OFFICE OF THE COMPTROLLER AND AUDITOR GENERAL OF INDIA 

9, Deen Dayal Upadhyay Marg, New Delhi – 110 124 
 
No.172 ‐Audit (AP)/ 37‐2008 
Dated: June 4, 2009 
 
To 
1. All Audit Offices (as per list) 
2. DsG, NAAA, Shimla & iCISA, Noida and Heads of all RTIs/RTCs 
 
Sub: Operationalisation of Audit Quality Management Framework for    the 
Department 
 

Sir/Madam, 
The Comptroller and Auditor General of India (C&AG) has approved an Audit 
Quality  Management  Framework  (AQMF)  for  Indian  Audit  and  Accounts 
Department (Annex‐A). This Framework includes all the elements and instruments 
related to them that provide an assurance of quality in the audit function.  
2.  This  Framework  has  been  prepared  in  the  backdrop  of  the  Audit  Quality 
Assurance Guideline brought out by ASOSAI. A Task Force under the then ADAI (RC) 
went into the extent to which and the manner in which these guidelines should be 
adopted and implemented in our audit function.  The Task Force felt that adoption 
of ASOSAI guidelines in their totality may necessitate jettisoning the entire body of 
standards,  manuals  &  guidelines  and  other  similar  technical  guidance  literature  in 
which  most  of  the  key  elements  of  an  umbrella  framework  for  Audit  Quality 
Management are already embodied in one or the other form. Therefore, the Task 
Force,  in  its  Report,  recommended  adoption  of  an  umbrella  Framework  for  Audit 
Quality Management (AQMF), which would map various existing Key Instruments to 
be employed (KIEs) for audit quality assurance viz., the C&AG’s (DPC) Act, Auditing 
Standards and some of the Manuals and Guidelines issued by this office, with the 
main  Audit  Quality  Management  Elements  (QMEs).  The  draft  Audit  Quality 
Management  Framework  (AQMF)  was,  thereafter,  circulated  for  comments  and 
duly  amplified  based  on  such  comments  as  were  received.    The  purpose  of  this 
circular  is  to  operationalize  the  AQMF  as  ordered  by  the  Comptroller  and  Auditor 
General of India. 
3.  The  Framework  identifies  the  policies,  practices  and  guidance  on  the  five 
broad  parameters  of  the  quality  management  processes,  viz.  'leadership  and 
direction', 'human resources management', 'audit  
‐ 2 ‐ 
 
management',  'clients  and  stakeholder  relations'  and  'continuous  improvement'.   
Being an evolving document, the quality Framework has been developed in such a 
fashion that leaves ample scope for incorporation of the best practices in future and 
lends  itself  to  continuous  upgradation  in  line  with  the  environment  and 
technological changes and as new audit methodologies and practices develop.  
4.  All the five broad parameters of quality management processes (referred to 
in paragraph 3 above) have been further divided into various 'quality management 
elements'  (QMEs—Annexe‐A‐I).  For  example,  in  the  case  of  parameter  on  'audit 
management " the QMEs include 'audit planning, 'staffing for audit', 'conducting of 
audit', 'evidence', 'documentation', 'reporting", etc.  
5.  Each 'quality management element' has been linked to the 'key instruments 
employed' (KIE) i.e. the reference has been made to Constitution, C&AG’s (DPC) Act, 
Auditing Standards, Manuals, Guidelines, etc. 
6.  The  Operationalization  of  AQMF  will  involve  issue  of  appropriate  internal 
instructions  to  various  Functional  Wings  and,  in  turn,  by  each  Functional  Wing  to  
field offices under their control to ensure appropriate customization of the AQMF 
with  the  specificities  of  each  stream  of  audit,  viz.,  Civil,  Commercial,  Defence, 
Railway, Revenue, etc. 
7.  During  the  course  of  implementation  of  the  instructions  contained  in 
subsequent  paragraphs,  a  clear  hierarchy  of  audit  related  literature  will  be 
established as follows:  
Level I ‐ The Constitutional provisions and the C&AG’s (DPC) Act and Regulations.  
Level II ‐ Standards and generic manuals/guidelines that have been brought out by 
Audit Wing and have universal application.  
Level‐III ‐ Supplementary manuals of instructions and guidance and practice notes 
that  each  Functional  Wing  may  bring  out  clearly  drawing  upon  and  expounding 
upon Level I and II literature/standards.  
Level‐IV  ‐  The  local  manuals/circulars/orders  which  each  office  may  bring  out  to 
supplement Level III literature.  
8.  Respective  streams  of  audit  like  civil,  defence,  railways,  commercial, 
revenue,  scientific,  local  bodies,  etc.,  as  well  as  field  audit  offices  are  required  to 
formulate  and/or  elaborate  internal  instructions  in  accordance  with  the  principles 
outlined in the framework, as indicated below. 
 
 
 
‐ 3 ‐ 
 
 
 Actionable Point  Action to be taken by 
(i) Audit  Wing  at  Headquarters  will  correlate  DG (Audit) 
the entire generic technical literature, viz. Regulations, 
Internal  Control  Evaluation  Manual,  Guidelines  for 
Audit  of  Public  Private  Partnership  Projects  as  well  as 
directions  issued  for  various  matters  relating  to 
procedures  and  practices  of  audit  to  corresponding 
QMEs and designate the former as KIEs.  
(ii) Each  Functional  Wing  at  Headquarters  will  DG/PD  in  charge  of  each 
undertake  similar  action  in  so  far  as  manuals,  Functional  Wing  at 
guidelines,  orders,  etc.  issued  by  that  Wing  are  Headquarters 
concerned.  The  task  will  be  accomplished  by  first 
consolidating  all  documents,  i.e.  orders,  instructions, 
circulars,  clarifications,  etc.  and  followed  by  their 
correlation  with  corresponding  KIEs  i.e.  manuals, 
guidelines,  regulations,  C&AG's  (DPC)  Act,  as  the  case 
may be.  
(iii) Both  manuals/  guidelines  as  well  as  other  • DG  (Audit)  for 
documents  will  be  analyzed  and correlated  to various  Audit Wing; 
QMEs as shown in the Annexure 'B' of the AQMF.  As 
• DG/PD in charge 
far  as  possible,  circulars/instructions  under  each  'key 
of each Functional Wing at 
instrument' of AQMS framework will be identified with 
Headquarters  for  their 
financial,  compliance  and  performance  audit  as  the 
wing 
case may be.  
(iv) The  field  audit  offices  under  each  Heads  of  Departments  of 
Functional  Wing  will  undertake  similar  action  as  field audit offices 
indicated  at  (i)  to  (iii)  in  respect  of  their 
manuals/circulars/instructions, etc.  

- 4–
(v) After  the  complete  mapping  of  existing  • DG  (Audit)  for 
manuals, guidelines, circulars, etc. as suggested above  Audit  Wing  (generic 
has  been  done,  the  following  procedure  will  be  Manuals  and  instructions 
followed by all concerned:‐  issued by DG (Audit)); 
   
• Provisions,  orders,  instructions  in  various  • DG/PD in charge 
KIEs  i.e.  Regulations,  manuals,  guidelines  and  other  of each Functional Wing at 
documents that are incongruent or contrary to a QME  Headquarters  for  their 
will be identified for weeding out/deletion.   wing  (for  their  functional 
  Manuals  and  instructions 
issued by their wings) 
 
 
 
• Heads  of 
• Gaps  will  be  identified  in  the  available  Departments of field audit 
literature  i.e.  manuals,  guidelines  and  other  offices 
documents  to  the  extent  the  KIEs  are  silent  or 
inadequate  in  matching  up  to  the  standards,  clarity 
and comprehensiveness implicit in each QME.  
 
• Appropriate  amplifications,  revision, 
concordance  or  merger  of  existing  KIEs  will  be 
proposed  to  fill  the  gaps  identified  and  to  rationalize 
the entire AQM Framework as it exists.  
 

 
9.  While reviewing, reformulating and integrating all technical literature in the 
above manner, parentage and grand parentage of each manual, guidance/ practice 
notes,  circulars/  instructions  will  be  clearly  delineated  against  the  higher  levels  of 
literature/standards as indicated in paragraph 7 above.  
 
10.  The  instructions  on  audit  matters  should  be  consolidated,  compiled,  and 
printed/issued in the following manner. 
 
 
‐ 5 ‐ 
 
(i) All  the  instructions  on  audit  matters  issued  by  • DG/PD  in 
different Functional Wings in HQs (Level‐III literature) and  charge  of  each 
by  the  field  offices  should  be  consolidated  annually  in  Functional  Wing  at 
manual  or  electronic  form  and  compiled  in  accordance  Headquarters  for 
with  the  broad  elements  of  the  AQMS  Framework.  These  their  wing  (for  their 
will then be printed/ issued annually as supplements to the  functional  Manuals 
main manuals/guidelines so issued and circulated to all the  and  instructions 
concerned  Functional  Wings/field  offices.  In  the  issued by their wings);
supplements, to be brought out as a series (I, II, III) till the 
• Heads  of 
main Manual itself is updated/ revised, the material will be 
Departments  of  field 
arranged  with  reference  to  the  QMEs  of  the  Framework. 
audit offices 
This  exercise  will  also  render  revision/updating  of  the 
manuals/ guidelines very easy.    
(ii) The  field  offices  will  do  like‐wise  in  respect  of  Heads  of 
Level‐IV literature every year  Departments  of  field 
audit offices  
(iii) The  Audit  Wing  will  do  like‐wise  in  respect  of  DG (Audit) for Level‐II 
Level‐II literature, if necessary, every 2/3 years.  literature 
 
11.  Change  in  a  KIE  should  be  made  or  a  clarification  issued  only  by  the 
authority that has brought it out in the first place. Also, no change in a KIE should 
be  in  conflict  with  a  corresponding  KIE  of  higher  level.  Thus,  where  a  change 
constitutes  a  deviation  from  a  standard  or  a  generic  manual/guidelines  issued  by 
Audit Wing, no circular, etc., for effecting such a change should be issued without 
the concurrence with the Audit Wing.  
12.  As far as possible, all future changes or revisions in manuals/ guidelines, etc. 
should  be  communicated  by  the  authority  that  has  issued  the  original  manuals, 
guidelines, etc. through correction slips only ‐ instead of through random circulars, 
instructions, etc. 
13.  The  action  required  as  per  paragraph  8  above  may  be  completed  by  31st 
March, 2010 by Audit Wing and the Functional Wings at Headquarters Office and by 
30th  September,  2010  by  all  field  audit  offices.    For  the  purpose  of  ensuring 
adherence to this target date, the Functional Wings and field offices are requested 
to  draw  out  a  plan  of  action  with  definite  time  lines.    Any  additional  human 
resources  if  required  for  this  purpose  may  be  carefully  identified  and  assigned 
exclusively  for  the  task,  from  within  the  existing  staff.    At  Headquarters,  the 
required staff complement may be drawn, if necessary, on a temporary basis from 
respective field offices in consultation with PD (Staff). 
 
 
‐ 6 ‐ 
14.  Progress  Reports  on  the  above  may  be  sent  to  DG  (Audit)  by  all  the 
Functional  Wings  at  Headquarters  and  field  audit  offices  within  15  days  after  the 
end of  every quarter starting from 1st July, 2009, i.e., the first progress report may 
be sent by 15th October, 2009. 
 
Encl. As above. 
  Yours faithfully 
 
 
(BB Pandit) 
          Director General (Audit) 
 
 
 
No.  173  –Audit(AP)/37‐2008                                 Dated: June 4, 2009 
 
 

1. All DAIs/ADAIs 
2. All DsG/PDs/Directors at Headquarters 
3. Secretary to C&AG

 
(BB Pandit) 
          Director General (Audit) 
 Annexure ‘A’

Audit Quality Management Framework

Introduction

1. The process of managing audit quality is a means of ensuring that audit is planned
efficiently, executed effectively, and that the audit product meets the benchmarks of the
department and the needs of clients and stake holders. This guide attempts to list out, in a
generic manner, steps to be taken at different stages of the audit process so as to ensure
quality in audit. Building these aspects into the audit cycle at all stages and all levels
would enable us to move from an emphasis on quality control of an individual audit
product to one of continuous quality assurance. The broad objectives of quality assurance
are to ensure that:
• Controls are in place at all stages of the audit cycle including planning, execution,
reporting and follow up
• Controls are properly implemented
• In built mechanism to constantly review and update the controls exists.

2. While the framework brings out various measures required to ensure quality
control and assurance in audit, this has to be read with and supplemented by auditing
standards, existing audit manuals, guidelines and instructions to have a complete and
exhaustive description of auditing principles, processes and practices followed in different
streams of audit across the department. Respective wings/streams of audit like civil,
defence, revenue, commercial, railways, scientific, etc. may formulate internal instructions
in accordance with the principles outlined in the framework and consistent with auditing
standards, existing audit manuals, guidelines, etc. Being an evolving document, the
framework lends itself to continuous upgradation in line with the technological changes and
development of new methodologies and practices.

3. ‘Audit Quality Management Framework’ governing the SAI should generally

consist of the five major elements of ‘leadership and direction’, ‘human resources
management’, ‘audit management’, ‘client and stakeholder relations’ and ‘continuous
improvement’. In public audit, quality management involves a system composed of the
audit organisation, the auditors and the audit process, all working together to produce
outputs that fulfil the requirements of its stakeholders and the general public. Continuous
improvement in the quality of audit by focusing on the needs of clients and stakeholders is
the underlying principle behind the audit quality management system or framework. It is
essential that SAI should have quality management policies & procedures in place and
should ensure that these policies and procedures are subject to a review mechanism.

4. The present framework attempts to concentrate largely on measures and

procedures carried out within the audit process that would provide a reasonable
assurance about the quality of audit work and the results of audit. It covers all audit
products and results of audit from audit notes, inspection reports and management letters
to audit reports sent to the government and finally presented to legislature. The
framework or the basic structure also includes quality practices and measures to be
followed in all audits conducted by the department: financial audit, compliance audit and

1
performance audit. The framework would apply to all streams/branches of audit in the
Department – civil, commercial, defence, revenue, railways, scientific, posts and
telecommunications, local bodies, etc.

5. The framework is divided into two broad sections: I-Audit Planning, Execution,
Reporting and Follow-up’ and II-Continuous Improvement through Technical inspection,
Peer Review and Lessons Learnt Process”.
I-Audit Planning, Execution, Reporting and Follow-up
Audit Planning

6. Audit planning is expected to be strategic in that it fits into the long term and
short term goals of audit. These goals would need to be identified and framed in
consonance with the overall “Vision and Mission statement” of the Department, and be in
line with the specific targets and goals of individual wings/offices. Within the strategic
plan for audit, an annual operational plan for all audits to be conducted in a financial
year is drawn up in the field offices. The annual audit planning broadly comprises of risk
assessment, selection of units, assignment planning, etc. The quality measures, procedures
and practices set out below are related to operational plan for all audits and planning
for individual audit assignments.

(i) Electronic database of auditee profiles: This is the foundation of audit planning.
It is, therefore, important to maintain comprehensive and current information on all entities
to be audited so as to target the right units. This database/knowledge repository which
should be maintained electronically is to be utilised in a scientific manner by applying
tools such as risk assessment techniques to enable an objective and unbiased selection of
auditee units. Information available from the VLC database should be used for audit
planning as also data from various e-governance initiatives undertaken by entities.

(ii) Materiality and risk assessment: The audit plan should be based on a clear
assessment of risk, materiality and priority. The overall significance of the auditee based
on factors such as financial size or the effect of its performance on the public at large or
issues of national importance would be a major factor in prioritising the audits. These
could include previous audit experience, visibility of the subject, auditability of the unit
and expected audit impact.

(iii) Audit objectives, scope and methodology: Once the selection of auditee unit has
been made, specific audit objectives should be drawn up which would govern the manner
in which the audit is to be carried out. These could include reporting compliance with rules
and procedures, forming an opinion on the financial statements, and assessing the
performance of the auditee and its programmes.

The audit objectives along with the risk profile of the auditee, the level of assurance
required and available audit personnel would help determine the scope of audit, sample
size and the composition of the audit team. Quality at the stage of audit planning can be
enhanced by regular interactions between top management and other team
members/officers involved in the audit process to ensure that all critical areas have been
adequately addressed. Audit methodology should be designed in such a fashion as to
provide sufficient, competent and relevant evidence to achieve the objectives of the audit.

2
(iv) Focus on criteria: Audit criteria and evidence required to be gathered are to be
decided upon following the audit objectives, and in accordance with the broad
parameters laid down at the stage of audit planning. Audit criteria can be broadly
defined as a benchmark or a standard to assess the work of the auditee on financial
statements, compliance and performance related issues. The audit criteria can be
prepared in several forms by establishing certain broad parameters or as a checklist or
as a set of questions for examination.

(v) Identification of key risk areas and statistical sampling techniques: Key risk
areas should be identified for focused attention during the audit and scientifically
designed sampling techniques used for determination of sample size.

(vi) Scheduling of audit: Allocation of time for the audit of each unit is dependent on
the audit scope, manpower availability and other relevant departmental instructions
contained in Manuals/guidelines, etc. The actual scheduling of audit should be subject to
the mutual convenience of both auditor and auditee.

(vii) Training and capacity building: Training of staff should be taken up regularly so
as to continuously upgrade skills and keep pace with changes in audit methodologies,
techniques and tools. Training activities could include in house training programmes,
seminars and workshops as well as on the job training, training at RTIs and for senior
officers at NAAA/iCISA. The programmes should be standardised and structured to
ensure uniformity and quality, and overall effectiveness of training assessed periodically.
It should be ensured that officers trained in a specific area are retained in related audit
for a reasonable period. ‘Training Standards’ of the department should be followed for
undertaking training activities. ‘Training Needs Analysis’ would help in identifying gaps in
knowledge, skills and ability for more focused and purposive training programmes for
staff.

(viii) Staffing for the audit - skill & knowledge of audit personnel: Domain knowledge
of the audit subject is a critical element of the audit quality management framework and
the skills and experience of the staff deployed on the audit are expected to be
commensurate with the requirements of the task. Offices should maintain an inventory of
skills of its audit personnel which would enable them to match the task with required skills.
Gap analysis to determine whether all skills required for carrying out the audit are
available in-house or can be built up by courses/training programmes in Regional Training
Institutes or at higher management levels should be carried out. This is essential to decide
on the need for appropriate experts/consultants to advise on key aspects of the audit e.g.
selection of sample, issues for examination, audit methodology etc. In the event of
deciding to hire experts/consultants, any existing orders or guidelines of the Department
should be referred to.

(ix) Assignment of personnel: There should be reasonable rotation of assignments of

personnel so as to maintain objectivity and independence. It needs to be ensured that
audit is carried out in an impartial and fair manner without favour or prejudice.

(x) Parameters for distribution of work: Specific parameters for distribution of work
amongst the members of audit parties in respect of different streams of audit like Civil,
Commercial, Defence and Revenue, etc. needs to be laid down, if not already prescribed,

3
and should be continuously reviewed so that each member of an audit team has to do
some original work irrespective of his position in the hierarchy.
(xi) Standards formats & checklists: Standard formats and checklists should be
developed and used to ensure uniformity and focus in the audit approach. These could
include:
a) Preliminary list of documents to be seen;
b) Suggested issues for examination;
c) Checks to be exercised at different levels; and
d) Format for reporting results.

(xii) Provision for supervision and review of audit: Adequate levels of supervision,
monitoring and review at different levels, and as prescribed under different standards
and guidelines of this department need to be provided in the audit plan so as to ensure
that audit objectives are achieved. While supervision involves directing audit staff and
monitoring their work during the audit to ensure that the audit objectives are met, review
brings more than one more level of experience and judgement to the audit task and
generally ensure involvement of higher levels of management with the audit process,
including providing an assurance that the work has been carried out as per the standards
and guidelines.

The audit plan should be reviewed and approved by the competent authority, with
deviations from the approved plan during execution requiring written documentation and
approvals. Before approving the audit plan, an exercise may also be conducted to
ascertain the areas where inputs from other wings of audit would be required. Suitable
mechanism may be evolved to obtain the requisite information from other wings on a
timely and regular basis. This may also be reviewed on periodical basis. Existing
departmental standards/manuals/guidelines/instructions issued in respect of audit
planning need to be kept in mind and complied with. While reviewing and approving the
audit plan it should be seen whether the planning process was:
• based on sound judgement;
• comprehensive;
• provided for suitably experienced staff for audit and supervision;
• timely; and
• appropriately documented.

Audit Execution

7. The audit execution process broadly includes the following:

• entry conference;
• determination of the audit approach;
• developing and executing audit tests through evidence gathering,
evaluating evidence, developing audit opinions;
• developing findings and ensuring that replies/responses from the
management are received;
• developing recommendations; and
• exit conference.

4
(i) The audit process begins with a restatement of our understanding of the entity. This
requires domain knowledge of the entity, the control framework within which the entity
operates, and the external environment. The focus of audit would be on the key risk areas
and audit objectives already identified so as to be able to provide higher levels of audit
assurance on the functioning of the entity. This may be explained to the head of the
auditee unit at the time of entry conference and his/her input obtained. However, the
audit team would continue to have the flexibility to examine other risk areas that emerge
during the audit, with proper documentation and approvals.

(ii) Audit test programmes: Testing of the audit objectives is the task of carrying out a
series of procedures and/or activities with reference to the audit criteria already
developed, and obtaining relevant and reliable evidence in respect of these
procedures/activities during the course of audit. The audit tests are the key link between
the audit objectives and criteria and the conduct of an audit leading to credible and
objective findings.

Instructions, detailed checklists and formats as contained in the Manuals/guidelines,

etc. of the Department or as prepared at the stage of audit planning are to be referred
to while framing the audit test programme. Selection of the sample to be tested should be
done in a transparent manner, and where possible, with the help of appropriate sampling
techniques. The sample drawn should be commensurate with the assurance levels required
in the audit. Adequate documentation is required for the method of selection of the
sample (e.g. random, judgemental etc.), its size and the audit criteria/objective with which
the sample is linked.

(iii) Developing audit findings: Audit findings/observations are based on the analysis
of information or evidence drawn from the sample for audit, with computer assisted audit
techniques and tools (CAATTS) applied wherever possible. Audit evidence should be valid,
appropriate, reliable, sufficient, accurate and complete so as to be able to frame audit
opinions and draw effective conclusions. The opinion and assessment of the auditor is to
be based solely on the analysis of facts. Audit findings and conclusions should be an
accurate reflection of actual conditions of the matter being examined.

(iv) Documentation and maintenance of working papers: Complete and detailed

working papers must be maintained in respect of the audit, appropriately cross
referenced and supported by evidence. The working papers should be accurate, clear
and relevant and should bring out the inputs made by the different members of the audit
team including supervision and review, as determined in the audit plan. The working
papers should also include information relating to monitoring / review of the work of a
consultant/expert, if any, as outlined in departmental orders or guidelines.

(v) Supervision of audit: Supervision could involve assigning of responsibilities,

providing guidance, reviewing the work, staying informed about and addressing
significant problems, and obtaining periodic feedback. There should be frequent
communication with staff so that they all understand their roles and tasks within the overall
aim and context of the task assigned. Critical points in the audit programme should be
identified to ensure that audit aims are met.

5
(vi) Monitoring & Review of audit operations: Regular monitoring of the work at
suitably senior levels would enable anticipation of problems and early intervention with
appropriate action and solutions. Improved electronic and online monitoring of the
progress of audit and providing guidance and clarification to field parties would
substantially improve the quality of audit product. A comprehensive and timely review
would also ensure that all conclusions are based on and supported by reliable and
sufficient evidence.

(vii) Exit Conference: Before the audit is completed, management/auditee responses

to the audit findings and observations should be obtained. All connected key documents
may also be obtained, especially in respect of important observations which are likely to
feature in the audit report. The report should also be discussed in detail with the head of
the auditee before concluding the audit programme.

Audit Reporting and Follow up

8. The audit product includes all reports/appraisals/comments/opinions/findings

that emerge from the audit process and its follow up. All findings should be evaluated in
the context of the audit evidence seen, and the response of the auditee. Observations and
conclusions are expected to be logical and based on valid audit evidence. The audit
report should comment specifically on the audit objectives, scope and methodology and
the results of the audit which include finding, conclusion and recommendations. Audit
recommendations should be framed in the manner suggested in separate guidelines issued
by the Department. The reporting should be in accordance with the ‘Reporting Standards’
of the Department.

(i) Reporting for financial and compliance audits: For attestation or certification
audit, the auditor’s opinion on a set of financial statements is generally in a concise,
standardised format in accordance with standards/orders/guidelines of the Department.
Opinions should be appended to and published with the financial statements to which they
relate. For compliance audits which are primarily concerned with compliance with laws,
regulations and procedures and with probity and propriety of decisions, the reporting and
communicating the audit results should be in accordance with the policies, guidelines and
instructions of the Department.

(ii) Reporting for performance audit: Performance audit is wide-ranging in nature

and is more open to judgment and interpretation. For performance audits, the report
should be on the economy and efficiency with which resources are used, and the
effectiveness with which objectives are achieved. The reporting structure will have to be in
accordance with the Performance Auditing Guidelines of the Department.

(iii) Characteristics of a good audit report: The audit report should be complete,
accurate, objective, convincing, clear and concise. It should contain the audit objectives,
scope and methodology and the results of audit which include findings and conclusions,
and recommendations where applicable. Special attention is to be given while framing
audit comments relating to fraud and corruption, as laid out in departmental instructions on
the matter.

6
(iv) Review of audit findings before finalisation of reports: All audit findings should
be reviewed at a suitably senior level before audit opinions or reports are finalised. The
nature and extent of the review would depend on several factors such as the significance
of the work, the risk perception of the auditee, and experience levels of the audit
personnel. Review can be done on a concurrent basis when the audit work is going on, at
the stage of preparation of audit observations, finalisation of inspection reports, drafting
of audit reports and applying quality checks prior to final approval of the audit report.
Similarly, a checklist may be prepared in the headquarters section of the field offices to
review the Inspection Reports (IRs). The performance of the audit team may be reviewed
at the time of finalisation of the IR on the basis of predetermined parameters and placed
before the senior management for appropriate action. The results of the review need to
be documented in a transparent manner, to be used as feedback into the audit cycle.

Review would include check of the presentation and format, and the technical quality
and content of the product. It should ensure that all findings and conclusions are based on
and supported by competent, relevant and reasonable evidence. All assertions of audit
are to be fully supported by the data gathered during the audit. The documentation of
key evidence and its interpretation in audit should clearly establish the manner in which
audit conclusions were reached. The review checks whether the audit product is timely,
comprehensive, and appropriately documented. Timeliness of the audit result may involve
both the meeting of statutory deadlines and the delivering of the audit results when they
were needed for a policy decision or to correct systemic weaknesses.

The response of the auditee should also be adequately reflected, and any
divergence of opinion should be dealt with clearly. The review is expected to assess the
level and quality of the prescribed supervision of the audit, and provide an assurance that
the work has been carried out according to standards and guidelines of the Department.

(v) Developing audit recommendations: All performance audits should conclude

with well thought-out recommendations. For developing recommendations, audit should
identify the underlying cause(s) of a finding, as this forms the basis for the
recommendations. A quality recommendation is one that is:
ƒ Action-oriented-properly-directed, specific, convincing, significant,
positive in tone and content;
ƒ Dealing with underlying causes and should correct the basic cause
of the deficiency;
ƒ Feasible- and is workable; and
ƒ Cost-effective or the benefit to be derived from implementation of
the recommendation outweighs the cost for its implementation.
(vi) Inventory of recommendations: A database of audit recommendations should be
maintained electronically with appropriate grading for effective monitoring and follow-up
of audit recommendations. The database also needs to be updated periodically.

(vii) Follow up: Follow-up of the audit output improves the quality and effectiveness
of audit by assessing the response of clients and stakeholders to the work performed by
audit in terms of results and impact. There should be an assessment of action taken by the
auditee in response to audit findings.

7
(viii) Liaison with clients and stakeholders: Follow up includes interaction with the
auditee units and in case of audit reports presented to the legislature with legislative
committees to ensure adequate attention and prioritisation to important audit findings. This
would also help in identifying areas of public significance for future audit. Other
stakeholders such as government functionaries, NGOs, and citizens groups should also be
engaged in the audit process so as to increase the relevance and usefulness of the audit
products. Public awareness of important audit outputs through the use of the media in
accordance with the media policy of the department is also important.

II - Continuous improvement through Technical inspections, Internal Audit, Peer Review and
Lessons learnt Process

9. Post-audit technical inspections, internal audit and peer review are other
mechanisms of self-assessment as to whether quality procedures are functioning
effectively, and of identification of steps needed to further improve the quality of audit.

(i) Lessons learnt process: A system of self-evaluation whereby audit teams may
review audit practices through post-audit discussions is an important quality assurance
process. The purpose of establishing continuous lessons learnt process is to help ensure
consistent quality in audits and improve the department’s processes on a continuing basis.
Regular internal discussions would help in taking stock of the audit on several parameters
such as:
• Understanding what worked well
• Whether the resources assigned to the audit were reasonable
• Whether findings/conclusions/recommendations got an appropriate response
• Reasons for less successful audits
• Scope for improvement, and
• How these can be achieved.

(ii) The key messages arising from the lessons learnt should be communicated widely
through training, seminars, workshops and guidance.

10. The measures set out above are intended to improve the quality in the audit
process. However, these procedures should not curb the initiative and good judgment of
the auditor in adapting to particular circumstances. The judgment depends upon the audit
task in hand, problems faced during the audit and the auditor’s competence, skill,
expertise and professional qualifications, etc.

11. The framework described above incorporates measures and practices which
when followed would provide a reasonable assurance that audits are conducted in a
manner as to ensure high quality and meet stakeholders’ expectations. The premises set
out here are generally drawn from the ASOSAI guidelines on audit quality management
systems (AQMS). The ASOSAI audit quality management framework is placed at
Annexure – A-1 for additional appreciation.

8
 9

Annexure – ‘A-I’
Key Elements of the SAI’s Audit Quality Management
Framework
Quality Management This element should provide Key Instruments
Element assurance that: employed

Leadership and Direction

1. Tone at the top SAI has appropriate tone-at-the-top policies • Strategic Plan of the
for SAI top management to ensure that the SAI
leadership SAI receives is consistent with • Annual
the highest professional standards, SAI core Activity/Performance
values and its vision and mission. Report
• Audit Advisory
Board
• Auditing Standards
of the SAI

2. Vision, Mission, Core SAI has its own vision, mission and core • Vision, Mission
Values and Auditing values and auditing standards, which Statement and core
Standards conform to the audit quality management values
system. • Strategic Plan
• INTOSAI Auditing
Standards
• SAI Auditing
Standards
3. Strategic Direction and The Strategic Plan prescribes the broad Strategic Planning exercise:
Planning contours for medium term progress of the vision, mission, values,
organisation and should help in establishing including SAI top
goals and delineating ownership & management’s focus areas.
responsibility. The plan also incorporates
the vision, mission and the core values of
the SAI with the objective to improve the
quality and impact of audit, to promote
excellence in audit and for overall
improvement in the quality of governance.
4. Strategic Audit Planning SAI should have in place strategic audit • Strategic Audit
plans defining the goals and objectives to be Plans of the SAI
achieved through audit and the strategic
measures to attain them.

5. Portfolio and Risk The SAI undertakes work that is within its • Act governing audit
Management jurisdiction and authority to audit and that it • Other legislation
 10

efficiently and effectively manages the risks • Strategic Plan of the

involved in performing the audit assignment. SAI
While planning for audit, SAI has considered • Strategic Audit Plan
all deserving and significant for performance and
programmes/entities which are vulnerable to financial audits
risks and /or are seen as important and • Client survey results
relevant for review by legislature, the • Request by
departments and the public. Stakeholders
Human Resources Management
1. Resourcing & Recruitment Audit teams possess the required • Auditing Standards relating
qualifications, collective knowledge to resources and
of the subject matter, competencies recruitment- Human
and the auditing proficiency to Resources rules, policies
enable them to carry out the audits and guidance
and fulfill the audit mandate.
• Specific requirements for
resourcing & recruitment in
the audit manuals on
performance and regularity
auditing (financial and
compliance), audit policies
and guidance,

2. Training and Capacity Building The audit teams designated to carry out the • SAI Auditing Standards
work have adequate technical training and relating to Training
proficiency • Training Plan of the SAI
• Human Resources policies
and guidelines
• Training policies and
guidelines

3. Performance Management and The staff members receive timely and • Performance Appraisal System
Appraisal constructive feedback on their • Human Resources Policies and
performance and have access to Guidance
counselling and guidance to manage and • Counselling, guidance and
develop their careers. monitoring processes
• Professional development through
Personnel selected for advancement i.e. such means as on-the-job training,
those who are promoted are competent self-directed studies, internal and
external assignments
and fully qualified to fulfill the
responsibilities that they will be called
upon to assume.

Personnel undertake professional

development through such means as on-
the-job training, self-directed studies,
internal and external assignments

An evolving learning curricula and

development opportunities are
maintained for the personal growth in
knowledge and experience of the audit
staff
 11

• Personnel Welfare
Personnel welfare and benefit
4. Personnel Welfare and measures are in place in the Policies
Benefits organisation to motivate the staff
to give their best

Audit Management
1. Audit Planning The work is adequately planned • Performance Audit Manual
and the audit issues are • Financial Audit Manual
selected on the basis of risk, • Audit Policy instructions
their relevance to the SAI’s and guidance
mandate, significance and • Software support tools.
auditability.
Criteria that are suitable for
evaluating the subject matter are
identified and developed

2. Staffing for the Audit Adequate staffing is provided for • Audit Manuals and
audit to be conducted efficiently Staffing Manuals
and effectively • Rules and Regulations
governing service,
policy instructions
• Manning schedules
• Reshuffle/reassignment
policies
3. IT Tools Appropriate IT tools are • Software support tools
available in the SAI as a
measure of audit quality
improvement

4. Other tools and guidance Appropriate guidance and audit • Office intranet site
tools and techniques are in • Best Practice Guides
place, useful and applied • Audit policy instructions and
consistently guidelines
5. Conducting the Audit All Audits are conducted with • Performance Audit Manual
due regard for efficiency and • Regularity (Compliance and
economy in terms of time spent Financial) Audit Manual
and resources utilized and in • Approved Audit Plans –
accordance with the legal approved budget and
mandate, policies and practices human resources
of the SAI. • Progress Reports
The audit teams deliver the audit • Electronic Tools
in time, in accordance with the • Sampling guides
 12

SAI’s principles and policies and

audit costs are justified.
6. Consultation and advice Consultation is sought from • Auditing Standards
experts and specialists with • Performance and Financial
appropriate competence, skill, Audit Manuals
knowledge, judgment and • Audit Policies, procedures
authority to ensure due care and and guidelines
authoritative opinion when • Subject matter experts, to
dealing with unusual, unfamiliar provide advice and support
and complex issues. • Audit Forum

7. Supervision and review Personnel working in the audit • Auditing Standards

team receive an appropriate • Financial and Performance
level of leadership and direction audit manuals
so that they are encouraged to • Audit office policies,
perform to their potential and to procedures and guidelines
ensure that audits are properly • Human Resources policies
carried out. and guidance

Adequate supervision of all audit

personnel is provided so as to
ensure that audits are properly
carried out.

All audit work is reviewed by a

senior member of the audit staff
before the audit opinions or
reports are finalized so as to
bring more than one level of
experience and judgment to the
audit task and to ensure that all
evaluations and conclusions are
soundly based and are
supported by competent,
relevant and reasonable audit
evidence as the foundation for
the final audit opinion or report.
8. Evidence Sufficient, appropriate, • Auditing Standards
competent and relevant • Financial and Performance
evidence is obtained to provide audit manuals
a reasonable basis to support • Audit office policies,
the conclusion expressed in the procedures and guidelines
report • Confirmation of findings
resulting from field work
with the audited entities
• Review by senior
management of SAI of
some important reports and
conclusions and their
rationale
 13

• Quality Assurance Review

9. Documentation The system of documentation in • Auditing Standards

the SAI is designed to ensure • Audit Manuals – Financial
that all the audit processes are and Performance
duly recorded and available both • Audit policies, procedures
for subsequent follow-up as well and guidelines
as for future audits. • Quality assurance review
10.Reporting and follow-up The audit report is relevant, • Auditing Standards
coherent and written in plain and • Financial and Performance
easily understandable language Audit Manuals
for the readers. • Review and quality
There is effective review of all assurance before issue of
findings, conclusions and the report
recommendations before • Post-audit quality
finalization. assurance review
• Follow-up/monitoring of
audit recommendations

Client and Stakeholder Relations

1. Communicating audit Post-tabling audit messages are • Office policies and
messages communicated clearly and instructions on this issue
consistently • Guidance on press
releases and response
to media enquiries
2. Feedback from clients and Clients and stakeholders perceive • Tracking of SAI
stakeholders information and audit processes recommendations taken
as useful up by the legislature
• Analysis of external
communications (media,
public enquiries,
references in debate)
• Survey of the legislators
and government officials
on the audit reports and
whether they have
perceived them as useful
3. Relationship between Effective and productive • PAC discussions of the
legislative committees and SAI relationship exists between PAC audit reports
and the SAI as regards • PAC reports –
consideration of the audit reports recommendations of the
by the PAC. The examinations by PAC
the legislative Committees are • SAI’s analysis of the
intended to focus public attention scrutiny of the report by
on the audit findings and to point PAC
to the directions in which
corrective action lies at present
and where care is needed
 14

Continuous improvement

1. Internal Audit An effective internal audit • Auditing Standards

system exists in the SAI to • Internal audit
assist the audit organisation to manual, policies and
achieve effective management guidelines
of its operations, sustain the • Action taken within
quality of its performance & the SAI on the
ensure compliance with internal audit reports
internal control policies and
procedures with the SAI.

2. Internal quality assurance An effective internal quality • Auditing Standards

review assurance review mechanism • Internal quality
exists to provide feedback on assurance manual,
the effectiveness of the policies and
individual engagements for guidelines
financial and performance • Action taken within
audits as to whether they are the SAI on the
performed in terms of internal quality
applicable standards, policies assurance review
and guidance and meet reports
expected quality requirements.

3. Peer Review As part of monitoring and • Peer review reports

review of its own operations, • SAI’s policy and
an SAI may need to further programme on peer
strengthen and improve the review of the audit
internal audit and internal practices
quality assurance • Action taken on the
mechanisms. Independent Peer Review Report
peer review of the SAI’s
operations is an international
best practice. It is left to the
discretion and judgement of
the concerned SAI to
implement this practice in the
manner the SAI considers it
appropriate within the
framework of the existing laws
and conventions in the SAI and
 15

the specific environment in

which it functions.
4. Self-evaluation/ Lessons Audit experience is assessed • Lessons learnt
learnt and opportunities for philosophy
improvement are identified and • Survey instruments
implemented
 16

Annexure ‘B’
SAI India
Audit Quality Management System – Mapping of Guidelines

Para-meters Quality Management Element Key Instrument employed Reference

Leadership Tone at the top Constitution of India Article 148-151 of the Constitution of India
and Direction CAG’s DPC Act
Vision, Mission, Core Values MSO (Audit) Chapter-I of Section II
and Auditing Standards Performance Audit guidelines Chapter-I of PA guidelines
Auditing Standards Chapter-I of Auditing Standards
Strategic Direction and Planning MSO (Audit) Chapter-I of Section II Para – 2.1.25
Performance Audit guidelines Chapter-II of P.A. guidelines
Auditing Standards Para-4, Chapter-III of Auditing Standards
Strategic Audit Planning -do- -do-
Portfolio and Risk Management Risk analysis – ADAI (RS)’s order ADAI (RS)’s DO letter No. 1127/Rep (S)/138-
2002 Dated 4.10.2002 addressed to all
PAsG/AsG along with Proforma for Audit Plan

Human Resourcing and Recruitment MSO (Admn.) Vol. I Para-3.1-IA&AS, 4.1, 4.8, 4.10, 4.12-Gr.B
Resources Officers including Sr. PA, 5.4-Section Officer
Management 6.2-Clerical staff, Para -7.2-7.6-Divisional
Accountants, and Para-8.4-Gr.D.
MSO (Admn.) Vol. III Details recruitment procedure.
Training and Capacity Building MSO (Admn.) Vol. I Para-3.3-IA&AS, 6.3-Clerical staff,
7.7-Divisional Accountants.
Training Manual Chapter-I of Training Manual
Performance Management and MSO (Admn.) Vol. I Para-3.30-IA&AS, 10.11-Gr. B to Gr. D officials
Appraisal
Personnel Welfare and Benefits Orders of DOPT, Ministry of Orders issued from time to time
Personnel, Public Grievances and
Pensions, Government of India
 17

Audit Audit Planning MSO (Audit) Para-2.1.25 page 19

Management Chapter-2 Strategic Planning and selection of
subjects
Performance Audit guidelines Chapter-3 and 4 of PA guidelines
Staffing for the Audit OAD manual of respective field
offices
IT Tools IT Audit Manual
Software support tools-IDEA-5
Other tools and guidance Manuals for each wing/office
Conducting the Audit MSO (Audit), Manuals relating to Section-II to VI of MSO (Audit)
each wing
Consultation and advice Orders issued from time to time
Supervision and review Auditing Standards Chapter-III of Auditing Standards
Performance Audit guidelines Chapter-7 of P.A. guidelines
Evidence MSO (Audit) Para-2.1.10- Audit Evidence

Performance Audit guidelines Chapter-8 of PA guidelines

Documentation Performance Audit guidelines Chapter-5 of PA guidelines
Reporting and follow-up MSO (Audit) Chapter-4 of Section-VII
Auditing Standards Chapter-IV of Auditing Standards
Client and Communicating audit messages MSO (Audit) Chapter-4 of Section-VII
Stakeholder
Relations Feedback from clients and MSO (Audit) Chapter-4 of Section-VII
stakeholders
Relationship between legislative MSO (Audit) Chapter-4 of Section-VII
committee and SAI

Continuous Internal Audit MSO (Audit)/ Section-III of Chapter-24

Improvement MSO (Audit) Vol. I Para 1.17 of Chapter-I
Internal quality assurance review Director General (Inspection, O/o the
CAG of India)
 18

Peer review Conducting of Peer Review was Manual is under preparation

recommended in AG’s conference in
2003. It was approved by CAG in the
file of Inspection wing in March 2004.
Self-evaluation/Lessons learnt Reports of Internal Audit, Inspection
by DG., Peer Review and Important
points circulated by DI Inspection