SECTION 4 MAKING IT EASY – READY-TO-USE DRAFTS ......signed-off by employees at the time of...
Transcript of SECTION 4 MAKING IT EASY – READY-TO-USE DRAFTS ......signed-off by employees at the time of...
| 64 |
SECTION 4
MAKING IT EASY – READY-TO-USE DRAFTS
AND FORMATS
4.1 Entity Level Controls – Specimen (refer paragraph 2.5.5)
ABC Private Limited ICFR for the year ending 31st March, 2016
Entity Level Controls (ELC)
LIST OF CONTROL GROUPS
Control Ref Control Group
C01 Roles and responsibilities of Board of Directors
C02 Formal SOPs for various crucial processes
C03 Admin Manual covers various policies
C04 Risk Management policy
C05 Background Verification process in place
C06 Manpower planning and recruitment policy/process to ensure right crew for the right job
C07 Board Review of business plans, budgets, budget vs. actual, periodic performance and Internal Audit reports
C08 Monthly MIS reporting
C09 Staff hired through a management approved placement agency
C10 Promotions based on well-defined Performance Evaluation system.
C11 Talent growth through need-based and compliance related training
C12 Attrition management
| 65 |
Control Ref Control Group
C13 Independent Review and periodic updates by External Professional Consultant
C14 Access rights restrictions
C15 Independent Review by Internal Auditor
C16 Validation controls - confirmation, verifications of assets/bank balances, valuations
C17 Compliance framework, tracker and reporting - controls on compliances and regulatory reporting
C18 Sexual Harassment Policy
C19 Appointment letter covers ethical standards and other required terms and conditions which is signed-off by employees at the time of joining
C20 Board/Management Approval
C21 Formal roll out of ICFR policy and testing
C22 Data Back-up strategy
C23 Defined BCP/DRP process
C24 Periodic department reviews
C25 Defined Financial Closure Policy
C26 Compliance with related-party transactions and disclosures
C27 Periodic updation and communication of ISO manual
C28 Formal KRA definition and communication of the same
C29 Information and Communication
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 66 |
| ICFR – A Handbook for Private Companies and their Auditors |
AB
C P
riva
te L
imit
ed
ICFR
for
th
e ye
ar e
nd
ing
31st
Mar
ch,
2016
En
tity
Lev
el C
ontr
ols
(EL
C)
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
1Co
ntro
l En
viro
nmen
tM
anag
emen
t es
tabl
ish
es
stru
ctu
re,
auth
ority
an
d re
spon
sibi
lity
in
pu
rsui
t of
ob
jectiv
es
Bo
ar
d Ov
ersig
htBo
ard
does
not
cle
arly
def
ine
auth
ority
to b
e ex
erci
sed
at
Boar
d le
vel
and
auth
ority
de
legate
d to
oth
er D
irecto
rs
C01
Boar
d po
wers
are
clear
ly d
efine
d 1.
Co
nfir
m
the
docu
men
tatio
n of
Boa
rd
pow
ers
and
dele
gatio
n of
au
thor
ity d
one b
y th
e Boa
rd.
2. Ve
rify
Boar
d m
inut
es a
nd
mee
ting
frequ
ency
. Ver
ify
atten
danc
e rec
ords
to en
sure
pa
rticip
ation
and
insig
hts.
2Co
ntro
l En
viro
nmen
tBo
ard
of
Dir
ec
tors
e
xe
rc
ise
s ov
ersig
ht o
f the
de
velo
pmen
t an
d pe
rform
ance
of
in
tern
al
cont
rols
Bo
ar
d Ov
ersig
htBo
ard
does
not
ack
now
ledg
e its
re
spon
sibi
lity
tow
ards
ov
ersi
ght
for
esta
blis
hing
an
d pe
rform
ance
of i
nter
nal
cont
rols
Boar
d do
es
not
form
ally
de
lega
te t
he r
espo
nsib
ility
fo
r est
ablis
hmen
t of i
nter
nal
finan
cial
con
trol
s an
d fo
r en
surin
g eff
ectiv
e pe
rform
ance
th
ereo
f.
C02
1.
Boar
d m
inut
es
incl
udes
a
stat
emen
t ac
know
ledg
ing
its
resp
onsib
ility
for I
CFR
2. B
oard
pro
vide
s bro
ad g
uide
lines
fo
r in
tern
al c
ontro
ls a
nd r
ecor
ds
form
al d
eleg
atio
n of
aut
horit
y fo
r es
tablis
hmen
t of c
ontro
ls.
1.
Veri
fy
that
fo
rmal
gu
idel
ines
ha
ve
been
pr
ovid
ed b
y th
e Bo
ard.
2.
Veri
fy
that
sp
ecifi
c re
spon
sibi
lity
has
been
al
loca
ted
for
esta
blis
hing
in
terna
l fin
ancia
l con
trols
| 67 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
3C
on
tr
ol
Envi
ronm
ent
Boar
d of
D
ire
cto
rs
ex
er
cis
es
over
sight
of t
he
deve
lopm
ent
and
perfo
rman
ce
of
inte
rnal
co
ntro
ls
Bo
ar
d Ov
ersig
htBo
ard
does
no
t ha
ve
a m
echa
nism
to
revi
ew I
CFR
adeq
uacy
and
per
form
ance
C07,
C08
Boar
d of
Dir
ecto
rs r
evie
w t
he
perfo
rman
ce o
f the
com
pany
and
ad
equa
cy
of
inte
rnal
co
ntro
ls th
roug
h re
gula
r int
erac
tions
with
th
e Fi
nanc
e M
anag
er
Budg
ets
are
esta
blish
ed o
n ye
arly
ba
sis
Mon
thly
rep
ortin
g is
don
e by
Fi
nanc
e M
anag
er to
the
Grou
p CF
O wh
o in
turn
repo
rts to
BOD
.
1. V
erify
Boa
rd m
eetin
g m
inut
es w
here
ade
quac
y an
d ef
fect
iven
ess
of
inte
rnal
con
trols
have
bee
n re
view
ed.
2. C
onfir
m th
at th
ere
are
regu
lar in
terac
tions
betw
een
Boar
d m
embe
rs an
d Fi
nanc
e M
anag
er th
roug
h CF
O, a
nd
othe
r ke
y m
anag
emen
t pe
rson
nel t
o as
sess
qua
lity
of c
ontr
ols
and
revi
ew
busin
ess p
erfo
rman
ce.
3. R
eview
bud
get v
arian
ces,
exce
ptio
nal i
tem
s to
ass
ess
inter
nal c
ontro
l gap
s, if
any.
4C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
inte
grity
an
d eth
ical v
alues
Bo
ar
d Ov
ersig
htBo
ard
of D
irect
or d
oes n
ot se
t th
e ri
ght
tone
at
the
top
to
enco
urag
e eth
ics a
nd in
tegrit
y.
C03
Polic
ies
are
fram
ed b
y th
e Bo
ard
w.r.t
. eth
ical
con
duct
, ant
i-brib
ery
and
corru
ptio
n, a
nti-f
raud
.
1. V
erify
min
utes
of B
oard
m
eetin
g and
Adm
in M
anua
l/ di
rect
ions
iss
ued
by t
he
Boar
d of
Dire
ctors
from
tim
e to
tim
e.
2. R
evie
w A
ppoi
ntm
ent
letter
of a
n em
ploy
ee.
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 68 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
5C
on
tr
ol
Envi
ronm
ent
Hold
s ind
ivid
ual
acco
unta
ble
for
the
inte
rnal
c
on
tr
ol
resp
onsib
ilitie
s
Bo
ar
d Ov
ersig
htBo
ard
of D
irect
ors
does
not
se
t the
rig
ht to
ne a
t the
top
to e
ncou
rage
ins
titut
ion
of
cont
rols
and
sys
tem
s an
d en
sure
acc
ount
abili
ty fo
r lap
se
of c
ontro
ls
C02
Dire
ction
s are
giv
en b
y th
e Bo
ard
to
enco
urag
e pr
oces
s-driv
en c
ondu
ct,
auto
mati
on a
nd e
ffecti
ve m
onito
ring
acro
ss th
e or
gani
zatio
n.
Veri
fy m
inut
es o
f Bo
ard
mee
ting
and
polic
ies/
dire
ctio
ns i
ssue
d by
the
Bo
ard
of D
irecto
rs fro
m ti
me
to ti
me.
6C
on
tr
ol
Envi
ronm
ent
Man
agem
ent
esta
blis
hes
st
ruc
ture
, au
thor
ity
and
resp
onsi
bili
ty
in
purs
uit
of
objec
tives
Deleg
atio
n of
Au
thor
ityAm
bigu
ity
in
dele
gatio
n of
fina
ncia
l pow
ers
redu
ces
the
cont
rol
over
fin
anci
al
trans
actio
ns a
nd in
crea
se th
e ris
k of
fina
ncial
loss
es
C01
1. F
inan
cial
pow
ers
in t
erm
s of
si
gnin
g /e
ffect
ing
bank
ing
trans
actio
ns is
with
the
Dire
ctor.
2. A
lso,
all
the
maj
or c
ontr
acts
, ag
reem
ents
, Pur
chas
e Or
ders
are
sig
ned/
appr
oved
by
the
Dire
ctors.
3. A
ll th
e m
ajor
dec
isio
ns a
re
clos
ely
revi
ewed
by
the
resp
ectiv
e HO
Ds at
Gro
up le
vel b
efore
appr
oval
by th
e Di
recto
r.
Conf
irm th
at a
utho
rizat
ion/
appr
oval
s of
Di
rect
ors
is in
pla
ce, r
evie
w B
oard
re
solu
tion
to d
efin
e po
wers
of
Dire
ctor
7C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
inte
grity
an
d eth
ical v
alues
Ethi
cs
& In
tegrit
yFl
awed
per
form
ance
ince
ntiv
e/ co
mpe
nsat
ion
polic
y no
t in
line
with
eth
ical
ton
e an
d st
anda
rds
may
incr
ease
the
risk
of
com
prom
ise
/ no
n-co
mpl
iance
to et
hica
l stan
dard
s of
con
duct
C03,
C19
1. A
dmin
Man
ual g
ives
a re
fere
nce
to e
thic
al s
tand
ards
exp
ecte
d fro
m
empl
oyee
s.
2. A
ppoi
ntm
ent
Lette
r in
clud
es
relev
ant c
lause
s
1. V
erify
Adm
in M
anua
l to
ens
ure
all u
pdat
ions
are
in
clude
d.
2. Ve
rify
Appo
intm
ent L
etter
of
em
ploy
ee
| 69 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
8C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
inte
grity
an
d eth
ical v
alues
Ethi
cs
& In
tegrit
yIf
man
agem
ent
does
no
t ta
ke ti
mel
y an
d ap
prop
riate
di
scip
linar
y ac
tion,
it w
ould
en
cour
age
non-
adhe
renc
e to
est
ablis
hed
polic
ies
and
proc
edur
es
C03
Man
agem
ent
take
s di
scip
linar
y ac
tion
for v
iolat
ions
/ non
-adhe
renc
e, in
a ti
mely
and
app
ropr
iate
man
ner.
1. V
erify
the
mec
hani
sm fo
r re
cord
ing
non-
adhe
renc
es/
viol
ation
s.
2. V
erify
the
evi
denc
e of
ac
tion
bein
g tak
en.
9C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
inte
grity
an
d eth
ical v
alues
Ethi
cs
& In
tegrit
yAp
plica
nt sc
reen
ing p
roce
dure
s do
not
ade
quat
ely
cons
ider
in
tegrit
y an
d eth
ical v
alues
C05,
C09
1. Ad
equa
te ba
ckgr
ound
ver
ifica
tion
is d
one
for
empl
oyee
s (P
olic
e Cl
eara
nce,
Expe
rienc
e let
ter, e
tc.)
2. M
ajor
ity o
f offi
ce s
taff
is hi
red
thro
ugh
a pl
acem
ent a
genc
y wh
ich
is se
lect
ed b
y th
e m
anag
emen
t to
ensu
re ri
ght p
erso
n fo
r the
righ
t job
3. D
ecla
ratio
ns a
re o
btai
ned
from
em
ploy
ees
for n
on-d
isclo
sure
and
co
de o
f con
duct
adhe
renc
e as
a p
art
of jo
inin
g fo
rmali
ties
10C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
attr
act,
reta
in
and
deve
lop
co
mp
ete
nt
indi
vidu
als
Recr
uitm
ent
& Se
lectio
nLa
ck o
f ad
equa
te t
alen
t or
m
ism
atch
es in
req
uire
men
ts an
d sk
ill s
ets
may
sev
erel
y im
pact
ac
hiev
emen
t of
ob
jectiv
es
C05,
C06,
C09
1. A
rig
orou
s re
crui
tmen
t an
d se
lect
ion
proc
ess
is a
dopt
ed t
o en
sure
selec
tion
of ri
ght e
mpl
oyee
s fo
r the
righ
t job
.
2. M
ajor
ity o
f offi
ce s
taff
is hi
red
thro
ugh
a pl
acem
ent a
genc
y wh
ich
is se
lected
by
the
man
agem
ent
1. C
onfir
m th
e no
. of e
xits
and
the p
rincip
al un
derly
ing
reas
on/s.
2.
Conf
irm
th
at
key
posit
ions
are
not
left
vaca
nt
for a
long
tim
e.
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 70 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
11C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
attr
act,
reta
in
and
deve
lop
co
mp
ete
nt
indi
vidu
als
Ince
ntiv
eIn
abs
ence
of a
pro
per
wor
k en
viro
nmen
t the
com
pany
may
ha
ve to
dea
l with
high
attr
ition
lev
els
C10,
C12
1. P
rom
otio
ns a
re b
ased
on
wel
l-de
fined
Per
form
ance
Eva
luat
ion
syste
m.
2. M
anag
emen
t ens
ures
a v
ery
low
attrit
ion
rate.
1. R
evie
w t
he a
ppra
isal
pr
oces
s for
app
ropr
iate
ness
an
d co
nfirm
that
ther
e is
due
proc
ess f
or re
dres
sal o
f ap
prais
al re
lated
grie
vanc
es.
2. R
evie
w at
tritio
n ra
te a
nd
relat
ed a
naly
sis
12C
on
tr
ol
Envi
ronm
ent
Boar
d of
D
ire
cto
rs
ex
er
cis
es
over
sight
of t
he
deve
lopm
ent
and
perfo
rman
ce
of
inte
rnal
co
ntro
ls
Inte
rna
l Au
dit
A ro
bust
syste
m o
f mon
itorin
g th
roug
h pe
riod
ic
inte
rnal
au
dits
or
co
ntro
l Se
lf As
sess
men
ts h
as n
ot b
een
estab
lishe
d
C07,
C15
1. In
terna
l aud
its a
re d
one
quar
terly
as
per
pre
-def
ined
sco
pe w
hich
is
appr
oved
by
the
man
agem
ent.
2. B
oard
mee
tings
disc
uss
inte
rnal
au
dit r
epor
ts - k
ey fi
ndin
gs.
1.Ver
ify In
terna
l aud
it sc
ope
and
repo
rts
2. Re
view
Boa
rd M
inut
es
13C
on
tr
ol
Envi
ronm
ent
Dem
onst
rate
s co
mm
itmen
t to
attr
act,
reta
in
and
deve
lop
co
mp
ete
nt
indi
vidu
als
Train
ing
Inad
equa
te
atte
ntio
n to
tra
inin
g m
ay re
sult
into
ski
ll di
lutio
n, l
ack
of a
war
enes
s ab
out p
olic
ies
and
regu
lato
ry
requ
irem
ents
and
ina
bilit
y to
di
scha
rge
assi
gned
re
spon
sibili
ties.
C11
1. T
rain
ing
for
regu
lato
ry a
nd
proc
ess
chan
ges
is
impa
rted
on
a t
imel
y ba
sis
as p
er e
ither
cl
ient
’s re
quire
men
t or r
egul
ator
y re
quire
men
t
2.
Trai
ning
is
id
entif
ied
and
impa
rted
as n
eede
d
Verif
y tra
inin
g pr
oces
s
14R
is
k As
sess
men
tS
pe
cif
ies
ob
jec
tiv
es
with
cla
rity
to
iden
tify
and
asse
ss th
e ris
ks
Ri
sk
Man
agem
ent
Fram
ewor
k
Abse
nce
of e
nter
pris
e-w
ide
risk
asse
ssm
ent a
nd a
bsen
ce o
f do
cum
ente
d ris
k m
anag
emen
t po
licy
C04
Form
al ri
sk m
anag
emen
t pol
icy
is pr
esen
ted to
the B
oard
and
appr
oved
by
the
Boar
d of
Dire
ctors.
Revi
ew th
e risk
man
agem
ent
polic
y ad
opte
d by
th
e Co
mpa
ny
| 71 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
15R
is
k As
sess
men
tId
en
tifi
es
and
anal
yzes
si
gnif
ican
t ch
ange
s th
at
coul
d im
pact
in
terna
l con
trols
Bu
sin
ess
Cont
inui
ty
Plan
, Disa
ster
Rec
over
y Pl
an
Abse
nce
of B
CP/D
RP m
ay
lead
to b
usin
ess i
nter
rupt
ions
an
d m
ay je
opar
dize
bus
ines
s co
ntin
uity
C22,
C23
1. B
usin
ess
Cont
inui
ty P
lan
(BCP
) an
d Di
sast
er R
ecov
ery
Plan
(DRP
) ar
e in
plac
e.
2. D
ata
reco
very
plan
is e
stabl
ished
an
d op
erati
onal.
1. Re
view
the
BCP
and
DRP.
2. R
eview
the
data
reco
very
pl
an.
16R
is
k As
sess
men
tId
en
tifi
es
and
anal
yzes
si
gnif
ican
t ch
ange
s th
at
coul
d im
pact
in
terna
l con
trols
Fin
anci
al
repo
rting
Regu
lato
ry c
hang
es im
pact
ing
busi
ness
, fin
anci
al c
ondu
ct
or re
porti
ng re
quire
men
ts ar
e no
t und
erst
ood,
ana
lyze
d or
in
terna
lized
.
C17
1.
Regu
lato
ry
chan
ges
are
unde
rsto
od a
nd a
sses
sed
for t
heir
impa
ct on
bus
ines
s.
2. C
ompl
ianc
e tra
cker
is fi
lled
in
at d
efin
ed fr
eque
ncy
and
upda
ted
perio
dica
lly fo
r am
endm
ents.
Verif
y fo
rmal
ass
essm
ent o
f ke
y re
gulat
ory
chan
ges.
17R
is
k As
sess
men
tId
en
tifi
es
and
anal
yzes
si
gnif
ican
t ch
ange
s th
at
coul
d im
pact
in
terna
l con
trols
Fin
anci
al
repo
rting
Impr
oper
ch
anne
ls
to
com
mun
icat
e th
e ch
ange
s in
bus
ines
s pr
actic
es to
the
acco
untin
g de
part
men
t may
af
fect
the
met
hod
or t
he
proc
ess
of
reco
rdin
g th
e tr
ansa
ctio
ns
in
finan
cial
sta
temen
ts
C24
Perio
dic
depa
rtmen
tal r
evie
ws
are
done
whe
rein
Fin
ance
team
is a
lso
pres
ent;
revi
ew c
over
s di
scus
sions
on
cha
nges
in b
usin
ess
prac
tices
aff
ectin
g fin
ancia
l stat
emen
ts.
Revi
ew
mod
ifica
tion
in
proc
esse
s, i
f an
y, b
y th
e ac
coun
ts tea
m
18R
is
k As
sess
men
tId
en
tifi
es
and
anal
yzes
si
gnif
ican
t ch
ange
s th
at
coul
d im
pact
in
terna
l con
trols
Fin
anci
al
repo
rting
Risk
of
re
gula
tory
no
n-co
mpl
ianc
e an
d fin
anci
al
mis
stat
emen
ts
if su
itabl
e ac
coun
ting
prin
ciples
, pol
icies
or
rules
not
follo
wed
C13,
C15,
C25
1.M
anag
emen
t spe
cifie
s fin
anci
al
repo
rting
rules
and
stan
dard
s whi
ch
are
cons
iste
nt w
ith a
ccou
ntin
g pr
inci
ples
suita
ble
and
appr
opria
te
for t
he e
ntity
.
1. Ve
rify
finan
cial s
tatem
ents
with
ade
quate
disc
losu
res
2. V
erify
stat
utor
y au
dito
r’s
repo
rt
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 72 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
2. R
evie
ws
by/c
onsu
ltatio
ns w
ith
the
Stat
utor
y Au
dito
rs a
s re
quire
d by
the
regu
latio
n (a
nnua
l rev
iew
) or
as
cons
ider
ed n
eces
sary
by
the
man
agem
ent,
are
done
.
3. In
tern
al a
udit
cove
rage
ext
ends
to
com
plian
ce re
view
and
fina
ncial
re
porti
ng re
view
.
3. V
erify
int
erna
l au
dit
repo
rts
19R
is
k As
sess
men
tId
en
tifi
es
and
anal
yzes
si
gnif
ican
t ch
ange
s th
at
coul
d im
pact
in
terna
l con
trols
Fin
anci
al
repo
rting
Non
iden
tific
atio
n of
cha
nges
in
ac
coun
ting
prin
cipl
es
or
finan
cial
re
port
ing
requ
irem
ents
may
lead
to n
on-
com
plia
nce
and
the
finan
cial
sta
tem
ents
will
not s
how
true
and
fair
fig
ures
or
may
not
in
clude
disc
losur
es as
requ
ired.
C13,
C25
1.
Defin
ed
and
docu
men
ted
Fina
ncial
Stat
emen
t Clo
sure
Pro
cess
is
in p
lace.
2. P
erio
dic
upda
tes
are
rece
ived
fro
m p
rofes
siona
l con
sulta
nts.
Revi
ew fi
nanc
ial st
atem
ents
and
all
othe
r re
leva
nt
info
rmati
on.
20R
is
k As
sess
men
tId
en
tifi
es
risk
s to
th
e ac
hiev
emen
t of
obje
ctiv
es a
nd
analy
zes r
isks t
o m
anag
e th
em
Fin
anci
al
repo
rting
Abse
nce
of a
n ap
prop
riat
e m
echa
nism
of r
elat
ed p
arty
tr
ansa
ctio
ns
iden
tific
atio
n ca
n le
ad to
reg
ulat
ory
non-
com
plia
nce
and/
or f
inan
cial
m
isstat
emen
ts
C20,
C26
1. V
ario
us c
ompl
ianc
es u
nder
di
ffere
nt s
tatu
tes
in r
elat
ion
to
tran
sact
ions
with
rel
ated
par
ty
(tran
sfer p
ricin
g re
lated
com
plian
ce
and
retu
rn fi
ling)
are
verif
ied.
2. B
oard
app
rova
l is
tak
en f
or
relat
ed p
arty
tran
sacti
on
Veri
fy B
oard
not
ing
and
appr
oval
of r
elat
ed p
arty
tra
nsac
tions
.
| 73 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
21R
is
k As
sess
men
tAs
sess
es f
raud
ri
sk
to
the
achi
evem
ent o
f ob
jectiv
es
IT S
ecur
ityCo
mpa
ny in
frast
ruct
ure
and
IT s
yste
ms
bein
g us
ed f
or
fraud
ulen
t act
iviti
es th
ereb
y af
fect
ing
the
repu
tatio
n an
d in
crea
sing
the
leg
al r
isks
att
ache
d
C14
1. A
cces
s is r
estri
cted
to u
sers
who
ar
e ei
ther
em
ploy
ees o
r aut
horiz
ed
perso
nnel.
2. P
assw
ord
and
user
id p
rote
cted
sy
stem
s exi
st.
3. D
eact
ivat
ion
of e
xter
nal s
tora
ge
devi
ces o
n co
mpa
ny P
C’s h
as b
een
done
.
4. A
cces
s to
all
publ
ic s
ites
and
dom
ains i
s res
tricte
d.
1. R
evie
w li
st o
f use
r-ids
wi
th a
cces
s righ
ts
2. V
erify
pro
toco
l for
acc
ess
to
syst
ems
and
polic
y hi
ghlig
htin
g se
curit
y of
use
r id
and
pas
swor
ds
22R
is
k As
sess
men
tId
en
tifi
es
risk
s to
th
e ac
hiev
emen
t of
obje
ctiv
es a
nd
analy
zes r
isks t
o m
anag
e th
em
Train
ing
Chan
ges
in t
he p
roce
dure
m
anua
l of
a
part
icul
ar
depa
rtm
ent
with
out
the
know
ledg
e of
its
empl
oyee
s lea
ds to
dilu
tion
of th
e im
pact
of th
e ch
ange
s im
plem
ented
C27
Perio
dic r
eview
of p
roce
ss m
anua
l is
done
and
upda
tes ar
e com
mun
icated
to
all
empl
oyee
s con
cern
ed.
1. V
erify
that
the
man
uals
are
perio
dica
lly re
view
ed.
2.
Veri
fy
evid
ence
of
co
mm
unic
atio
n of
cha
nges
to
em
ploy
ees.
23C
on
tr
ol
Activ
ities
Sele
cts
and
deve
lops
con
trol
activ
ities
to
m
itiga
te ris
ks
Evalu
ation
Risk
of r
ecur
renc
e of
issu
es
if no
t eva
luat
ed a
nd p
olic
ies/
proc
edur
es
not
mod
ified
ac
cord
ingly
C15
Perio
dic i
nter
nal a
udit
is do
ne b
y an
ex
tern
al a
genc
y an
d ch
ange
s mad
e ba
sis a
gree
d ac
tions
.
Verif
y in
tern
al au
dit r
epor
ts av
aila
ble,
and
rec
ord
of
reso
lutio
n of
agr
eed
actio
ns.
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 74 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
24C
on
tr
ol
Activ
ities
Sele
cts
and
deve
lops
con
trol
activ
ities
to
m
itiga
te ris
ks
Fin
anci
al
repo
rting
Risk
of
finan
cial
los
s an
d/
or fi
nanc
ial m
isst
atem
ent i
n th
e ab
senc
e of
an
esta
blish
ed
phys
ical
ver
ifica
tion
of a
sset
s m
echa
nism
C16,
C20
1. P
hysi
cal v
erifi
catio
n of
fixe
d as
sets,
cas
h is
done
.
2. T
hird
par
ty a
nd b
ank
bala
nce
conf
irmati
ons s
tatem
ents
are
taken
.
3. B
oard
dis
cuss
es f
indi
ngs
of
phys
ical
ver
ifica
tion
of a
sset
s/ di
scre
panc
y re
solu
tion
1.
Veri
fy
fixed
as
set
verif
icatio
n re
port
and
chec
k fo
r per
iodi
city
(CAR
O, 2
015)
2.
Veri
fy
thir
d pa
rty
conf
irmati
ons.
3. V
erify
rec
ords
sho
win
g fu
ll pa
rticu
lars -
qua
ntita
tive
detai
ls an
d sit
uatio
n of
fixe
d as
sets
(CAR
O, 2
015)
4. V
erify
Boa
rd m
eetin
g m
inut
es
25C
on
tr
ol
Activ
ities
Depl
oys
cont
rol
ac
tiv
itie
s th
roug
h po
licie
s an
d pr
oced
ures
Paym
ents
and
reim
burse
-m
ents
Abse
nce
of p
olic
ies
will
lead
to
reim
burs
emen
t/ al
low
ance
of
non
agr
eed
expe
nses
to th
e em
ploy
ees
or re
imbu
rsem
ent
of ex
pens
es o
ver a
nd a
bove
the
set l
imit
to th
e em
ploy
ees.
C03
All f
inan
cial
pol
icie
s re
latin
g to
em
ploy
ees
are
in p
lace
alo
ng w
ith
defin
ed le
vel o
f app
rova
ls.
Veri
fy
rem
uner
atio
n st
ruct
ure
for
finan
cial
po
licie
s re
latin
g to
em
ploy
ees.
26In
form
atio
n &
Com
mun
i-ca
tion
Com
mun
icat
es
exte
rna
lly
reg
ard
ing
matt
ers a
ffecti
ng
inter
nal c
ontro
ls
Ex
tern
al
Com
mun
i-ca
tion
May
res
ult
in r
eput
atio
nal/
finan
cial
/repo
rtin
g ris
k du
e to
erro
neou
s co
mm
unic
atio
ns
to e
xter
nal p
artie
s/ e
xter
nal
repo
rting
C03
1. C
lear
iden
tific
atio
n of
per
sons
au
thor
ized
to c
omm
unic
ate
with
ex
terna
l par
ties o
n re
levan
t com
pany
m
atter
s.
2. A
form
al s
ocia
l med
ia p
olic
y is
in p
lace.
Verif
y th
e Ad
min
Man
ual
for
com
mun
icat
ing
with
ex
terna
l par
ties
| 75 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
27In
form
atio
n &
Com
mun
i-ca
tion
Com
mun
icat
es
exte
rna
lly
reg
ard
ing
matt
ers a
ffecti
ng
inter
nal c
ontro
ls
Ex
tern
al
Com
mun
i-ca
tion
In
the
abse
nce
of
clea
r co
mm
unic
atin
g ch
anne
ls fo
r ex
tern
al p
artie
s, e
mpl
oyee
/ m
anag
emen
t malp
racti
ces m
ay
not c
ome
to li
ght,
may
hav
e a
repu
tatio
n ris
k wi
th re
spec
t to
third
par
ties
C03,
C18
Ther
e ar
e pr
oper
ly
iden
tifie
d co
mm
unic
atio
n ch
anne
ls (e
mai
l id
s) fo
r thi
rd p
artie
s und
er gr
ievan
ce
mec
hani
sm,
sexu
al h
aras
smen
t po
licy
Revi
ew
grie
vanc
e m
echa
nism
an
d se
xual
ha
rass
men
t pol
icy
28In
form
atio
n &
Com
mun
i-ca
tion
Com
mun
icat
es
inte
rnal
ly,
info
rmat
ion
inc
lud
ing
obje
ctiv
es a
nd
resp
onsi
bilit
ies
of
inte
rnal
co
ntro
l
Inte
rna
l C
omm
uni-
catio
n
Abse
nce
of
clea
r co
mm
unica
tion
on p
erfo
rman
ce
mea
sure
s m
ay
lead
to
am
bigu
ities
and
incr
ease
in
attrit
ion
levels
C28
Clea
r co
mm
unic
atio
n of
the
Key
Resu
lt Ar
eas
in t
he e
valu
atio
n pr
oces
s
Verif
y th
e co
mm
unic
atio
n fo
r the
KRA
s
29In
form
atio
n &
Com
mun
i-ca
tion
Com
mun
icat
es
inte
rnal
ly,
info
rmat
ion
inc
lud
ing
obje
ctiv
es a
nd
resp
onsi
bilit
ies
of
inte
rnal
co
ntro
l
Man
agem
ent
Over
sight
Risk
ev
ents
, ex
cept
iona
l an
d un
usua
l ev
ents
rem
ain
unre
porte
d to
the
man
agem
ent
and
henc
e th
e ri
sk
man
agem
ent f
ram
ewor
k is
not
duly
enh
ance
d.
C07,
C08,
C29
1. F
orm
al c
omm
unic
atio
n pr
oces
s es
tablis
hed
for e
scala
ting
disru
ptio
n to
ope
ratio
ns, o
ccur
renc
e of
ris
k ev
ents
and
any
mate
rial e
xcep
tiona
l ev
ent.
2.
Peri
odic
M
IS/
dash
boar
ds,
high
light
ing
of a
ll ex
cept
ions
.
3. B
oard
mee
ting,
man
agem
ent
revi
ew m
eetin
g di
scus
s un
usua
l ev
ents.
1. V
erify
per
iodi
c M
IS o
n sa
mpl
e ba
sis
2. V
erify
man
agem
ent a
nd
Boar
d m
eetin
g m
inut
es
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 76 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
30M
onito
ring
Eval
uate
s an
d co
mm
unic
ates
de
ficie
ncie
s, to
en
able
corre
ctive
ac
tions
be
ing
taken
Fin
anci
al
repo
rting
Inad
equa
te
proc
ess
for
obta
inin
g th
ird
part
y co
nfir
mat
ions
to
va
lidat
e fin
anci
al fi
gure
s and
to d
etec
t fin
ancia
l fra
uds.
C16
1.
Thir
d pa
rty
conf
irm
atio
ns
obta
ined
fro
m b
anks
, de
btor
s, re
lated
par
ties
2. W
eb b
ased
revi
ew d
one
to a
sses
s ta
x st
atus
, TDS
sta
tus,
regu
lato
ry
com
plian
ce re
lated
num
bers.
Veri
fy
conf
irm
atio
ns
obta
ined
fr
om
coun
ter
part
ies
and
Gove
rnm
ent
web
site
(su
ch a
s In
com
e Ta
x) fo
r rec
oncil
ing s
tatut
ory
figur
es a
nd o
ther
bala
nces
.
31M
onito
ring
Co
nd
uc
ts
on
go
in
g/
se
pa
ra
te
eval
uatio
ns t
o co
nfir
m
that
in
terna
l con
trols
are
func
tioni
ng
Fin
anci
al
repo
rting
Abse
nce
of r
evie
w o
f th
e fin
ancia
ls by
man
agem
ent
C07,
C08
Mon
thly
MIS
con
sistin
g of
fina
ncial
st
atem
ents
and
oth
er o
pera
tions
, re
conc
iliati
ons p
repa
red
by F
inan
ce
Man
ager
are
revi
ewed
and
ana
lyze
d by
Gro
up C
FO
Verif
y fin
anci
al st
atem
ents/
re
ports
, per
iodi
c M
IS a
nd
reco
ncili
ation
s
32M
onito
ring
Eval
uate
s an
d co
mm
unic
ates
de
ficie
ncie
s, to
en
able
corre
ctive
ac
tions
be
ing
taken
Gri
evan
ce
and
disp
ute
reso
luti
on
mec
hani
sm
Inap
prop
riat
e gr
ieva
nce
proc
esse
s m
ay le
ad to
del
ay
in
dete
ctio
n of
fr
auds
, m
isre
port
ing
of
finan
cial
fig
ures
, nee
d fo
r pro
visio
ning
du
e to
disp
utes
C03
Empl
oyee
gri
evan
ce p
olic
y (to
re
solv
e co
mpl
aint
s and
grie
vanc
es)
form
s par
t of A
dmin
Man
ual
Veri
fy p
olic
y to
res
olve
co
mpl
aint
s an
d gr
ieva
nces
, as
state
d in
Adm
in M
anua
l
33M
onito
ring
Co
nd
uc
ts
on
go
in
g/
se
pa
ra
te
eval
uatio
ns t
o co
nfir
m
that
in
terna
l con
trols
are
func
tioni
ng
Man
agem
ent
Over
sight
Proc
ess
gaps
, er
rors
an
d m
isst
atem
ents
may
not
be
iden
tifie
d by
the
man
agem
ent
whi
ch m
ay a
lso le
ad to
frau
d or
non
-com
plia
nce
due
to
abse
nce
of w
ell-e
stab
lishe
d ris
k an
d in
tern
al a
udit
revi
ew
syste
m
C03,
C07,
C15
1. In
tern
al a
udit
func
tion
repo
rts
to B
oard
of D
irect
or a
nd h
ighl
ight
s de
ficien
cies o
bser
ved.
2.
Polic
es
and
proc
esse
s ar
e in
trodu
ced
and
revi
sed
from
tim
e to
tim
e to
plu
g id
entif
ied
gaps
and
co
ntro
ls lap
ses.
1. V
erify
Int
erna
l Au
dit
repo
rts
2. Ve
rify
mee
ting
min
utes
3. Ve
rify
sam
ple p
olicie
s and
pr
oces
s not
es
| 77 |
Sr
NoAt
tribu
tePr
incip
lePr
oces
s Ac
tivity
Risk
Cont
rol
Ref N
o.Co
ntro
l Des
crip
tion
Audi
t Step
34M
onito
ring
Co
nd
uc
ts
on
go
in
g/
se
pa
ra
te
eval
uatio
ns t
o co
nfir
m
that
in
terna
l con
trols
are
func
tioni
ng
Man
agem
ent
Over
sight
Abse
nce
of c
omm
unic
atio
n of
de
ficie
ncie
s an
d m
onito
ring
corre
ctiv
e ac
tion
may
lead
to
un-re
med
iated
defi
cienc
ies a
nd
resu
ltant
con
trol
gap
s w.
r.t.
ICFR
C21
Form
al ro
ll ou
t of I
CFR
polic
y an
d te
stin
g pr
oces
s fo
r con
trol d
esig
n an
d eff
ectiv
enes
s
1. C
heck
ICFR
fram
ewor
k an
d do
cum
ented
RCM
s
2.
Chec
k th
e pr
oces
s ad
opte
d fo
r tes
ting
cont
rol
desi
gn
and
oper
atio
nal
effec
tiven
ess
Not
e:
Th
e ab
ove
wor
k-s
hee
t ca
n b
e en
han
ced
wit
h c
olu
mn
s su
ch a
s d
epar
tmen
t, d
etai
ls w
ith
res
pec
t to
co
ntr
ols
(wh
eth
er k
ey o
r n
on-k
ey,
wh
eth
er c
ontr
ol e
xist
s –
yes
or n
o, t
ype
of c
ontr
ol –
man
ual
or
auto
mat
ed,
nat
ure
of
con
trol
– p
reve
nti
ve,
det
ecti
ve o
r bo
th p
reve
nti
ve a
nd
det
ecti
ve,
con
trol
fre
quen
cy
– d
aily
, w
eek
ly,
fort
nig
htl
y, m
onth
ly,
hal
f-ye
arly
, an
nu
ally
, ev
ent-
bas
ed,
as a
nd
wh
en),
doc
um
ent/
ev
iden
ce,
def
icie
nci
es,
rem
edia
l p
lan
, re
fere
nce
to
doc
um
ent
and
rem
ark
s
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 78 |
| ICFR – A Handbook for Private Companies and their Auditors |
4.2 IT General Controls – Specimen (refer paragraph 2.5.6)
ABC Private LimitedICFR for the year ending 31st March, 2016
RCM - IT General Controls
LIST OF CONTROL GROUPS
Control Ref Control Group/ Attribute
ITGC 01 Comprehensive IT Policy
ITGC 02 Access Rights Restrictions
ITGC 03 User account management - User id and password security
ITGC 04 Data management - back up and restoration of data and system
ITGC 05 Connectivity management - LAN, internet, firewall, anti-virus,
ITGC 06 Sign-off of stakeholders/management for changes made to key applications relevant to financial reporting
ITGC 07 Restriction to share data
ITGC 08 Controls or authorization for acquisition / development of new system / migration / subsequent changes
ITGC 09 Incident handling – In-house IT Personnel
ITGC 10 Approval/periodic review of user access rights
| 79 |
AB
C P
riva
te L
imit
ed
ICFR
for
th
e ye
ar e
nd
ing
31st
Mar
ch,
2016
IT G
ener
al
Con
trol
s (I
TG
C)
Sr.
No.
Attri
bute
Activ
ity D
escr
iptio
nId
entif
icatio
n of
Risk
of M
ater
ial M
issta
temen
t (“W
hat C
ould
Go
Wro
ng”)
Ri
sk D
escr
iptio
n
Cont
rol R
ef Nu
mbe
rCo
ntro
l Tha
t Add
ress
es R
isk o
f Mat
eria
l M
issta
temen
t — C
ontro
l Nam
e
1Ri
sk
Asse
ssm
ent
IT P
olicy
Inte
nded
IT re
late
d pr
oces
ses n
ot fo
llowe
d du
e to
abs
ence
of d
efin
ed c
ompr
ehen
sive
IT p
olic
y do
cum
ent
ITGC
01
A de
fined
com
preh
ensi
ve IT
pol
icy
docu
men
t to
pro
vide
var
ious
gui
delin
es to
wor
k in
the
IT
envi
ronm
ent,
is in
plac
e
2Co
ntro
l En
viro
nmen
tAc
cess
Righ
tsEd
itabl
e ac
cess
of F
inan
cial S
ystem
(Acc
ount
ing
Softw
are)
pro
vide
d to
per
sons
oth
er t
han
Com
pany
em
ploy
ees
(Inte
rnal
and
Sta
tuto
ry
Audi
tors,
Con
sulta
nts,
etc.)
ITGC
02
View
-onl
y ac
cess
of A
ccou
ntin
g So
ftwar
e pr
ovid
ed
to p
erso
ns o
ther
than
Com
pany
empl
oyee
s (In
terna
l an
d St
atuto
ry A
udito
rs, C
onsu
ltant
s, etc
.) wh
o ar
e no
t req
uire
d to
mod
ify th
e fin
ancia
l tra
nsac
tions
3Co
ntro
l En
viro
nmen
tCl
osin
g of
Acc
ount
ing
peri
od/y
ear
in
the
Acco
untin
g So
ftwar
e
Erro
neou
s/int
entio
nal p
ostin
g of
Acc
ount
ing
entry
in th
e ea
rlier
clo
sed
perio
d/ye
arIT
GC 0
2Cl
osin
g of
pre
viou
s pe
riod/
year
to re
stric
t bac
k-da
ting
of tr
ansa
ction
s
4Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
31.
For
CM
S Sy
stem
- al
l new
use
rs a
re g
iven
pre
-ex
pire
d pa
sswo
rd a
nd th
e sy
stem
pro
mpt
s the
use
r to
set n
ew p
assw
ord
at th
e tim
e of
first
login
2. F
or T
ally
- al
l new
use
rs a
re g
iven
pre
-exp
ired
pass
word
and
the
syste
m p
rom
pts t
he u
ser t
o se
t ne
w pa
sswo
rd a
t the
tim
e of
first
login
5Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
21.
For
CM
S - U
sers
acc
ess
right
s ar
e gr
ante
d by
IT
onl
y up
on sp
ecifi
c ap
prov
al b
y th
e co
ncer
ned
func
tiona
l hea
d
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 80 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr.
No.
Attri
bute
Activ
ity D
escr
iptio
nId
entif
icatio
n of
Risk
of M
ater
ial M
issta
temen
t (“W
hat C
ould
Go
Wro
ng”)
Ri
sk D
escr
iptio
n
Cont
rol R
ef Nu
mbe
rCo
ntro
l Tha
t Add
ress
es R
isk o
f Mat
eria
l M
issta
temen
t — C
ontro
l Nam
e
2. F
or T
ally
- Us
ers
acce
ss ri
ghts
are
gran
ted
by
IT o
nly
upon
spec
ific
appr
oval
by
the
conc
erne
d fu
nctio
nal h
ead
6Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
3Sy
stem
pro
mpt
s the
use
r to
chan
ge th
e pa
sswo
rd
after
the
expi
ratio
n of
30
days
.
7Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
3Pa
ssw
ord
mus
t con
tain
at l
east
7 c
hara
cter
s, al
pha
num
eric
(alp
habe
ts, n
umbe
rs a
nd s
peci
al
char
acter
s).
8Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
3If
the
pass
word
is w
rong
ly e
nter
ed c
ontin
uous
ly
for 5
tim
es w
ithin
30
min
utes
, the
resp
ectiv
e lo
gin
id g
ets lo
cked
.
9Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
3If
a us
er is
not
acc
essi
ng th
e sy
stem
for
mor
e th
an sp
ecifi
ed ti
me,
the
syste
m g
ets a
utom
atica
lly
lock
ed.
10Co
ntro
l En
viro
nmen
tId
entif
ies
and
anal
yses
sig
nific
ant c
hang
es th
at
coul
d im
pact
int
erna
l co
ntro
ls
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 1
0Th
ere
exist
s a p
erio
dic
revi
ew o
f the
use
r pro
files
fo
r sys
tems a
cces
s, to
con
firm
app
ropr
iaten
ess.
11In
form
ation
&
Com
mun
icatio
nSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
3Re
ques
ts fo
r cre
atio
n of
new
use
r ids
are
rece
ived
by
the
IT E
xecu
tive
on s
tand
ardi
zed
form
, dul
y sig
ned
by th
e re
spec
tive
HOD.
| 81 |
Sr.
No.
Attri
bute
Activ
ity D
escr
iptio
nId
entif
icatio
n of
Risk
of M
ater
ial M
issta
temen
t (“W
hat C
ould
Go
Wro
ng”)
Ri
sk D
escr
iptio
n
Cont
rol R
ef Nu
mbe
rCo
ntro
l Tha
t Add
ress
es R
isk o
f Mat
eria
l M
issta
temen
t — C
ontro
l Nam
e
12In
form
ation
&
Com
mun
icatio
nSe
lect
s an
d de
velo
ps
cont
rol
activ
ities
to
m
itiga
te ris
ks
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
31.
Use
r ter
min
atio
n, re
signa
tion
is in
form
ed to
IT
Exec
utiv
e th
roug
h em
ail b
y HR
.
2. U
ser
acco
unt i
s di
sabl
ed im
med
iate
ly a
fter
rece
ivin
g an
em
ail re
ques
t. Be
fore
pro
cess
ing
this
requ
est,
IT a
rchi
ves t
he m
ail b
ox o
f the
use
r.
3. Fu
ll &
Fina
l Sett
lemen
t For
m is
sign
ed b
y th
e IT
Ex
ecut
ive
only
whe
n th
e ne
cess
ary
acce
ss ri
ghts
have
bee
n di
sabl
ed in
the
syste
m.
13Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Abse
nce
of re
gula
r bac
k-up
whi
ch m
ay le
ad to
lo
ss o
f cru
cial d
ataIT
GC 0
41.
Reg
ular
bac
k-up
stra
tegy
defin
ed fo
r ser
ver a
nd
auto
-bac
k up
is ta
ken
at de
fined
freq
uenc
y.
2. Re
triev
al is
tested
at r
easo
nabl
e fre
quen
cy
14Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Abse
nce
of re
gula
r bac
k-up
whi
ch m
ay le
ad to
lo
ss o
f cru
cial d
ataIT
GC 0
4Of
f-site
stor
age o
f bac
k-up
to ta
ckle
any
unfo
rese
en
even
t at t
he o
ffice
pre
mise
s.
15Co
ntro
l En
viro
nmen
tId
entif
ies
risk
s to
the
ac
hiev
emen
t of o
bjecti
ves
and
anal
yses
ris
ks t
o m
anag
e th
em
Serv
ers
and
end
user
s PC
s ar
e in
fect
ed w
ith
viru
sIT
GC 0
51.
Desk
tops
:
All t
he u
ser d
eskt
ops a
re in
stalle
d wi
th a
nti v
irus
scan
ner,
which
scan
s the
new
files
on
an o
ngoi
ng
basis
2. Se
rver
s:
All s
erve
rs ar
e in
stalle
d wi
th a
nti v
irus s
cann
er.
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 82 |
| ICFR – A Handbook for Private Companies and their Auditors |
Sr.
No.
Attri
bute
Activ
ity D
escr
iptio
nId
entif
icatio
n of
Risk
of M
ater
ial M
issta
temen
t (“W
hat C
ould
Go
Wro
ng”)
Ri
sk D
escr
iptio
n
Cont
rol R
ef Nu
mbe
rCo
ntro
l Tha
t Add
ress
es R
isk o
f Mat
eria
l M
issta
temen
t — C
ontro
l Nam
e
3. Ga
teway
:
Mai
l ser
ver
is m
anag
ed a
nd a
ll th
e Em
ails
are
sc
anne
d by
thre
at m
anag
emen
t gate
way.
4. T
he a
nti v
irus g
ets a
utom
atica
lly u
pdat
ed w
ith
the
lates
t ver
sion
thro
ugh
proc
ess o
f aut
o up
dates
16Co
ntro
l En
viro
nmen
tAs
sess
es fr
aud
risk
to th
e ac
hiev
emen
t of o
bjecti
ves
Una
utho
rize
d ac
cess
to
the
IT s
yste
ms,
appl
icatio
ns a
nd d
ata b
y ex
terna
l par
ties
ITGC
05
1. Fi
rewa
lls h
ave
been
insta
lled.
2. Th
e lo
gs a
re re
gular
ly re
view
ed b
y IT
Exe
cutiv
e
17Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
cont
rol
activ
ities
to
m
itiga
te ris
ks
Unau
thor
ized
acce
ss to
IT sy
stem
s, ap
plica
tions
an
d da
ta re
sults
in e
rrors
in fi
nanc
ial re
porti
ngIT
GC 0
6Ch
ange
s in
prog
ram
s can
be
mad
e on
ly w
ith p
rior
appr
oval
of t
he B
oard
of D
irect
ors
or th
e HO
D co
ncer
ned,
with
the s
imul
taneo
us in
volv
emen
t and
ap
prov
al of
the
IT p
erso
nnel.
18Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
cont
rol
activ
ities
to
m
itiga
te ris
ks
Sign
ifica
nt d
evel
opm
ents
and
cha
nges
to
info
rmat
ion
syst
ems
rele
vant
to
finan
cial
re
port
ing
are
mad
e, r
esul
ting
in e
rror
s in
fin
ancia
l rep
ortin
g.
ITGC
06
Deci
sions
aro
und
signi
fican
t dev
elop
men
ts a
nd
chan
ges
to i
nfor
mat
ion
syst
ems
rele
vant
to
finan
cial
repo
rting
are
mad
e in
con
junc
tion
with
Fi
nanc
e M
anag
er a
nd a
fter a
ppro
val o
f BOD
19Co
ntro
l En
viro
nmen
tId
entif
ies
and
anal
yses
sig
nific
ant c
hang
es th
at
coul
d im
pact
int
erna
l co
ntro
ls
Erro
rs in
cha
nges
mad
e to
key
app
licat
ions
re
levan
t to
finan
cial r
epor
ting.
ITGC
06
Spec
ific
chan
ges
are
mad
e to
key
app
licat
ions
re
leva
nt to
fina
ncia
l rep
ortin
g on
ly a
fter s
ign
off
from
the
relev
ant s
takeh
olde
rs
20Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Prob
lem
s an
d in
cide
nts
are
not
effe
ctiv
ely
man
aged
. IT
GC 0
9An
in-h
ouse
IT p
erso
nnel
reso
lves
issu
es fa
ced
by
user
s as r
equi
red
| 83 |
Sr.
No.
Attri
bute
Activ
ity D
escr
iptio
nId
entif
icatio
n of
Risk
of M
ater
ial M
issta
temen
t (“W
hat C
ould
Go
Wro
ng”)
Ri
sk D
escr
iptio
n
Cont
rol R
ef Nu
mbe
rCo
ntro
l Tha
t Add
ress
es R
isk o
f Mat
eria
l M
issta
temen
t — C
ontro
l Nam
e
21Co
ntro
l En
viro
nmen
tSe
lect
s an
d de
velo
ps
gene
ral
cont
rols
ove
r tec
hnol
ogy
Inte
ntio
nal s
harin
g of
cru
cial
and
con
fiden
tial
data
of t
he c
ompa
ny b
y sta
ff to
out
sider
s (e
.g.
com
petit
ors)
ITGC
07
1. D
eact
ivat
ion
of e
xter
nal s
tora
ge d
evic
es o
n co
mpa
ny P
Cs.
2. Re
strict
ing
acce
ss to
all
publ
ic sit
es a
nd d
omain
Not
e:
Th
e ab
ove
wor
k-s
hee
t ca
n b
e en
han
ced
wit
h c
olu
mn
s su
ch a
s d
epar
tmen
t, d
etai
ls w
ith
res
pec
t to
co
ntr
ols
(wh
eth
er k
ey o
r n
on-k
ey,
wh
eth
er c
ontr
ol e
xist
s –
yes
or n
o, t
ype
of c
ontr
ol –
man
ual
or
auto
mat
ed,
nat
ure
of
con
trol
– p
reve
nti
ve,
dete
ctiv
e or
bot
h p
reve
nti
ve a
nd
dete
ctiv
e, c
ontr
ol f
requ
ency
–
dai
ly,
wee
kly
, fo
rtn
igh
tly,
mon
thly
, h
alf-
year
ly,
ann
ual
ly,
even
t-ba
sed
, as
an
d w
hen
),d
ocu
men
t/ e
vid
ence
, d
efic
ien
cies
, re
med
ial
pla
n,
refe
ren
ce t
o d
ocu
men
t an
d r
emar
ks
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 84 |
| ICFR – A Handbook for Private Companies and their Auditors |
4.3 Specimen – Financial Statement Closure Policy and sample checklists (refer paragraph 2.7.3)
ABC Pvt. Ltd. Financial Statements Closure Policy (FSCP)
1. OBJECTIVES:
This policy is prepared to achieve the following broad objectives:
• Provide guidance for the financial closure process leading to preparation of financial statements.
• Ensure adherence to applicable laws, regulations and disclosure requirements relevant to the financial reporting.
• Ensure completion of the financial closure efficiently and in a timely manner.
• Ensure adherence to the approval matrix laid out for the closure process.
• Retain and protect related documents, evidences and approval trails.
2. SCOPE: This policy covers the following:
• Financial reporting framework applicable to the entity.
• IT application (system), if any, used for financial closure
• Checklist to be used to ensure completeness of financial statements
• Approval matrix related to financial closure activities.
• Document Management Policy, including retention policy for documents related to financial closure.
| 85 |
3.
STA
GE
S O
F FI
NA
NC
IAL
CLO
SU
RE
:
No.
Part
icul
ars
Revi
ew
Resp
onsi
bilit
yAp
prov
al/
Auth
oriz
atio
nSu
gges
ted
Tim
elin
e
1.Fi
nanc
ial R
epor
ting
Fram
ewor
k
3
The
finan
cial
clo
sure
pro
cess
sha
ll be
car
ried
out i
n ad
here
nce
to th
e fo
llow
ing
• Th
e Co
mpa
nies
Act
, 201
3 an
d al
lied
Rule
s
• A
pplic
able
acc
ount
ing
stan
dard
s
•
Pron
ounc
emen
ts o
f th
e IC
AI
appl
icab
le t
o pr
epar
atio
n of
fin
anci
al
stat
emen
ts a
nd fi
nanc
ial r
epor
ting
3
Ade
quat
e ca
re s
hall
be ta
ken
to in
corp
orat
e th
e ef
fect
s of
mod
ifica
tions
to
exis
ting
regu
latio
ns a
nd p
rono
unce
men
ts.
3
Any
new
pro
noun
cem
ents
im
pact
ing
the
fina
ncia
l ac
coun
ting
, clo
sure
pr
oces
s or
rep
ortin
g re
quir
emen
ts w
ill b
e re
view
ed in
tern
ally
, app
rove
d as
pe
r Au
thor
ity m
atrix
and
inco
rpor
ated
in th
e ap
prop
riate
che
cklis
t, SO
P or
te
mpl
ates
.
3
Know
ledg
e up
date
pro
vide
d by
the
stat
utor
y au
dito
rs o
r ot
her
acco
untin
g/la
w fi
rms
from
tim
e to
tim
e m
ay b
e re
view
ed a
nd w
here
app
ropr
iate
, to
be
cons
ider
ed fo
r up
datin
g re
spec
tive
chec
klis
t.
3
The
CFO
is r
equi
red
to h
old
a fo
rmal
mee
ting
with
the
stat
utor
y au
dito
rs to
co
nfirm
that
all
addi
tiona
l rep
ortin
g re
quire
men
ts fo
r th
e fin
anci
al y
ear
have
be
en d
uly
iden
tifie
d by
the
com
pany
– if
ther
e ha
s be
en a
mis
s ou
t, th
e sa
me
may
be
inco
rpor
ated
afte
r re
view
.
Seni
or P
erso
n of
A
& F
Dep
tC
FO
or
eq
uiv
ale
nt
posi
tion
By e
nd D
ecem
ber/
Ja
nuar
y
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 86 |
| ICFR – A Handbook for Private Companies and their Auditors |
No.
Part
icul
ars
Revi
ew
Resp
onsi
bilit
yAp
prov
al/
Auth
oriz
atio
nSu
gges
ted
Tim
elin
e
2.Sy
stem
Env
iron
men
t
3
List
all
the
syst
ems
from
whi
ch d
ata
will
flow
into
fina
ncia
l sta
tem
ents
eith
er
dire
ctly
or
indi
rect
ly.
3
Prop
osed
cha
nges
/ enh
ance
men
ts to
the
IT a
pplic
atio
ns w
hich
hav
e a
bear
ing
on th
e fin
anci
al c
losu
re p
roce
ss o
r th
e fin
anci
al s
tate
men
ts n
eed
to b
e pr
e-ap
prov
ed b
y th
e Fi
nanc
e De
partm
ent a
s pe
r au
thor
ity m
atrix
.
3
For
any
chan
ges
in th
e fin
anci
al r
epor
ting
requ
irem
ents
, Fin
ance
Dep
artm
ent
to r
evie
w if
the
requ
ired
info
rmat
ion
is a
vaila
ble
from
the
IT s
yste
m a
nd if
no
t, in
itiat
e a
requ
est f
or c
onfig
urin
g th
e IT
sys
tem
to e
nsur
e th
e av
aila
bilit
y of
the
requ
isite
info
rmat
ion.
Seni
or P
erso
n of
A
& F
Dep
t.C
FO
or
eq
uiv
ale
nt
posi
tion
By e
nd D
ecem
ber/
Ja
nuar
y
3.Pr
e-pl
anni
ng fo
r Cl
osur
e &
Clos
ure
Activ
ity fo
r O
pera
tiona
l Are
as
Act
ivity
wis
e pr
e-pl
anni
ng c
heck
list
to b
e pr
epar
ed a
s pe
r Co
mpa
ny’s
defin
ed
SOPs
, Pol
icie
s an
d Bu
sine
ss R
equi
rem
ents
. A s
peci
men
gen
eral
form
at in
dica
ting
illus
trativ
e ch
eckp
oint
s an
d pr
oces
ses
is p
rese
nted
in A
nnex
ure
– I.
As
per
Chec
klis
tA
s pe
r Ch
eckl
ist
For
Pre-
plan
ning
by
end
Dec
embe
r/
Janu
ary
and
For
Clos
ure
at y
ear
end
date
and
sub
sequ
ent
mon
th
4.Pr
oces
s fo
r Pr
epar
atio
n of
Fin
anci
al S
tate
men
ts
A s
peci
men
gen
eral
for
mat
indi
catin
g ill
ustr
ativ
e ch
eckp
oint
s an
d pr
oces
ses
is
pres
ente
d in
Ann
exur
e –
II.
As
per
Chec
klis
tA
s pe
r Ch
eckl
ist
As
per
defi
ned
tim
elin
e by
th
e m
anag
emen
t fo
r fi
nali
zing
au
dite
d Fi
nanc
ials
5.Pr
oces
s fo
r Di
sclo
sure
req
uire
men
ts
A s
peci
men
gen
eral
for
mat
indi
catin
g ill
ustr
ativ
e ch
eckp
oint
s an
d pr
oces
ses
is
pres
ente
d in
Ann
exur
e –
III.
As
per
Chec
klis
tA
s pe
r Ch
eckl
ist
As
per
defi
ned
tim
elin
e by
m
anag
emen
t fo
r fi
nali
zing
au
dite
d Fi
nanc
ials
| 87 |
No.
Part
icul
ars
Revi
ew
Resp
onsi
bilit
yAp
prov
al/
Auth
oriz
atio
nSu
gges
ted
Tim
elin
e
6.Ap
prov
al M
atri
x fo
r cl
osur
e pr
oces
s
The
clos
ure
proc
ess
will
fol
low
the
app
rova
l mat
rix
defin
ed a
s pe
r th
e SO
P of
Ac
coun
ts &
Fin
ance
dep
artm
ent.
If it
is n
ot d
efin
ed th
en d
efin
e th
e sa
me
for m
aker
-ch
ecke
r co
ntro
l at v
ario
us s
tage
s an
d do
cum
enta
tion
trail
Seni
or P
erso
n of
A
& F
Dep
t.C
FO
or
eq
uiv
ale
nt
posi
tion
App
rova
l M
atri
x to
be
def
ined
as
part
of
SOP
of A
& F
dept
. or
at t
he b
egin
ning
of
the
year
7.Re
tent
ion
of D
ocum
ents
3
All
docu
men
ts r
elat
ed to
the
finan
cial
clo
sure
pro
cess
sha
ll be
ret
aine
d in
a
safe
man
ner.
3
Clea
r nam
ing
prot
ocol
s w
ill b
e fo
llow
ed to
ens
ure
vers
ion
cont
rol o
n fin
anci
al
stat
emen
t dra
fts.
3
Soft
copi
es o
f the
fina
ncia
l sta
tem
ents
nee
d to
be
stor
ed in
a fo
lder
, acc
ess
right
s to
whi
ch h
ave
been
app
rove
d by
the
Chie
f Fin
anci
al O
ffice
r.
3
Doc
umen
ts t
o be
ret
aine
d at
leas
t un
til t
he t
ime
requ
ired
to
com
ply
with
re
late
d re
gula
tions
.
Seni
or P
erso
n of
A
& F
Dep
t.C
FO
or
eq
uiv
ale
nt
posi
tion
N.A
.
8.Po
st C
losu
re P
roce
ss
3
Take
prin
tout
of F
inal
Tria
l bal
ance
.
3
Keep
prin
ted
copi
es o
f aud
ited
Fina
ncia
l Sta
tem
ents
.
3
Clos
e th
e bo
oks
of a
ccou
nt fo
r th
e Fi
nanc
ial Y
ear.
3
Bloc
k th
e IT
sys
tem
for
amen
dmen
t in
that
fina
ncia
l yea
r.
3
Revi
ew o
peni
ng b
alan
ce i
n th
e su
bseq
uent
per
iod
with
aud
ited
finan
cial
st
atem
ent.
Seni
or P
erso
n of
A
& F
Dep
t.C
FO
or
eq
uiv
ale
nt
posi
tion
Wit
hin
15
days
of
co
mpl
etio
n of
A
nnua
l A
ccou
nts
clos
ure
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 88 |
| ICFR – A Handbook for Private Companies and their Auditors |
Annexure – I
ABC Pvt. Ltd. Sample and Specimen Checklist for Activity wise
Pre-planning & Closure
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
1 Cash Circular to be sent to various branches to send cash expenses statement with closing balance as on Year endCo-ordination with the statutory auditors if they want to conduct year end physical verification of cashconduct physical verification on the last working day of the Financial yearDocument the Physical verification papers with sign of maker and checker
2 Bank Bank Reconciliation statements to be called from all branches for all bank accounts BRS to be prepared for all the HO Accounts as per the BRS process defined by the company Un-reconciled items in BRS to be investigated and necessary adjustments to be carried out with proper approvals Cheques pending to be deposited to be presented to bank for clearance Online transfers from customers, kept in suspense / unexplained accounts, to be knocked off from customer balances Print out of Final Copies of BRS to be taken and signed by the maker and checker Balance confirmations to be called from banks to assert bank balances
| 89 |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
3 Inventory Circular to be sent to branches to inform them to carry year end stock verifications
Factory / Warehouse / Operations of any other inventory holding location to be suspended during the period of verification , if required
Necessary co-ordinations to be made with Internal / Statutory auditors in case they are to attend inventory verification
Year-end transactions for sales and purchases to be meticulously recorded keeping in mind cut off procedures affecting inventory position
Plan for Inventory verification to be decided basis certain methods suitable for Company’s inventory such as:
1. ABC analysis
2. Analysis based on fast / slow moving items
3. Critical and non-critical items
4. Form of inventory i.e. size, weight, state of matter etc.
Confirmations to be called from third party holding company’s inventory (on consignment basis, for job work purposes etc.)
Value of inventory as per books to be compared with actual value
Adjustments , if required, to be made to inventory value with proper approvals
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 90 |
| ICFR – A Handbook for Private Companies and their Auditors |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
4 F i x e d Assets /Capitali-zation
FA register to be updated, finalizedFA register to be compared with books of account Scrutinize the major repairs account to find out if any item of capital nature has been debited Capitalisation of expenses to the point of installations such as transportation, octroi, testing charges, training for operation of FA Review CWIP Account to review completion stage and capitalization if required Physical verification of Fixed Assets with proper internal controls such as verification by independent verifier , maker checker control on verification process, reporting of discrepancy, if any and appropriate accounting of the same Review of sale / scrap of assets, profits / loss on disposal of Assets Depreciation workings based on applicable accounting standards
5 I n v e s t -ment
Accounting of accrued income based on year end investment Accounting of gains / losses on sale of investmentsValidation of investment balance with counter party statements Physical verification of investment instruments to ensure ownership of the same Revaluation of investments as per applicable accounting standards
| 91 |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
6 I n c o m e Booking
Circular to be sent to various branches / depots from where sales are effected to send information / data for dispatches made till cut-off date
Ensure invoice booking for materials where ownership has been transferred to customers
Ensure invoice booking / billing for services where provision of service is completed as per defined terms and conditions
Accounting of pending Debit and credit notes (rejections / sales returns / disputed provision of services)
7 E x p e n s e Booking
Circular to be sent to various branches / depots calling for all relevant details of expenses incurred within defined timeline after year end
Advances paid for expenses to employees be settled against reimbursable expenses
Provision of expenses based nature of expense i.e. time based or otherwise backed by actual supporting documents to be accounted
Provision of expenses basis estimation - Company policy for estimation to be reviewed and adhered
Review accounting of prepaid expenses
Review provisions / prepaid expenses of previous periods / years for its existence and continuity
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 92 |
| ICFR – A Handbook for Private Companies and their Auditors |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
8 Debtors / R e c e i -vables
Debtors balances to be knocked off against money received but accounted in suspense / unexplained accounts
Initiate communication for debtors confirmation
Prepare reconciliation of differences in debtors balances and post adjustments with appropriate approvals
Scrutinize debtors accounts and follow up with the sales/ marketing team for status of long standing debtors
Provide for doubtful debts / disputed debtors in consultation with marketing / legal dept. / Management
9 Creditors / Payables
Initiate communication for creditors confirmation
Prepare reconciliation of differences in creditors balances and post adjustments with appropriate approvals
Scrutinize advance to creditors accounts and follow up with the procurement team for status of long standing advances
Write back creditors balances which are not payable in consultation with procurement / legal dept. / Management
10 R e l a t e d P a r t y R e c o n -ciliation
Obtaining account confirmation from all the related parties
Prepare reconciliation of differences in balances and post adjustments with appropriate approvals
| 93 |
Annexure – II
ABC Pvt. Ltd. Sample and Specimen Checklist for Preparation of Financial Statements
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
1 Opening balances validation
Validation of opening balances at the time of audit of subsequent year with closing balances of previous year
2 G e n e r a l L e d g e r Scrutiny
Allocate responsibility within the accounts team to scrutinize specific accounts
All accounts with non-moving balances, intermediary accounts, suspense accounts to be scrutinized thoroughly to ensure genuineness of transactions recorded in these accounts
Based on this scrutiny pass appropriate entries with approval of senior personnel in the accounts team ideally the CFO
3 Review of accounts related to statutory c o m p l i -ance
Allocate responsibility within the accounts team to scrutinize specific accounts
Reconcile company’s data with the data available on the website of respective regulator (such as 26 AS reconciliation)
Review all the assessment orders, refund / demand orders issued by various regulatory authorities during the year
Compare all statutory returns filed with the books of account
Record all the necessary entries required based on above scrutiny
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 94 |
| ICFR – A Handbook for Private Companies and their Auditors |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
4 Indepen-d e n t Review
Get independent review done by professional retainer, if any, engaged by the company
5 I T S y s t e m s blocking
Blocking of various IT Systems for data entry of transactions posting by respective employees for basic transaction posting such as cash, bank ,petty cash, purchase, sales etc. Rights to pass entries to be granted to only few personnel in the accounts department
6 Provision f o r Gratuity & Employee benefits
Provide necessary data/ information after validation to the appointed actuary Actuarial valuation report to be referred for estimations provided by the auditee. Workings for provisions to be computed and validated by senior personnelProvisions for employee benefit to be recorded with appropriate approvals
7 Inventory Valuation
Inventory verification reports to be referred to ascertain inventory figures Inventory as ascertained to be valued adopting suitable methodology and adhering to applicable accounting standards and company policy Necessary adjustment entries to reflect appropriate value of inventory to be recorded with due approvals
8 Revalua-tion of Assets & L i a b i l i -ties in Fo r e i g n Currency
Ascertain the balances of foreign assets and liabilities
Depending on the class of asset / liability and guidelines laid down in applicable accounting standards, appropriate foreign exchange rate to be selected
| 95 |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
The selected rate(s) to be validated by senior authority and applied to closing balance of such classes(s) of assets / liabilityAppropriate effect of revaluation to be recorded in books of account
9 Ye a r - e n d adjustment of Exchange rate differ-ence for t r a d e p a y a b l e s and receiva-bles
Refer to closing balance of debtors/ creditors Revalue debtors and creditors basis closing exchange rate
10 I n c o m e T a x working
Based on profits / losses as computed prepare Income Tax working Co-ordinate with tax consultant for validation of the same Incorporate changes suggested by consultant Record necessary provision for income tax
11 Deferred T a x A s s e t s /Liabilities working
Prepare working for deferred tax assets / liabilities Co-ordinate with tax consultant and Statutory Auditors for validation of the same Incorporate changes suggested by consultant Record necessary entries for deferred tax assets / liabilities
12 Prepara -tion of Finan-cial S t a t e -ments as per pres-c r i b e d formats
Extract trial balance from accounting systemSave the same with date and time in softPrepare appropriate groupings
Validate all the excel formulas and linkages if financials are prepared in excel
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 96 |
| ICFR – A Handbook for Private Companies and their Auditors |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
As per prescribed format classify respective assets and liabilities as current , non - current , short term , long termTake print out of financials prepared and revalidate again with base trial balance for accuracy Provide audit trail of revalidation on hard copy of financials
13 C o -ordination w i t h statutory audi tors and get the audit done
Arrange for Stat audit, prepare information as per their prescribed formatDuring Stat audit liaison with their team for smooth conduct of audit Formal meetings for discussion of queries / clarifications Passing of rectification JVs, if required in system
14
P r e p a r e r e v i s e d Financial S t a t e -ments
Repeat process given in step 12Maintain version control and modification trail
15 Grouping a n d regroup-ing of previous y e a r ’ s figures
Detailed review of previous years grouping with current grouping and make necessary changes in the grouping of previous year
16 Freeze the numbers a f t e r review of Statutory Auditors
Get the revised financials validated from Statutory Auditors
| 97 |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
17 P r e s e n t the Provi-s i o n a l Financial s t a t e -ments to Manage -m e n t /A u d i t c o m m i -ttee
To facilitate management to take certain decisions about managerial remuneration, proposed dividend
18 Calculate M a n a -g e r i a l r emune -ration if it is on % basis of profit/surplus
Prepare workings for managerial remuneration as per applicable rules and regulations and company policy
19 P r e p a r e Proposed dividend working
Proposed dividend working to be prepared based on the dividend proposed by Board of DirectorsWorkings to validated by senior personnel Entries to record proposed dividend to be passed in books of account
20 M a k e necessary c h a n g e s in the Financial S t a t e -ments
Necessary changes to be validated by Statutory Auditors
| Section 4 : Making it easy – Ready-to-use drafts and formats |
| 98 |
| ICFR – A Handbook for Private Companies and their Auditors |
Annexure – III
ABC Pvt. Ltd. Sample and Specimen Checklist for
Disclosure & Notes to Accounts
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
1 Review of Notes to Accounts of Previous year and evaluate it for necessary changes
Take notes to account of pervious year as a base
If there are any changes in the accounting policies adopted by the company during the year incorporate the same in notes to account
If there are any regulatory changes which require change in company policy incorporate the same in Notes to account
2 Prepare Disclosures
As per disclosure checklist provided by Stat auditors prepare disclosures
Validate all the numbers given in the disclosures with the financial statements
Also ensure disclosure for contingent liability after consultation with various operational dept. HODs and HOD of legal dept.
3 Get it reviewed by Statutory Auditors
Notes to accounts and disclosures to be sent to Statutory Auditors for review and validation
| 99 |
No. Area Process Process Owner
Reviewer Proposed Start Date
Proposed End Date
Status
4 Revise Notes to Accounts & Disclosures after review by Statutory auditors
As per suggestion by Statutory Auditors revise notes to accounts and disclosures
5 Review entire set of Financial statements & disclosures all together
Take print out of entire set of Financial statements, notes to account and disclosures
Revalidate again with base trial balance for accuracy
Provide audit trail of revalidation on hard copy of financials
6 Arrange for Signatures
Arrange for signature on the Financial Statements by the appropriate authority of the Company
Arrange for signature on the Financial Statements by the Statutory Auditors
| Section 4 : Making it easy – Ready-to-use drafts and formats |
** Note: Soft copies of the ‘ready to use drafts and formats’ given in this section are hosted on the website of BCAS www.bcasonline.org.
2