The Companies Act 2013, (‘the Act’) ushers in a new era of corporate governance and transparency in the Indian corporate sector. The Securities and Exchange Board of India (SEBI) with the objective to align its provisions to the recently notified provisions of the Companies Act, 2013 has specifically reviewed clause 49 of the Listing Agreement, to adopt leading industry practices on corporate governance and to make the corporate governance framework more effective. With requirements of these norms warranting organizations to provide assurance to the Board of Directors and Audit Committees on adequacy of internal financial controls, effective risk management processes, Anti-fraud controls and effective legal compliance framework, the Internal Auditor would need to review and re-define its role and fulfill its role as an important vehicle and an enabler of good corporate governance. Going forward, the role of the Internal Audit Function is expected to become much more onerous as the board, management and independent directors seek increased comfort from an Internal Auditor on newer areas to comply with their oversight responsibility and legal duties. It is set to evolve into a more extensive, outward, forward looking and continuous activity playing an enhanced role in 'Integrated Assurance' - an activity to outline who provides assurance on what aspects of the entire assurance universe. Thus, Internal audit has, over the years, moved a long way forward to being a strong indispensable control tool in the hands of the management for effectively and efficiently running the affairs of the entity.
MEANING OF INTERNAL AUDIT
“Internal audit is an independent management function, which involves a continuous and critical appraisal of the functioning of an entity with a view to suggest improvements thereto and add value to and strengthen the overall governance mechanism of the entity, including the entity's strategic risk management and internal control system.”
Internal auditor should be independent of the activities they audit. The internal audit function is, generally, considered independent when it can carry out its work freely and objectively. Independence permits internal auditors to render impartial and unbiased judgment essential to the proper conduct of audits.
The required organizational independence from management enables unrestricted evaluation of management activities and personnel and allows internal auditors to perform their role effectively. Although internal auditors are part of company management and paid by the company, the primary customer of internal audit activity is the entity charged with oversight of management's activities. This is typically the Audit Committee, a sub-committee of the Board of Directors. Organizational independence is effectively achieved when the chief audit executive reports functionally to the board. Examples of functional reporting to the board involve the board: Approving the internal audit charter; Approving the risk based internal audit plan; Approving the internal audit budget and resource plan; Receiving communications from the chief audit executive on the internal audit activity’s performance relative to its plan and other matters; Approving decisions regarding the appointment and removal of the chief audit executive; Approving the remuneration of the chief audit executive; and Making appropriate inquiries of management and the chief audit executive to determine whether there are inappropriate scope or resource limitations.