CONTENTS
1. EXECUTIVE SUMMARY 2. INTRODUCTION Literature Review Global Oil & Gas Industry Overview Indian Oil & Gas Industry Overview Company Overview (ONGC) 2 4 6 6 20 23 24 26 28 38 39 40 41
3. INTERNAL CONTROL & INTERNAL AUDIT Internal Control Internal Audit Standards on Internal Audit 4. PROJECT PROFILE Objectives Research Methodology 5. LEARNINGS & OBSERVATIONS Learnings Audit Scope & Coverage Organisation Structure of IA Department Audit planning & process Audit approach & methodology Life cycle of an audit Performance evaluation Quality systems
42 43 44 46 47 50 52 54 58 59 61 62
Observations Recommendations Learning outcome 6. REFERENCES 7. ANNEXURE
Page 1
EXECUTIVE SUMMARY
…show more content…
After several years of seeing more money pumped into internal audit in response to the requirements of Sarbanes-Oxley, management is now looking to trim the budget. Internal audit 's oversight went far beyond SOX, but because SOX dominated corporate priorities in recent years, audit teams were staffed accordingly with many junior, "box-checking" resources. But now, many audit teams are finding themselves exposed, lacking the skills required to deal with contemporary business risks. The number and variety of business risks and related controls that IA needs to assess, monitor and report on has grown exponentially in just a few years. Risks related to the supply chain, treasury and financial instruments, fraud, systems, privacy, emerging markets, strained economic conditions, corporate responsibility, regulation, subprime exposure and liquidity are just some of the new, niche risks which have emerged and can require highly specialized auditing skills. At the same time, more and more companies are expecting their IA teams to create value rather than just preserve it. With pressure mounting to deliver more while paying less and to come to terms with skills gaps, IA is undoubtedly at a crossroads in its evolution. Having the capability to deal with today 's business risks requires a significant level of investment in skilled resources, methods, training, career paths and technical infrastructure. Maintaining that capability requires a sustained level of
Control of the internal audit unit and of individual assignments is needed to ensure that internal audit objectives are achieved and work is performed effectively. The most important elements of control are the direction and supervision of the internal audit staff and review of their work. This will
CAS 300 requires auditors to their audit using a risk based model where the nature, timing and extent of audit procedures are based on the assessed risk of material misstatement. Pickett (2006) argues that for audits to be effective and efficient, much of the audit effort should be focused on areas that are considered to pose the highest audit risk. Additional audit procedures should be linked to individual audit assertions whereas other audit procedures need to be performed as and when needed. Thus, for an audit plan to be put in place, it is necessary for an auditor to come up with a risk profile of the client comprising an understanding of the business operating by the audit client, assess business risk and also perform its preliminary analytical review.
Due to increasing economic and financial growth, many types of audit have been incorporated throughout the development process of internal activities. Audits can be performed manually or they can incorporate technology. According to Hunton and
Sarbanes-Oxley Act was enforced in the past but caught everyone’s attention when drastic audit failures from Enron and Worldcom happened. An enhanced act (SOX) was enacted in 2002 improving audit quality. In particular, section 404 provides guidance of assessment to internal control. For an accounting perspective, internal control is a system for internal and external auditors to measure performance and recommend the improvement of the control. It is definitely correct that both enforcement and the system are to address the risks of frauds. In the meantime, a new regulatory agency, the Public Company Accounting Oversight Board (PCAOB) was created to monitor the work of public accountants. Among SOX and the PCAOB, accounting
The Sarbanes-Oxley Act (SOX) of 2002, aims to combat fraud, improve the reliability of financial reporting and restores investor confidence. Section 404 of Sarbanes-Oxley emphasize the management’s responsibility in maintaining a sound internal-control structure of financial reporting and assessing its own effectiveness. While the auditors’ responsibility is to attest to the soundness of management’s assessment and to report on the state of the overall financial control system. Although it has been a question by most executives, however, some approached the new law with gratitude. As SOX went into effect, more executives had realized the need for internal reforms; they were startled by the weaknesses and gaps of their internal control that compliance reviews and assessments had exposed.
The importance of audit committees increased through the years and especially from pre-Sarbanes – Oxley to post-Sarbanes – Oxley. Although, what are the responsibilities of the audit committee members? How does a Chief Audit Executive (CAE) more effectively serve their audit committee members? How do auditors communicate with audit committees? What are the requirements for audit committees? Most of these questions are inherited from what the audit committee’s best practices are.
a. The auditors should review the client's planning of the physical inventory and make suggestions for improvement.
Section 404. Management assessment of internal control: This section needs every annual report of a in public listed company to contain internal control report stating management’s responsibility to establish and maintain an adequate system of internal control financial reporting similarly as an assessment of the effectiveness of internal control structure and procedures. Auditors audit the financial statements of the company must issue a consulting report regarding the effectiveness of the company internal
Team D Auditing has been evaluating the evidence presented by Apollo Shoes. The audit team has developed an audit report in response to the audit and has also provided a description of the evidence, a description of the account sampling and testing procedures used, and has also given a brief description of the value of an audit report. This report is only to reflect Team D’s opinion regarding Apollo’s internal controls, financial statements, and management’s assessment.
The audit will become a strong tool for feeding a continual improvement method and providing recognition for excellence in any organization. Eminent implementation of AN audit method needs managers to line positive expectations concerning however audits are going to be conducted, choose vital areas for audits, give positive communication concerning the aim of the audit findings, and involve individuals in following informed the audit findings. The audit ought to be seen as a way for distinctive each opportunities for improvement and areas of excellence that merit reward and recognition.
We have audited the accompanying balance sheets of Apollo Shoes, Inc. as of December 31, 2007 and 2006 and the related statements of income, shareholder’s equity and cash flow for the two years in the period ended December 31, 2007. Apollo Shoes’ management is responsible for the financial statements presented, for maintaining effective internal control over financial reporting, and for its assessment of internal control.
Since the enactment of the Sarbanes-Oxley Act and the economic downfall following the financial scandals of Enron, Tyco and WorldCom, there has been a heightened expectation fallen upon auditors. The public relies on the auditing profession to detect fraud and material misstatement and potentially prevent economic disasters, similar to what occurred in the early 2000’s. As auditors are required to provide due diligent care to the users/shareholders it is now being suggested by multiple publications that identifying fraud risks during an audit engagement could increase auditors’ liability. Scholars and practitioners have expressed concerns suggesting that the United States legal system in cases of undetected fraud, penalize auditors for investigating fraud risks. And if this to be true, why are auditors’ being scrutinized for simply following auditing standards? SAS no.99 (Statements on Auditing Standards) provides standards and guidance auditors’ are required to follow while considering fraud during a financial statement audit. This includes identifying fraud risks, assessing, evaluating and responding to the identified risks and lastly documenting the considerations of fraud. The article written by Andrew B. Reffett, “Can Identifying and Investigating Fraud Risks Increase Auditor Liability?” examines these liability issues by conducting an experiment that tests whether or not an auditor is liable after
During the audit of the financial statements we will be assessing the internal controls in use as mandated by the Sarbanes-Oxley Act of 2002. The act was designed to enhance corporate responsibility as it relates to financial reporting issues. Section 404 covers the internal controls that have been setup by the company. Internal controls are designed to protect the assets of a business from misuse or loss. Internal controls also help the business to streamline processes so that goals can be achieved at the best rate of return from the use of available assets. The remainder of this letter contains an overview of section 404 and other regulations relating to the audit of internal controls and a synopsis of internal control risks that have been identified within Apollo Shoes Inc. We will also describe the relationship between internal controls and the audit process as well as outlining our responsibilities in detecting and reporting fraud.
The internal audit has adopted by the Petrol Malaysia Refining & Marketing Bhd to undertake the independent, regular, and systematic audit reviews of the company’s internal control system. Internal control is a process designed to provide reasonable assurance that the company’s system will be achieved effectively. The internal audit process consists of the audit of the selected units and operations based on the risk management. Other than that, it also covers the periodic and annual review with the Board Audit & Risk Management Committee of audit results and audit plans for the subsequent year. Board Audit & Risk Management Committee has the function to approve the
In current scenario there is one section in economy which is really hot and boiling and it is oil sector. With crude oil at $146 per barrel and raring to cross $200 per barrel this sector is suddenly giving sleepless nights to all the major economies of the world &