the notes required by the applicable standards which are necessary
for presenting a true and fair view of the consolidated financial statements have
been included in the consolidated financial statements as an integral part
thereof; and
b. examine that additional statutory information disclosed in the separate financial
statements of the subsidiary and/or a parent having bearing on the true and fair
view of the consolidated financial statements have been disclosed in the
consolidated financial statements.
2. The information such as the following given in the notes to the separate financial
statements of the parent and/or the subsidiary, need not be included in the
consolidated financial statements:
(i) Source from which bonus shares are issued, e.g., capitalisation of profits or
reserves or from securities premium account.
(ii) Disclosure of all unutilised monies out of the issue indicating the form in
which such unutilised funds have been invested.
(iii) Disclosure required under Micro, Small and Medium Enterprises
Development Act, 2006.
(iv) A statement of investments (whether shown under “financial assets or non-
financial assets as stock-in-trade) separately classifying trade investments
and other investments, showing the names of the bodies corporate

Group Audits 18.9

 (indicating separately the names of the bodies corporate under the same
management) in whose shares or debentures, investments have been made
(including all investments, whether existing or not, made subsequent to the
date as at which the previous balance sheet was made out) and the nature
and extent of the investment so made in each such body corporate.
(v) Value of imports calculated on C.I.F. basis by the company during the financial
year in respect of:
(a) raw materials;
(b) components and spare parts;
(c) capital goods.
(vi) Expenditure in foreign currency during the financial year on account of
royalty, know-how, professional and consultation fees, interest, and other
matters.
(vii) Value of all imported raw materials, spare parts and components consumed
during the financial year and the value of all indigenous raw materials, spare
parts and components similarly consumed and the percentage of each to the
total consumption.
(viii) The amount remitted during the year in foreign currencies on account of
dividends, with a specific mention of the number of non-resident
shareholders, the number of shares held by them on which the dividends
were due and the year to which the dividends related.
(ix) Earnings in foreign exchange classified under the following heads, namely:
a. export of goods calculated on F.O.B. basis;
b. royalty, know-how, professional and consultation fees;
c. interest and dividend;
d. other income, indicating the nature thereof.

However, notwithstanding the above, the auditor needs to ensure compliance with
disclosure requirements of applicable accounting standards and other applicable laws
for consolidated financial statements.

H. MANAGEMENT REPRESENTATIONS:
1. SA 580, “Written Representations” requires the auditor to obtain written representations
from management and, where appropriate, those charged with governance.
2. The auditor of the consolidated financial statements should obtain evidence that the
management of the parent acknowledges its responsibility for a true and fair presentation
of the consolidated financial statements in accordance with the financial reporting
framework applicable to the parent and that parent management has approved the
consolidated financial statements.
3. In addition, the auditor of the consolidated financial statements obtains written
representations from parent management on matters material to the consolidated financial
statements.
4. Examples of such representations include:

Group Audits 18.10

 a. Completeness of components included in the CFS;
b. Identification of reportable segments for segmental reporting;
c. Identification of related parties and related party transactions for reporting;
d. Appropriateness and completeness of permanent and current period consolidation
adjustments, including the elimination of intra-group transactions.

I. REPORTING:
1. When the Parent’s Auditor is also the Auditor of all its Components: While drafting the
audit report, the auditor should report:
a. Whether principles and procedures for preparation and presentation of consolidated
financial statements as laid down in the relevant accounting standards have been
followed. In case of any departure or deviation, the auditor should consider the
requirements given in SA 705, Modifications to the Opinion in the Independent Auditor’s
reports in the audit report so that users of the consolidated financial statements are
aware of such deviation.
b. Auditor should issue an audit report expressing opinion whether the consolidated
financial statements give a true and fair view of the state of affairs of the Group as on
balance sheet date and as to whether consolidated profit and loss statement gives true
and fair view of the results of consolidated profit or losses of the Group for the period
under audit.
c. Where the consolidated financial statements also include a cash flow statement, the
auditor should also give his opinion on the true and fair view of the cash flows presented
by the consolidated cash flow statements.
2. When the Parent’s Auditor is not the Auditor of all its Components:
a. In a case where the parent’s auditor is not the auditor of all the components included in
the consolidated financial statements, the auditor of the consolidated financial
statements should also consider the requirement of SA 600.
b. As prescribed in SA 706, if the auditor considers it necessary to make reference to the
audit of the other auditors, the auditor’s report on the consolidated financial statements
should disclose clearly the magnitude of the portion of the financial statements audited
by the other auditor(s).
c. This may be done by stating aggregate rupee amounts or percentages of total assets,
revenues and cash flows of components included in the consolidated financial
statements not audited by the parent’s auditor.
d. Total assets, revenues and cash flows not audited by the parent’s auditor should be
presented before giving effect to permanent and current period consolidation
adjustments.
e. Reference in the report of the auditor on the consolidated financial statements to the
fact that part of the audit of the group was made by other auditor(s) is not to be
construed as a qualification of the opinion but rather as an indication of the divided
responsibility between the auditors of the parent and its subsidiaries.
3. When the Component(s) Auditor Reports on Financial Statements under an Accounting
Framework Different than that of the Parent:

Group Audits 18.11

 a. The parent may have components located in multiple geographies outside India applying
an accounting framework (GAAP) that is different than that of the parent in preparing its
financial statements.
b. Local component auditors may be unable to report on financial statements prepared
using the parent’s GAAP because of their unfamiliarity with such GAAP.
c. When a component’s financial statements are prepared under an accounting framework
that is different than that of the framework used by the parent in preparing group’s
consolidated financial statements, the parent’s management perform a conversion of
the components’ audited financial statements from the framework used by the
component to the framework under which the consolidated financial statements are
prepared.
d. The conversion adjustments are audited by the principal auditor to ensure that the
financial information of the component(s) is suitable and appropriate for the purposes
of consolidation.
e. A component may alternatively prepare financial statements on the basis of the parent’s
accounting policies, as outlined in the group accounting manual, to facilitate the
preparation of the group’s consolidated financial statements.
f. The group accounting manual would normally contain all accounting policies, including
relevant disclosure requirements, which are consistent with the requirements of the
financial reporting framework under which the group’s consolidated financial
statements are prepared.
g. The local component auditor can then audit and issue an audit report on the
components financial statements prepared in accordance with “group accounting
policies”.
h. When applying the approach of using group accounting policies as the financial
accounting framework for components to report under, the principal/parent auditors
should perform procedures necessary to determine compliance of the group accounting
policies with the GAAP applicable to the parent’s financial statements.
4. When the Component(s) Auditor Reports under an Auditing Framework Different than
that of the Parent:
a. Normally, audits of financial statements, including consolidated financial statements, are
performed under auditing standards generally accepted in India (“Indian GAAS”).
b. In order to maintain consistency of the auditing framework and to enable the parent
auditor to rely and refer to the other auditor’s audit report in their audit report on the
consolidated financial statements, the components’ financial statements should also be
audited under a framework that corresponds to Indian GAAS.
5. Components Not Audited:
a. Generally, the financial statements of all components included in consolidated financial
statements should be audited or subjected to audit procedures in the context of a multi-
location group audit.
b. Such audits and audit procedures can be performed by the auditor reporting on the
consolidated financial statements or by the components’ auditor.

Group Audits 18.12

 c. Where the financial statements of one or more components continue to remain
unaudited, the auditor reporting on the consolidated financial statements should
consider unaudited components in evaluating a possible modification to his report on
the consolidated financial statements.
d. The evaluation is necessary because the auditor (or other auditors, as the case may be)
has not been able to obtain sufficient appropriate audit evidence in relation to such
consolidated amounts/balances.
e. In such cases, the auditor should evaluate both qualitative and quantitative factors on
the possible effect of such amounts remaining unaudited when reporting on the
consolidated financial statements using the guidance provided in SA 705, “Modifications
to the Opinion in the Independent Auditor’s Report”.

Group Audits 18.13

 19. INTERNAL AUDIT

[Link].1 DEFINE INTERNAL AUDIT. STATE THE PROVISIONS OF THE COMPANIES ACT, 2013
GOVERNING INTERNAL AUDIT.

ANSWER:

A. MEANING: As defined in Framework Governing Internal Audits, “Internal Audit provides

independent assurance on the effectiveness of internal controls and risk management processes
to enhance governance and achieve organisational objectives.”

B. APPLICABILITY OF PROVISIONS OF INTERNAL AUDIT: As per section 138 of the Companies Act,
2013, following class of companies (prescribed in rule 13 of Companies (Accounts) Rules,2014)
shall be required to appoint an internal auditor which may be either an individual or a
partnership firm or a body corporate, namely:
a. every listed company;
b. every unlisted public company having-
(i) paid up share capital of fifty crore rupees or more during the preceding financial year;
or
(ii) turnover of two hundred crore rupees or more during the preceding financial year;
or
(iii) outstanding loans or borrowings from banks or public financial institutions exceeding
one hundred crore rupees or more at any point of time during the preceding financial
year; or
(iv) outstanding deposits of twenty-five crore rupees or more at any point of time during
the preceding financial year; and
c. every private company having-
(i) turnover of two hundred crore rupees or more during the preceding financial year;
or
(ii) outstanding loans or borrowings from banks or public financial institutions exceeding
one hundred crore rupees or more at any point of time during the preceding financial
year.

Note: It is provided that when an existing company gets covered under any of the above
criteria shall comply with the requirements within six months of commencement of such
applicability.

C. WHO CAN BE APPOINTED AS AN INTERNAL AUDITOR?

1. As per section 138, the internal auditor shall either be a chartered accountant or a cost
accountant (whether engaged in the practice or not), or such other professional as may be
decided by the Board to conduct an internal audit of the functions and activities of the
company.
2. The internal auditor may or may not be an employee of the company.

Internal Audit 19.1

 3. To be effective, the internal auditor must be regarded as a part of the management and not
merely as an assistant thereto. Furthermore, he or she must have the authority to
investigate every organisational activity to meet the objectives and scope of the internal
audit.

D. WHO WILL DECIDE THE SCOPE OF THE INTERNAL AUDITOR?

The Audit Committee of the company or the Board shall, in consultation with the Internal
Auditor, formulate the scope, functioning, periodicity, and methodology for conducting the
internal audit.

E. CRITICAL ACTIVITIES OF INTERNAL AUDITOR:

1. As per Standard on Internal Audit (SIA) 210 Managing the Internal Audit Function, the
Internal Audit Function performs a number of activities to achieve its objectives as outlined
in its Charter (or Terms of Engagement). A few of the critical activities are as follows:
a. Define the overall plan, scope and methodology of the Internal Audit Function on a
periodic basis.
b. Oversee and monitor various audit assignments, their proper planning, execution,
reporting of findings and subsequent closure of reported observations.
c. Plan, acquire, engage and review the performance, training and development of
professional staff, talent and other resources to achieve its objectives.
d. Identify, source, engage and manage external experts and technical solutions, if
required.
e. Communicate and engage with all key stakeholders regarding progress and achievement
of objectives.
f. Develop and maintain a quality evaluation and improvement program.
2. With respect to the accounting function and financial records of the organisation, the
responsibilities of an Internal Auditor include:
a. To ascertain adequacy of system of internal control by a continuous examination of
accounting procedures, receipts and disbursements, and to provide adequate
safeguards against misappropriation of assets.
b. To operate independently of the accounting staff and must not in any way divest with
any of the responsibilities placed upon him.
c. Not to involve in the performance of executive functions in order that the objective
outlook does not get obscured by the creation of the vested interest.
d. To observe facts and situations and bring them to notice of authorities who would
otherwise never know them; also, critically appraise various policies of the management
and draw its attention to any deficiencies, wherever these require to be corrected.
e. To associate closely with management and keep knowledge up to date by being informed
about all important occurrences and events affecting the business, as well as the changes
that are made in business policies.
f. At all times, the internal auditor must enjoy an independent status.
3. Apart from providing assurance on internal controls over the operational activities of the
organization, the Internal Auditor may be sometimes assigned responsibility to provide

Internal Audit 19.2

 advisory inputs on governance activities such as risk management, framework of monitoring
statutory compliances, automation of activities, avenues of process re-engineering with
increase operational efficiency, code of ethics etc.

[Link].2 WHAT CONSIDERATIONS TO BE KEPT IN MIND WHILE DEVOLOPING INTERNAL AUDIT

PLAN?

ANSWER:

1. The internal auditor should, in consultation with those charged with governance, including the
audit committee, develop and document a plan for each internal audit engagement to help him
conduct the engagement in an efficient and timely manner.
2. Internal audit plan should be developed in such a manner that all the business processes
covering both financial as well as operational activities are reviewed by internal audit function
within a defined time cycle.
3. Also, ensuring that appropriate consideration is made and adequate balance is ensured to the
following:
a. Risk underlying the business process
b. Value that the internal audit can provide to the organization
c. Effort involved in conducting the internal audit for a particular business process
d. Risk Appetite of the organization
e. Coverage of all auditable areas within the defined time range.

[Link].3 WHAT ARE THE AREAS OF REVIEW FOR AN INTERNAL AUDITOR?

ANSWER:

The following are the areas of review of the internal auditor:

1. REVIEW OF INTERNAL CONTROL SYSTEM AND PROCEDURES:

a. The review of internal control system and procedures involves assessing the design and
operational efficiency and effectiveness of the internal control system to strengthen the
overall internal control environment of the entity. The objective to review is to minimise the
overall residual risk by suggesting the appropriate controls to reduce the inherent risk.
b. As far as possible, controls should be in-built in the operating functions for prevention or
timely detection of the fraud and errors and minimize the cost of control.
c. Internal Control System should be reviewed considering the limitations of internal controls,
i.e., cost-benefit comparison, human errors, collusion, and abuse by process owners.
d. It should also be seen whether the internal controls were in use throughout the period of
intended reliance. A break-down in internal controls for a specific portion of intended
reliance would need special attention.

2. REVIEW OF CUSTODIANSHIP AND SAFEGUARDING OF ASSETS:

a. This involves verifying the existence of the assets.

Internal Audit 19.3

 b. The internal auditor should review the segregation of duties is in place.
c. The internal auditor should review the control systems to ensure that all assets are
accounted for fully.
d. He should review the means used for safeguarding assets against losses e.g. fire, improper
or negligent activity, theft and illegal acts, etc.
e. He should review the control systems for intangible assets e.g. the procedures relating to
credit control. Where an enterprise uses electronic data processing equipment, the physical
and systems control on processing facilities as well as on data storage should be examined
and tested.

3. REVIEW OF COMPLIANCE WITH POLICIES, PLANS, PROCEDURES AND REGULATIONS:

a. It is essential that the various functional segments of an enterprise comply with the relevant
policies, plans, procedures, laws and regulations so that the operations are carried out in a
coordinated manner.
b. He should examine the system of periodical review of existing policies particularly when
there is a change in the method and nature of operations of the enterprise.
c. By combining the results of his review of the adequacy of the systems with the result of his
compliance tests, the internal auditor should be able to evaluate the effectiveness of the
former. He should point out specific weaknesses and suggest remedial action.

4. REVIEW OF RELEVANCE AND RELIABILITY OF INFORMATION:

a. The internal auditor should review the information systems to evaluate the reliability and
integrity of financial and operating information given to management and to external
agencies such as governmental bodies, investors, trade organisations, labour unions, etc.
b. He should examine the accuracy and reliability of financial and operational records.
c. The usefulness of the reports as well as of the records should be evaluated with reference
to their costs.
d. The internal auditor should examine whether the reporting is by exception i.e. the reports
highlight the significant and distinctive features.
e. In case of automated management information system, where relevant information used for
critical decision making is generated from the computer system, then adequacy of the
controls build in the system should be reviewed to ensure data integrity and reliability of
such information.

5. REVIEW OF THE ORGANISATION STRUCTURE:

The internal auditor should conduct an appraisal of the organisation structure to ascertain
whether it is in harmony with the objectives of the enterprise and whether the assignment of
responsibilities is in consonance therewith. For this purpose:
a. He should review the manner in which the activities of the enterprise are grouped for
managerial control. It is also important to review whether responsibility and authority are
in harmony with the grouping pattern.
b. The internal auditor should examine the organisation chart to find out whether the structure
is simple and economical and that no function enjoys an undue dominance over the others.

Internal Audit 19.4

 c. He should particularly see that the responsibilities of managerial staff at headquarters do
not overlap with those of chief executives at operating units. He should examine whether
there is a satisfactory balance between the authority and responsibility of important
executives.
d. The internal auditor should examine the reasonableness of the span of control of each
executive (the number of subordinates that an executive controls). He should examine
whether there is a unity of command i.e., whether each person reports only to one superior.
e. Where dual responsibilities cannot be avoided, the primary one should be specified and the
specific responsibility to each senior fixed. This must be made known to all concerned.
f. He should review adequate segregation of duties is considered while defining the
organization structure.
g. Finally, he should evaluate the process of managerial development in the enterprise.

6. REVIEW OF UTILISATION OF RESOURCES:

a. The internal auditor should check whether proper operating standards and norms have been
established for measuring the economical and efficient use of resources.
b. They should be detailed enough to be identifiable with specific operating responsibilities
and should be capable of being used by operating personnel for monitoring and evaluating
their performance.
c. The internal auditor should review the methods of establishing operating standards and
norms. He should carefully examine the assumptions made while setting the standards to
ensure that they are appropriate and necessary.
d. Where there is a wide divergence between actual performance and the corresponding
standards, reasons may be considered. As a part of evaluating resources utilisation,
identifying the facilities which are under-utilized is an important function of the internal
auditor.

7. REVIEW OF ACCOMPLISHMENT OF GOALS AND OBJECTIVES:

a. The internal auditor should review the overall objectives of the enterprise to evaluate
whether they are clearly stated and are attainable.
b. The internal auditor should examine whether, to the extent possible, objectives are
expressed in precise quantifiable terms (both monetary and non-monetary) to facilitate
detailed planning to be made for achieving them.
c. Budgeting forms an important part of such planning. This will ensure that plans anticipate
the problem areas.
d. There should also be sufficient flexibility in the plans to permit such improvements in their
implementation, as would benefit the enterprises as a whole.

[Link].4 WRITE ABOUT INTEGRITY, OBJECTIVITY AND INDEPENDENCE OF INTERNAL AUDITOR.

ANSWER:

Internal Audit 19.5

There is a set of core principles fundamental to the internal audit function and activities. These basic
principles of internal audit are critical to achieving the desired objectives as set out in the Definition
of Internal Audit. The Basic Principles of Internal Audit are a set of core principles fundamental to
the function and activity of internal audit.

1. Independence:
a. The Internal Auditor shall be free from any undue influences which force him to deviate from
the truth.
b. This independence shall be not only in mind but also in appearance.
c. Also, the internal auditor shall resist any undue pressure or interference in establishing the
scope of the assignments or the manner in which these are conducted and reported, in case
these deviate from set objectives.
d. The independence of the internal audit function as a whole, and the Internal Auditor within
the organisation, plays a large part in establishing the independence of the Internal Auditor.
e. The overall organisation structure of key personnel, the position and reporting of the Chief
Internal Auditor within this structure, along with the powers and authority which is derived
from superiors further establishes the independence of the Internal Auditor.

2. Integrity: The Internal Auditor shall be honest, truthful and be a person of high integrity. He
shall operate in a highly professional manner and seen to be fair in all his dealings. He shall avoid
all conflicts of interest and not seek to derive any undue personal benefit or advantage from his
position.
3. Objectivity: The Internal Auditor shall conduct his work in a highly objective manner, especially
in gathering and evaluation of facts and evidence. He shall not allow prejudice or bias to override
his objectivity, especially in arriving at conclusions or reporting his opinion.

[Link].5 STATE THE QUALITIES OF INTERNAL AUDITOR.

ANSWER:

1. Internal auditor is required to objectively review overall governance and operational functions
of the organization and, is required to internal with various stakeholders and other employees
of the organisation.
2. To perform his duties effectively, he is required to possess good knowledge of the subject matter,
underlying information system and good soft skills.
3. Some of the specialised knowledge and expertise that Internal Auditor should obtain are:
a. The internal auditor should have the special expertise necessary for evaluating management
control systems, especially financial and accounting controls.
b. Accounting and finance functions provide basic data for management control of an
enterprise. Therefore, the internal auditor must have accounting and financial expertise to
be able to discharge his duties.
c. The internal auditor is also expected to evaluate both financial and operational controls. This
requires a good knowledge of the operations of the organization, technology and
commercial practices of the enterprise.
Internal Audit 19.6
 d. He should also have a good knowledge of commerce, laws, taxation, cost accounting,
economics, quantitative methods and EDP systems.
e. An understanding of the accounting software, ERP system and other applications being used
by the organization along with the knowledge of the basic controls related to Information
Technology.
f. An understanding of management principles and techniques is another essential
qualification of an internal auditor as also the ability to deal with people.
g. By his conduct the internal auditor should provide an assurance to the management that
the confidentiality of such information would be maintained.

[Link].6 EXPLAIN IN DETAILS THE FIVE STEPS OF PERFORMING INTERNAL AUDIT ENGAGEMENT.

ANSWER:

A. STEP 1 – OBTAIN KNOWLEDGE OF THE BUSINESS AND ITS ENVIRONMENT:

1. Internal Auditor must conduct meetings with key stakeholders, Board of Directors and Key
management personals to obtain understanding of the organization’s business environment,
its operations, organization’s vision, mission and top management’s expectations from the
audit functions.
2. Internal auditor must obtain understanding of various business documents – Standard
Operating Procedures and Financial Statement Etc.
3. Internal auditor must also obtain understanding of the underlying Information Technology
landscape, various applications and ERP systems of the organization and Management
Information System of the organization.
4. Internal auditor must also obtain understanding of the regulatory landscape and various
laws and regulations that are applicable to the organization.
B. STEP 2 – PERFORM AUDIT PLANNING:
1. Internal Auditor must plan the audit engagement as per the Standard on Internal Audit (SIA)
310, Planning the Internal Audit Assignment.
2. Audit scope must be approved by Audit Committee and Board of Directors. Once approved,
Internal Auditor must share detailed Audit Plan with the key managerial personals and plan
in advance the detailed schedule of the Internal Audit to be conducted.
3. Internal Auditor must conduct the opening meeting with key stakeholders before start of
audit engagement and share details of Information and System Access required to perform
the audit.
4. Detailed work plan must be prepared by the audit managers and approved with Head of
Internal Audit / Chief Internal Auditor.
5. The work plan must be prepared after performing the evaluation of all major underlying risks
in the process being reviewed and the audit checks to be performed to assess the adequacy
of the control environment to mitigate such risks.
C. STEP 3 – GATHER REQUIRED INFORMATION:
1. Internal Auditor must obtain the required information and perform checks to ensure
correctness and integrity of information received.

Internal Audit 19.7

 2. To the extent possible, Internal Auditor must obtain the information directly from the
source.
3. Adequate planning should be done and advance intimation should be made for any interim
information needed for performing audit checks.
D. STEP 4 – PERFORM AUDIT CHECKS:
1. Internal Auditor should collate all data and perform analytical procedures to identify key
trends and outliers. Analytical procedures should be performed in accordance with the
Standard on Internal Audit (SIA) 6, Analytical Procedures.
2. To the extent possible, relevant analytical tools may be used to perform review of the
complete data for the audit period.
3. Wherever needed, Internal Auditor must select the sample in accordance with Standard on
Internal Audit (SIA) 5, Sampling.
4. Detailed audit testing must be performed as per the audit work plan. Internal Auditor must
ensure adequate evidences must be collected and stores in accordance to Standard on
Internal Audit (SIA) 320, Internal Audit Evidence Internal Auditor must prepare detailed
listed of the Identified audit issues and controls gaps.
5. Interim reports may be issued after proper review of the work performed as per the
Standard on Internal Audit (SIA) 350, Review and Supervision of Audit Assignments.
6. Adequate document of the internal audit work papers needs to be ensured as per Standard
on Internal Audit (SIA) 330, Internal Audit Documentation.
E. STEP 5 – REPORTING OF INTERNAL AUDIT ISSUES:
a. Internal Auditor must prepare a draft report of Internal Audit issues comprising of the
business process/ function reviewed as per scope, detailed audit coverage and exclusions, if
any, audit period covered during the audit, summary along with detailed issues over the
gaps noted along with implication of the business and recommendation to mitigate the
identified gaps.
b. Management Action Plan should be agreed along with responsibility of action and timelines
for actions.
c. Internal Auditor must also review the status of actions taken by the management against
the actions agreed during previous audits and report the status of such follow up in the audit
report.
d. Internal Auditor should thereafter circulate Final Report and presentation his findings to the
Audit Committee.
e. Internal auditor must adhere to Standard on Internal Audit (SIA) 360, Communication with
Management and Standard on Internal Audit (SIA) 370, Reporting Results while sharing the
result of internal audit with the stakeholders.

[Link].7 WRITE IN DETAIL THE REPORTING REQUIREMENTS OF INTERNAL AUDIT.

ANSWER:

A. The internal auditor should carefully review and assess the conclusions drawn from the audit
evidence obtained, as the basis for his findings contained in his report and suggest remedial

Internal Audit 19.8

 action. However, in case the internal auditor comes across any actual or suspected fraud or any
other misappropriation of assets, it would be more appropriate for him to bring the same
immediately to the attention of the management.

B. REPORTING REQUIREMENTS AS PER SIA 370:

1. Stages of internal audit reporting: As per Standard on Internal Audit (SIA) 370 Reporting
Results, reporting of internal audit results is generally undertaken in two stages:
a. At the end of a particular audit assignment, an “Internal Audit Report” covering a specific
area, function or part of the entity is prepared by the Internal Auditor highlighting key
observations arising from those assignments. This report is generally issued with details
of the manner in which the assignment was conducted and the key findings from the
audit procedures undertaken. This report is issued to the auditee, with copies shared
with local and executive management, as agreed during the planning phase.
b. On a periodic basis, at the close of a plan period, a comprehensive report of all the
internal audit activities covering the entity and the plan period is prepared by the Chief
Internal Auditor (or the Engagement Partner, in case of external service provider). Such
reporting is normally done on a quarterly basis and submitted to the highest governing
authority responsible for internal audits, generally the Audit Committee. Some part of
the aforementioned Internal Audit Reports may form part of the periodic (e.g. Quarterly)
report shared with the Audit Committee.

Note: This Standard on Internal Audit (SIA) deals with the internal auditor’s responsibility to
issue only the first type of reports, the Internal Audit Report pertaining to specific audit
assignments and not to the periodic (e.g. Quarterly) reporting for the whole entity as per
the Annual/Quarterly audit plan.

2. Key elements of Internal audit report: On the basis of the internal audit work completed,
the Internal Auditor shall issue a clear, well documented Internal Audit Report which
includes the following key elements:
a. An overview of the objectives, scope and approach of the audit assignments.
b. The fact that an internal audit has been conducted in accordance the Standards of
Internal Audit.
c. An executive summary of key observations covering all important aspects, and specific
to the scope of the assignment.
d. A summary of the corrective actions required (or agreed by management) for each
observation.
e. Nature of assurance, if any, which can be derived from the observations.

3. Content and form of Internal audit report:

a. The content and form of the Internal Audit Report are to be established by the Internal
Auditor based on his best professional judgement, in consultation with the auditee and,
if necessary, with inputs from other key stakeholders.
b. No internal audit report shall be issued in final form unless a written draft of the report
has previously been shared with the auditee.

Internal Audit 19.9

 c. The internal audit report shall be issued within a reasonable time frame from the
completion of the internal audit work.

4. Points to be kept in mind while preparing the internal audit report:

a. Basis of Internal Audit Report:
i. Each internal audit report is prepared on the basis of the audit procedures conducted
and the analysis of the audit evidence gathered.
ii. Conclusions reached shall be based on all the findings rather than on a few deviations
or issues noted.
iii. Controls operating effectively have their own importance and should be
acknowledged, while the risk and significance of observations noted have a role to
play in prioritising the matters to be reported.
b. Conducted in Accordance with SIAs:
Where the internal audit is conducted in compliance with the Standards of Internal
Audit, (within the Framework governing Internal Audits), and the internal auditor can
substantiate the same with supporting evidence and documentation, the internal audit
report shall include a statement confirming that “the internal audit was conducted in
accordance with the Standards of Internal Audit issued by the Institute of Chartered
Accountants of India”.

c. Content and Format of Internal Audit Report:

i. The manner in which the internal audit report is drafted and presented is a matter
of professional judgment and choice and could be influenced by the preferences of
the recipients.
ii. The SIA does not mandate any particular format or list of contents since the Internal
Auditor is expected to exercise his best professional judgement on matters regarding
how and what to report.
iii. Where some level of assurance is being provided, the form and content of the report
shall be as per SIA 380, “Issuing Assurance Reports”.
iv. A typical internal audit report should include the following:
• Audit Scope performed
• Audit period Covered
• Executive Summary
• Summary of the critical findings
• Detailed audit findings with elaboration on business impact and root cause of
such issues
• Rating of the highlighted issues (E.g High / Medium / Low) in accordance to the
rating criteria approved by Audit Committee
• Audit recommendation to improve control environment and address the
highlighted finding
• Response received from the responsible functional authority containing action
plan and target timelines for action.

Internal Audit 19.10

 d. Documentation: To confirm compliance of audit procedures with this SIA, the list of
documents required is as follows:
i. Copies of draft and final internal audit reports to be maintained, appropriately cross
referenced to specific observations.
ii. If appropriate, management action plans may be counter signed by respective
management personnel.

[Link].8 WRITE IN BREIF THE INTERNAL AUDITORS RESPONSIBILITY REGARDING MONITORING

AND REPORTING OF PRIOR AUDIT ISSUES AS PER SIA 390.

ANSWER:

1. As per SIA 390 Monitoring and Reporting of Prior Audit Issues, the Chief Internal Auditor is
responsible for continuously monitoring the closure of prior audit issues through timely
implementation of action plans included in past audits.
2. This shall be done with a formal monitoring process, elements of which are pre-agreed with
management and those charged with governance. The responsibility to implement the action
plans remains with the management.
3. In monitoring and reporting of prior audit issues, the responsibility of the Internal Auditor is
usually in the form of an “Action Taken Report (ATR) of previous audits”.
4. The term “Monitoring and Reporting” used in this Standard refers to the periodic tracking of
issues raised during prior audits and evaluation of the corrective actions undertaken by the
auditee to resolve them and to report any open and pending matters to the management and
those charged with governance (e.g., the Audit Committee).
5. The internal auditor should review whether follow-up action is taken by the management on
the basis of his report. If no action is taken within a reasonable time, he should draw the
management’s attention to it.
6. Where the management has not acted upon his suggestions or not implemented his
recommendations, the internal auditor should ascertain the reasons thereof.
7. Where the management has accepted his recommendations and initiated the necessary action,
the internal auditor should periodically review the manner and the extent of implementation of
the recommendations and report to the management highlighting the recommendations which
have not been implemented fully or partly.

[Link].9 EXPLAIN THE RELATIONSHIP BETWEEN INTERNAL AND EXTERNAL AUDITORS.

ANSWER:

1. Scope and objective:

a. The scope and objective of internal audit are dependent upon the size and structure of the
entity and the requirements of its management.
b. As stated earlier the internal auditor operates in various areas such as review of the
accounting system and internal control; examination of financial and operating information
for the benefit of management, the examination of the economy, efficiency and

Internal Audit 19.11

 effectiveness of operations including non - financial controls of various tangible assets of the
entity.
c. While operating in these areas, there is a lot of overlap between the work of internal
auditors and external auditors.
2. Similarity of work: The work done by the internal auditor has an important bearing on the work
performed by the statutory auditor as evaluation done by the internal auditor in respect of
internal controls, reliability of financial information, verification of assets, etc. is also required
to be done by the external auditor. The function of an internal auditor is an integral part of the
system of internal control.
3. Statutory requirement: It is a statutory requirement too as per section 138 of the Companies
Act, 2013 where the Audit Committee of the company or the Board shall, in consultation with
the Internal Auditor, formulate the scope, functioning, periodicity and methodology for
conducting the internal audit.
4. However, it is obligatory for a statutory auditor to examine the scope and effectiveness of the
work carried out by the internal auditor. For the purpose, he should examine the Internal Audit
Department of the organisation, the strength of the internal audit staff, their qualification and
their powers.
5. The extent of independence exhibited by the internal auditor in the discharge of his duties and
his status in the organisation are important factors for determining the effective ness of his
audit. But so far, the practice of audit being conducted jointly by the internal auditors is of great
assistance to statutory auditors.
6. The external auditor should, as part of his audit, evaluate the internal audit function to the
extent he considers that it will be relevant in determining the nature, timing and extent of his
compliance and substantive procedures. Depending upon such evaluation, the external auditor
may be able to adopt less extensive procedures than would otherwise be required.

[Link].10 WHAT ARE THE DIFFERENCES BETWEEN INTERNAL AUDIT AND EXTERNAL AUDIT?

ANSWER:

Basis for comparison Internal audit External audit

Performed by Internal audit is performed by an It is an audit function
independent internal auditing performed by the independent
function within the organisation body which is not a part of the
or by external body organization.
Examination The Internal auditor examines The External auditor examines
the adequacy of operational the Accuracy and Validity of
controls of the organisation. Financial Statements.
Appointment The Internal auditor is appointed The External auditor is
by the Audit Committee or Board appointed by the Members.
of Directors.
Users of Report Generally, internal audit report is The user of external audit
used by top Management and report is Stakeholders.
referred by statutory auditor.
Reporting Internal Audit Report provides The opinion is provided on the
weakness in internal controls truthfulness and fairness of

Internal Audit 19.12

 and effectiveness of the the financial statement of the
operational activities. company.
Status of Auditor The Internal auditor could be an The External auditor is
employee of the company mandatorily not an employee
of the company.

[Link].11 EXPLAIN INTERNAL AUDIT AS A MANAGEMENT FUNCTION?

ANSWER:

1. Management is a process by which the affairs of an enterprise are conducted in such a manner
that its goals and objectives are attained through optimum utilisation of all available resources,
within the legal, social, economic and environmental constraints.
2. At the most fundamental level, management functioning is a set of five general functions:
a. planning
b. organizing
c. staffing
d. directing and controlling.
3. While the first five functions of planning, organizing, staffing and leading are critical attributes
to create and grow stakeholder’s wealth whist controlling is the critical function that is key to
preserve stakeholder’s wealth.
4. As per the revised definition of the term ‘Internal Audit’ as per para 3 of the ICAI’s Framework
Governing Internal Audits, “Internal audit provides independent assurance on the effectiveness
of internal controls and risk management processes to enhance governance and achieve
organisational objectives”.
5. Accordingly Internal Auditor is expected to critically evaluate the management activities and
advise them on the areas of improving internal controls and manage business and operational
risks effectively by recommending appropriate mitigating controls.
6. Internal Audit is an important element of management controlling function, it helps
management to set up appropriate systems and processes in place to mitigate risk while
remaining independent to the operations.
7. Internal Auditor is expected to report on the identified gaps and areas of weak internal control,
further he is expected to identify the root cause of the problems and suggest appropriate
mitigating steps and strengthen the internal controls environment of the organization.
8. Accordingly, Internal Audit is seen as an important function that helps management to achieve
organization goals and perform its function in an orderly manner.

Internal Audit 19.13

 20. DUE DILIGENCE, INVESTIGATION & FORENSIC
ACCOUNTING

DUE DILIGENCE

[Link].1 EXPLIAN THE MEANING OF DUE DILIGENCE. ALSO STATE ITS IMPORTANCE.

ANSWER:

A. MEANING:
1. Due diligence is a process of investigation, performed by investors, into the details of a
potential investment such as an examination of operations and management and the
verification of material facts. It entails conducting inquiries for the purpose of timely,
sufficient and accurate disclosure of all material statements/information or documents,
which may influence the outcome of the transaction.
2. It involves a careful study of the financial as well as non-financial possibilities for successful
implementation of restructuring plans.
3. Due Diligence is used to investigate and evaluate a business opportunity, verify agreements,
encumbrances on the assets, assets – their title and ownership, intellectual Property, Health,
Safety and Environment Laws, etc.

B. CIRCUMSTANCES IN WHICH DUE DILIGENCE MAY BE REQUIRED:

1. Due diligence involves an analysis carried out before acquiring a controlling interest in a
company to determine that the conditions of the business conform with what has been
presented about the target business. Also, due diligence can apply to recommendation for
an investment or advancing a loan/credit.
2. Due Diligence may also be required to be performed in cases of corporate restructuring,
venture capital financing, lending, leveraged buyouts, public offerings, disinvestment,
corporatisation, etc.
3. Sometimes, in a restructuring exercise, while the unit may remain within a group, it may
pass from under the change of one management team to that of another team. This
situation also gives rise to the need for a due diligence review.
4. One such emerging area is around mandatory human rights and environmental due
diligence. The OECD Due Diligence Guidance for Responsible Business Conduct (RBC) set out
the expectation that how an enterprises can carry out risk-based due diligence. Under OECD
RBC due diligence standards, enterprises are expected to carry out risk-based due diligence
to identify, prevent, mitigate and account for how they address actual and potential adverse
impacts to people, society and the planet.

C. DIFFERENCE BETWEEN DUE DILIGENCE AND AUDIT:

1. It needs be underlined that due diligence is different from audit.
2. Audit is an independent examination and evaluation of the financial statements on an
organization with a view to express an opinion thereon.
Due Diligence, Investigation and Forensic Accounting 20.1
 3. Whereas due diligence refers to an examination of a potential investment to confirms all
material facts of the prospective business opportunity. It involves review of financial and
non-financial records as deemed relevant and material.
4. Simply put, due diligence aims to take the care that a reasonable person should take before
entering into an agreement or a transaction with another party.

D. IMPORTANCE OF DUE DILIGENCE:

1. The purpose of due diligence is to assist the purchaser or the investor in finding out all the
care that a reasonable person can, about the business he is acquiring or investing in prior to
completion of the transaction including its critical success factors as well as its strength and
weaknesses.
2. In addition, it may expose problems or potential problems that can be addressed in the price
negotiations or by dealing suitable clauses in the contractual documentation, in particular,
warranty and or indemnity provisions.
3. There are many reasons for carrying out due diligence including:
a. To confirm that the business is what it appears to be.
b. To identify potential ‘deal killer’ defects in the target company and avoid a bad business
transaction.
c. To gain information that will be useful for valuing assets, defining representations and
warranties, and/or negotiating price concessions.
d. To verify that the transaction complies with investment or acquisition criteria.

[Link].2 WRITE ABOUT CLASSIFICATION OF DUE-DILIGENCE INTO DISCIPLINE WISE EXERCISES.

ANSWER:

Due Diligence can be sub-classified into discipline-wise exercises in following manner:

1. Commercial/Operational Due Diligence: It is generally performed by the concerned acquire
enterprise involving an evaluation from commercial, strategic and operational perspectives. For
example, whether proposed merger would create operational synergies.
2. Financial Due Diligence: It involves analysis of the books of accounts and other information
pertaining to financial matters of the entity. It should be performed after completion of
commercial due diligence.
3. Tax Due Diligence: It is a separate due diligence exercise but since it is an integral component of
the financial status of a company, it is generally included in the financial due diligence. The
accountant has to look at the tax effect of the merger or acquisition.
4. Information Systems Due Diligence: It pertains to all computer systems and related matter of
the entity.
5. Legal Due Diligence: This may be required where legal aspects of functioning of the entity are
reviewed. The legal aspects of property owned by the entity or compliance with various
statutory requirements under various laws.
6. Environmental Due Diligence: It is carried out in order to study the entity’s environment, its
flexibility and adaptiveness to the acquirer entity.

Due Diligence, Investigation and Forensic Accounting 20.2

7. Personnel Due Diligence: It is carried out to ascertain that the entity’s personnel policies are in
line or can be changed to suit the requirements of the restructuring.

[Link].3 WHAT IS FINANCIAL DUE DILIGENCE?

ANSWER:

1. At times, the financial due diligence review is interpreted as complete due diligence review since
it is supposed to ascertain the financial implications of all the other due diligence reviews.
2. The term 'financial due diligence' should be used with caution. Unless the scope of financial due
diligence to be performed is wide enough to cover all the aspects, it should not be confused
with overall due diligence review.
3. It can be understood from the foregoing that the role of financial due diligence commences only
after a price has been agreed for the business or a restructuring plan is framed.
4. The initial price and other decisions are taken on the basis of net worth as well as trend of
profitability of the target company, with an assumption that all contingent liabilities that may
impact the future of the business have been recorded.
5. The principal objective of financial due diligence, therefore, is usually to look behind the veil of
initial information provided by the company and to assess the benefits and costs of the proposed
acquisition/merger by inquiring into all relevant aspects of the past, present and future of the
business to be acquired/merged with.
6. In order to achieve its objective, the due diligence process can include any or all of the following
objectives for individual areas of the verification:
a. Brief description of the history of business
b. The background and standing of promoters
c. Accounting policies and practices followed by the organization
d. Management information systems
e. Details of management structure
f. Trading results both past and the recent past
g. Assets and liabilities as per latest balance sheet
h. Current status of Income tax assessments including appeals pending against tax liabilities
assessed by tax authority.
i. Cash flow patterns
j. Brief description of commercial and/or other activities carried out by the organization
k. The projection of future profitability.

[Link].4 WHAT ARE THE MATTERS TO BE INCLUDED IN FINANCE DUE DILIGENCE?

ANSWER:

If a full-fledged financial due diligence is conducted, it would include the following matters, inter
alia, in its scope:

Due Diligence, Investigation and Forensic Accounting 20.3

A. BRIEF HISTORY OF THE TARGET COMPANY AND BACKGROUND OF ITS PROMOTERS:
1. The accountant should begin the financial due diligence review by looking into the history
of the company and the background of the promoters.
2. The details of how the company was set up and who were the original promoters has to be
gone into, before verification of financial data in detail.
3. An eye into the history of the target company may reveal its turning points, survival
strategies adopted by the target company from time to time, the market share enjoyed by
the target company and changes therein, product life cycle and adequacy of resources.
4. It could also help the accountant in determining whether, in the past, any regulatory
requirements have had an impact on the business of the target company.
5. Broadly, the accountant should make relevant enquiries about the history of target's
business products, markets, suppliers, expenses, operations. This could, inter alia, include
the following:
a. Nature of business(es)
b. Location of production facilities, warehouses, offices
c. Employment
d. Products or services and markets
e. History of the business with important suppliers of goods and services
f. Inventories
g. Franchises, licenses, patents.
h. Important expense categories.
i. Research and development.
j. Foreign currency assets, liabilities and transactions.
k. Legislation and regulation that significantly affect the entity.
l. Information systems.

B. ACCOUNTING POLICIES:
1. The accountant should study the accounting policies being followed by the target company
and ascertain whether any accounting policy is inappropriate.
2. The accountant should also see the effects of the recent changes in the accounting policies.
The target company might have changed its accounting policies in the recent past keeping
in view its intention of offering itself for sale. The overall scope has to be based on the
accounting policies adopted by the management.
3. The accountant has to look at any material effect of accounting policies on the overall
profitability and their correctness.
4. The accountant's report should include a summary of significant accounting policies used by
the target company, that changes that have been made to the accounting policies in the
recent past, the areas in which accounting policies followed by the target company are
different from those adopted by the acquiring enterprise, the effect of such differences.

C. REVIEW OF FINANCIAL STATEMENTS:

1. Before commencing the review of each of the aspect covered by the financial statements,
the accountant should examine whether the financial statements of the target company

Due Diligence, Investigation and Forensic Accounting 20.4

 have been prepared in accordance with the Statute governing the target company,
Framework for Preparation and Presentation of the Financial Statements and the relevant
Accounting Standards.
2. If not, the accountant should record the deviations from the above and consider whether it
warrant an inclusion in the final report on due diligence.
3. After having an overall view of the financial statements, as mentioned in the above
paragraphs, the accountant should review the operating results of the target company in
great detail. It is important to make an evaluation of the profit reported by the target
company.
4. The reason being that the price of the target company would be largely based upon its
operating results. The accountant should consider the presence of an extraordinary item of
income or expense that might have affected the operating results of the target company.
5. It is advisable to compare the actual figures with the budgeted figures for the period under
review and those of the previous accounting period. This comparison could lead the
accountant to the reasons behind the variations.
6. It is important that the trading results for the past four to five years are compared and the
trend of normal operating profit arrived at. The normal operating profits should further be
benchmarked against other similar companies.
7. Besides the above, and based on the trend of operating results, the accountant has to advise
the acquiring enterprise, through due diligence report, on the indicative valuation of the
business.
8. In the case of many enterprises, the valuation is mainly based on the value of net worth only.
For valuation of immovable properties and plant, if required, the assistance of expert valuers
could also to be taken.
9. The net worth of the business has to be arrived at by taking into account the impact of
over/under valuation of assets and liabilities. The accountant should pay particular attention
to the valuation of intangible assets.
10. The objective of the Due Diligence exercise will be to look specifically for any hidden
liabilities or over-valued assets.
11. Examples of Hidden Liabilities:
a. The company may not show any show cause notices which have not matured into
demands, as contingent liabilities. These may be material and important.
b. The company may have given “Letters of Comfort” to banks and Financial Institutions.
Since these are not “guarantees”, these may not be disclosed in the Balance sheet of the
target company.
c. The Company may have sold some subsidiaries/businesses and may have agreed to take
over and indemnify all liabilities and contingent liabilities of the same prior to the date
of transfer. These may not be reflected in the books of accounts of the company.
d. Product and other liability claims; warranty liabilities; product returns/discounts;
liquidated damages for late deliveries etc. and all litigation.
e. Tax liabilities under direct and indirect taxes.
f. Long pending sales tax assessments.

Due Diligence, Investigation and Forensic Accounting 20.5

 g. Pending final assessments of customs duty where provisional assessment only has been
completed.
h. Agreement to buy back shares sold at a stated price.
i. Future lease liabilities.
j. Environmental problems/claims/third party claims.
k. Unfunded gratuity/superannuation/leave salary liabilities; incorrect gratuity valuations.
l. Huge labour claims under negotiation when the labour wage agreement has already
expired.
m. Unresolved labour litigations.
12. Examples of Overvalued assets:
a. Uncollected/uncollectable receivables. Obsolete, slow non-moving inventories or
inventories valued above NRV; huge inventories of packing materials etc. with name of
company.
b. Underused or obsolete Plant and Machinery and their spares; asset values which have
been impaired due to sudden fall in market value etc.
c. Assets carried at much more than current market value due to capitalization of
expenditure/foreign exchange fluctuation, or capitalization of expenditure mainly in the
nature of revenue.
d. Litigated assets and property.
e. Investments carried at cost though realizable value is much lower.
f. Investments carrying a very low rate of income / return.
g. Infructuous project expenditure/deferred revenue expenditure etc.
h. Group Company balances under reconciliation etc.
i. Intangible assets of no value.

D. TAXATION:
1. Tax due diligence is a separate due diligence exercise but since it is an integral component
of the financial status of a company, it is generally included in the financial due diligence.
2. It is important to check if the company is regular in paying various taxes to the Government.
3. The accountant has to also look at the tax effects of the merger or acquisition.

E. CASH FLOW:
1. A review of historical cash flows and their pattern would reflect the cash generating abilities
of the target company and should highlight the major trends.
2. It is important to know if the company is able to meet its cash requirements through internal
accruals or does it have to seek external help from time to time.
3. It is necessary to check that:
a. Is the company able to honor its commitments to its trade payables, to the banks, to
government and other stakeholders?
b. How well is the company able to turn its trade receivables and inventories?
c. How well does it deploy its funds?
d. Are there any funds lying idle or is the company able to reap maximum benefits out of
the available funds?

Due Diligence, Investigation and Forensic Accounting 20.6

 e. What is the investment pattern of the company and are they easily realisable?

F. FINANCIAL PROJECTIONS: The accountant should obtain from the target company the
projections for the next five years with detailed assumptions and workings. He should ask the
target company to give projections on optimistic, pessimistic and most likely bases.

G. MANAGEMENT AND EMPLOYEES:

1. In most of the companies which are available for take over the problem of excess work force
is often witnessed. It is important to work out how much of the labour force has to be
retained.
2. It is also important to judge the job profile of the administrative and managerial staff to
gauge which of these matches the requirements of the new incumbents.
3. Due to complex set of labour laws applicable to them, companies often have to face
protracted litigation from its workforce, and it is important to gauge the likely impact of such
litigation.
4. It is important to see if all employee benefits like Provident Fund (P.F.), Employees State
Insurance (E.S.I.), Gratuity, leave and Superannuation have been properly paid/ provided
for/funded. In case of un-funded Gratuity, an actuarial valuation of the liability has to be
obtained from a reputed actuary.
5. The assumptions regarding increase in salaries, interest rate, retirement etc. have to be gone
into to see if they are reasonable. It is also necessary to see if the basic salary /wage
considered for the valuation is correct and includes all elements subject to payment of
Gratuity.
6. In the case of PF, ESI etc. the accountant has to see if all eligible employees have been
covered.
7. It is very important to consider the pay packages of the key employees as this can be a crucial
factor in future costs.
8. One has to carefully look at Employees Stock Option Plans; deferred compensation plans;
Economic Value Addition and other performance linked pay; sales incentives that have been
promised etc.
9. It is also important to identify the key employees who will not continue after the acquisition
either because they are not willing to continue or because they are to be transferred to
another company within the 'group' of the target company.

H. STATUTORY COMPLIANCE:
1. During a due diligence this is one aspect that has to be investigated in detail. It is important
therefore, to make a list of laws/ statues that are applicable to the entity as well as to make
a checklist of compliance required from the company under those laws.
2. If the company has not been regular in its legal compliance it could lead to punitive charges
under the law. These may have to be quantified and factored into the financial results of the
company.

Due Diligence, Investigation and Forensic Accounting 20.7

[Link].5 WHAT IS THE WORK APPROACH TO DUE DILIGENCE?

ANSWER:

1. The purchase of business in many instances is the largest and most expensive assets purchase
in life time and therefore some caution should be exercised through the due diligence process.
2. Therefore, assessing the businesses fair value passes through:
a. Reviewing and reporting on the financials submitted by the target company.
b. Assessing the business first hand by a site visit (if applicable).
c. Working through the due diligence process with the acquisitioning company or investor by
defining the key areas.
d. Helping prepare an offer based on completion of due diligence.
3. Discovering the correct strategy is always challenging, and even more so during challenging
economic circumstances. Each situation is unique.
4. The variables are numerous, including factors such as company age, markets, geography, price
levels, competitive dynamics, to name but a few.
5. However, comprehensive model that describes this approach to the work is illustrated in the
figure below:
a. Define
b. Design
c. Diagnose
d. Discover
e. Delivery
f. Defend

[Link].6 HOW TO CONDUCT DUE DILIGENCE?

ANSWER:

1. Start with an open mind. Do not assume that anything wrong will be found and look for it. What
needs to be done is to identify trouble spots and ask for explanations.
2. Get the best team of people. If you do not have a group of people inside your firm that can do
the task (e.g. lack of staff, lack of people who know the new business because you are acquiring
a business in an unrelated area, etc.), there are due diligence experts that you can hire. When
hiring such professionals, look for their experience record in the industry.
3. Get help in all areas like finance, tax accounting, legal, marketing, technology, and any others
relevant to the assignment so that you get a 360-degree view of the acquisition candidate.
4. Talk to customers, suppliers, business partners, and employees are great resources.
5. Take a risk management approach. So, while you want to do your research, you also want to
make sure that you do not antagonise the team of people of the target company by bogging
them down with loads of questions.
6. Prepare a comprehensive report detailing the compliances and substantive risks/issues.

Due Diligence, Investigation and Forensic Accounting 20.8

[Link].7 STATE THE CONTENTS OF DUE DILIGENCE REPORT?

ANSWER:

The contents of a due diligence report will always vary with individual circumstances. Following
headings are illustrative: Example of Headings of a Due Diligence Report
• Executive Summary
• Introduction
• Background of Target company
• Objective of due diligence
• Terms of reference and scope of verification
• Brief history of the company
• Share holding pattern
• Observations on the review
• Assessment of management structure
• Assessment of financial liabilities
• Assessment of valuation of assets
• Comments on properties, terms of leases, lien and encumbrances.
• Assessment of operating results
• Assessment of taxation and statutory liabilities
• Assessment of possible liabilities on account of litigation and legal proceedings against the
company
• Assessment of net worth
• Interlocking investments and financial obligations with group / associates companies, amounts
receivables subject to litigation, any other likely liability which is not provided for in the books
of account
• SWOT Analysis
• Comments on future projections
• Status of charges, liens, mortgages, assets and properties of the company
• Suggestion on ways and means including affidavits, indemnities, to be executed to cover
unforeseen and undetected contingent liabilities
• Suggestions on various aspects to be taken care of before and after the proposed
merger/acquisition.

INVESTIGATION

[Link].8 DEFINE THE TERM INVESTIGATION. ALSO STATE THE DIFFERENCES BETWEEN AUDIT AND
INVESTIGATION.

ANSWER:

A. MEANING:

Due Diligence, Investigation and Forensic Accounting 20.9

 1. The term investigation implies a systematic and in-depth examination or inquiry to establish
a fact or to evaluate a specific situation. In other words, investigation means inquiry into
facts.
2. Professional accountants are often required to investigate the accounts or the related
matters and records of the enterprise.
3. The term investigation may be defined as an examination of books and records preliminary
to financing or for any other specified purpose, sometimes differing in scope from the
ordinary audit.
4. Thus, investigation covers areas of financing decisions, investment decisions, fraud or
profitability determination or cost determination etc.

B. AUDIT VERSUS INVESTIGATION:

Basis of Difference Investigation Audit
Objective An investigation aims at The main objective of an audit
establishing a fact or a is to verify whether the
happening or at assessing a financial statements display a
particular situation. true and fair view of the state
of affairs and the working
results of an entity.
Scope The scope of investigation may The scope of audit is wide and
be governed by statute or it in case of statutory audit the
may be non- statutory. scope of work is determined by
the provisions of relevant law.
Periodicity The work is not limited by rigid The audit is carried on either
time frame. It may cover quarterly, half-yearly or yearly.
several years, as the outcome
of the same is not certain.
Nature Requires a detailed study and Involves tests checking or
examination of facts and sample technique to draw
figures. Investigation is evidences for forming a
voluntary in nature. judgement and expression of
opinion. It is mandatory for
companies.
Inherent Limitations No inherent limitation owing to Audit suffers from inherent
its nature of engagement. limitation.
Evidence It seeks conclusive evidence. Audit is mainly concerned with
prima- facie evidence.
Observance of It is analytical in nature and Is governed by compliance
Accounting requires a thorough mind, with generally accepted
Principles capable of observing, collecting accounting principles, audit
and evaluating facts. procedures and disclosure
requirements.

Due Diligence, Investigation and Forensic Accounting 20.10

 Appointing Agency Even third party can appoint Auditor is appointed by
Investigator owner/ shareholders of
company/ enterprise
Reporting The outcome is reported to the The outcome is reported to the
person(s) on whose behalf owners of the business entity.
investigation is carried out.

The approach to an investigation is different from that followed in an audit. An investigation

involves a more detailed examination of the selected areas than what is required in an audit. An
investigation seeks substantive and, in some case, even conclusive evidence as compared to
audit which mainly relies on persuasive evidence. Sometimes investigation results from the
prima facie findings of the auditor.

[Link].9 WHAT ARE THE STEPS INVOLVED IN INVESTIGATION?

ANSWER:

As investigation involves a variety of situations, it is not possible to lay down any standardised
procedure. However, usually, an investigation requires the following steps in order of sequence:

1. STEP 1- DETERMINATION OF OBJECTIVES AND ESTABLISHMENT OF SCOPE OF INVESTIGATION:

a. At the stage of acceptance of the assignment, the investigator should be absolutely clear
about what is sought to be achieved by the investigation.
b. If instructions from the client leave matters vague and non-specific, it would be proper for
the investigator to have the matters discussed and obtain clearly written instructions
covering the object, the scope and purpose of investigations and the issues incidental
thereto.
c. The period to be covered under investigation should be clearly specified.
d. The results of investigation are often seriously affected owing to change in circumstances
which have occurred since it was contemplated, e.g., devaluation, import restrictions,
starting of a new division, etc.
e. Therefore, the purpose of the investigation should be borne in mind while determining the
period which an investigation should cover.

2. STEP 2 - FORMULATION OF THE INVESTIGATION PROGRAMME:

a. It is not possible to draw up one programme to serve different types of investigations which
a professional accountant is called upon to carry out, for their scope and content have to be
determined on a consideration of circumstances peculiar to each business or situation.
b. The investigation programme should be drawn up having regard to:
i. The nature of the business
ii. The structure of business organization
iii. The instructions from the client embodying the objectives and scope of work
iv. The consequent scope and depth of investigation
v. The necessity to extend the investigation into books and records belonging to others.
Due Diligence, Investigation and Forensic Accounting 20.11
 vi. The investigator should concentrate on areas considered relevant rather than to
undertake a wide-ranging verification.
c. The programme should also be flexible so that knowledge gained with the progress of work
can be used to extend, reduce or modify the extent and areas of checking.
d. A conscious effort in investigation programming should be devoted to localise the enquiry
into the relevant areas and, for that purpose, the initial wider base of inquiry should be
gradually narrowed and fixed at a level that is meaningful.
e. Matters not found to have a bearing on the subject matter of investigation should be
gradually and progressively eliminated. This procedure alone will enable an in-depth
examination of the matters relevant to the investigation.

3. STEP 3 - COLLECTION OF EVIDENCE:

a. Through examination, the investigator would be gathering relevant evidence connected with
the matters to be investigated.
b. In the course of examination of the documents and records, the investigator may require to
obtain oral explanations from various personnel of the concerned business.
c. In case his client is a person external to the business, it may be necessary for the investigator
to get the matter formally agreed to by the business through the client.
d. The investigator should look for the most convincing evidence; he should seek and examine
all the available evidence and by a process of elimination and corroboration, should
endeavour to reach at the truth of the matter.
e. He, unlike the auditor, is not to restrict himself to prima facie evidence ordinarily available.
He should examine it and if circumstances demand should try to obtain evidence that may
have to be specifically procured.
f. The investigating accountant can take help of external experts/ persons like, related parties
outside the organization, valuation experts etc. to obtain specific evidence.
g. Further, the work of investigating accountant should ensure that the process of obtaining
evidence does not interfere with the regular work of client.

4. STEP 4 - ANALYSIS AND INTERPRETATION OF FINDINGS:

a. Careful analysis and correlation of facts and figures will be necessary before the investigator
can reach his conclusion.
b. The conclusion should be well reasoned, backed by established facts and evidenced by
proper records/ data. He must analyse the data objectively on the basis of evidence gathered
by him and should not draw conclusions according to pre-conceived notions.
c. While interpreting the figures, the investigator must keep in mind various factors e.g. the
political and economic considerations, competition faced by the business, historical pattern
of the data, nature of the business, etc. The interpretation should be brief, clear and free
from doubts.

5. STEP 5 - REPORTING OF FINDINGS:

a. Like all other work of an accountant, an investigation results in a report. It is submitted and
addressed to the party at whose instance the investigation has been carried out.

Due Diligence, Investigation and Forensic Accounting 20.12

 b. The nature of the report is governed mainly by two factors –
i. The instructions given by the client as regards the special aspects of the business which
are required to be investigated.
ii. The findings of the investigating accountant/ investigator.
c. The important issues to be kept in mind by the investigator while preparing his report are as
follows:
i. The report should not contain anything which is not relevant either to highlight the
nature of the investigation or the final outcome thereof.
ii. Every word or expression used should be properly considered so that the possibility of
arriving at a different meaning or interpretation other than the one intended by the
investigator can be minimized.
iii. Relevant facts and conclusions should be properly linked with evidence.
iv. Bases and assumptions made should be explicitly stated. Reasonableness of the bases
and assumptions made should be well examined and care should be taken to see that
none of the bases and assumptions can be considered to be in conflict with the objective
of the investigation.
For example, in an investigation into over-stocking of raw materials, inventories and
spares etc. it should not be assumed that the ordering levels indicated on bin cards
provide fair guidance about acquisition of further materials. Also, since investigation is a
fact-finding assignment, assumptions should be made only when it is unavoidably
necessary.
v. The report should clearly spell out the nature and objective of the assignment accepted
its scope and limitations, if any.
vi. The report should be made in paragraph form with headings for the paragraphs. Any
detailed data and figures supporting any finding may be given in Annexures.
vii. The report should also state restrictions or limitations, if any, imposed on the instructions
given by the client. Preferably the reasons for placing such restrictions and their impact
on the final result should also be stated.
viii. The opinion of the investigator should appear in the final paragraph of the report.

Note:
Due to non-availability of standardised procedure and lack of professional guidance,
investigation calls for extreme care, caution and circumspection on the part of the investigator
in exercising his judgement and discretion. Investigation often has a characteristic of very
intimate and direct involvement of parties whose interest may be affected. Therefore, unlike
auditing, chances of one or the other of the parties challenging the finding of the investigation
are far greater.

[Link].10 STATE THE SPECIAL ISSUES THAT ARISE IN INVESTIGATION?

Due Diligence, Investigation and Forensic Accounting 20.13

ANSWER:

Investigation may cover the whole of accounting or may relate to only a part or parts of accounting
as may be specified. Some more issues often arise in investigation. They are stated below:

A. WHETHER AN INVESTIGATOR IS REQUIRED TO UNDERTAKE A CENT PER CENT VERIFICATION

APPROACH OR WHETHER HE CAN ADOPT SELECTIVE VERIFICATION:
1. The answer to this question depends on the exact circumstances of the case under
investigation.
2. If the investigator has to establish the amount of cash defalcated by the cashier, he has
probably no option but to carefully examine all the cash vouchers and related records.
3. On the other hand, if he is to arrive at the profitability of a concern, he may verify constituent
transactions on a selective basis taking extreme care to see that no material transaction that
affects profit has remained concealed from his eyes.
4. In investigation, it is always safer to go by statistically recognised sampling methods than to
depend on the so-called “test checks” where circumstances permit selective verification.

B. WHETHER THE INVESTIGATOR CAN PUT RELIANCE ON THE ALREADY AUDITED STATEMENT OF
ACCOUNT:
1. Here also no dogmatic views are possible. If the investigation has been launched because of
some doubt in the audited statement of account, no question of reliance on the audited
statement of account arises.
2. However, if the investigator has been requested to establish value of a business or a share
or the amount of goodwill payable by an incoming partner, ordinarily the investigator would
be entitled to put reliance on audited materials made available to him unless, in the course
of his test verification, he finds the audit to have been carried on very casually or unless his
terms of appointment clearly require to test everything afresh.
3. If the statements of account produced before the investigator were not audited by a
qualified accountant, then of course there arises a natural duty to get the figures in the
accounts properly checked and verified.
4. However, when the accounts produced to the investigator have been specially prepared by
a professional accountant, who knows or ought to have known that these were prepared for
purposes of the investigation, he could accept them as correct relying on the principle of
liability to third parties settled in the famous Hedley Byrne’s case.
5. Nevertheless, it would be prudent to see first that such accounts were prepared with
objectivity and that no bias has crept in to give advantage to the person on whose behalf
these were prepared.

Note:
a. It was held in the case of Short & Compton v. Brackert (1904) that an accountant, when
making an investigation for an incoming partner, was entitled to assume that the figures
appearing in the books were correct.

Due Diligence, Investigation and Forensic Accounting 20.14

 b. In another case, Mead v. Ball Baker & Co. (1911), it was held that an accountant, when acting
as an adviser to a proposed investor in a limited company, was not expected to check errors
in stock sheets and the omission of liabilities.

C. WHETHER AN INVESTIGATOR NECESSARILY REQUIRES ASSISTANCE OF EXPERT:

1. Often an investigator may feel the necessity of obtaining views and opinions of experts in
various fields to properly conduct the investigation.
2. It would be therefore, proper for the investigator to get the written general consent of his
client, to refer special matters for views of different experts at the beginning of investigation
and he should settle the question of costs for obtaining the views and other related
implications.

D. INVESTIGATION OUT OF DISPUTES AND CONFLICTING CLAIMS:

1. Cases for investigation sometimes arise out of disputes and conflicting claims.
2. It is needless to emphasise that the investigator should remain above disputes or conflicting
claims and be alert to the possibilities of the information or documents made available to
him to be prejudiced.
3. Even the client, overtly or covertly, may try to influence his reports. A seller of a business or
controlling shares may request him to see that he gets the most favourable price.
4. Similarly, if he is appointed by the buyer, he may be requested to deliberately depress the
value.
5. The investigator should keep him scrupulously professional and should keep the interest of
all the involved parties in view.
6. This is a challenging task and probably no other professional work offers this much of
challenge. This work is exciting too and requires not only the best of skill but of a high degree
of maturity and experience.

E. BASIS OF OPINION OF AN INVESTOR:

1. The investigator should refrain from issuing speculative opinion.
2. He should confine his opinion to the established facts and nothing more.
3. If the facts, as conveyed through the books, records, papers and other evidence, are not
capable of being properly established, he should not express an opinion or, if at all he
expresses any opinion, he should qualify the opinion by clearly stating the reasons therefor.
4. This problem may particularly arise in cases where incomplete books and records are
produced for investigation.

F. WHETHER AN INVESTIGATOR CAN MAKE FUTURISTIC STATEMENTS: –

1. Even if the appointing authority is willing to obtain a futuristic statement, the investigator
should refuse to be futuristic.
2. He may assume that the established trend in the business will continue in the near future,
in the absence of any contrary evidence, in arriving at the present value of a business.
3. He, however, should not project the trend into any future years to establish a value.

Due Diligence, Investigation and Forensic Accounting 20.15

G. WHETHER TO RETAIN WORKING PAPERS OR NOT:
1. Another important precaution is that the investigating accountant should retain in his files
full notes of the work carried out, copies of schedules and all working papers, annexures,
facts, figures, record of conversations and the like.
2. Also, the working papers should link up the figures as shown by the books of business with
the final figures produced by the investigating accountant.
3. Wherever required the investigator should take representation letter from the appointing
authority.
4. In the absence thereof, he would not be able to explain the figures when he is called upon
to give evidence in a court of law to support his figures, for quite often the conclusions of
the accountant are challenged by parties whose interest is adversely affected by his findings,
for example, when the value of shares of a company taken over by the Government has been
determined by him.
5. This will also be of immense help to the investigator in correlating facts and events and later
in drafting the report.

[Link].11 STATE THE SPECIAL ASPECTS IN CONNECTION WITH BUSINESS INVESTIGATIONS.

ANSWER:

We discuss below the factors to be considered by a professional accountant while carrying out the
investigation for attaining satisfactory results:

A. STUDYING THE OVERALL PICTURE:

1. In such a business investigation, it is of utmost importance first to have an overall picture of
the position of the business which is being investigated before the details are gone into.
2. This is because figures are only symbols; and it is impossible to interpret them intelligently
without knowledge of the background in which they have emerged.
3. At times, political or economic factors also may affect the fortunes of a business; for
example, labour disturbances, changes in government policies in the matter of levy of excise
and custom duties, imports, etc. It is, therefore necessary that the impact of all these factors
should be studied and their effect on the business judged on a consideration of the profits
in the past.
4. For studying the economic and financial position of the business, the following should be
considered:
a. The adequacy or otherwise of fixed and working capital. Are these sufficient for the
growth of the business?
b. What will be the trend of the sales and profits in the future? Establishing the trend of
sales, product-wise and area-wise will ordinarily help in drawing a conclusion on whether
the trend will be maintained in the future.
c. Whether the profit which the business could be expected to maintain in the future would
yield an adequate return on the capital employed?
d. Whether the business is operating at its 100 percent capacity or improvements can be
made to reach at full productivity?
Due Diligence, Investigation and Forensic Accounting 20.16
B. STATEMENT OF PROFIT AND LOSS:
1. To study the Statement of Profit and Loss of a concern, it is necessary to consider each item,
included therein, in relation to the corresponding items in the Statement of Profit and Loss
of the previous years.
2. It is therefore, necessary that a summary, in a columnar form, should be prepared of the
balances included in the Statement of Profit and Loss of the business for a period, say of 5
to 7 years.
3. In the preparation of the summary attention should also be paid to the following matters:

a. Turnover:
i. The figures of sales should be broken down between the various products sold to
show variations in turnover of individual products from year to year. In this way, it
would be possible to find out the products the sales of which have been increasing
and those the sales of which have been falling.
ii. By reference to the list of customers, in the Order Books, it should be ascertained
whether the business has a very large turnover with a few customers or a small
turnover with several customers.
iii. The Order Books should also be examined to find out if fictitious sales have been
entered in any year to boost up profits. If so, the figures of sales of the year or years
should be adjusted.
iv. If the business consists of activities which are dissimilar in operation, like
manufacturing and agency, then apart from splitting the income between the two
sources, expenses should also be apportioned between them to separately arrive at
the figures of profit from each of the activities.
b. Wage structure:
i. The method of computing wages and the rates of wages should be examined.
ii. On occasions a business may have to pay higher wages than those prevailing in other
business in the same neighborhood in pursuance of an industrial award.
iii. Another factor which is important to consider in this connection is the relationship
of the business with its workers/ labour unions. A business which has suffered
several industrial disputes, strikes, etc. and has had its working interrupted by them
frequently cannot be expected to prosper unless a proper settlement is reached with
workers’ unions.
c. Depreciation and Maintenance:
i. The charge on account of depreciation and maintenance of machinery and other
assets included in the accounts of different years should be compared to verify that
depreciation has been provided from year to year on a consistent basis and that it is
adequate.
ii. Also, the necessary adjustment in the depreciation charge should be made if it is the
practice of the company to write off the assets on a renewal basis.
iii. Further, if assets have been revalued, it should be confirmed that depreciation on
the increased valuation has been adjusted.

Due Diligence, Investigation and Forensic Accounting 20.17

 iv. Generally, with age, the cost of maintenance of assets should increase. If it has not,
the reason thereof should be ascertained.
v. In case of leasehold property, it should be ascertained whether an adequate
provision has been made for the dilapidation charge which may be payable at the
end of the lease.
vi. Further, compliance of relevant AS should also be verified.
d. Managerial Remuneration:
i. It should be verified that the remuneration payable to various members of
managerial personnel is not excessive in relation to the profits of the business after
taking into account the time devoted by each of them.
ii. However, it could also be that no or only a nominal remuneration has been charged
in the accounts.
iii. In either case, an adjustment should be made to arrive at true profitability of the
concern.
iv. Further, in case of company, requirement of relevant section of Companies Act, 2013
is to be seen. It has to be assured that calculation of profit for arriving at the
remuneration is correct.
e. Exceptional and non-recurring items:
i. It is customary to adjust exceptional items in the summary of Statement of Profit and
Loss in order that they may not obscure the trend of the profits.
ii. In the matter of non-recurring items, it is necessary to remember that adjustments
are to be made in respect of exceptional items which do not recur from year to year
or can be considered exceptional having regard to their materiality or periodicity.
iii. In this connection, it is worthwhile to examine the income tax assessment orders of
the business to find out the items which have been treated as revenue but have been
considered inadmissible by the taxing authority.
iv. Where the effect of these has been abnormal on the tax paid by the company from
year to year, suitable adjustments should be made in the figures of taxes paid, as well
as in the assets amounts.
v. Likewise, adjustments should be made in respect of exceptional profits and losses
like, profit or loss on sale of obsolete asset.
f. Repairs and maintenance:
i. It is one of the recurring expenses of a business.
ii. Occasionally it is noticed that this expenditure is unduly heavy in some of the years,
while quite low in some others.
iii. Generally, companies, as a matter of routine undertake major repairs, overhauls and
maintenance programme at an interval of 3 or 4 years while running repairs and
maintenance continue in the usual manner which gives rise to fluctuating charges in
the accounts unless periodic major expenses are treated as deferred expenditure.
iv. Besides, due to wrong allocation of expenses between capital and revenue, repair
charges may appear to be heavy or low.

Due Diligence, Investigation and Forensic Accounting 20.18

 v. If fluctuating and abnormal charges for repairs is noticed, it would be the duty of the
investigating accountant to scrutinise this head thoroughly to establish correct and
normal charge for repairs.
g. Unusual year:
i. A company’s record of profitability may show a trend of increasing or decreasing
profit or loss or it may be highly erratic and fluctuating.
ii. Where a definite trend is discernible, the job of the investigating accountant is
somewhat simplified.
iii. He can adopt recent years record of profitability as the basis for estimating future
maintainable profit having regard to the inflationary state in the economy.
iv. But if the same is fluctuating, there would be more demand on judgement of the
accountant in selecting the period to be covered for estimation of profitability.
v. In such cases it may even be necessary to take into consideration results of past 9 to
10 years with a view to iron out the fluctuation. If, however, it is noticed that results
of one or more years under scrutiny were materially vitiated by exceptional factors
like a long-term industrial dispute, natural calamities, pandemic, fire, war, ravage
etc., the investigating accountant should eliminate such year / years from
consideration altogether since they do not reflect the results obtained through
normal business.

C. BALANCE SHEET
1. Fixed assets:
a. Fixed assets, usually, are shown in accounts at cost less depreciation but the accounts
do not show the ages of different assets.
b. It is desirable, therefore, to obtain age analysis of various items of fixed assets.
c. Assets which are old or are obsolete would naturally have to be replaced. It should be
seen that their values are not in excess of the value of service that they could be
expected to render to the business during the balance period of their active life and the
amount they would fetch on sale as scrap.
d. Title deeds should be verified to ascertain the extent of enterprise’s ownership in such
assets, like land and building jointly owned by two or more companies or their
subsidiaries.
e. In addition, from a study of the maintenance expenses incurred from year to year, it
should be judged whether the assets have been properly maintained.
f. If not, it might be necessary to incur heavy expenditure on repairs to put them in a
proper working order. In such a case, an allowance for this factor should be made in the
value of assets.
g. More particularly, it should be seen that if assets have been revalued, the increased
depreciation charge has been adjusted against profit.
h. Further, investigator has to assure whether assets whose recoverable amount is less than
carrying amount are impaired and requirement of AS 28, “Impairment of Asset”, has
been complied.

Due Diligence, Investigation and Forensic Accounting 20.19

 2. Investments:
a. Investments should be broadly classified into long term investments and current
investments.
b. A current investment is by its nature readily realisable and is intended to be held for not
more than one year. All other investments are long term investments.
c. Current investments are valued on the basis of lower of cost and fair value determined
either on an individual investment basis or by category of investment but not on an
overall basis.
d. Long-term investments are usually carried at cost. However, when there is a permanent
decline in the value of long-term investments, the carrying amount should be reduced
to recognise the decline.
e. The carrying amount of long-term investments is determined on an individual
investment basis.
f. Interest, dividends and rentals receivable in connection with investment are generally
regarded as income. However, in some cases, such receipts represent recovery of cost
and should therefore be reduced from, the cost of investment (e.g. dividend out of pre-
acquisition profits).
3. Inventories:
a. It should be seen that inventories have been valued consistently and that the basis of
valuation was such that the value placed on inventories did not include any element of
profit.
b. Also, there should be due allowance for damaged, obsolete and slow-moving
inventories.
c. In some cases, physical verification of inventories is necessary where the inventories
belonging to the entity are held by other parties.
d. Examine the appropriateness of valuation of work in progress as disclosed in the books.
4. Trade Receivables: In assessing their value, the following should be taken into account:
a. Whether provision for bad debts have been made in the years in which the relevant sales
took place instead of in the year in which they have been written off, except when debts
have had to be written off on account of a slump or a fall in international prices, during
a period subsequent to the period in which sales had taken place.
b. The length of the credit period allowed or any excessive discounts allowed throughout
the period under investigation, to determine whether it has been necessary to increase
continually the credit period in order to affect the sales. If it has been so, it would
indicate that the demand for the goods manufactured by the concern in the market has
been diminishing gradually.
c. Debts should be classified according to their age. This would disclose the character of
the parties with whom the company trades and the amount of working capital that will
be necessarily blocked on this account in the course of business. Determine Debtors to
Sales Ratio.
5. Other liquid assets: It should be ascertained that the assets so described are readily
realisable. Money with a bank in liquidation should be taken only to the extent guaranteed
by Deposit Insurance Scheme.

Due Diligence, Investigation and Forensic Accounting 20.20

 6. Idle assets:
a. On a scrutiny, it may appear that certain assets are remaining idle and are not being
properly applied in the business. These may come from all sections of assets.
b. For example, certain plant and machinery may have been put to use after a considerable
period of time after acquisition.
c. Some of the fixed assets may be awaiting installation even at the valuation time.
d. The company may hold large cash and bank balances, not warranted by the need of the
business.
e. Then again, there may be instances of obsolete and slow-moving inventories of large
value in the accounts of the company.
f. It would be the duty of the investigating accountant to eliminate these idle assets, if any,
after proper identification from the net worth of the business. However, proper value of
these assets may be separately added to the value of the business.
7. Liabilities:
a. The important matter to investigate in this regard is whether those are stated fully or
understated or overstated.
b. In other words, whether the profits of the business have been inflated by suppression of
liabilities or there are any free reserves included in the liabilities.
c. In either case, an adjustment would be necessary.
d. Secondly, it should be ascertained that liabilities are not unduly large or are not
outstanding for a long time, in such cases, it would be necessary to pay off some of them
which would cause a drain on the liquid resources of the concern. The fact should be
stated in the report.
8. Taxation:
a. Orders in respect of assessments completed should be studied and it should be verified
that an adequate provision has been made in respect of liabilities for taxes which have
not been assessed.
b. Also, it should be seen that in the past there has been no reopening of assessments. If
so, the company may be liable for an undisclosed sum of taxes plus penalties. Any
temporary tax benefit should also be disregarded.
9. Capital:
In this regard, it is necessary to ascertain:
(i) Whether the capital is well balanced. This would not be the case if the number of
debentures and preference share capital are disproportionately large as compared
to the equity capital. Low equity capital would handicap the company in raising
further equity capital, on favourable terms for financing the business or to pay off
capital commitment. Further, when the capital is highly geared, it would affect the
value of the equity capital.
(ii) That the amount of capital is reasonable compared to the value of fixed assets and
the amount of working capital required. The terms associated with the issue of the
capital should also be studied; restriction on transferability of shares usually
depresses the value of share and of the business.

Due Diligence, Investigation and Forensic Accounting 20.21

D. INTERPRETATION OF FIGURES:
1. Fixed assets: The amount of capital expenditure which would be necessary in the future for
the continuation of the business, in its existing stage, should be assessed having regard to
the under-mentioned factors:
a. The amount required for the replacement of assets when these would become worn out
or obsolete.
b. The expenditure which will be necessary to replace obsolete machinery by more
sophisticated machinery for manufacturing different types of goods for which there is
demand.
2. Turnover: In assessing the turnover which the business would be able to maintain in the
future, the following factors should be taken into account:
a. Trend: Whether in the past sales have been increasing consistently or they have been
fluctuating. A proper study of this phenomenon should be made.
b. Marketability: Is it possible to extend the sales into new markets or that these have been
fully exploited? Product wise estimation should be made.
c. Political and economic considerations: Are the policies pursued by the Government
likely to promote the extension of the market for goods to other countries? Whether the
sales in the home market are likely to increase or decrease as a result of various emerging
economic trends?
d. Competition: What is the likely effect on the business if other manufacturers enter the
same field or if products which would sell in competition are placed on the market at
cheaper price? Is the demand for competing products increasing? Is the company’s share
in the total trade constant or has it been fluctuating?
3. Working Capital: In making assessment of the working capital requirements in the future,
the following matters should be taken into account:
a. Has the ratio of inventory to turnover been increasing and if so, is it a continuing or only
a temporary trend?
b. Are the trade payables being paid promptly or is there a backlog which will have to be
dealt with?
c. What will be the effect on inventory, trade receivables and trade payables, if the turnover
is increased or if new products are introduced?
4. Estimating Future Maintainable Profits:
a. Fluctuations in profits during the years under review should be examined after adjusting
the profits for extraneous factors, if any, that had given rise to fluctuations to determine
whether the factors responsible for the fluctuations were temporary or was likely to
recur in future.
b. A statement should be prepared showing separately the profits after depreciation
earned in each of the years during the period under review, after making adjustments
therein, if considered necessary, as regards factors which have been responsible for any
extraordinary increase in profits.
c. If the percentage of profits before taxation to capital has been stable or has been
increasing, it would indicate that the business would continue to earn the same rate of
profit as it has done in the past.

Due Diligence, Investigation and Forensic Accounting 20.22

 d. If, on the other hand, the percentage has been falling, and there is no evidence that the
factors responsible therefore have ceased to operate, investment of further capital in
the business would not be commercially advisable.

[Link].12 WHAT ARE THE DIFFERENT TYPES OF INVESTIGATION?

ANSWER:

The different types of investigation that a chartered accountant is usually called upon to carry out
are given hereunder:

A. STATUTORY AUDIT:
1. Investigation into the affairs of a company:
a. By inspector through an order of the Central Government (Section 210)
b. By Serious Fraud Investigation Office (Section 212)
c. Other cases (Section 213
2. Investigation of ownership of a company (Section 216)
B. NON-STATUTORY:
1. Investigation on behalf of an incoming partner
2. Investigation for valuation of shares in private companies
3. Investigation on behalf of a bank / Financial Institution proposing to advance loan to a
company
4. Investigation of frauds
5. Investigation on behalf of an individual or a firm proposing to buy a business \
6. Investigation in connection with review of profit / financial forecast

[Link].13 WRITE ABOUT THE INVESTIGATION ON BEHALF OF AN INCOMING PARTNER.

ANSWER:

1. The general approach of the investigating accountant in this type of investigation would be more
or less similar, irrespective of the nature of business of the firm-manufacturing, trading or
rendering a service.
2. Need for this investigation:
a. Primarily, an incoming partner would be interested to know whether the terms offered to
him are reasonable having regard to the nature of the business, profit records, capital
contribution, personal capability of the existing partners, socio-economic setting, etc., and
whether he would be capable of deriving continuing benefit by the way of return on capital
to be contributed and remuneration for services to be rendered, which can be justified by
the overall economic conditions prevailing and other considerations considering his own
personality and achievements.
b. In addition, he would be interested to ascertain whether the capital to be contributed by
him would be safe and applied usefully.
3. Broadly, the steps involved are the following:

Due Diligence, Investigation and Forensic Accounting 20.23

 a. Ascertainment of the history of the inception and growth of the firm.
b. Study of the provisions of the deed of partnership, particularly for composition of partners,
their capital contribution, drawing rights, retirement benefits, job allocation, financial
management, goodwill, etc.
c. Scrutiny of the record of profitability of the firm’s business over a suitable number of years,
with usual adjustments that are necessary in ascertaining the true record of business profits.
Particular attention should, however, be paid to the nature of partners’ remuneration, which
may be excessive or inadequate in relation to the nature and profitability of the business,
qualification and expertise of the partners and such other factors as may be relevant.
d. Examination of the asset and liability position to determine the tangible asset backing for
the partner’s investment, appraisal of the value of intangibles like goodwill, know how,
patents, etc. impending liabilities including contingent liabilities and those pending for tax
assessment. In case of firms rendering services, the question of tangible asset backing
usually is not important, provided the firm’s profit record, business coverage and standing
of the partners are of the acceptable order.
e. Position of orders at hand and the range and quality of clientele should be thoroughly
examined, which the firm is presently operating.
f. Position and terms of loan finance would call for careful scrutiny to assess its usefulness and
implication for the overall financial position; reason for its absence or negative impact
should be studied.
g. It would be interesting to study the composition and quality of key personnel employed by
the firm and any likelihood of their leaving the organisation in the near future.
h. Various important contractual and legal obligations should be ascertained and their nature
studied. It may be the case that the firm has standing agreement with the employees as
regards salary and wages, bonus, gratuity and other incidental benefits. Full impact of such
standing agreements would be gauged before a final decision is reached.
i. Reasons for the offer of admission to a new partner should be ascertained and it should be
determined whether the same synchronises with the retirement of any senior partner
whose association may have had considerable bearing on the firm’s success.
j. Appraisal of the record of capital employed and the rate of return. It is necessary to have a
comparison with alternative business avenues for investments and evaluation of possible
results on a changed capital and organisation structure, if any, envisaged along with the
admission of the partner.
k. It would be useful to have a firsthand knowledge about the specialisation, if any, attained by
the firm in any of its activities.
l. Manner of computation of goodwill on admission as also on retirement, if any, should be
ascertained.
m. Whether any special clause exists in the deed of partnership to allow admission in future of
a new partner, who may be specified, on concessional terms.
n. Whether the incomplete contracts which will be transferred to the reconstituted firm will be
a liability or a loss.
4. It would always be worthwhile to remember that, in a partnership, personal considerations
count predominantly and assessment of standing of the firm, standing and reliability of other

Due Diligence, Investigation and Forensic Accounting 20.24

 partners, their personal reputation and the goodwill enjoyed by the products/services of the
firm are important.

[Link].14 WRITE ABOUT THE INVESTIGATION FOR VALUATION OF SHARES IN PRIVATE

COMPANIES.

ANSWER:

1. The importance should be given on various purposes for which such a valuation is necessary,
the different bases on which valuation is possible and the variety of economic factors, on a
consideration whereof the price so determined needs to be adjusted.
2. NEED FOR THIS INVESTIGATION:
a. The necessity for valuation of shares of a private company arises, for under the Companies
Act, a private company must restrict the transfer of its shares.
b. In consequence, the shares of a private company do not have a free market in which their
prices could be determined by interaction of the forces of supply and demand.
3. METHODS FOR VALUATION OF EQUITY SHARES: In respect of equity shares, there are two main
methods of valuation.
a. Net worth method:
i. According to the first method, value is determined on the basis of net worth of the
company.
ii. The amount of net worth is divided by the number of shares comprising the equity
capital to arrive at the value for one share.
iii. When this method is followed, goodwill of the business, and non-trading assets (like
investments) based on the estimated future maintainable profit, is included among the
assets to arrive at the amount of net worth.
b. Yield basis:
i. According to the second method, the average profit earned by the business during the
preceding 5 to 7 years is computed.
ii. Afterwards, on the assumption that the same would continue to be earned in the future,
the value of business is calculated by capitalising it at a reasonable rate of interest.
iii. If the rate assumed is high, the value of the business would be smaller. Correspondingly,
it would be high if the rate of interest applied is low.
iv. The rate of return that an investor expects to earn in a business of the type in which the
company is engaged, is ascertained from the prices of the shares of companies engaged
in a similar business quoted on the stock exchange.
4. VALUATION OF PREFERENCE SHARES: The value of preference shares is estimated on the basis
of the yield on preference shares of companies engaged in a similar trade or industry after
making allowance for factors like restriction on transferability, average rate of earnings as
compared to the rate of dividend, etc.
5. SPECIAL FEATURES:
a. Net worth basis:

Due Diligence, Investigation and Forensic Accounting 20.25

 i. Each asset should be revalued on taking into account its utility to the business as a going
concern(replacement cost) . The value of different assets, on a revaluation, may be either
more or less in comparison to their book values.
ii. The value of goodwill of a business is primarily dependent on its capacity to earn super-
profit and the period over which these are expected to arise. The super profits that the
business would earn in the future are estimated on the basis of profits earned in the
past, after making an allowance therein for the continuation or otherwise of favourable
factors, which in the past had enabled the business to earn super-profits. This is usually
a difficult matter since, for the purpose, it is necessary to analyse the trend of economic,
social and political forces which have an impact on the profitability of the business.
b. Yield basis:
i. The value of shares on yield basis is arrived at on the basis of present value of the right
to receive dividends in the future. Since dividends can be paid only out of profits, in this
case also, it is necessary to determine the amounts of profits which the company would
be earning in future as well as the amounts thereof which would be distributed as
dividend from year to year. In short, it is an exercise of projecting the trend of profits and
predicting the policy that the company might follow in the matter of declaration of
dividends.
ii. The rate at which the amount of dividends should be capitalised is decided on taking
into account the risk that shareholders are taking in the matter of declaration of
dividends being continued in future, assessed in the background of past history of the
company, the amount of reserves the company possesses, both secret and those
disclosed in its books, future prospects of the line of manufacture or trade in which the
company is engaged and the impact of various social and political factors that are likely
to emerge on the company’s profitability.
iii. Since the effect of these factors is reflected in the prices at which the shares of
companies engaged in similar trades and businesses are quoted on the Stock Exchange,
the investigating accountant should consider them. This would help him to know the rate
at which their dividends were being capitalised.
iv. He should adopt the average rate of return expected by investors in the shares of such
companies but it should be applied only after making due allowance for the factors
peculiar to the case, such as restrictions on transfer of shares, majority holding, etc. In
any valuation of shares, with the transfer of shares control is also to pass, a separate
value should be ascertained for the control and added to the value otherwise obtained
either on net worth basis or yield basis.

[Link].15 WRITE ABOUT THE INVESTIGATION ON BEHALF OF A BANK/ FINANCIAL INSTITUTION

PROPOSING TO ADVANCE/LOAN TO A COMPANY.

ANSWER:

Due Diligence, Investigation and Forensic Accounting 20.26

A bank is primarily interested in knowing the purpose for which a loan is required, the sources from
which it would be repaid and the security that would be available to it, if the borrower fails to pay
back the loan.

A. POINTS TO BE FOCUSED BY THE INVESTIGATOR: On these considerations, the investigating

accountant, in the course of his enquiry, should attempt to collect information on the under-
mentioned points:
(i) The purpose for which the loan is required and the manner in which the borrower
proposes to invest the amount of the loan.
(ii) The schedule of repayment of loan submitted by the borrower, particularly the
assumptions made therein as regards amounts of profits that will be earned in cash and
the amount of cash that would be available for the repayment of loan to confirm that
they are reasonable and valid in the circumstances of the case. Institutional lenders now-
a-days rely more, for repayment of loans, on the annual profits and loss, and on the
values of assets mortgaged to them.
(iii) The financial standing and reputation for business integrity enjoyed by directors and
officers of the company.
(iv) Whether the company is authorised by the Memorandum or the Articles of Association
to borrow money for the purpose for which the loan will be used.
(v) The history of growth and development of the company and its performance during the
past 5 years.
(vi) How the economic position of the company would be affected by economic, political and
social changes that are likely to take place during the period of loan.
(vii) Whether any loan application to any other Bank or Financial Institution was made, and
if so, the reasons for rejection thereof.

B. STEPS TO BE FOLLOWED BY THE INVESTIGATOR TO DETERMINE THE ACCURACY OF

REPAYMENT SCHEDULE: To investigate the profitability of the business for judging the accuracy
of the schedule of repayment furnished by the borrower, as well as the value of the security in
the form of assets of the business already possessed and those which will be created out of the
loan, the investigating accountant should take the under-mentioned steps:
a. Prepare a condensed income statement from the Statement of Profit and Loss for the
previous five years, showing separately therein various items of income and expenses, the
amounts of gross and net profits earned and taxes paid annually during each of the five
years. The amount of maintainable profits determined on the basis of foregoing statement
should be increased by the amount by which these would increase on the investment of
borrowed funds.
b. Compute the under-mentioned ratios separately and then include them in the statement to
show the trend as well as changes that have taken place in the financial position of the
company:
(i) Sales to Average Inventories held.
(ii) Sales to Fixed Assets.
(iii) Equity to Fixed Assets.
(iv) Current Assets to Current Liabilities.
Due Diligence, Investigation and Forensic Accounting 20.27
 (v) Quick Assets (the current assets that are readily realisable) to Quick Liabilities.
(vi) Equity to Long Term Loans.
(vii) Sales to Book Debts.
(viii) Return on Capital Employed.
c. Enter in a separate part of the statement the break-up of annual sales product-wise to show
their trend.

C. STEPS INVOLVED IN THE VERIFICATION OF ASSETS AND LIABILITIES INCLUDED IN THE BALANCE
SHEET OF THE BORROWER COMPANY WHICH HAS BEEN FURNISHED TO THE BANK: The
investigating accountant should prepare schedules of assets and liabilities of the borrower and
include in the particulars stated below:
1. Fixed assets:
a. A full description of each asset its gross value, the rate at which depreciation has been
charged and the total depreciation written off.
b. In case the rate at which depreciation has been adjusted is inadequate, the fact should
be stated.
c. In case any asset is encumbered, the amount of the charge and its nature should be
disclosed.
d. In case an asset has been revalued recently, the amount by which the value of the asset
has been decreased or increased on revaluation should be stated along with the date of
revaluation. If considered necessary, he may also comment on the revaluation and its
basis.
2. Inventory:
a. The value of different types of inventories held (raw materials, work-in-progress and
finished goods) and the basis on which these have been valued.
b. Details as regards the nature and composition of finished goods should be disclosed.
c. Slow-moving or obsolete items should be separately stated along with the amounts of
allowances, if any, made in their valuation.
d. For assessing redundancy, the changes that have occurred in important items of
inventory subsequent to the date of the Balance Sheet, either due to conversion into
finished goods or sale, should be considered.
e. If any inventory has been pledged as a security for a loan the amount of loan should be
disclosed.
3. Trade Receivables, including bills receivable:
a. Their composition should be disclosed to indicate the nature of different types of debts
that are outstanding for recovery, also whether the debts were being collected within
the period of credit as well as the fact whether any debts are considered bad or doubtful
and the provision if any, that has been made against them.
b. Further, the total amount outstanding at the close of the period should be segregated as
follows:
(i) debts due in respect of which the period of credit has not expired;
(ii) debts due within six months; and
(iii) debts due but not recovered for over six months.

Due Diligence, Investigation and Forensic Accounting 20.28

 c. If any debts are due from directors or other officers or employees of the company, the
particulars thereof should be stated.
d. Amounts due from subsidiary and affiliated concerns, as well as those considered
abnormal should be disclosed.
e. The recoveries out of various debts subsequent to the date of the Balance sheet should
be stated.
4. Investments:
a. The schedule of investments should be prepared.
b. It should disclose the date of purchase, cost and the nominal and market value of each
investment.
c. If any investment is pledged as security for a loan, full particulars of the loan should be
given.
5. Secured and Unsecured Loans:
a. Debentures and other secured loans should be included together in a separate schedule.
b. Against the debentures and each secured loan, the amounts outstanding for payments
along with due dates of payment should be shown.
c. In case any debentures have been issued as a collateral security, the fact should be
stated.
d. Particulars of assets pledged or those on which a charge has been created for re-
payment of a liability should be disclosed.
e. Details of loans proposed to be obtained from Promoters/ Directors/ Related Parties
should be stated separately.
f. In case any unsecured loan is to be repaid prior to repayment of Bank loan, its terms and
conditions should be verified.
6. Provision of Taxation: The previous year’s up to which taxes have been assessed or
assessment order received should be ascertained. If provision for taxes not assessed appears
to be inadequate, the fact should be stated along with the extent of the shortfall.
7. Other Liabilities: It should be stated whether all the liabilities, actual and contingent, are
correctly disclosed. Also, an analysis according to ages of trade payables should be given to
show that the company has been meeting its obligations in time and has not been depending
on trade credit for its working capital requirements.
8. Insurance: A schedule of insurance policies giving details of risks covered, the date of
payment of last premiums and their value should be attached as an annexure to the
statements of assets, together with a report as to whether or not the insurance-cover
appears to be adequate, having regard to the value of assets.
9. Contingent Liabilities: By making direct enquiries from the borrower company, from
members of its staff, perusal of the files of parties to whom any loan has been advanced for
example, those of machinery suppliers and the legal adviser. The investigating accountant
should ascertain particulars of any contingent liabilities which have not been disclosed. In
case, there are any, these should be included in a schedule and attached to the report.

[Link].16 WRITE ABOUT THE DIFFERENT TYPES OF FRAUDS.

Due Diligence, Investigation and Forensic Accounting 20.29

ANSWER:

A. MEANING:
1. As per SA 240: Fraud is an intentional act by one or more individuals among management,
those charged with governance, employees, or third parties, involving the use of deception
to obtain an unjust or illegal advantage.
2. As per Sec 447 of Companies Act, 2013: Fraud in relation to affairs of a company or any body
corporate, includes any act, omission, concealment of fact or abuse of position committed
by any person or any other person with the connivance in any manner, with intent to
deceive, to gain undue advantage from, or to injure the interests of, the company or its
shareholders or its creditors or any other person, whether or not there is any wrongful gain
or wrongful loss.

B. TYPES OF FRAUDS: Frauds may broadly be categorized as:

1. Fraudulent Financial Reporting:
a. Alteration or falsification of records & documents
b. Misrepresentation in or intentional omission of events, transactions or information
c. Intentional misapplication of accounting principles
d. Fictitious Journal Entries
e. Adjusting assumptions and changing Judgments
f. Omitting, advancing or delaying the recognition of events or transactions.
g. Abnormal Year End Transactions.
h. Improper Asset Valuation
i. Overstatement of Revenue or Understatement of Liabilities
2. Mis-appropriation of Assets:
a. Embezzlement of receipts in respect of written-off accounts – Skimming or Cash Larceny
b. Stealing physical assets or intellectual properties
c. Introduction of fictitious vendors
d. Payroll Schemes – Ghost Employees, Falsified Wages, & Commission Schemes
e. Reimbursement Schemes – Mischaracterised Expenses, Multiple Reimbursement, &
Fictitious Expenses
f. Using entities assets for personal use.
3. Corruption:
a. Conflict of Interest
b. Bribery
c. Illegal Gratuities
d. Money Laundering

[Link].17 STATE THE DIFFERENT AREAS WHERE FRAUDS CAN OCCUR.

ANSWER:

1. Fraudulent Entries:
a. Late entry
Due Diligence, Investigation and Forensic Accounting 20.30
 b. No entry
c. Part entry
d. Inserting wrong entries to divert attention
2. Sales Frauds:
a. Price enhancement
b. Omission to make receipt of sale of scrap.
c. Billing and sales reversals in amusement parks.
d. Food production yield ratio in hotels and suppression of Revenue.
e. Using or hiring assets of the company in lean period
f. Omission in preparation of dispatch note for sale
g. Sale of Assets recorded as Income
h. Cash sale adjusted as credit sale.
i. Writing off a good debt as bad & irrecoverable
3. Collection Frauds:
a. Defalcation of contributions to charity funds
b. Crediting donation to loan accounts.
c. Rental collected in cash but not recorded.
4. Expenses Frauds:
a. Entering ineligible discount
b. Overcharging expenses
c. Falsification of documents
d. Untimely payment
e. Introduction of fictitious vendor.
f. Unnecessary/ huge provisioning of expenses
5. Payroll Frauds:
a. Extra number of employees
b. Extra hours
c. Calculation of net pay by transferring rounding off amount to personal account.
d. Not deactivating the retired employees’ IDs
e. Fictitious employees/ workers paid salary.
6. Data Frauds:
a. Change in computer data
b. Destroy, suppress or insert records
c. Using open fields in computerized accounting system
7. Technology related Frauds:
a. Employing hostile Software Programs or malware attacks
b. Phishing mails
c. Vishing – Voice Mail
d. Smishing - Text messages
e. Whaling – Targeted phishing on high network individuals
f. Card duplications
g. Stealing confidential data
8. Banking related Frauds:

Due Diligence, Investigation and Forensic Accounting 20.31

 a. Forged Signatures
b. Cheque Frauds - Alteration in amounts, Alteration in accounts titles, Kite flying
c. Cash lending during working hours
d. Missing notes in bundles
e. Use of same notes bundles by two branches
f. Wrong posting in other accounts
g. Misuse of sensitive stationery
h. ATM transaction misuse
i. Using PINs of debit card/credit card holder
j. Advances - inflated stock statements, inflated projections, forged/duplicate land documents,
L/Cs
9. Others:
a. Teaming and Lading
b. Process houses mixing inferior quality material to sale good quality material
c. Pilferage and theft in super markets
d. Selling classified information,
e. Withholding information from customer about free product schemes, discount and
concession.
f. Enhancement of performance
g. Taking advantage of disaster or natural calamity.
h. Trust FDs
i. Fictitious journal entries to inflate expenses or income.

[Link].18 EXPLAIN THE FRAUDS AT DIFFERENT LEVELS.

ANSWER:

Frauds may be classified as defalcations involving misappropriation, either of money or that of

goods, and manipulation of accounts not involving a defalcation. The detections of manipulations
of accounts being one of the objects of an audit, for the detection of frauds perpetrated for
misappropriating either money or goods, knowledge of the various circumstances under which
these may be committed and that of different forms they take is essential. On this account, a brief
description thereof at different level is given below:

A. FRAUD FOR PERSONAL GAINS

1. Bribery:
a. Money, gift or other favours offered to procure (often illegal or dishonest) action or
decision in favour of the giver. These are also relatable to contract fraud or procurement
fraud and are, generally, out of books transactions.
b. The auditor normally conducts a propriety audit over the veracity of the transactions
and review of any undue favours to vendors. When money, gift or other favours are
offered to public official to influence an official act of government then such kind of
Bribery is called Official Bribery.

Due Diligence, Investigation and Forensic Accounting 20.32

 c. In contrast to Commercial Bribery or favours to vendors, in case of Official Bribery,
Company usually is criminally prosecuted.

B. CORPORATE FRAUDS/ IRREGULARITIES:

1. Advance Billing:
a. Advance billing is a situation where the company officials indulge in booking fictitious
sales in anticipation of actual sales. This results in misrepresentation of revenue in the
books thereby misleading financers and stakeholders.
b. When the management treats borrowings from money lenders as customer advances in
the books against sale orders or for adjusting bills receivables, the fraudulent act gets
unnoticed for an extended period.
c. This situation results in a death knell for the corporation as the company is dragged into
an irredeemable debt trap.
d. Use of Shell Company, false vendors, purchases of personal nature booked as official
expenses enable falsification of accounts and diversion of funds for purposes other than
an intended purpose.
e. These could also be mechanism for employees or cartel of employees engaging in
personal gain at the cost of the company. In the former incident this could be termed as
management fraud.
2. Shell/ Dummy Company Schemes:
a. Generally, represents a fictitious company or a ‘paper company’ to transfer profits or
funds from the main company.
b. This could also involve fictitious bills (mostly for services rendered or consultancy
charges that cannot be corroborated) which are used in the name of dummy companies
diverting the funds taken from banks and financial institutions.
c. The books could be falsified by wrong classification of expenses, inflating the expense
claims, fictitious expenses or multiple reimbursements. A review of controls, normally,
leads to the uncovering of expense booking that are prima facie not incurred.
3. Money-Laundering Activities:
a. As per the Prevention of Money-Laundering Act, 2002, “whosoever directly or indirectly
attempts to indulge or knowingly assists or knowingly is a party or is actually involved in
any process or activity connected with the proceeds of crime and projecting it as
untainted property shall be guilty of offence of money-laundering.”
b. The person indulging in money laundering looks for avenues with weak banking controls
for converting illegal money into the banking system.
c. Any excess credit in the bank accounts that does not belong to the customer or is parked
for a temporary period should raise suspicion of such activities. This person indulging in
money laundering activity looks for avenues to enter into ‘benami’ (could be called
‘proxy’ name lending) transactions.
d. Companies with extensive cash handling and inadequate control over source of money
or involved in remittance of money for import/ export of goods etc. are susceptible to
money laundering activities.

Due Diligence, Investigation and Forensic Accounting 20.33

C. FRAUD AT OPERATIONAL LEVEL EMPLOYEES:
1. Tampering of Cheques/Drafts/On-line payments/receipts:
a. Tampering of cheques, payee name being altered, or preparation of cheques without
the same being issued to payee, etc., are methods that may also lead to falsification of
accounts.
b. On-line payments generally are considered a transparent mechanism to prevent the
above frauds.
c. The ATM is a popular technological advancement that has inherent control gaps. For
example, credit cards once swiped the transaction is put through in the system without
the need for a signature of the payer.
d. Similarly, unauthorised credits in bank accounts through ATMs are an immense source
of threat to recipients including bribery allegations, unless they lodge a complaint with
the bankers or the regulatory authorities in a prompt manner of such unauthorised
credits to their accounts/or company bank accounts.
e. Care should be taken that the name of the payee in the payment transactions in books
and cheque issued therein for payment is not fabricated to wrongly codify and book
against an improper account head.
2. Off Book Frauds:
a. In off book frauds, the fraud perpetrator misappropriates the cash before these are
recorded in the books or before the sale is recorded in the books.
b. These frauds are difficult to unearth as the cash or collection is taken off before the
accounting entries are made in the books. This situation arises especially in unorganized
markets and in rural economies where banking habits are relatively under developed.
c. These are difficult to establish due to absence of audit trails and are more prevalent in
businesses that have extensive cash dealings. These are difficult to uncover as the means
adopted could include printing of receipts/ bills outside the system.
d. The above fraudulent schemes can be established based on circumstantial evidence or
validation through external sources such as, customer balance confirmations (where
feasible) and customer copy of the receipts or other documents that are retained by
them.
e. These are also further supplemented by external evidence in the form of background
checks and surveillance mechanism. Verification of all the receipts and issues of stock
recorded in stock register is another way to identify this type of fraud.
3. Cash Misappropriation:
a. Cash is misappropriated after the accounting entries are already passed in the books.
These are identified through surprise checks and through shortages in cash balances.
b. These occur when there are delays in accounting of cash collections and there are no
laid down cash flow controls.
c. Unaccounted money in any form in an entity is a serious red flag in uncovering of
irregularities.
d. Improper daily fund monitoring mechanism is another factor that results in creating
unauthorised float by employees in their personal account or in fictitious surrogate
(proxy) entities by fraudsters.

Due Diligence, Investigation and Forensic Accounting 20.34

 4. Teeming and Lading:
a. This is also achieved through cash deposits or cheques collected from customers being
overlapped with the collections from subsequent customers and the amount collected
is diverted to personal account.
b. Reconciliation of customer accounts at a single point of time and confirmation from
customers for amounts outstanding in their accounts helps in identifying any leakage in
collections.
5. Fraudulent Disbursements: Fraudulent disbursements or reimbursements take place either
by issuing or submission of false bills, or personal expense bills being converted into official
expenses bills. The other method that is resorted to by the perpetrator of fraud is to inflate
the refunds due to a customer and skim the excess refunds.
6. Expense Reimbursement Schemes: These fraudulent schemes involve employees resorting
to treating their personal expenses as incurred for business purpose and claiming
reimbursement. In some cases, employees may get reimbursed by third parties (such as
distributors) as well as by claiming these expenses from the company. Multiple expense
claims based on duplicate bills or photostat copies.
7. Payroll Fraud:
a. The payroll fraud could include payment to non-existent employees or in a contractual
arrangement inflating of the manpower resources than those actually deployed while
billing the client.
b. It may also include showing higher pay than actual disbursement to employees/ workers,
etc.
c. The process would require a detailed review of statutory declarations/filings under
various labour law statutes including disclosures in financial statements of retirement
benefits such as P.F, Gratuity and Superannuation benefits from an evidence gathering
perspective.
8. Commission Schemes: The salesman exaggerates the sales through fictitious billings to earn
higher commission or alter the sales prices of the products sold from those stipulated by the
company or share the sales volumes achieved with other employees to share higher
commission. Commission schemes in mega deals backed by legal documents are often tools
used to camouflage kickbacks. These are often difficult to uncover and would need to be
supplemented by the monetary trails across entities and geographies.

[Link].19 STATE SOME OF THE SITUATIONS IN WHICH MONEY MAY BE EMBEZZLED AND THE
VARIOUS FORMS THAT SUCH FRAUDS USUALLY TAKE PLACE ALONGWITH THEIR INVESTIGATION
PROCEDURE.

ANSWER:

Some of the situations in which money may be embezzled and the various forms that such frauds
usually take place alongwith their investigation procedure include the following:

A. CASH RECEIPTS:

Due Diligence, Investigation and Forensic Accounting 20.35

 1. Methods for perpetrating fraud: In cases like holding back cash sales, collections by
travelling salesmen, V.P.P receipts, or casual receipts, e.g., sales of scrap, recoveries out of
debts written off earlier, etc., the amount or amounts of receipts embezzled may be
subsequently covered up by the perpetrator adopting one or other of the under-mentioned
devices:
(i) Issuing a receipt to the payee for the full amount collected and entering only a part
of the amount on the counterfoil.
(ii) Showing a larger cash discount than actually allowed.
(iii) Adjusting a fictitious credit in the account of a customer for the value of goods
returned by him.
(iv) Adjusting a cash sale as a credit sale, and raising a debit in the account of the
customer.
(v) Writing off a good debt as bad and irrecoverable to cover up the amount collected
which has been misappropriated.
(vi) Short-debiting the customer’s account in the ledger with an intention to withdraw
the difference when the full amount payable by him is collected.
(vii) Under-casting the receipts side of the Cash Book or over-casting the payment side.
(viii) Carrying over a shorter total of the receipts from one page of the Cash Book to the
next or over-carrying the total of the payment from one page of the Cash Book to
the next with a view to covering up misappropriation; either short banking of cash
collection or a part of the amount of withdrawal from the bank.
2. Verification of Cash Receipts:
a. On the assumption that some of these may have been diverted before being entered in
the books, evidence as regards income received from different sources should be
scrutinised, e.g., inventory, sales summaries, rental registers, correspondence with
customers, advices of travelling salesmen and counterfoils or receipts.
b. Carbon copies of receipts marked ‘duplicate’, should be scrutinised to confirm that they
are in fact copies of receipts issued earlier.
c. In addition, by recalling paying-in-slips from the bank the details of cash deposited on
each day should be compared with those shown in the Cash Book.
d. The record of sales of scrap of waste paper, that of collection of rents from labourers
temporarily accommodated in the company’s quarters, that of refunds of amounts
deposited with the electric supply co., or any other Government authorities should be
examined for finding out if any of these amounts have been misappropriated.
e. Cash sales should be vouched in detail.
f. Recoveries from customers and sundry parties should be checked with the copies of
receipts issued to them; deductions made on account of cash discounts should be
reviewed.
g. All withdrawals from the bank should be checked by reference to corresponding entries
in the bank pass book.

B. INFLATING CASH PAYMENT:

1. Methods for perpetration of fraud: Cash payment frauds may be in the form of:

Due Diligence, Investigation and Forensic Accounting 20.36

 (i) Making double payment of an invoice or paying a false invoice.
(ii) Paying personal expenses out of the business by falsifying details. e.g., showing
betting losses as advertisement charges.
(iii) Withdrawing unclaimed credit balances of customers or amounts falsely credited in
the accounts of parties.
(iv) Falsely adjusting a refund in the account of a customer and withdrawing the credit
balance.
(v) Wrong totalling of the wage sheets and misappropriating the excess amount
withdrawn from the bank for payment of wages.
2. Verification of Cash Payments:
a. All the evidence as regards cash payments made, including acknowledgement by parties
for payments shown to have been made to them, should be carefully scrutinised.
b. In the case where a figure appears to have been erased or altered on the receipts issued
by the party, on reference to the party concerned, the actual amount paid to him should
be confirmed.
c. The same procedure should be adopted in respect of amounts acknowledged on blank
papers.
d. All payments by bearer cheques should be examined.
e. The system of recording of wages should be reviewed, specially as regards possible over-
totalling of wage sheets, and entries in them of dummy workmen.
f. The system of ordering and receiving goods should be reviewed so as to confirm that no
payment has been made in respect of supplies which have not been received.
g. Confirmations should be obtained from partners or Directors in respect of amounts
shown to have been paid to them.
h. The Petty Cash Book should be vouched and totalled.
i. Special attention should be paid to payments made on account of salaries and wages;
confirmation should be obtained from the management that all payments of such
salaries and wages were made to persons who were actually in the service of the
company.
j. All the withdrawals from the bank should be checked by reference to entries in the
bank’s pass book. All the bills receivable or payable should be checked by reference to
the Bills Books.

C. FRAUDS THROUGH SUPPLIERS’ LEDGER:

1. Methods for perpetration of fraud:
(i) Adjusting fictitious or duplicate invoices as purchases in the accounts of suppliers
and subsequently misappropriating the amounts when payments are made to the
suppliers in respect of these invoices.
(ii) Suppressing the Credit Notes issued by suppliers and withdrawing the corresponding
amounts not claimed by them.
(iii) Withdrawing amounts unclaimed by suppliers, for one reason or another by showing
that the same have been paid to them.

Due Diligence, Investigation and Forensic Accounting 20.37

 (iv) Accepting purchase invoices at prices considerably higher than their market prices
and collecting the excess amount, paid in cash, from the suppliers.
2. Verification of balances in suppliers’ ledger
a. The Purchase Journal should be vouched by reference to entries in the Goods Inward
Book and the suppliers’ invoices to confirm that amounts credited to the accounts of
suppliers were in respect of goods, which were duly received and the suppliers’ accounts
had been credited correctly.
b. All the suppliers should be requested to furnish statements of their accounts to see
whether or not any balance is outstanding or due so as to confirm that allowances and
rebates given by them have been correctly adjusted and were duly authorized by the
authorized person/ officer.
c. Examine the system of internal control in relation to purchase orders issued and identify
possibilities of collusion with suppliers.

D. CUSTOMERS’ LEDGER:
1. Methods for perpetration of fraud:
(i) By the ‘teeming and lading’ method, i.e., misappropriating the amount collected
from a customer and crediting his account by the amount paid by him only when an
amount is subsequently collected from another customer; repeating this practice
with several items collected and depositing back the amount or amounts so
misappropriated before the close of the year.
(ii) Misappropriating the amount collected from a customer and subsequently adjusting
his account by crediting the amount on account of allowance or a rebate for excess
price charged.
(iii) Crediting the amount received from a customer to the account of another customer
and subsequently withdrawing the amount wrongly credited.
2. Verification of balances in customers’ ledger:
a. Special attention should be paid to allowances adjusted on account of goods returned
or difference in price or on any other account as well as to amounts written off as bad
debts.
b. To confirm that the accounts of customers have been debited in respect of goods
supplied to them, entries in the Order Book should be cross-checked with those in the
Sales Day Book where the same is kept.
c. The investigating accountant should obtain confirmation of customers in respect of the
amounts standing in their accounts. Those of them who have no balance in their
accounts should be requested to confirm the statement of their account (which should
be sent to them) for ascertaining that the entries shown therein were genuine.
E. INVENTORY FRAUDS:
1. Methods for perpetration of fraud: Inventory frauds are many and varied but here we are
concerned with misappropriation of goods and their concealment.
(i) Employees may simply remove goods from the premises.
(ii) Theft of goods may be concealed by writing them off as damaged goods, etc.

Due Diligence, Investigation and Forensic Accounting 20.38

 (iii) Inventory records may be manipulated by employees who have committed theft so
that book quantities tally with the actual quantities of inventories in hand.
(iv) Inflating the quantities issued for production is another way of defalcating raw
materials and store items. (v)
(v) Stocks actually dispatched but not entered in sales/ debtor’s account.
2. Verification Procedure for Defalcation of inventory:
a. Thefts usually are possible through collusion among a number of persons. Therefore, for
their detection, the entire system of receipts, storage and dispatch of all goods, etc.
should be reviewed to localise the weakness in the system.
b. The determination of factors which have been responsible for the theft and the
establishment of guilt would be difficult in the absence of:
i. A system of inventory control, and existence of detailed record of the movement of
inventory, or
ii. Availability of sufficient data from which such a record can be constructed.
c. The first step in such an investigation is to establish the different items of inventory
defalcated and their quantities by checking physically the quantities in inventory held
and those shown by the Inventory Book.
d. Identify the excessive control in the hands of a single person, without any supervision as
it will widen the scope of investigation.
e. All the receipts and issues of inventory recorded in the Inventory Book should be verified
by reference to entries in the Goods Inward and Outward Registers and the documentary
evidence as regards purchases and sales. This would reveal the particulars of inventory
not received but paid for as well as that issued but not charged to customers
f. Defalcations of inventory, sometimes, also are committed by the management, by
diverting a part of production and the consequent shortages in production being
adjusted by inflating the wastage in production; similar defalcations of inventories and
stores are covered up by inflating quantities issued for production. For detecting such
shortages, the investigating accountant should take assistance of an engineer.
g. The per hour capacity of the machine and the time that it took to complete one cycle of
production, also would show whether the issues have been larger than those required.

[Link].20 STATE THE INDICATORS OF POSSIBLE FRAUD.

ANSWER:

Several indications of possible frauds can be listed as follows :-

1. Discrepancies in Accounting Records including non-recording or partial recording or incorrect
recording or delayed recording of amounts, misclassifications, etc.
2. Conflicting or missing evidence including missing documents, altered documents, significant
unexplained items in reconciliations, discrepancies between entity’s records and confirmations
received etc.
3. Unacceptable management responses such as denial of access to records/facilities/employees,
undue time pressure to resolve complex issues, unusual delays in providing requested

Due Diligence, Investigation and Forensic Accounting 20.39

 information, denial for use of Computer Assisted Audit Techniques, unwillingness to address
identified deficiencies in internal control etc. iv.
4. Other indications such as Accounting Policies in variance with Industry Norms, Frequent changes
in accounting estimates etc.

[Link].21 EXPLAIN THE CONCEPT OF THE FRAUD DIAMOND.

ANSWER:

THE FRAUD DIAMOND:

1. Many frauds, especially some of the multibillion-dollar ones, would not have occurred without
the right person with the right capabilities in place.
2. Opportunity opens the doorway to fraud, and incentive and rationalization can draw the person
toward it. But the person must have the capability to recognize the open doorway as an
opportunity and to take advantage of it by walking through, not just once, but time and time
again. This give rise to the fourth element of fraud.
3. Fraud Diamond i.e. four elements of fraud is a theory which was established by David T. Wolfe
and Dana R. Hermanson.
4. Under this Wolfe and Hermanson classified the indicators of fraud into 4 categories.
5. Four elements of Fraud Diamond:
a. Incentive: I want to, or have a need to, commit fraud.
b. Opportunity: There is a weakness in the system that the right person could exploit. Fraud is
possible.
c. Rationalization: I have convinced myself that this fraudulent behavior is worth the risks.
d. Capability: I have the necessary traits and abilities to be the right person to pull it off. I have
recognized this particular fraud opportunity and can turn it into reality.

[Link].22 WRITE ABOUT INVESTIGATION ON BEHALF OF AN INDIVIDUAL OR FIRM PROPOSING TO

BUY A BUSINESS.

ANSWER:

A. SCOPE OF INVESTIGATION:
1. The objective of such an investigation is to collect such information as would enable the
purchaser to decide whether it is worthwhile to buy the business and if so, for what amount.
2. The investigation should proceed broadly on the same lines as for valuation of shares.
Additional matters which must receive the attention of the investigating accountant on
which, if appropriate, information to the client should be given.

B. IN CASE OF PROPRIETARY CONCERNS OR PARTNERSHIPS:

(i) Reasons for the sale of the business and the effect on turnover and profits that there
would be on retirement of the present proprietor (or partners).
(ii) The length of lease under which the premises are held, the prospects of its renewal or
extension.

Due Diligence, Investigation and Forensic Accounting 20.40

 (iii) The unexpired period of any patents owned by the vendors.
(iv) The age of the present managerial staff and the prospects of continuing in service under
the new proprietorship and the possible liability, not already provided for that would
arise as regards payment of pensions or gratuities in case of old and aged employees/
retrenched employees.
(v) If the bulk of sales are made to customers whose number is small, the profitability of the
business would be greatly shaken on withdrawing their support. This would be an
element of weakness which should be investigated as it might affect future profitability.
(vi) The valuation that could be placed on goodwill to determine whether that appearing in
the book is less or more; if none is included to determine the amount that should be
included, if at all.

C. IF THE BUSINESS BELONGS TO A LIMITED COMPANY: The vendors’ interest in this case will be
purchased by the acquisition of shares. On that account, the following additional matters would
also require consideration:
(i) The authorised and issued capital of the company.
(ii) Whether there is any uncalled liability on the shares.
(iii) If the capital is divided into different classes of shares - the rights that are attached to
each class.
(iv) Particulars of dividends paid in the past and the amounts thereof which are in arrear (on
cumulative preference shares).
(v) If there are any mortgages/ charge created on the assets appearing in the company’s
books, a search should be made in the Register of Charges in the office of the Registrar
of Companies.
(vi) The price at which the shares are being offered. If the company is a public company, the
price will usually be in excess of market price quoted on the Stock Exchange, but in the
case of unquoted shares particularly where the company whose shares are being
acquired is a private company, a valuation will have to be placed on the shares for the
purpose of purchase.

[Link].23 WRITE ABOUT INVESTIGATION IN CONNECTION WITH REVIEW OF PROFIT/FINANCIAL

FORECASTS.

ANSWER:

1. There are many investigations which involve an examination of future profits like,
a. Profit reports can be required as part of a general investigation into the purchase of a
business or,
b. By banks and financial institutions with regard to project cash flow and profitability
statements for appraisal of loan applications submitted by the intending borrowers.
2. All forecasts depend, to a large extent, on the nature of the business with its numerous and
substantial uncertainties.
3. Therefore, such forecasts are not capable of verification by the reporting accountants in the
same way as financial statements which present the results of a completed accounting period.

Due Diligence, Investigation and Forensic Accounting 20.41

4. Normally, such situations involve special review as these depart from the auditor’s traditional
role of expressing an opinion in relation to past events.

FORENSIC ACCOUNTING

[Link].24 DEFINE THE FOLLOWING TERMS:

A. FORENSIC
B. FORENSIC ACCOUNTING
C. RED FLAG

ANSWER:

A. FORENSIC: The word forensic comes from the Latin word forensis, meaning "of or before the
forum." It is
a. Relating to, used in, or appropriate for courts of law or for public discussion or
argumentation.
b. Relating to the use of science or technology in the investigation and establishment of facts
or evidence in a court of law.
B. FORENSIC ACCOUNTING:
1. The integration of accounting, auditing and investigative skills yields the specialty known as
Forensic Accounting. It is the study and interpretation of accounting evidence. It is the
application of accounting methods to the tracking and collection of forensic evidence,
usually for investigation and prosecution of criminal acts such as embezzlement or fraud.
2. Forensic Accounting by Hopwood, Leiner, and Young
a. Forensic accounting is the application of investigative and analytical skills for the purpose
of resolving financial issues in a manner that meets standards required by courts of law.
b. Forensic accountants apply special skills in accounting, auditing, finance, quantitative
methods, certain areas of the law, research and investigative skills to collect, analyse and
evaluate evidential matter and to interpret and communicate findings.
Note: Forensic Accounting can be conducted in order to prosecute a party for fraud,
embezzlement or other financial claims. In addition, an audit may be conducted to determine
negligence in addition, an audit may be conducted to determine negligence.

C. RED FLAG: Red flags are indicators or warning of any impending danger or inappropriate
behavior. Red flag does not necessarily indicate the existence of fraud however are indicators
that caution needs to be exercised while investigating the situations. Red flags are classified in
categories such as financial performance red flag, accounting system red flags, operational red
flags and behavioural red flags.

[Link].25 HOW IS A FORENSIC ACCOUNTING ANALYSIS DIFFERENT FROM AN AUDIT?

ANSWER:

Particulars Other Audits Forensic Accounting

Due Diligence, Investigation and Forensic Accounting 20.42

 Objectives Express an opinion as to Whether fraud has actually
‘True & Fair’ presentation taken place in books
Techniques Substantive & Compliance. Investigative, substantive or
Sample based in-depth checking
Period Normally for a particulars No such limitations
accounting period.
Verification of stock, Relies on the management Independent/verification of
Estimation realisable value certificate/Management suspected/selected items
of assets, provisions, liability Representation where misappropriation in
etc. suspected
Off balance sheet items (like Used to vouch the arithmetic Regulatory & propriety of
contracts etc.) accuracy & compliance with these transactions/contracts
procedures. are examined.
Adverse findings if any Negative opinion or qualified Legal determination of fraud
opinion expressed impact and identification of
with/without quantification perpetrators depending on
scope.

[Link].26 WHAT ARE THE QUALITIES OF FORENSIC PROFESSIONAL? LIST THE SERVICES THAN CAN
BE PROVIDED BY THESE PROFESSIONALS.

ANSWER:

A. QUALITIES OF FORENSIC PROFESSIONAL:

1. A Forensic Professional is often retained to analyze, interpret, summarize and present
complex financial and business-related issues in a manner which is both understandable and
properly supported.
2. Forensic Accountants Professional are trained to look beyond the numbers and deal with
the business reality of the situation.
3. A Forensic Professional must initially consider whether his/her firm has the necessary skills
and experience to accept the work.
4. Forensic Accounting is highly specialized, and the work requires detailed knowledge of fraud
investigation techniques and the legal framework.
5. Forensic Professional needs to have an understanding on various frauds that can be carried
off and how evidence need to be collected. Forensic
6. Professional can be engaged in public practice or employed by insurance companies, banks,
police forces, government agencies and other organizations.
B. FORENSIC ACCOUNTING SERVICES: An indicative list of services that can be provided by the
Professional in this area are as follows:
1. Financial Statement manipulations
2. Fund diversions/Asset tracing
3. Anti-Money laundering
4. Licence Fees/Dues/Tax Evasion
5. Related party transactions/valuations
Due Diligence, Investigation and Forensic Accounting 20.43
 6. Valuations/Estimations of loss/damage
7. Suspicious transactions under IBC (Insolvency and Bankruptcy Code)
C. A FORENSIC PROFESSIONAL IS OFTEN INVOLVED IN:
1. Fraud Detection: Investigating and analyzing financial evidence, detecting financial frauds
and tracing misappropriated funds.
2. Computer Forensics: Developing computerized applications to assist in the recovery,
analysis and presentation of financial evidence.
3. Fraud Prevention: Either reviewing internal controls to verify their adequacy or providing
consultation in the development and implementation of an internal control framework
aligned to an organization's risk profile.
4. Providing Expert Testimony: Assisting in legal proceedings, including testifying in court as
an expert witness and preparing visual aids to support trial evidence.

Note: In order to properly perform these services a Forensic Professional must be familiar with
legal concepts and procedures and have expertise in the use of IT tools and techniques that
facilitate data recovery and analysis. In addition, a Forensic Professional must be able to identify
substance over form when dealing with an issue.

[Link].27 EXPLAIN THE PROCESS OF FORENSIC ACCOUNTING.

ANSWER:

Each Forensic Accounting assignment is unique. Accordingly, the actual approach adopted and the
procedures performed will be specific to it. However, in general, many Forensic Accounting
assignments will include the steps detailed below.

1. STEP 1 – INITIALIZATION:
a. It is vital to clarify and remove all doubts as to the real motive, purpose and utility of the
assignment.
b. It is helpful to meet the client to obtain an understanding of the important facts, players and
issues at hand.
c. A conflict check should be carried out as soon as the relevant parties are established. It is
often useful to carry out a preliminary investigation prior to the development of a detailed
plan of action.
d. This will allow subsequent planning to be based upon a more complete understanding of
the issues.
2. STEP 2 - DEVELOP PLAN: This plan will take into account the knowledge gained by meeting with
the client and carrying out the initial investigation and will set out the objectives to be achieved
and the methodology to be utilized to accomplish them.
3. STEP 3 - OBTAIN RELEVANT EVIDENCE:
a. Depending on the nature of the case, this may involve locating documents, economic
information, assets, a person or company, another expert or proof of the occurrence of an
event.

Due Diligence, Investigation and Forensic Accounting 20.44

 b. In order to gather detailed evidence, the investigator must understand the specific type of
fraud that has been carried out, and how the fraud has been committed.
c. The evidence should be sufficient to ultimately prove the identity of the fraudster(s), the
mechanics of the fraud scheme, and the amount of financial loss suffered.
d. It is important that the investigating team is skilled in collecting evidence that can be used
in a court case within the stipulated time period, and in keeping a clear chain of custody until
the evidence is presented in court.
e. If any evidence is inconclusive or there are gaps in the chain of custody, then the evidence
may be challenged in court, or even become inadmissible.
f. Investigators must be alert to documents being falsified, damaged or destroyed by the
suspect(s).
4. STEP 4 - PERFORM THE ANALYSIS:
The actual analysis performed will be dependent upon the nature of the assignment and may
involve:
a. calculating economic damages;
b. summarizing a large number of transactions;
c. performing a tracing of assets;
d. performing present value calculations utilizing appropriate discount rates;
e. performing a regression or sensitivity analysis;
f. utilizing a computerized application such as a spread sheet, data base or computer model;
and
g. utilizing charts and graphics to explain the analysis.
5. STEP 5 – REPORTING:
a. Issuing an report is the final step of a forensic accounting.
b. Accountant / Investigators will include information detailing the fraudulent activity, if any
has been found.
c. The client will expect a report containing the findings of the investigation, including a
summary of evidence, a conclusion as to the amount of loss suffered as a result of the fraud
and to identify those involved in fraud.
d. The report may include sections on the nature of the assignment, scope of the investigation,
approach utilized, limitations of scope and findings and/or opinions.
e. The report will include schedules and graphics necessary to properly support and explain
the findings.
f. The report will also discuss how the fraudster set up the fraud scheme, and which controls,
if any, were circumvented.
g. It is also likely that the investigative team will recommend improvements to controls within
the organization to prevent any similar frauds occurring in the future.
6. STEP 6 - COURT PROCEEDINGS:
a. The investigation is likely to lead to legal proceedings against the suspect, and members of
the investigative team will probably be involved in any resultant court case.
b. The evidence gathered during the investigation will need to be presented at court, and team
members may be called to court to describe the evidence they have gathered and to explain
how the suspect was identified.

Due Diligence, Investigation and Forensic Accounting 20.45

 [Link].28 EXPLAIN IN DETAIL THE CONTENT AND FORMAT OF THE FORENSIC ACCOUNTING AND
INVESTIGATION REPORT.

ANSWER:

This Forensic Accounting and Investigation Standard (FAIS or “Standard”) 510 deals with the
responsibility of the Professional to issue a written report to the stakeholders at the conclusion of
the assignment. Reporting results of the work procedures completed and the findings from those
procedures, is the concluding part of the assignment. Since one engagement may include multiple
assignments, multiple reports may have to be issued; one for each assignment.

1. WRITTEN REPORT: The Professional shall issue a written report which conveys the results of the
assignment clearly and accurately. The findings reported shall be based on evidence gathered
which are reliable and relevant. Thus, the Professional shall issue a written report which is
precise and unambiguous.
2. REPORT ADDRESSEE AND DISTRIBUTION: The report shall be addressed to the Primary
Stakeholders and shared with other stakeholder(s) if required or otherwise permissible.
3. FORMAT OR CONTENT OF REPORT:
a. While no fixed form or content of the report is mandated by this Standard, the report shall
include certain key elements to enable the recipient to understand the purpose of the
assignment, the extent and scope of work performed by the Professional, any limitations,
assumptions or disclaimers, the facts and evidence gathered and the conclusions drawn.
b. Where the form and content of the report is mandated by the stakeholders, or specified by
the statutory or regulatory requirements, the Professional shall report in line with those
requirements, while keeping in mind the key elements.
c. Key Elements of the Report: The Professional shall consider the inclusion of the following
key elements in the report (indicative list):
i. Title, addressee and distribution list (if any)
ii. Scope and objectives of the assignment
iii. Approach and broad work procedures undertaken
iv. An Executive Summary of the results, covering all important aspects and the essence of
the findings
v. Reference to use of an expert, where applicable
vi. The fact that the assignment has been conducted in accordance with FAIS, or any
material departures therefrom
vii. List of findings supported by key evidences, sources of evidences, and other relevant
matter \
viii. Assumptions, limitations and disclaimers of the assignment
ix. Conclusions (if any) drawn from the assessment undertaken.
4. DISCUSSION OF DRAFT REPORT:
a. Where the mandate of the engagement requires a discussion of the findings with the subject
party prior to finalisation, a summary of the responses received from them shall be included
in the report.

Due Diligence, Investigation and Forensic Accounting 20.46

 b. Further, the Principles of Natural Justice requires a discussion of the observations with the
subject party.
c. In some cases, this is done by the Primary Stakeholders through their own internal processes
(e.g., disciplinary committee, show-cause notice, etc.).
d. At times, the Professional is requested to incorporate the discussion of draft findings as part
of the interview process with the subject.
e. Where the engagement mandate requires a discussion of the draft findings with the subject
party, any response received from them shall be included in the written report issued by the
Professional.
5. ASSUMPTIONS AND LIMITATIONS:
a. The Professional shall list any relevant assumptions made during the assignment having a
significant bearing on the subject matter.
b. In addition, the Professional may encounter limitations that restrict the methodologies or
procedures applied in carrying out the assignment.
c. Such limitations can be in the form of lack of (or limited) management support, restricted
(or denied) access to required records, information or people, due to any reason such as
court orders, short timelines, etc.
d. These disclaimers would be covered in the report as a key element of the report. The report
shall not express an opinion or pass any judgement on the guilt or innocence.
e. Determination of culpability is either a disciplinary process internal to the organization
under review, or a judicial process depending on the specific situation under review.
f. The report can, at best, highlight the circumstances and facts that may aid a stakeholder
decision or further a civil or criminal investigation.
6. REPORTING TIMELINES:
a. The report shall be issued within reasonable time frame as per the engagement terms.
b. The Professional may be required to provide interim reports as per the engagement terms
which can be given to the extent practicable without compromising the progress of the
investigation.
c. Such interim reports are also subject to this Standard.

[Link].29 WRITE ABOUT FORENSIC ACCOUNTING AND INVESTIGATION STANDARDS (FAIS).

ANSWER:

1. The ICAI has recently published a full set of standards in the area of forensic science. These are
referred to as the “Forensic Accounting and Investigation Standards (FAIS for short). The FAIS
are issued to ensure that the ICAI members deliver high quality output in the area of Forensic
Accounting and Investigations.
2. The Framework Governing Forensic Accounting and Investigations (the “Framework”) lays down
the underlying principles and boundaries for undertaking such services. It aims to preserve and
enhance the quality of practice of a member of the Institute of Chartered Accountants (ICAI)
performing forensic accounting and investigation services. This Framework needs to be read in
conjunction with the Preface to the Forensic Accounting and Investigation Standards (FAIS).
3. The main objectives of the Framework are to:
Due Diligence, Investigation and Forensic Accounting 20.47
 a. Provide an overall understanding of Forensic Accounting and Investigations and its key
components;
b. Outline the manner in which these components come together in an inter-related cohesive
manner when providing such services;
c. Maintain and improve the quality of forensic accounting and investigation services.
4. The four key components (forming the pillars) of the Framework are:
a. Basic Principles of Forensic Accounting and Investigations.
b. Key Concepts.
c. Standards on Forensic Accounting and Investigations.
d. Guidance.
The compliance with the above components is mandatory except Guidance.

5. The Forensic Accounting and Investigation Standards (referred to as “FAIS” or the “Standards”)
at a broad level seek to provide:
a. The Professionals with the minimum standards for undertaking forensic accounting and
investigation (FAI) assignments.
b. The Users of FAI services with an indication of the quality of service that can be expected
from such engagements.
c. The Regulators and Governmental agencies with an appreciation of what can be expected
from FAI services and
d. To everyone, guidance on matters of implementation and related practical issues.
6. If, for any reason, a member is unable to comply with any of the requirements of the FAIS, or if
there is a conflict between the Standards and other mandates, such as a statutory or regulatory
requirement, the FAI report (or such similar communication) should draw attention to the
material departures therefrom along with appropriate explanation.
7. The FAIS, as and when issued, will be classified, and numbered in a series format, as follows:
100 Series - Standards on Key Concepts
a. FAIS 110 : Nature of Engagement
b. FAIS 120 : Fraud Risk
c. FAIS 130 : Laws and Regulations
d. FAIS 140 : Applying Hypotheses

200 Series - Standards on Engagement Management

a. FAIS 210 : Engagement Objectives
b. FAIS 220 : Engagement Acceptance and Appointment
c. FAIS 230 : Using the Work of An Expert
d. FAIS 240 : Engaging with Agencies
e. FAIS 250 : Communication with Stakeholders

300 Series - Standards on Executing Assignments

a. FAIS 310 : Planning the Assignment
b. FAIS 320 : Evidence and Documentation
c. FAIS 330 : Conducting Work Procedures
d. FAIS 340 : Conducting Interviews
e. FAIS 350 : Review and Supervision
Due Diligence, Investigation and Forensic Accounting 20.48
 f. FAIS 360 : Testifying Before a Competent Authority

400 Series - Standards on Specialised Areas

a. FAIS 410 : Applying Data Analysis
b. FAIS 420 : Evidence Gathering in Digital Domain
c. FAIS 430 : Loans Or Borrowings
500 Series - Standards on Reporting
a. FAIS 510 : Reporting Results

600 Series- Standards on Quality Control

a. FAIS 610 : Quality Control

Due Diligence, Investigation and Forensic Accounting 20.49

21. SUSTAINABLE DEVELOPMENT GOALS(SDG) &
ENVIRONMENT, SOCIAL AND GOVERNANCE
(ESG) ASSURANCE

[Link].1 DEFINE THE TERM SUSTAINABLE DEVOLOPMENT. ALSO EXPLAIN THE THREE PILLARS
OF SUSTAINABILIY.

ANSWER:

A. SUSTAINABILITY: Sustainability is a concept related to the development of products, goods

and services that involves meeting our present needs without compromising the ability of
future generations to fulfil their own needs.

B. SUSTAINABLE DEVOLOPMENT: The concept of sustainable development is named after

the Brundtland report, which reports sustainable consumption in developed countries.
Sustainable Development defined in this report is as follows:

Sustainable development is development that strives to meet the needs of developing

countries seeking to achieve a more sustainable world. Sustainable development
addresses the needs of the present moment without compromising current and future
generations to meet their own sustainable lifestyles.

C. THREE PILLARS OF SUSTAINABILITY: Sustainable development can be applied to corporate

policy in the business world as it encompasses following three pillars of sustainability:
1. Environment (E):
a. Environmental stands for corporate climate policies, energy use, waste, pollutions,
natural resource conservation, and treatment of animals.
b. It includes the natural resources that every entity absorbs for its functioning like
that of coal, electricity, water and so on.
c. Processing this energy into products / services which will leave behind certain
wastes like that of carbon emissions, water discharges, e-wastes and so on.
d. Thus, one is dependent on the environment for carrying out its operations.
2. Social (S):
a. It addresses the relationships the entity has and the reputation it fosters with
people and institutions in the communities where you do business and the value
chain involved.
b. It further includes labour relations, diversity, and inclusions.
c. Every company operates within a broader and diverse society.
3. Governance (G):

Sustainable development goals & ESG Assurance 21.1

 a. It is the internal system of practices, controls, and procedures entity adopts in
order to govern itself, make effective investment decisions, comply with the law,
and meet the needs of all stakeholders.
b. Every entity, which is itself a legal creation, requires governance.

D. ELEMENTS OF THREE PILLARS:

1. Elements of Environment: 2. Elements of Social
a. Climate Change: a. Human Capital:
• Carbon Emissions • Labour Management
• Product Carbon Footprints • Health & Safety
• Financing Environmental • Human Capital Development
Impact • Supply Chain Labour Standards
• Climate Change Vulnerability b. Product Liability:
b. Natural Resources: • Product Safety & Quality
• Water Stress • Chemical Safety
• Bio-diversity & land use • Financial Product Safety
• Raw Material sourcing • Privacy and Data Security
c. Pollution & Waste: • Responsible Investment
• Toxic emission and waste c. Stakeholders Opposition:
• Packing Material and waste • Controversial Sourcing
• E- Waste d. Social Opportunity: •
d. Environment Opportunity: • Access to Communication
• Clean Tech • Access to Finance
• Green Building • Access to Health Care
• Renewable Energy • Opportunities in Nutrition &
Health

3. Elements of Governance:
a. Corporate Governance:
• Broad Diversity
• Executive Pay
• Ownership
• Accounting
b. Corporate Behaviour
c. Business Ethics
d. Anti - Competitive Practices
e. Corruption & Instability
f. Financial system and stability
g. Tax Transparency

Sustainable development goals & ESG Assurance 21.2

[Link].2 WRITE A SHORT NOTE ON ESG REPORTING.

ANSWER:

1. Environmental, Social and Governance (ESG) reporting is all about disclosure of

information, data, metrics that explain the added value in these three areas.
2. ESG reporting can be both quantitative and qualitative in nature.
3. Qualitative reports tend to describe a company’s strategy or policy around the relevant
topics, while a quantitative approach includes metrics, and key performance indicators
(KPIs) linked to each area in order to measure progress against goals and report on
achievements.
4. Naturally, a mixed approach that makes use of both qualitative and quantitative
information tends to add the maximum value to the quality of disclosures.

[Link].3 WRITE ABOUT SUSTAINABLE DEVOLOPMENT GOALS.

ANSWER:

1. In 2015, Sustainable Development was adopted by all United Nations Members states to
provide a blueprint, which mentioned the Sustainable Development Goals (SDGs).
2. There were 17 SDGs which are considered as an urgent call for action by all countries,
whether developed or developing countries.
3. Following are the 17 SGD’s:
a. No Poverty
b. Zero Hunger
c. Good Health & Well Being
d. Quality Education
e. Gender Equality
f. Clean Water & Sanitization
g. Affordable & Clean Energy
h. Decent Work & Economic Growth
i. Industry Innovation & Infrastructure
j. Reduced Inequalities
k. Sustainable Cities & Communities
l. Responsible Consumption & Production
m. Climate Action
n. Life Below Water
o. Life on Land
p. Peace, Justice & Strong Institutions
q. Partnership for the Goals
4. Today, the Division for Sustainable Development Goals (DSDG) in the United Nations
Department of Economic and Social Affairs (UNDESA) provides substantive support and

Sustainable development goals & ESG Assurance 21.3

 capacity building for the SDGs and their related thematic issues including water, energy,
climate, oceans, urbanization, transport, science and technology, the Global Sustainable
Development Report (GSDR), partnerships and Small Island Developing States.
5. SDG plays a key role in the evaluation of UN systemwide implementation of the 2030
Agenda and on advocacy and outreach activities relating to the SDGs.
6. In order to make the 2030 Agenda a reality, broad ownership of the SDGs must translate
into a strong commitment by all stakeholders to implement the global goals. DSDG aims
to help facilitate this engagement.

[Link].4 WRITE ABOUT GLOBAL TRENDS IN SUSTAINABLE REPORTING.

ANSWER:

1. The mandatory reporting requirements are mostly associated with the public sector or
government run companies, large corporations, multi-national business conglomerates,
and listed companies in the stock exchanges. Furthermore, sector-specific, and thematic
reporting provisions are also becoming more common.
2. Global Reporting Initiative(GRI):
a. The most widely used framework in the world is the Global Reporting Initiative (GRI)
Sustainability Reporting Standards having 93% of the world’s largest 250 corporations
report on their sustainability performance through GRI. It is used in over 100 countries
to report sustainability.
b. This independent international organization is based in Amsterdam, the Netherlands,
and has operational hubs in Brazil, China, Colombia, India, South Africa, and the United
States.
c. The GRI Sustainability Reporting Standards are developed with true multi-stakeholder
contributions and rooted in the public interest.
3. Various mechanisms for sustainable reporting:
a. Global Reporting Initiative (GRI): It helps the organizations to report on economic,
environmental, and social impacts. The general disclosures which are required to be
reported under this standard are Economic, Environment and Social. This report is
addressed to all the stakeholders of the entity.
b. Carbon Disclosure Project (CDP): It captures the environmental performance data
which is related to GHG emissions, water, forests, and supply chain. Major details
required to be reported are climate change, Forest, and Water security. This report is
addressed to all the investors, buyers, and other stakeholders of the entity.
c. International Integrated Reporting Framework (IIRC): It has established guiding
principles and content elements in order to allow the companies to produce integrated
reports. This report consists of Organisational overview, Governance structure,
Business model, risks and opportunities, strategy, performance, outlook etc.

Sustainable development goals & ESG Assurance 21.4

4. Comprehensive corporate reporting system: In September 2020, the above framework &
standard setting institutions came together to show a commitment to working towards a
comprehensive corporate reporting system. The intent of the collaboration was:
a. Joint market guidance on how the frameworks & standards can be applied in a
complementary and additive way.
b. Joint vision of how these elements could complement financial generally accepted
accounting principles (Financial GAAP) and serve as a natural starting point for
progress towards a more coherent, comprehensive corporate reporting system.
c. Joint commitment to drive towards this goal, through an ongoing programme of
deeper collaboration between the institutions and stated willingness to engage closely
with other interested stakeholders.
5. Recent global developments regarding sustainable reporting:
a. International investors with global investment portfolios are increasingly calling for
high quality, transparent, reliable, and comparable reporting by companies on climate
and other environmental, social and governance (ESG) matters. On 3 November 2021,
the IFRS Foundation Trustees announced the creation of a new standard-setting board
the International Sustainability Standards Board (ISSB), to help meet this demand.
b. The intention is for the ISSB to deliver a comprehensive global baseline of
sustainability-related disclosure standards that provide investors and other capital
market participants with information about companies’ sustainability-related risks and
opportunities to help them make informed decisions.
c. Task Force on Climate-Related Financial Disclosures (TCFD): It was created in 2015 by
the Financial Stability Board (FSB) with the goal of helping companies create consistent
climate-related disclosures. Unlike GRI, which works on a wide range of organizations,
TCFD is targeted at companies that predominantly handle financial-related interests,
such as banks and insurance firms.
d. The Climate Disclosure Standards Board (CDSB) was an international group of business
and committed to making climate-rated disclosures in the mainstream global
corporate reporting. The CDSB framework was formed to help organizations to
disclose climate related risks and opportunities. The CDSB framework has also set out
an approach on for reporting environmental information.
e. The Value Reporting Foundation (VRF) is a non-profit organization which was a result
of the merger between SASB Foundation and the International Integrated Reporting
Council (IIRC). The International Accounting Standards Board (IASB) and the ISSB has
agreed to work together in order to build an Integrated Reporting Framework.
f. The International Sustainability Standards Board (ISSB) in March 2022 launched a
consultation on its first two proposed standards, one on climate-related disclosures
and one on general sustainability-related disclosures. The proposed standards, when
finalised, would form a comprehensive global baseline of sustainability-related
disclosures designed to meet the information needs of investors in assessing
enterprise value.

Sustainable development goals & ESG Assurance 21.5

 g. IFRS S1 : The proposed requirements in the Exposure Draft IFRS S2 Climate-related
Disclosures (Climate Exposure Draft) build upon the recommendations of the Task
Force on Climate-Related Financial Disclosures (TCFD) and incorporate industry-based
disclosure requirements derived from the Sustainability Accounting Standards Board
(SASB) Standards.

[Link].5 WHAT ARE THE 6C’s OF INTEGRATED REPORTING?

ANSWER:

There are 6 Cs of Integrated Reporting – also known as 6 capitals:

1. FINANCIAL CAPITAL:
a. Pool of funds that is available to the organization for use in the production of goods or
provision of services.
b. Obtained through financing, such as debt, equity, or grants, or generated through
operations or investments.
2. MANUFACTURED CAPITAL:
a. Seen as human-created, production-oriented equipment and tools.
b. Available to the organization for use in the production of goods or the provision of
services, including buildings, equipment, infrastructure (such as roads, ports, bridges
& waste, and water treatment plants).
3. NATURAL CAPITAL:
a. Is an input to the production of goods or the provision of services.
b. An organization’s activities also impact, positively or negatively, on natural capital.
c. Includes water, land, minerals and forests, biodiversity, and ecosystem health.
4. HUMAN CAPITAL:
People’s skills and experience, their capacity, and motivations to innovate, including their:
a. Alignment with and support of the organization’s governance framework & ethical
values such as its recognition of human rights.
b. Ability to understand and implement an organization’s strategy.
c. Loyalties and motivations for improving processes, goods, and services, including their
ability to lead and to collaborate.
5. SOCIAL CAPITAL:
a. Institutions and relationships established within and between each community, group
of stakeholders and other networks to enhance individual and collective well-being.
b. Includes:
i. Common values and behaviour.
ii. key relationships, the trust and loyalty that an organization has developed and
strives to build and protect with customers, suppliers, and business partners.
iii. An organization’s social license to operate.
6. INTELLECTUAL CAPITAL:

Sustainable development goals & ESG Assurance 21.6

 a. Key element in an organization’s future earning potential, with a tight link and
contingency between investment in R&D, innovation, human resources, and external
relationships, which can determine the organization’s competitive advantage.

Asia Pacific region continues to dominate in presenting sustainability data in annual reports.
Approximately with 60% of Companies reporting in 2022. Integrated reporting is strong in the
Middle East.

[Link].6 EXPLAIN THE GLOBAL SCENARIO IN VARIOUS COUNTRIES RELATING TO

SUSTAINABILITY REPORTING?

ANSWER:

A. UNITED STATES:
1. In March 2022, the US Securities and Exchange Commission (SEC) proposed climate-
risk disclosure requirements, which would expand the annual reporting requirements
of publicly traded companies.
2. In their SEC filings, companies would be required to discuss financially material,
climate-related risks guided by the TCFD recommendations.
3. Reporting would include:
a. The company’s climate risk management processes
b. How the risks identified would impact financial performance
c. How these risks are managed and mitigated
d. Any scenario analysis, transition plans, and publicly announced climate goals.

B. UNITED KINGDOM:
1. In 2019, the UK passed a law targeting net zero greenhouse gas (GHG) emissions by
2050.
2. A key regulation for UK ESG disclosures is the Companies Act of 2006, which includes
requirements for annual reporting. These rules apply to large companies that are
either listed, exceed £500 million in annual turnover, or have more than 500
employees.
3. Non-financial information has always been required in annual reports, but in 2022, the
Act was expanded to include sustainability matters. The new requirements align with
the recommendations from the Task Force on Climate-Related Financial Disclosure
(TCFD).
4. As such, companies are required to discuss the strategy, processes, and due diligence
regarding matters of:
a. The environment (including the company’s impact on the environment)
b. The company’s employees
c. Social matters
d. Respect for human rights

Sustainable development goals & ESG Assurance 21.7

 e. Anti-corruption and anti-bribery
5. Specifically for the environment, climate-related disclosures must include:
a. Climate change-related risks and opportunities
b. How these risks and opportunities are managed through targets and KPIs
c. How climate change is addressed in corporate governance
d. How climate risk impacts strategy.
6. Additionally, large UK companies are required to report on their UK energy use and
carbon emissions within their annual reports through the Streamlined Energy and
Carbon Reporting.
7. Further, in 2023 ESG reporting in the UK will be further formalized through the
Sustainability Disclosure Requirements (SDRs). The SDRs will provide a framework for
corporates to manage sustainability-related risks, opportunities, and impacts, as well
as set relevant metrics and targets.
8. Following table showcases the evolution of sustainable development reporting in the
recent past:
a. March 2021 Sustainable Finance Disclosures Regulation (SFDR) go into effect for
asset managers and financial advisors operating in EU
b. April 2021 European commission adopts the CSRD proposal, which will require
large companies to report on social and environmental impacts starting in 2024
c. October 2021 GRI standards updated
d. November 2021 IFRS Foundation announces the formation of its global reporting
standardization initiative through the ISSB UK Financial conduct authority releases
sustainability requirements disclosure paper
e. December 2021 The European commission published the first delegated act on
sustainable activities for the first two environmental objectives of the EU territory
f. February 2022 The EU adopts a proposal for a directive on Corporate Sustainability
Due Diligence with Rules for companies to respect human rights and the
environment in their global value chains
g. March 2022 US SEC announces climate change disclosure proposal ISSB exposure
draft for public commentary
h. April 2022 European Financial Reporting Advisory Board issues exposure draft of
the European Sustainability Reporting Standard (ESRS) for public commentary
i. June 2022 China's voluntary guidance for Enterprise ESG disclosures takes effect.

[Link].7 WRITE ABOUT EVOLUTION OF ESG IN INDIA?

ANSWER:

1. 2009 – ‘Corporate Social Responsibility Voluntary Guidelines 2009’:

MCA issued CSR voluntary guidelines for the businesses to add value to the operations and
contribute towards the long-term sustainability of the business. The most important

Sustainable development goals & ESG Assurance 21.8

 element of these was to encourage the corporates to focus on Ethical functioning, Rights
and welfare of workers, Human Rights, Environmental development and taking social
development activities.
2. 2011 – ‘National Voluntary Guidelines on Social, Environmental and Economic
Responsibilities of Business’
In July 2011 ‘National Voluntary Guidelines on Social, Environmental and Economic
Responsibilities of Business’ came which contained comprehensive principles to be
adopted by companies as part of their business practice.
3. 2012 – SEBI Mandates top 100 listed companies to file Business Responsibility Report
Top 100 listed companies by market capitalization were required to file Business
Responsibility Report (BRR). This report was in line with the ESG principles.
4. 2015 – BRR became part of SEBI (Listing Obligations and Disclosure Requirements)
Regulations, 2015:
SEBI vide Circular no. CIR/CFD/CMD/10/2015 dated November 04, 2015, had prescribed
the format for the Business Responsibility Report (BRR) in respect of reporting on ESG
(Environment, Social and Governance) parameters by listed entities in line with clause (f)
of sub regulation (2) of regulation 34 of SEBI(LODR) Regulations 2015. Top 500 listed
companies by market capitalization were required to file Business Responsibility Report
(BRR).
5. 2017 – SEBI recommended Integrated Reporting for top 500 listed companies
On 6 February 2017, SEBI issued a circular advising top 500 listed companies which are
required to prepare BRR to adopt IR on a voluntary basis from the financial year 2017-18.
6. 2019 - National Guidelines on Responsible Business Conduct (NGRBC) 2018
MCA revised the National Voluntary Guidelines on Social, Environmental and Economic
Responsibilities of Business, 2011 (NVGs) and formulated the National Guidelines on
Responsible Business Conduct (NGRBC).
7. 2019 – BRR became mandatory for top 1,000 listed companies
As per SEBI (Listing Obligations and Disclosure Requirements) (Fifth Amendment)
Regulations, 2019, with effect from December 26, 2019, the annual report of the top 1,000
listed entities based on market capitalization shall contain a business responsibility report
as per clause (f) of sub regulation (2) of regulation 34 of Listing Regulations.
8. 2021 - New reporting requirements on ESG parameters called the Business
Responsibility and Sustainability Report (BRSR).
Under notification no. SEBI/LAD-NRO/GN/2021/22 dated May 05, 2021, SEBI introduced
new reporting requirements on ESG parameters called the Business Responsibility and
Sustainability Report (BRSR). The BRSR seeks disclosures from listed entities on their
performance against the nine principles of the ‘National Guidelines on Responsible
Business Conduct’ (NGBRCs) and reporting under each principle is divided into essential
and leadership indicators. The essential indicators are required to be reported on a
mandatory basis while the reporting of leadership indicators is on a voluntary basis. Listed
entities should endeavour to report the leadership indictors also.

Sustainable development goals & ESG Assurance 21.9

 The BRSR is intended towards having quantitative and standardized disclosures on ESG
parameters to enable comparability across companies, sectors, and time.

[Link].8 WHAT ARE THE INITIATIVES BY ICAI REGARDING SUSTAINABILITY REPORTING?

ANSWER:

1. In Feb 2020, ICAI constituted Sustainability Reporting Standards Board (SRSB).

2. Mission of the SRSB is to take appropriate measures to increase awareness and implement
measures towards responsible business conduct, developing audit guidance for Integrated
Reporting.
3. ICAI, encouraged by SEBI, introduced India’s first award to celebrate the business practice
of Integrated Reporting, internationally acknowledged as the emerging best practice in
corporate reporting.
4. ICAI has also started a Certificate Course on Sustainable Development Goals (SDGs),
Business Responsibility Reports (BRR), Integrated Reporting (IR) & also proposed an ICAI
Executive Development Program on Business Responsibility Reporting (BRR).
5. In last 2 years, ICAI has issued following publications:
a. Standard on Assurance Engagements (SAE 3410) – Assurance Engagements on
Greenhouse Gas Statements
b. Background Material on BRSR (revised 2021)
c. Sustainable Development Goals – Accountants creating sustainable World – Parts 1
covering SDGs 1 to 5
d. Sustainable Development Goals – Accountants creating sustainable World – Parts 1
covering SDGs 6 to 11
e. Sustainable Development Goals – Accountants creating sustainable World – Parts 1
covering SDG 11 to 17
f. FAQs on Sustainability Reporting – Heart of Good Governance
g. Sustainability Reporting Maturity Model (SRMM) – Version 1.0

[Link].9 EXPLAIN IN DETAIL ABOUT BUSINESS RESPONSIBILITY AND SUSTAINABILITY

REPORT (BRSR).

ANSWER:

Reporting under BRSR is mandatory from financial year 2022-23. However, disclosure was
voluntary in financial year 2021-22. The reporting questionnaire is divided into three sections:

1. Section A – General Disclosures: This section contains the details of the listed companies,
its products, services, operations, employee related details, its holding, subsidiary,
associate companies etc.

Sustainable development goals & ESG Assurance 21.10

2. Section B – Management Process and disclosures: It contains questions related to policy
and management processes, governance, leadership, and oversight.
3. Section C – Principle-wise performance disclosures: Companies are required to report
upon Key performance indicators (KPIs) in alignment with the nine principles of the
NGRBC. The section classifies KPIs into two categories that companies are required to
report upon:
a. Essential indicators (Mandatory disclosures): This would include data on training
programs conducted, environmental data on energy, emissions, water, waste
management etc.
b. Leadership indicators (Optional disclosures): It would include life cycle assessments,
details of conflict management policy, additional data, on biodiversity, energy
consumptions, supply chain managements etc.

[Link].10 WHAT ARE THE NINE PRINCIPLES OF BRSR. EXPLAIN IN DETAIL.

ANSWER:

The nine principles in BRSR are categorized into the ESG components of Environment, Social
and Governance with two of the nine in Environment, three in social and four in Governance.
Even though they are separate, they are interlinked to each other in some way. For example,
the environmental protection is closely linked to the stakeholder engagement and inclusive
growth.

1. PRINCIPLE 1 – ETHICS, TRANSPARENCY AND ACCOUNTABILITY:

The first principle emphasizes that the business decisions in an organisation should be
open to disclosure and accessible to the relevant interested parties. The essence of the
core elements associated with the first principle are:
a. The entities’ governing structure should develop policies, procedures, and practices
for their offices, factories, and work areas, ensuring that ethics is not compromised.
b. The information relating to the policies, procedures, and practices along with the
performance should be made available to the stakeholders.
c. In case of adverse effects, more care has to be taken for transparent disclosures.
d. The entities in the value chain should be encouraged to adopt these principles by the
governance structure.
e. The entities should proactively respond to the outside entities that violate the nine
principles of the BRSRs. This includes their suppliers, distributors, sub-contractors, or
regulatory officers that may engage with the business concern.

2. PRINCIPLE 2 – SAFE AND SUSTAINABLE GOALS AND SERVICE: The entities should make
sure that their goods, services, and the operations result in better life for the consumers
and end-users. The essence of the core elements associated with the second principle is:

Sustainable development goals & ESG Assurance 21.11

 a. When a product is designed by the entity, the production methods and technologies
have to be devised in such a way so as to minimize the resource usage to make it
sustainable.
b. The entities are also responsible to educate and make aware their consumers and
clients about their rights.
c. The entities should take measures that reduce the over exploitation of the nature’s
resources by consuming sustainably and encourage methods for reduce, reuse and
recycling of the resources.

3. PRINCIPLE 3 – PROMOTE WELL-BEING OF ALL EMPLOYEES INCLUDING THOSE IN THE

VALUE CHAIN: The third principle relates to all the initiatives an entity has to take for the
benefit of its employees from the point of view of their dignity, health, well-being. The
essence of the core elements associated with the principle is:
a. The entity should ensure compliance with all regulatory requirements as far as
employees are concerned.
b. The entities are to respect the dignity of employee as a human being and should not
restrict their freedom of associations, unions, and other participatory mechanism for
collective bargaining of their rights and redressal of issues they face at the workplace.
c. The entities should prevent all kinds of child labour, bonded labour, and any other
forms of involuntary labour.
d. The entities should have a system in which the work-life balance of the employees is
not compromised.
e. The businesses have to ensure timely payment of the worker’s wages and
compensation.
f. The payment of the wages has to be as per the living wages, that can take care of the
basic needs and provide economic security to the employees.
g. The entities are responsible to create a workplace and work environment that is safe,
hygienic, and comfortable for people to work for long durations.
h. The skill development, career development and training of the workforce is another
responsibility of the entities employing them.
i. The creation of a workplace which is free of harassment and violence is also a
responsibility of the entity.

4. PRINCIPLE 4 - RESPECT FOR STAKEHOLDERS’ INTERESTS AND RESPONSIVENESS:

The concept of interested party or stakeholders to a business has been a point of
discussion in all the regulatory and voluntary systems that relate to the management
system of any organisation, be it related to the quality, environment or the occupational
health and safety of the workers. The essence of the core elements associated with the
principle is:
a. The entities have to be transparent and communicate with the stakeholders about the
impacts of their operations and business decisions on the people and the nature. The

Sustainable development goals & ESG Assurance 21.12

 policies, decisions, and the impact of the operations of the organisation to the
stakeholders have to be disclosed transparently with no ambiguity on the extent of the
issues.
b. The entities have to systematically determine the context of their operation and
identify their interested parties.
c. The entities should fairly share the benefits to the stakeholders or give an opportunity
to them to benefit from the operations in an equitable manner.

5. PRINCIPLE 5 - RESPECT AND PROMOTE HUMAN RIGHTS:

The concept of human rights is a vast topic that covers a wide variety of violence and
belligerent abusive issues faced by people. It refers to the human rights issues that happen
directly or indirectly due to the operation of the business. The essence of the core
elements associated with the principle are:
a. The entities should have a clear understanding of the human rights and various ways
by which human rights can be violated from the perspective of the Constitution of
India, national laws and policies and the content of International Bill of Human Rights.
b. The entities when developing their management systems, should integrate the human
rights element into their policies, procedures, and practices.
c. Businesses should recognize and respect the human rights of all relevant stakeholders
and groups within and beyond the workplace, including that of communities,
consumers, and vulnerable and marginalized groups.

6. PRINCIPLE 6 – PROTECTION AND RESTORATION OF ENVIRONMENT: The sixth principle

looks at the environmental responsibility as a basic requirement for the economic
prosperity and sustainability. The core elements associated with the principle are:
a. The entities should have policies, procedures, and practices in place to assess and
rectify impacts to the environment. This should cover the whole life cycle of the
product.
b. The entities have to make use of natural and manmade resources in an optimum
manner to ensure their sustainability by taking feedback from the stakeholders.
c. The entities have to measure their performance relating to the prevention of pollution,
destruction of forests, waste generation, energy use, land use, etc.
d. The entities have to contribute towards climate change resilience in line with India’s
commitment to various international mechanisms such as, Paris Agreement and
National Action Plans for Climate Change.
e. The entities should explore the comparison of its activities with industry best practices
to reduce, reuse and recycle/ recover materials, resources.
f. The companies have to look out for avenues by which they can improve their
performance towards various environmental responsibilities.

7. PRINCIPLE 7 – INFLUENCE ON PUBLIC AND REGULATORY POLICY:

Sustainable development goals & ESG Assurance 21.13

 The seventh principle of influencing the policy formulation positively recognizes that the
businesses operate within the framework of statutory and legislative policies of the
governing authority. The principle further highlights that –
a. The core elements of BRSR are to have met holistically when the organisation go ahead
with their contributions to policy formulation and policy advocacy.
b. The collective associations such as, the trade groups and industry chambers have to
be utilized when moving ahead with the policy advocacy and formulation.
c. The role in policy advocacy by the organisation should be in such a way that it
encourages fair competition and prevents human rights abuses.

8. PRINCIPLE 8 – PROMOTE INCLUSIVE GROWTH AND EQUITABLE DEVELOPMENT:

This can work only with close participation and collaboration amongst the entities,
authorities, the civil associations contributing to one another for a better livelihood, and
assistance to the marginalized communities. The core elements of the eighth principle are:
a. The entities should have systems in place to identify and address impacts of their
activities on the social, cultural, and economic aspects of the people. This includes
business created issues like, land acquisition and use and construction activities for
new facilities.
b. The entities should review, measure, and track the adverse impacts of their activities
on the society and environment and make action plans to mitigate them adequately.
c. The entities should make efforts to bring up creative products, technologies, and
business concerns that help the marginalized communities to have well-being and a
better quality of life.
d. Entities when designing their CSR activities should review the local and regional
development priorities to help the marginalized groups and communities.
e. The entities should take care to ensure that business induced displacement or
relocation of communities does not happen, and in unavoidable cases, should make
sure to have mutually agreed, participative, and informed negotiations to provide fair
compensation to the affected people.
f. All forms of intellectual property and traditional knowledge should get the deserved
respect from the organisation, and efforts should be made to ensure that benefits
derived from their knowledge are shared equitably.

9. PRINCIPLE 9 – PROVIDE VALUE TO THE CONSUMERS IN A RESPONSIBLE MANNER: The

primary purpose of any business is to create or provide useful products and services to
the customer in exchange of reasonable profits. The core elements associated with the
principle are:
a. Entities should put in their efforts to reduce the negative impacts of their products and
services on consumers, natural environment, and society at large.
b. When conceptualizing, designing, and marketing their products, the organisation
should not in any manner prevent the freedom of choice and fair competition.

Sustainable development goals & ESG Assurance 21.14

 c. The entities should transparently and accurately disclose all kinds of adverse impacts
to the user, planet, society, on the biodiversity from their products.
d. When handling customer data, the right to privacy of the customer needs to be
maintained.
e. Entities should inform the customers on the safe and responsible ways of usage, reuse,
recycling, and disposal of their products, and ways to eliminate over-consumption.
f. When advertising about their products, the organisations should ensure that
misleading and confusing information is not exposed to the customers about their
products or its usage.
g. Business enterprises should make available transparent and accessible grievance
redressal and feedback management system for their customers to raise their voices
or to seek clarifications.
h. Entities, when in the business of providing essential goods and services (e.g., Utilities),
should enable universal access, including to those whose services have been
discontinued for any reason, in a non-discriminatory and responsible manner.

[Link].11 EXPLAIN THE METHODOLOGY TO PROVIDE ASSUARANCE ON BRSR.

ANSWER:

Methodology to provide assurance on BRSR:

1. Preliminary Review of ESG report, parameters

2. On-site Assessment / Verification of ESG Report
3. Issuance of Assessment Report and Assessment Statement
4. Review of the responses and clarifications on the findings
5. Submission of findings of the on-site assessment and document review
6. Preparation of Assessment / Verification report including final results of Assessment/
Recommendation

[Link].12 EXPLAIN THE METHODOLOGY TO PROVIDE ASSUARANCE ON BRSR.

ANSWER:

1. The Sustainability Reporting Standards Board (SRSB) of the ICAI has recently issued Social
Audit Standards (SAS 100 to 1600).
2. These Standards aim to provide the Social Auditor with the necessary guidance in relation
to independent impact assessment engagement of Social Enterprises engaged in various
areas and the audit steps and procedures that should be applied while conducting the
social impact assessment.
3. The Standard sets out the minimum requirements to be followed while conducting impact
assessment. Laws or regulations may establish additional requirements which should be
followed, as applicable.

Sustainable development goals & ESG Assurance 21.15

4. Following SASs are issued:
a. SA 100 - Eradicating hunger, poverty, malnutrition and inequality
b. SA 200 - Promoting health care including mental healthcare, sanitation and making
available safe drinking water
c. SA 300 - Promoting Education, Employability, and Livelihoods
d. SA 400 - Promoting Gender Equality, Empowerment of Women and LGBTQIA+
communities
e. SA 500 - Ensuring environmental sustainability, addressing climate change including
mitigation and adaptation, forest and wildlife conservation
f. SA 600 - Protection of national heritage, art and culture
g. SA 700 - Training to promote rural sports, nationally recognised sports, Paralympic
sports and Olympic sports
h. SA 800 - Supporting incubators of social enterprises
i. SA 900 - Supporting other platforms that strengthen the non-profit ecosystem in
fundraising and capacity building
j. SA 1000 - Promoting Livelihoods for rural and urban poor including enhancing income
of Small and Marginal Farmers and workers in the non-farm sector
k. SA 1100 - Slum area development, affordable housing and other interventions to build
sustainable and resilient cities
l. SA 1200 - Disaster Management, including Relief, Rehabilitation and Reconstruction
Activities
m. SA 1300 - Promotion of financial inclusion
n. SA 1400 - Facilitating Access to Land and Property Assets for disadvantaged
Communities
o. SA 1500 - Bridging the digital divide in internet and mobile phone access, addressing
issues of misinformation and data protection
p. SA 1600 - Promoting welfare of migrants and displaced persons

[Link].13 EXPLAIN THE ROLE OF AUDITOR IN RELATION TO CLIMATE RELATED RISKS IN AN

AUDIT OF FINANCIAL STATEMENTS?

ANSWER:

1. The role of the auditor is to obtain reasonable assurance about whether the financial
statements as a whole are free from material misstatement, whether due to fraud or error,
to enable auditor to report whether the financial statements are prepared and presented
fairly, in all material respects, in accordance with the applicable financial reporting
framework.
2. In developing the understanding of an entity, the auditor should include the consideration
of climate related risks and how these risks may be relevant to the audits. The climate-
related risks could be more relevant in certain sectors or industries, e.g., banks and

Sustainable development goals & ESG Assurance 21.16

 insurance, energy, transportation, materials and buildings, agriculture, food, and forestry
products.
3. Many investors and stakeholders are seeking information from auditor’s reports about
how climate-related risks were addressed in the audit. With this increased user focus on
climate change, auditor need to be aware of, and may face, increasing pressure for
transparency about climate matters in our auditor’s reports. However, the auditor’s
reports must follow the requirements of applicable auditing standards.
4. The auditor’s report is a key mechanism of communication to users about the audit that
was performed. In addition to the audit opinion, it provides information about auditor’s
responsibilities and, when required, an understanding of the matters of most significance
in our audit and how they were addressed.
5. In some circumstances, it may warrant inclusion of an Emphasis of matter paragraph to
draw attention to disclosures that are of fundamental importance to users’ understanding
of the financial statements. The auditor should also determine whether the entity has
appropriately disclosed relevant climate-related information in the financial statements in
accordance with the applicable financial reporting framework e.g., Indian Accounting
Standards or Accounting Standards, when relevant before considering climate-related
matters in the auditor’s report.
6. The auditor should also read the other information for consistency with information
disclosed in the financial statements and information that may be publicly communicated
to stakeholders outside the financial statements, such as management report narratives
in the annual report, press releases, or investor updates. This is a requirement under ISA
720 and SA 720, The Auditor’s Responsibilities Relating to Other Information.

Sustainable development goals & ESG Assurance 21.17