Audits – Secretarial Audit Compliance Management and Due Diligence Important Questions

Question 1.
What are the advantages of Social Audit?
Answer:
The advantages of Social Audit discussed as under:

  • Encourage community participation among different business entities.
  • Ensure continuous efforts towards environmental protection and use of environment friendly production processes.
  • Building Customer Satisfaction and trust through ethical business practices.
  • Promotes collective decision-making and sharing of responsibilities.

Question 2.
Prepare a note on Illustrative checkpoint on the Cyber Security Audit.
Answer:
1. Cyber security is an attempt to minimising any risk of financial loss, disruption or damage to the reputation of an organisation that may arises from the failure of its information technology systems. The objective of the cyber audit is to provide an assessment of the operating effectiveness of cyber security policies and procedures, identify, protect, detect, respond and recover processes and activities to the board.

2. The following can be the illustrative check point on the Cyber Securities Audit:

  • Check points relating to the Personnel Security.
  • Check points relating Physical access to electronic information systems.
  • Account and Password Management.
  • Confidentiality of Data.
  • Compliance and Audit of policies, standards, procedures, and guidelines.

Question 3.
“A Corporate Social Responsibility (CSR) Audit aims at identifying environmental, social or governance risks faced by the organization and evaluating managerial performance in respect of those” Explain the purpose of CSR Audit.
Answer:
Corporate Social Responsibility (“CSR”) is a broad term. However, for the purpose of addressing the scope of a CSR Audit, CSR is about managing and taking into consideration organization’s operational, processes and behavioural impact on society and stakeholders from a broad perspective. CSR is more than basic legal compliance and is highly connected with and affects organization’s bottom line.

The followings are the purpose of CSR Audit:

  • To evaluate internal control and governance framework.
  • To assess the project life cycle.
  • To ensure compliance with the provisions of Companies Act, 2013 with respect to constitution of the Committee, adoption of policy and appropriate spending towards CSR activities.
  • To facilitate transparent monitoring mechanism and Act as a mentor for the Company’s CSR activities and implementation of CSR policy.
  • To conduct financial review of projects to confirm the utilization of budgets for achieving desired outcomes.

Question 4.
Describe differences between Social audit and Takeover audit.
Answer:
Social Audit:

  • Social auditing creates an impact upon governance. It values the voice of stakeholders, including marginalized/poor groups whose voices are rarely heard.
  • Social auditing is taken up for the purpose of enhancing local governance, particularly for strengthening accountability and transparency in local bodies.
  • Social Audit makes it sure that in democracy, the powers of decision makers should be used as far as possible with the consent and under-standing of all concerned.

Takeover Audit:

  • Takeover audit for merger/acquisition/takeover could be done as three parts: pre-acquisition, post-acquisition and sell-side.
  • To provide the desired results to an investor and to ensure that the acquisition is executed in the most effective manner, the concept of the takeover audit has been evolved; the takeover audit provides a cost benefit analysis to suggest a strategic plan for the long term in-vestment strategy.
  • A rigorous audit vide due diligence process help companies take ad-vantage of legitimate new business opportunities, while at the same time help minimize the risks.
  • A strong audit cum due diligence process is critical to ensure that the acquirer is fully aware of all aspects of the proposed transaction and provides access to vital intelligence that is used to negotiate the final price and integrate the new subsidiary more effectively.

Question 5.
What do you understand by a CSR Audit? Explain its coverage.
Answer:

  1. Corporate Social Responsibility (CSR) includes various social and environmentally responsible guidelines, essential for companies that want to maintain a strong connection to the marketplace.
  2. Corporate Social responsibility includes the way a company treats and proactively contributes to its community, promotes fair working conditions and a non-discriminatory environment, conveys transparent and honest accounting reports and generally earns a reputation of trust and integrity in the society where it serves.
  3. CSR has become a mandatory part of many Companies vide introduction in Companies Act, 2013 and has changed the dynamics of CSR.
  4. An increased emphasis on governance, stricter monitoring and reporting obligations require companies to be more accountable, disciplined and strategic in their CSR approach.

Question 6.
What is Forensic Audit Report? Highlight its major contents.
Answer:
1. Forensic Audit Report is statement of observation gathered & considered while proving conclusive evidence. It is a medium through which an auditor expresses his opinion under audit after the forensic audit investigation is completed.

2. Forensic Audit Report include the following points:

  • Executive Summary.
  • Origin of the audit.
  • Audit Objective.
  • Proposed Audit Outputs.
  • Audit Implementation approach.
  • Risk Analysis.
  • Audit Process.
  • Preliminary understanding of scope and incident coverage.
  • Collect evidence.
  • Conduct Interviews.
  • Analyse findings.
  • Validate inferences and conclusions.
  • Evidence of risk events.

Question 7.
What do you mean by Environment Audit? Prepare a process chart for conducting Environment Audit.
Answer:
1. Environmental Audit refers to verification and assessment of environmental measures in an organisation.

2. Environmental Audit is a term that can reflect various types of evaluations intended to identify environmental compliance and management system implementation gaps along with related corrective actions and it has a wide variety of meanings.

Process of Environment Audit:
Step 1 : Understanding the industrial activity and Pre-audit or planning stage: Collection of background information about the entity, definition of objectives and scope of audit, formation of audit team and development of audit plan and protocols.

Step 2 : On-site or Field Audit: Communicate the objectives of the audit to key faculties and schedule necessary meetings and interviews, identify areas of concern, site/facility inspection, evidence/records/ document review, staff interviews, initial review of findings.

Step 3 : Assessing the impact and post-audit: Final evaluation of findings, submit preliminary report with type and magnitude of impact on the environment, get approval of management, introduce the findings to the auditees submit final environment audit report along with short/ long term acceptability.

Step 4 : Follow up or review: Verify the action taken on audit findings and recommendations.

Question 8.
What is the scope of Corporate Governance Audit?
Answer:
The Scope of Corporate Governance Audit is wide and generally boundary less and covers:

  • Financial and Non-Financial Stakeholders.
  • Boards of Directors (Composition, Mix, Independence).
  • Committees of the Boards and terms of References.
  • Control Environment (Accounting, Controls, Internal and External Audit).
  • Risk Management.
  • Transparency and Disclosure of financial information and executive compensation.
  • Strategic plans, programs and guidance on social responsibilities.

In India, the Companies Act, 2013 and the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015 are the principle governing laws on corporate governance.

Question 9.
What is the purpose of Corporate Social Responsibility Audit?
Answer:
Though the Companies Act, 2013 does not prescribed for the CSR Audit, but the companies’ voluntarily undertake the CSR Audits to measure effectiveness of the CSR Programmes of the company. Following are purpose of CSR Audit:

  • To ensure compliance with the provisions of Companies Act, 2013 with respect to constitution of the Committee, adoption of policy and appropriate spending
  • towards CSR activities.
  • To facilitate transparent monitoring mechanism and a mentor for the Company’s CSR activities and implementation of CSR policy.
  • To evaluate internal control and governance framework.
  • To assess the project life cycle.
  • To conduct financial review of projects to confirm the utilization of budgets for achieving desired outcomes.

Question 10.
What is the need for Environment Audit?
Answer:
Following are need for Environment Audit:

  1. It help business to assess the environmental impact of their operations.
  2. It ensure that the corporate decisions are not spoiling company’s market for its products, destroying the source of essential supply, damaging or polluting the very infrastructure that makes usage and demand of the product grow.
  3. It highlights areas of inefficiencies in process.
  4. It highlights excessive wastes.
  5. It provides opportunity for business to decrease its wastes output and reduce the cost of waste treatment or waste disposal.

Question 11.
Discuss the implications of Social Audit?
Answer:
Implications of Social Audit discussed below:

  • Social auditing creates an impact upon governance. It values the voice of stakeholders, including marginalized/poor groups whose voices are rarely heard.
  • Social auditing is taken up for the purpose of enhancing local governance, particularly for strengthening accountability and transparency in local bodies.
  • Social Audit makes it sure that in democracy, the powers of decision makers should be used as far as possible with the consent and under-standing of all concerned.

Question 12.
Write Short Note on following:
(a) Cyber Audit
(b) Forensic Audit
Answer:
(a) Cyber Audit:
1. Cyber Audit team of professional conducts an organizational review to ensure that the correct and most up to date cyber and IT processes and infrastructure are being applied.

2. Cyber audit also includes a series of tests that guarantee that information security meets all expectations and requirements within an organization.

3. In Cyber Audit the Internal auditors and risk-management professionals have key roles to play in the Information Management function of the company. In the era of global digital economy it is critical to protecting enterprise information from the insider as well as the outsider hackers.

4. Audit helps enterprises with the challenges of managing cyber threats, by providing an objective evaluation of the controls and making recommendations to improve them as well as assisting the senior management and the board of directors understand and respond to cyber risks.

5. A cyber audit also includes a series of tests that guarantee that information security meets all expectations and requirements within an organization.

(b) Forensic Audit:
1. Forensic Audit Report is statement of observation gathered & considered while proving conclusive evidence. It is a medium through which an auditor expresses his opinion under audit after the forensic audit investigation is completed.

2. Forensic is the application of science to crime concerns. Forensic science is science which is applied to legal matters especially criminal matters.

3. A Forensic Audit is a comprehensive and systematic process involving a series of activities and tasks undertaken for establishing the accuracy and authenticity of the transactions under review.

4. The object of forensic auditing is to relate the findings of audit by examining and gathering legally tenable evidence and producing it to the Court. In the process the corporate veil is lifted in case of corporate entities to identify the fraud and the persons responsible for it.

Question 13.
Write Short Note on: “Labour Law Audit”.
Answer:
1. Labour law audit is a process of facts findings and it is a continuous process and ensures a win – win situation for all the stakeholders.

2. Audit under the labour and employment laws is an effective tool for compliance management of labour, employment and industrial laws.

3. Labour law audit is not compulsory, but it is highly recommendatory to conduct this audit. It helps to detect non-compliance of labour and employment laws applicable to a business and take corrective measures to avoid any unwarranted legal actions by the regulators against the business and its management.

4. Labour audit cover all labour legislations applicable to an industry/ business or any other commercial establishment, wherein audit is being conducted by the labour law auditor. Scope of labour law audit will certainly differ from business to business.

Example: Suppose if the business does not have a factory, the provisions of Factories Act, 1948 and any rules/ regulations made thereunder won’t be applicable on such business.

Question 14.
Discuss four Auditing Standards of ICSI?
Answer:
The Council of the Institute of Company Secretaries of India (ICSI) has approved the issuance of four ICSI Auditing Standards. The Standards are required to be observed by the Company Secretaries undertaking Audits.
1. CSAS-1: Auditing Standard on Audit Engagement which lays down the Auditor’s role and responsibilities with respect to an Audit Engagement and the process of entering into an understanding/agreement with the Appointing Authority for the purpose of audit.

2. CSAS-2: Auditing Standard on Audit Process and Documentation which lays down the responsibilities and duties of the Auditor with respect to Audit Process in conducting audit and maintaining proper audit records.

3. CSAS-3: Auditing Standard on Forming of Opinion covers the basis and manner for forming Auditor’s opinion on subject matter of the audit.

4. CSAS-4: Auditing Standard on Secretarial Audit covers the basis and manner for carrying out the Secretarial Audit.

The Standards seek to promote best auditing practices, uniformity and consistency while conducting audits. The four Standards are:

Question 15.
Discuss the provisions of following under CSAS-3:
(a) Unmodified Opinion.
(b) Modified Opinion.
Answer:
As per provisions of CSAS-3:
(a) Unmodified Opinion:
The Auditor shall express an unmodified opinion when based on Audit Evidence, the Auditor concludes that:

  • There is due compliance with the applicable laws in terms of timelines and process.
  • The records as relevant for the audit verified by him as a whole are free from misstatement and maintained in accordance with the applicable laws.

(b) Modified Opinion:
The Auditor shall express modified opinion when the Auditor concludes that:

  • Based on the Audit Evidence obtained, there is non-compliance with the applicable laws in terms of timelines and process; or
  • Based on the Audit Evidence obtained, the Records as a whole are not free from Misstatement; or are not maintained in accordance with applicable laws; or
  • He is unable to obtain sufficient and appropriate Audit Evidence to conclude that there is due compliance with the applicable laws in terms of timelines and process; or
  • He is unable to obtain sufficient and appropriate Audit Evidence to conclude that the Records as a whole are free from Misstatement; or are maintained in accordance with applicable laws.
  • Whenever the Auditor expresses a modified opinion or disclaims an opinion, the text of the opinion shall be either in italics or bold letters.

Question 16.
Discuss the provisions of following under CSAS-4:
(a) Detection of Fraud.
(b) Reporting of Fraud.
Answer:
As per provisions of CSAS-4:
(a) Detection of Fraud:
1. The Auditor shall exercise professional judgment and maintain professional scepticism throughout the planning and performance of the audit to detect and report the fraud envisaged under the provisions of Section 143(12) of the Companies Act, 2013 read with Companies (Audit and Auditors) Rules, 2014.

2. During the course of the audit, if the Auditor suspects commission of any fraud, he shall endeavour to collect further evidence for the same. The suspicion may arise on perusal of internal control systems, complaint under whistle blower mechanism and reports of the other auditors, etc.

3. The Auditor shall ensure to collect sufficient evidence which substantiates his suspicion of the commission of the fraud against the Auditee by its employees and officers.

(b) Reporting of Fraud:
1. The Auditor having sufficient reason to believe that there is commission of fraud and have justifiable grounds for the same, he shall report to Audit Committee/Board/Central Government as per the process laid down under the Companies Act, 2013 and include the same in Secretarial Audit Report

2. The Auditor shall verify if the fraud detected by other Auditor has been reported to the Audit Committee/Central Government and report the same in the Secretarial Audit Report.

3. The Auditor shall verify whether the Audit Committee/Board has given any comments on the fraud reported by the auditors in their report in terms of the provisions of the Companies Act, 2013.

Question 17.
Write Note on: “Takeover Audit”.
Answer:
1. Takeover audit for merger/acquisition/takeover could be done as three parts: pre-acquisition, post-acquisition and sell-side.

2. To provide the desired results to an investor and to ensure that the acquisition is executed in the most effective manner, the concept of the takeover audit has been evolved; the takeover audit provides a cost benefit analysis to suggest a strategic plan for the long term in-vestment strategy.

3. A rigorous audit vide due diligence process help companies take ad-vantage of legitimate new business opportunities, while at the same time help minimize the risks.

4. A strong audit cum due diligence process is critical to ensure that the acquirer is fully aware of all aspects of the proposed transaction and provides access to vital intelligence that is used to negotiate the final price and integrate the new subsidiary more effectively.

Secretarial Audit Compliance Management and Due Diligence ICSI Study Material