INTRODUCTION

An audit is a systematic and independent examination of books,

accounts, statutory records, documents and vouchers of an organization to
ascertain how far the financial statements as well as non-financial
disclosures present a true and fair view of the concern. It also attempts to
ensure that the books of accounts are properly maintained by the concern
as required by law. Auditing has become such a ubiquitous phenomenon
in the corporate and the public sector that academics started identifying
an "Audit Society". The auditor perceives and recognises the propositions
before them for examination, obtains evidence, evaluates the same and
formulates an opinion on the basis of his judgement which is
communicated through their audit report.
Any subject matter may be audited. Audits provide third party
assurance to various stakeholders that the subject matter is free
from material misstatement. The term is most frequently applied to audits
of the financial information relating to a legal person. Other areas which
are commonly audited include: secretarial & compliance audit, internal
controls, quality management, project management, water management,
and energy conservation.

1
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 As a result of an audit, stakeholders may effectively evaluate and
improve the effectiveness of risk management, control, and the
governance process over the subject matter.
The word audit is derived from a Latin word "audire" which means
"to hear". During the medieval times when manual book-keeping was
prevalent, auditors in Britain used to hear the accounts read out for them
and checked that the organisation's personnel were not negligent or
fraudulent.

2
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 ACCOUNTING
Due to strong incentives (including taxation, misselling and other
forms of fraud) to misstate financial information, auditing has become a
legal requirement for many entities who have the power to exploit
financial information for personal gain. Traditionally, audits were mainly
associated with gaining information about financial systems and the
financial records of a company or a business.
Financial audits are performed to ascertain
the validity and reliability of information, as well as to provide
an assessment of a system's internal control. As a result of this, a third
party can express an opinion of the person / organisation / system (etc.) in
question. The opinion given on financial statements will depends on
the audit evidence obtained.
Due to constraints, an audit seeks to provide only reasonable
assurance that the statements are free from material error. Hence,
statistical sampling is often adopted in audits. In the case of financial
audits, a set of financial statements are said to be true and fair when they
are free of material misstatements – a concept influenced by
both quantitative (numerical) and qualitative factors. But recently, the
argument that auditing should go beyond just true and fair is gaining
momentum.[6] And the US Public Company Accounting Oversight
Board has come out with a concept release on the same.
Cost accounting is a process for verifying the cost of
manufacturing or producing of any article, on the basis of accounts
measuring the use of material, labor or other items of cost. In simple
words, the term, cost audit means a systematic and accurate verification
of the cost accounts and records, and checking for adherence to the cost
accounting objectives. According to the Institute of Cost

3
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
and Management Accountants of Pakistan, a cost audit is "an examination
of cost accounting records and verification of facts to ascertain that the
cost of the product has been arrived at, in accordance with principles of
cost accounting."
In most nations, an audit must adhere to generally accepted
standards established by governing bodies. These standards assure third
parties or external users that they can rely upon the auditor's opinion on
the fairness of financial statements, or other subjects on which the auditor
expresses an opinion.
Integrated audits
In the US, audits of publicly traded companies are governed by
rules laid down by the Public Company Accounting Oversight
Board (PCAOB), which was established by Section 404 of the Sarbanes–
Oxley Act of 2002. Such an audit is called an integrated audit, where
auditors, in addition to an opinion on the financial statements, must also
express an opinion on the effectiveness of a company's internal
control over financial reporting, in accordance with PCAOB Auditing
Standard No. 5.
There are also new types of integrated auditing becoming available
that use unified compliance material (see the unified compliance section
in Regulatory compliance). Due to the increasing number of regulations
and need for operational transparency, organizations are adopting risk-
based audits that can cover multiple regulations and standards from a
single audit event. This is a very new but necessary approach in some
sectors to ensure that all the necessary governance requirements can be
met without duplicating effort from both audit and audit hosting
resources.
Assessments

4
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 The purpose of an assessment is to measure something or calculate
a value for it. Although the process of producing an assessment may
involve an audit by an independent professional, its purpose is to provide
a measurement rather than to express an opinion about the fairness of
statements or quality of performance.
Auditors
Auditors of financial statements & non-financial information
(including compliance audit) can be classified into three categories:
 External auditor / Statutory auditor is an independent firm engaged by
the client subject to the audit, to express an opinion on whether the
company's financial statements are free of material misstatements,
whether due to fraud or error. For publicly traded companies, external
auditors may also be required to express an opinion over the
effectiveness of internal controls over financial reporting. External
auditors may also be engaged to perform other agreed-upon
procedures, related or unrelated to financial statements. Most
importantly, external auditors, though engaged and paid by the
company being audited, should be regarded as independent
 Cost auditor / Statutory Cost auditor is an independent firm engaged
by the client subject to the Cost audit, to express an opinion on
whether the company's Cost statements and Cost Sheet are free of
material misstatements, whether due to fraud or error. For publicly
traded companies, external auditors may also be required to express
an opinion over the effectiveness of internal controls over Cost
reporting. These are Specialised Persons called Cost Accountants in
India & CMA globally either Cost & Management Accountants or
Certified Management Accountants.

5
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 COST AUDITING
Government Auditors review the finances and practices of federal
agencies. These auditors report their finds to congress, which uses
them to create and manage polices and budgets. Government auditors
work for the U.S. Government Accountability Office, and most state
governments have similar departments to audit state and municipal
agencies. Further information: Internal auditors
 Secretarial auditor / Statutory Secretarial auditor is an independent
firm engaged by the client subject to the audit of Secretarial &
applicable laws / Compliances of other applicable laws, to express an
opinion on whether the company's Secretarial records and Compliance
of applicable laws are free of material misstatements, whether due to
fraud or error and inviting heavy fines or penalties. For Bigger Public
companies, external Secretarial auditors may also be required to
express an opinion over the effectiveness of internal controls over
compliances system management of the Company. These are
Specialized Persons called Company Secretaries in India who are the
members of Institute of Company Secretaries of India and holding
Certificate of Practice.
The most commonly used external audit standards are the
US GAAS of the American Institute of Certified Public Accountants; and
the ISA International Standards on Auditing developed by
the International Auditing and Assurance Standard
 Internal auditors are employed by the organisations they audit. They
work for government agencies (federal, state and local); for publicly
traded companies; and for non-profit companies across all industries.
The internationally recognised standard setting body for the
profession is the Institute of Internal Auditors - IIA (www.theiia.org).

6
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 The IIA has defined internal auditing as follows: "Internal auditing is
an independent, objective assurance and consulting activity designed
to add value and improve an organisation's operations. It helps an
organisation accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk
management, control, and governance processes". Thus professional
internal auditors provide independent and objective audit and
consulting services focused on evaluating whether the board of
directors, shareholders, stakeholders, and corporate executives have
reasonable assurance that the organization's governance, risk
management, and control processes are designed adequately and
function effectively.
 Internal audit professionals (Certified Internal Auditors - CIAs) are
governed by the international professional standards and code of
conduct of the Institute of Internal Auditors. While internal auditors
are not independent of the companies that employ them, independence
and objectivity are a cornerstone of the IIA professional standards;
and are discussed at length in the standards and the supporting
practice guides and practice advisories. Professional internal auditors
are mandated by the IIA standards to be independent of the business
activities they audit. This independence and objectivity are achieved
through the organizational placement and reporting lines of the
internal audit department. Internal auditors of publicly traded
companies in the United States are required to report functionally to
the board of directors directly, or a sub-committee of the board of
directors (typically the audit committee), and not to management
except for administrative purposes. As described often in the
professional literature for the practice of internal auditing (such as
Internal Auditor, the journal of the IIA) -,[12] or other similar and

7
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 generally recognized frameworks for management control when
evaluating an entity's governance and control practices; and apply
COSO's "Enterprise Risk Management-Integrated Framework" or
other similar and generally recognized frameworks for entity-wide
risk management when evaluating an organization's entity-wide risk
management practices. Professional internal auditors also use Control
Self-Assessment (CSA) as an effective process for performing their
work.
 Consultant auditors are external personnel contracted by the firm to
perform an audit following the firm's auditing standards. This differs
from the external auditor, who follows their own auditing standards.
The level of independence is therefore somewhere between the
internal auditor and the external auditor. The consultant auditor may
work independently, or as part of the audit team that includes internal
auditors. Consultant auditors are used when the firm lacks sufficient
expertise to audit certain areas, or simply for staff augmentation when
staff are not available.
Performance Audits
`Safety, security, information systems performance, and
environmental concerns are increasingly the subject of audits. There are
now audit professionals who specialize in security audits and information
systems audits. With nonprofit organisations and government agencies,
there has been an increasing need for performance audits, examining their
success in satisfying mission objectives.

8
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 QUALITY AUDITS
Quality audit is the process of systematic examination of a quality
system carried out by an internal or external quality auditor or an audit
team. It is an important part of organization's quality management
system and is a key element in the ISO quality system standard, ISO
9001.
Quality audits are typically performed at predefined time intervals
and ensure that the institution has clearly defined internal system
monitoring procedures linked to effective action. This can help determine
if the organization complies with the defined quality system processes
and can involve procedural or results-based assessment criteria.
With the upgrade of the ISO9000 series of standards from the 1994
to 2008 series, the focus of the audits has shifted from purely procedural
adherence towards measurement of the actual effectiveness of the Quality
Management System (QMS) and the results that have been achieved
through the implementation of a QMS.
Audits are an essential management tool to be used for verifying
objective evidence of processes, to assess how successfully processes
have been implemented, for judging the effectiveness of achieving any
defined target levels, to provide evidence concerning reduction and
elimination of problem areas. For the benefit of the organisation, quality
auditing should not only report non-conformances and corrective actions,
but also highlight areas of good practice. In this way other departments
may share information and amend their working practices as a result, also
contributing to continual improvement.
Quality audits can be an integral part of compliance or regulatory
requirements. One example is the US Food and Drug Administration,

9
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
which requires quality auditing to be performed as part of its Quality
System Regulation
Audits can also be used for safety purposes. Evans & Parker (2008)
describe auditing as one of the most powerful safety monitoring
techniques and 'an effective way to avoid complacency and highlight
slowly deteriorating conditions', especially when the auditing focuses not
just on compliance but effectiveness.
The processes and tasks that a quality audit involves can be
managed using a wide variety of software and self-assessment tools.
Some of these relate specifically to quality in terms of fitness for purpose
and conformance to standards, while others relate to Quality costs or,
more accurately, to the Cost of poor quality. In analyzing quality costs, a
cost of quality audit can be applied across any organization rather than
just to conventional production or assembly processes

10
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 PROJECT MANAGEMENT

A project audit provides an opportunity to uncover issues, concerns and

challenges encountered during the project lifecycle.[14] Conducted
midway through the project, an audit affords the project manager, project
sponsor and project team an interim view of what has gone well, as well
as what needs to be improved to successfully complete the project. If
done at the close of a project, the audit can be used to develop success
criteria for future projects by providing a forensic review. This review
identifies which elements of the project were successfully managed and
which ones presented challenges. As a result, the review will help the
organisation identify what it needs to do to avoid repeating the same
mistakes on future projects
Projects can undergo 2 types of Project audits:
Regular Health Check Audits: The aim of a regular health check audit
is to understand the current state of a project in order to increase project
success.

11
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
Regulatory Audits: The aim of a regulatory audit is to verify that a
project is compliant with regulations and standards. Best practices of
NEMEA Compliance Centre describe that, the regulatory audit must be
accurate, objective, and independent while providing oversight and
assurance to the organisation.
Other forms of Project audits:
Formal: Applies when the project is in trouble, sponsor agrees that the
audit is needed, sensitivities are high ,and need to be able prove
conclusions via sustainable evidence.
Informal: Apply when a new project manager is provided, there is no
indication the projects in trouble and there is a need to report whether the
project is as opposed to where its supposed to Informal audits can apply.

12
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 OBJECTIVES OF AUDIT

Basic objective of auditing is to prove true and fairness of results

presented by profit and loss account and financial position presented by
balance sheet. Its objectives are classified into two groups which are
given below:

A. Primary Objectives Of Audit

The main objectives of audit are known as primary objectives of audit.
They are as follows:
i. Examining the system of internal check.
ii. Checking arithmetical accuracy of books of accounts, verifying
posting, costing, balancing etc.
iii. Verifying the authenticity and validity of transactions.
iv. Checking the proper distinction of capital and revenue nature of
transactions.
v. Confirming the existence and value of assets and liabilities.
vi. Verifying whether all the statutory requirements are fulfilled or not.
vii. Proving true and fairness of operating results presented by income
statement and financial position presented by balance sheet.

13
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
B. Subsidiary Objectives Of Audit
These are such objectives which are set up to help in attaining
primary objectives. They are as follows:
i. Detection and prevention of errors
Errors are those mistakes which are committed due to carelessness
or negligence or lack of knowledge or without having vested interest.
Errors may be committed without or with any vested interest. So, they are
to be checked carefully. Errors are of various types. Some of them are:
* Errors of principle
* Errors of omission
* Errors of commission
* Compensating errors
ii. Detection and prevention of frauds
Frauds are those mistakes which are committed knowingly with
some vested interest on the direction of top level management.
Management commits frauds to deceive tax, to show the effectiveness of
management, to get more commission, to sell share in the market or to
maintain market price of share etc. Detection of fraud is the main job of
an auditor. Such frauds are as follows:
* Misappropriation of cash
* Misappropriation of goods
* Manipulation of accounts or falsification of accounts without any
misappropriation
iii. Under or over valuation of stock
Normally such frauds are committed by the top level executives of the
business. So, the explanation given to the auditor also remains false. So,
an auditor should detect such frauds using skill, knowledge and facts.

14
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 SCOPE OF AUDIT
In ancient period, there was limited scope of audit because there
was no development of business. Generally, auditor used
to check cash transactions if there were suspected frauds. But in the
recent years, scope of audit has increased. Now-a-days auditing is related
to the examination of books of account, evidence, bills, stock and its
physical verification etc.

Now-a-days, it is not possible to go through the books of account.

So, an auditor applies test check. But such test is possible in such
organization where effective internal check system is applied. An auditor
should analyse the suspected frauds so as to find out the fact but an
auditor should depend on the information provided by the concerned
officer.
An auditor should prepare and present report after the examination
of profit and loss account and balance sheet. Auditor does not
only check the books of account on the basis of evidence but also has
to check the authenticity of documents. An auditor should set his mind in
that area where he is not satisfied with the records. Despite having above
facts, attention of audit can be set up as follows:
i. Checking of books of accounts so as to find out the truth and fairness.
ii. Verification of assets and liabilities after its detail checking.
iii. Checking of books of accounts on the basis of available evidence.
iv. Checking arithmetical accuracy of books of accounts.
v. Expressing independent opinion about the financial statements.
vi. Preparing and presenting fair report to the concerned officer or
owners.

15
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
The term "Scope of Audit" means the audit procedure which is
considered necessary for the achievement of desired objectives. The
auditor should keep in view the following points :

1. Legal Conditions :-

While determining the scope of audit and auditor should follow the rules
and regulations applicable on the audit work.

2. Validity Of Data :-

The auditor should use various methods to test the validity of data. He
should confirm that data provided in the financial statement is reliable.

3. Cover All The Aspects :-

The auditor should cover all the functions of business, know all its
working any aspect related to financial statement may not be ignored. A
business is small or large auditor should cover all the areas.

4. Comparison :-

The auditor can compare the accounts record with the financial statement
to know the true picture. He determines whether the relevant information
is properly communicated or not.

5. Apply His Skill :-

While preparing the report, an auditor should apply his professional skill
and experience to prove that figures and facts.

6. Sufficient Record :-
The auditor checks that record and relevant data is sufficient. He also
uses other tests and verification procedure.

16
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
7. Judgement :-
The auditor also considers the judgement of the management made in
preparing the financial statements. The auditor must have the quality of
judgement when he fails to find the data in the books of account.
8. Internal Check :-
It is not possible for the auditor to check each and every voucher and
transaction, so he should try to rely on internal check system. He is also
bond to make guess work on the basis of available data.
9. Persuasive Evidence :-
The auditor his opinion as true fair instead of cent percent correct because
the available evidence is persuasive. The personal judgement also affect
the value of any items.
10. Misstatement Problem :-
Due to the limitations of audit sometimes some material misstatements
remain undiscovered. So statement do not show the exact view of
operations.
11. Clear The Doubts :-
If the auditor smells any fraud, he should check cent percent items and
clear his doubts. He should extend the procedure to confirm his doubts.
12. Opinion Of Auditor :-
If auditor is satisfied about financial information of business then he can
express the unqualified opinion otherwise he will express qualified
opinion.

17
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 PURPOSES OF AUDITS
An auditor may specialize in types of audits based on the audit
purpose, such as to verify compliance, conformance, or performance.
Some audits have special administrative purposes such as auditing
documents, risk, or performance or following up on completed corrective
actions.
Certification
Companies in certain high-risk categories—such as toys, pressure
vessels, elevators, gas appliances, and electrical and medical devices—
wanting to do business in Europe must comply with Conformité
Europeënne Mark (CE Mark) requirements. One way for organizations to
comply is to have their management system certified by a third-party
audit organization to management system requirement criteria.

Customers may suggest or require that their suppliers conform to

ISO 9001, ISO 14001, or safety criteria, and federal regulations and
requirements may also apply. A third-party audit normally results in the
issuance of a certificate stating that the auditee organization management
system complies with the requirements of a pertinent standard or
regulation.
Third-party audits for system certification should be performed by
organizations that have been evaluated and accredited by an established
accreditation board, such as the
Performance versus compliance/conformance audits
Various authors use the following terms to describe an audit
purpose beyond compliance and conformance: value-added assessments,
management audits, added value auditing, and continual improvement
assessment. The purpose of these audits goes beyond traditional
compliance and conformance audits. The audit purpose relates to

18
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
organization performance. Audits that determine compliance and
conformance are not focused on good or poor performance. Yet
performance is an important concern for most organizations.
A key difference between compliance/conformance audits and
audits designed to promote improvement is the collection of audit
evidence related to organization performance versus evidence to verify
conformance or compliance to a standard or procedure. An organization
may conform to its procedures for taking orders, but if every order is
subsequently changed two or three times, management may have cause
for concern and want to rectify the inefficiency.

Follow-up audit

A product, process, or system audit may have findings that require

correction and corrective action. Since most corrective actions cannot be
performed at the time of the audit, the audit program manager may
require a follow-up audit to verify that corrections were made and
corrective actions were taken. Due to the high cost of a single-purpose
follow-up audit, it is normally combined with the next scheduled audit of
the area. However, this decision should be based on the importance and
risk of the finding.

An organization may also conduct follow-up audits to verify

preventive actions were taken as a result of performance issues that may
be reported as opportunities for improvement. Other times organizations
may forward identified performance issues to management for follow-up.

19
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 PHASES OF AN AUDIT

1. Audit preparation – Audit preparation consists of everything that is

done in advance by interested parties, such as the auditor, the lead
auditor, the client, and the audit program manager, to ensure that the
audit complies with the client’s objective. The preparation stage of an
audit begins with the decision to conduct the audit. Preparation ends
when the audit itself begins.
2. Audit performance – The performance phase of an audit is often called
the fieldwork. It is the data-gathering portion of the audit and covers the
time period from arrival at the audit location up to the exit meeting. It
consists of activities including on-site audit management, meeting with
the auditee, understanding the process and system controls and verifying
that these controls work, communicating among team members, and
communicating with the auditee.
3. Audit reporting – The purpose of the audit report is to communicate the
results of the investigation. The report should provide correct and clear
data that will be effective as a management aid in addressing important
organizational issues. The audit process may end when the report is
issued by the lead auditor or after follow-up actions are completed.
4. Audit follow-up and closure – According to ISO 19011, clause 6.6,
“The audit is completed when all the planned audit activities have been
carried out, or otherwise agreed with the audit client.” Clause 6.7 of ISO
19011 continues by stating that verification of follow-up actions may be
part of a subsequent audit.

Note: Requests for correcting nonconformities or findings are very

common. Corrective action is action taken to eliminate the causes of an
existing nonconformity, defect, or other undesirable situation in order to

20
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
prevent recurrence (reactive). Corrective action is about eliminating the
causes of problems and not just following a series of problem-solving
steps. Preventive action is action taken to eliminate the causes of a
potential nonconformity, defect, or other undesirable situation in order to
prevent occurrence (proactive).

21
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 CONCLUSION

The audit noted a strengthening, in 2009, of the controls and

governance in place over the management of the Project Gateway system.
Many elements of an effective project management framework are in
place to manage current and future investments in Project Gateway.
However, opportunities exist to further strengthen the current practices
and processes as outlined in the recommendations in this report. If not
addressed, the auditors feel that these gaps present moderate to high
residual risk to management.

In the professional judgment of the Chief Audit Executive,

sufficient and appropriate audit procedures have been conducted and
evidence gathered to support the accuracy of the conclusion provided and
contained in this report. The conclusion is based on a comparison of the
conditions as they existed at the time, against pre-established audit
criteria that were agreed with management. The evidence was gathered in
accordance with the Government of Canada internal audit standards, the
Treasury Board of Canada Policy on Internal Audit and its associated
directives.

22
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17
 BIBLIOGRAPHY
 http://www.businessdictionary.com/definition/audit.html
 http://www.pwc.com/m1/en/services/assurance/what-is-an-audit.html
 https://audit.wa.gov.au/reports-and-publications/reports/follow-on-
performance-audit-to-room-to-move/audit-conclusion/
 http://www.wd-deo.gc.ca/eng/12223.asp

23
G.M MOMIN WOMEN’S COLLEGE UNIVERSITY OF MUMBAI M.COM-II,SEM-IV A.Y 2016-17