PROJECT REPORT ON

“A DETAILED STUDY ON INTERNAL AUDIT WITH REFERENCE TO HDFC &

ICICI Bank”
A PROJECT SUBMITTED TO
UNIVERSITY of MUMBAI FOR PARTIAL COMPLETION OF
THE
DEGREE OF BACHELOR IN COMMERCE “ACCOUNTING AND
FINANCE”
UNDER THE FACULTY OF COMMERCE

BY

SIMRAN KUKREJA

UNDER THE GUIDANCE OF

PROF. ANIKA VALECHA

SINDH EDUCATION SOCIETY’s

SWAMI HANSMUNI MAHARAJ DEGREE

COLLEGE OF COMMERCE

NETAJI ROAD, ULHASNAGAR-421004

2020-2021
 DECLARATION BY LEARNER

I the undersigned MISS SIMRAN KUKREJA here by, Declare that the work embodied
in this project work titled “A DETAILED STUDY ON INTERNAL AUDIT WITH
REFERENCE TO HDFC & ICICI Bank” forms my own contributions to the research
work carried out under the guidance of ANIKA VALECHA is a result on my own research
work and has not been previously submitted to any other university for any other Degree/
Diploma to this or any other University.

Wherever reference has been made to previous work of others, it has been clearly
indicate as such and include in the bibliography.

I here by further declare that all information’s of this document has been obtainedand
presented in accordance with academic rules and ethical conduct.

Name and signature of the learner

Certified by

Name and Signature of the Guidance teacher

 ACKNOWLEDGEMENT

I would like to acknowledge the following as being idealistic channels and fresh
dimension in the completion of this project.

I take this opportunity to thanks the University of Mumbai for giving me chance to dothis
project.

I would like to thank My Principal, KIRAN CHIMNANI for providing

thenecessary facilities required for completion of this project

I take this opportunity to thank our co-ordinator ANIKA VALECHA for her
moral support and guidance.

I would also like to express my sincere gratitude towards my project guide

ANIKA VALECHA whose guidance and care made the project successful.

I would like to thank my College Library, for having provides various reference booksand
magazines related to my project.

Lastly, I would to thank each and every person who directly or indirectly helped me inthe
completion of the project especially my parents and peers who supported me throughout my
project.
 CERTIFICATE

This is to Certify that Ms. Simran Kukreja has worked and duly completed her Project work for the
degree of Bachelor

In Commerce (Accounting and Finance) under the faculty of commerce in the subject of Finance and her
project is Entitled, “Detail study of Internal Auditing with reference to HDFC AND ICIC BANK” under
my supervision.

I Further Certify that the entire work has been done by the learner under my guidance and that no
part of it has been submitted previously for any Degree or Diploma of University.

It is her/ his own work and facts reported by her personal findings and investigations

Name and Signature of Guiding Teacher

Date of Submission
 INDEX

CHAPTER No.1 INTRODUCTION 5

CHAPTER No. 2 RESEARCH METHODOLOGY

CHAPTER No.3 LITERATURE REVIEW

CHAPTER No.4 DATA ANALYSIS, INTERPRETATION AND

PRESENTATION CHAPTER NO.5 CONCLUSIONS & SUGGESTIONS

Meaning of Auditing 1 Introduction
The term audit is derived from a Latin word “audire” which means to hear authenticity of
accountsis assured with the help of the independent review.

Audit is performed to ascertain the validity and reliability of information. Examination of books and
accounts with supporting vouchers and documents to detect and prevent error, fraud is the primary
function of auditing.

Auditor has to check the effectiveness of internal control systems for determining the extent
ofchecking out the audit.

Initially its meaning and use were confined merely to cash audit, and the auditor has to ascertain
whether the persons are responsible for the maintenance of accounts had adequately accountedfor
all the cash receipts and the payment on behalf of this principle.

But the word audit has an extensive usage, and it now means a thorough scrutiny of the books of
accounts and its ultimate aim is to verify the financial position disclosed by the balance sheet andprofit
and loss accounts of a company.

In short, an audit implies an investigation and a report. The process of checking and vouching
continues until the study is completed and the auditor enables himself to report under the terms ofhis
appointment.

1.1 Internal Audit

Internal audits evaluate a company’s internal controls, includingits corporate
governance and accounting processes. They ensure compliance with laws and
regulations and help to maintain accurate andtimely financial reporting and data
collection. Internal audits also provide management with the tools necessary to attain
operationalefficiency by identifying problems and correcting lapses before they are
discovered in an external audit
Definition
‘Internal auditing is an independent objective assurance and consulting
activity designed to value and improve an organization’s operations. It helps
an organization accomplish its objectives by bringing a systematic,
disciplined approach to evaluate and improve the effectiveness of risk
management control and governance process’.

Types of Auditing

1. MANAGEMENT AUDIT: The purpose of management audit is to assess the performing, review
the organizational structure and suggest the best course of action. It is a voluntary audit and an
audit(he can go through management functions to check the policies.

2. TAX AUDIT: The purpose of auditing is to satisfy the taxation officers. The can be conducted to
determine the income. The sole proprietors and partnership firms can settle their tax matters through tax audit

3. SOCIAL AUDIT: The purpose of the social audit is to measure social performance of the business. The
society is concerned with the Protection of natural environment The social audit canexamine the business
performance of the society

4. PROPRIETY AUDIT : the purpose of propriety audit is to examine the proper use of money. There is a
requirement of economic use of resources in the best interest of business. There must be a justification for
spending every rupee for the benefit of business. The audit can determine thewise use of money.

5. COST AUDIT: The purpose of cost audit is to verify the correctness of cost accounts. The management
must have followed the cost objectives in maintaining books and other records. Thecost audit can help the
management to improve the efficiency in doing business.
 1.2 History of Audit (Background)

Period Audit ordinates Auditors Objectives of the audit

Up to Kings, emperors. People of the state or The punishment of the thieves
1700 Churches and the scribes for the funds changing direction.
state
Protecting assets.

1700 – States, Courts, and Accountants Repressing fraud and

1850 shareholders punishment of the authors
Protecting the assets.

1850 – The state and the Professional Avoiding fraud and errors and
1900 shareholders accountants or attesting the viability of
lawyers the balance sheet.

1940 – The state and the Professionals in audit Attesting the honesty and
1970 and accounting and regularity of the historical
Shareholders counselling financial data/

1970 – The state, the third Professionals in audit Attesting the quality of the
1990 and the and counselling internal control and respecting
shareholders the accounting norms and the
audit norms.
1990+ The state, the third Professionals in audit
and the and counselling
shareholders The protection against
international fraud

1
1.3 UNDERSTANDING INTERNAL AUDIT

Internal audits play a critical role in a company’s operations and

corporate governance, especially now that the Sarbanes-Oxley Act
of 2002 (SOX) holds managers legally responsible for the accuracy
of their company's financial statements. SOX also required that a
company's internal controls be documented and reviewed as part
of their external audit. Internal controls are processes and
procedures implemented by a company to ensure the integrity of its
financial and accounting information, promote accountability, and
help prevent fraud. Examples of internal controls are segregation
of duties, authorization, documentation requirements, and written
processes and procedures. Internal audits seek to identify any
shortcomings in a company's internalcontrols.
In addition to ensuring a company is complying with laws and
regulations, internal audits also provide risk management and
safeguardagainst potential fraud, waste, or abuse. The results of
internal audits provide management with suggestions for
improvements to current processes not functioning as intended,
which may include information technology systems as well
as supply-chain management. Cybersecurity is becoming
increasingly important as companies need to protect their
confidential electronic information fromoutside attacks.

Internal auditors generally identify a department, gather an

understanding of the current internal control process, conduct
fieldworktesting, follow up with department staff about identified
issues, preparean official audit report, review the audit report with
management, and follow up with management and the board of
directors as needed to ensure recommendations have been
implemented.

2
 1.4 Internal Audit Process

Internal auditors generally identify a department, gather an

understanding of the current internal control process, conduct
fieldworktesting, follow up with department staff about identified
issues, preparean official audit report, review the audit report with
management, and follow up with management and the board of
directors as needed to ensure recommendations have been
implemented.

Assessment Techniques
Assessment techniques ensure an internal auditor gathers a full
understanding of the internal control procedures and whether
employeesare complying with internal control directives. To avoid
disrupting the daily workflow, auditors begin with indirect
assessment techniques, such as reviewing flowcharts, manuals,
departmental control policies orother existing documentation. If
documented procedures are not being followed, direct discussion
with department staff may be necessary.

Analysis Techniques
Auditing fieldwork procedures can include transaction matching,
physical inventory count, audit trail calculations, and
account reconciliation as is required by law. Analysis techniques
may test random data or target specific data, if an auditor believes
an internalcontrol process needs to be improved.

Reporting Procedures
Internal audit reporting includes a formal report and may include
a preliminary or memo-style interim report. An interim report
typically includes sensitive or significant results the auditor thinks
the board of directors needs to know right away. The final report
includes a summary of the procedures and techniques used for
completing the audit, adescription of audit findings, and
suggestions for improvements tointernal controls and control
procedures. The formal report is reviewed with management and

3
recommendations

4
for improvement are discussed.Follow up after a period of time is
necessary to ensure the new recommendations have been
implemented and have improved operatingefficiency.

5
 1.5 Challenges of Internal Audit

There is difficulty in finding the ‘right talent’. They are critical

skills and attributes needed in the internal audit department; some
them include integrity, courage, conflict management skills
business knowledge, ability to communicate well and many others.
CAE’s have reported thatis difficult to find all these qualities in
one person and this in turn has ledto a shortage in staff and human
resource needed for their departments. A shortage in staffing has
led to an increase in pay for a lot of internal auditors. Hiring and
keeping the “right kind of talent,” is internal audit’sgreatest
challenge.
Matching the skills of internal audit personnel with an
organization’s needs and demands. Most companies reported
having too many internal auditors with financial reporting
compliance skills. And some internal auditors are mainly focused
on IT functionalities. This leaves gaps in other significant areas like
Fraud prevention and detection, Tax, Controlsand transactions.
There is a need for greater focus on matching the skills of internal
audit personnel with an organization’s needs and demands.
Delivering Additional Value. An ongoing challenge for internal
audit relates to multiple stakeholder expectations which, at times,
May differ.Internal auditors are now expected to do a lot more by
stakeholders. AndAt the top of the list is providing more insight on
risk and helping the company to be able to adapt to handle the
forever changing nature of risk.Some of these risks an internal
auditor is now expected to add insight toinclude; cybersecurity,
emerging markets, regulatory compliance, third- party
relationships and IT governance. Requiring the Internal Auditor to
perform duties outside its functionality also makes it difficult for
internalaudit to provide independent assurance to the board if IA
ends up takingon risk management duties that are intended for
management.

6
Use of technology in Internal audit. There is the need to do a better
jobat leveraging technology in internal audit including using data
analytics. Internal audit departments need to leverage their
knowledge and technology to improve their coverage. They should
also develop metricsthat show the value of the expanded services.
Many internal auditdepartments admit they are struggling to find
good IT auditors.
Gaining trust. Robert King, the chief audit executive at FedEx,
outlined another difficult challenge of internal audit at the
SuperStrategies 2016 conference. And that is, Building trust,
especially since it can take a longtime to build, but can be damaged
in the blink of an eye. As an internal auditor trust has to be earned
and cannot be solely given on reputation. To gain stakeholder trust
in your ability to execute and provide value forthe organisation can
take quite a long time. According to King, a few ofsteps along the
way to earning trust include being transparent, fair, candid, and
personable.
Adjusting to these challenges and turning them into opportunities
to improve business performance will require a modern day
internal auditorto think differently and react quickly to them.

1.6 Characteristics of internal audit

Surprise audits are not welcomed by anyone. A schedule should be

set and communicated to everyone, preferably at the beginning of
the year.There’s no need to audit all processes at once; different
processes can be audited at different times throughout the year,
organizations just need tomake sure that at the end of the year all
processes have been audited.

Auditors need to demonstrate in-depth knowledge of the standard

whichthey are auditing against and they should have an
understanding of the processes being audited. They should be
objective and impartial; this means that they can’t audit a process
which they manage or control. Large organizations usually have a
team of trained auditors, but that is not necessary; an alternative is
to hire the services of an externalconsultant to perform the internal
audits.

The essential features of Auditing are explained below;

1. Systematic process
Auditing is a systematic and scientific process that follows a
sequence of activities, which are logical, structured, and organized
.
2. Absence of Third-party relationship
The audit process involves three parties, that is, shareholders,
managers, and auditors.

3. Subject matter
Auditors give assurance on a specific subject matter. However, the
subject matter may differ considerably, such as – data, systems or
processes and behavior.

4. Evidence
The auditing process requires collecting the evidence, that is,
financial and non-financial data, and examining thereof.

5. Established criteria
The evidence must be evaluated regarding established criteria,
which include International Accounting Standards, International
Financial Reporting Standards, Generally Accepted Accounting
Principles, industry practices, etc.

6. Opinion
 The auditor has to express an opinion as to the reasonable
assurance on the financial statements of the entity.

7. Minimizing the company’s business risk

Internal audit helps in minimising the business risk and detects the failure in the system
quickly and enable to take the corrective actions

8. Part of Internal Control

a) Detective: Designed to detect errors or irregularities that may have occurred.
b) Corrective: Designed to correct errors or irregularities that have
been detected.
c) Preventive: Designed to keep errors irregularities from occurring in the first
place.

Advantages And Disadvantages Of Internal Audit

1. To Discover Errors And Frauds

Internal audit helps to discover accounting errors and frauds so that they can be rectified
before the final audit.

2. To Maintain Proper Accounting

It helps to maintain proper accounting system in the organization. It ensures accuracy and
authenticity of accounting records.

3. Provides Base For Final Audit

Internal audit examines and verifies entire books of accounts and locate mistakes
and frauds. So, conduction of final audit becomes easier.

4. Increase Employees Efficiency

Internal audit alerts the staffs by checking their performance regularly. It helps to increase their
efficiency and also helps to minimize errors.
5. Proper Utilization Of Resources

Internal audit ensures proper utilization of resources by detecting their misuse. It helps to
increase operational efficiency and productivity.

6. Valuable Suggestions

It gives suggestions and instructions regarding the financial and operational activities of the
organization. So it helps to maintain better management, proper supervision and effective
control

Disadvantages/Demerits Of Internal Audit

1. Not Suitable For Small Firms

Internal audit is not suitable for small business organizations with less financial and
operational activities.

2. Not Acceptable

It is conducted for internal purpose only. It is not accepted by shareholders and other
external users.

3. Chance Of Errors

There may be a chance of errors because of the poor knowledge of the audit staff.

4. Time Consuming

It takes a long time to perform internal auditing. It may disturb regular office work.

Internal audit qualities

1. Commerciality
Internal audit isn’t just about checking transactions and controls; it is also a consultancy
activity. It requires an appreciation of the strategic dimension and how business is done.
Recommendations to strengthen practices in one area could have a consequential effect
elsewhere and a balanced view is required. Some of the biggest risks are non-financial (such
as reputational damage, through quality issues) or are not directly related to systems and
processes. The auditor needs to be mindful of the big picture, as well as cost constraints.
2. Attention to detail
The auditor must understand the detailed aspects of processes and also to have
an eye for the unusual.

3. Empathy
The auditor should understand the challenges and pressures staff face and gain their
confidence. Being able to think about practicalities, such as whether reports are easy to
use, is also helpful. There should also be an understanding of the constraints of smaller
businesses. A pragmatic approach is needed to encourage staff in their work and when
focusing on how to improve.

4. Positivity
While lessons can and should be learned from the past (both good and bad), it is important for
the auditor to focus on the future and avoid being unnecessarily critical.

5. Impartiality
The auditor should be able to stand back and not be unduly influenced by the agendas of
others. They must be prepared to be firm in their opinions and also to be critical where
necessary, but always in a constructive fashion.

The board or audit committee has a role to play here as impartiality is easier to achieve if they
have a strong relationship with the internal auditor.

6. An acknowledgement of their own limitations

While a broad skill set is required, there may occasionally be areas that are outside the
auditor’s skill set. The auditor should be prepared to request specialist support where needed.

7. Some familiarity with the organisation

Familiarity makes it easier for the auditor to connect with what’s happening in the business
and to operate effectively, but they should always retain their independence.

8. Flexibility
The auditor should have the ability to quickly adapt to new scenarios and to relate to people at
all levels in the organisation.
 9. Report-writing skills
Reports should be clearly laid out to make it easy for recipients to follow. There should be
clear recommendations and a summary of key points, with management’s responses. There is
merit in having a rating system to measure the assurance obtained from each piece of work.

10. Last but not least – board backing

Internal audit should make a genuine contribution to helping the business move forward.

It is not just about compliance. Internal audit will only be truly effective if it is received
positively by the organisation. To make that happen, it needs to be delivered by the right
people with strong board backing.

Audit Evidence
An audit is a systematic independent examination of financial statements, records, documents
with an objective to express an opinion on the financial statements of an entity whether they
are giving a true and fair view or not. Auditor expresses his opinion (whether the financial
statements of an entityare giving a true and fair view or not) on the basis of audit evidence
collected by him.

An auditor applies various audit procedure to obtain audit evidence which enables him to
form an opinion whether the financial statements of an entity are free from material
misstatement and state atrue and fair view or not.

Audit Evidence is the information that the auditor uses in arriving at a conclusion on the basis
ofwhich he forms his opinion.

The auditor should obtain sufficient and appropriate evidence which enables the auditor to
arrive at aconclusion and supports his opinion. Audit evidence forms the basis for forming an
opinion whether.
 Essentials of good audit evidence

1. Sufficiency : Sufficiency is the measure of quantity. Audit evidence is sufficient when

theyare available in adequate quantity. An auditor applies different audit procedures
to obtainsufficient audit evidence like test checking.

2. Reliable: Evidence obtained by the auditor is persuasive rather than conclusive. We

cannot consider such evidence 100% reliable for forming an opinion. Reliability of audit
evidence depends on its source and nature of such evidence.

3. Source: Audit evidence obtained within the enterprise is known as the internal source.
Evidence obtained from an outside enterprise like confirmation from the third party is
knownas the external source. We consider the external source to be more reliable.

4. Nature: Can be documentary (like bills, vouchers), visual (like the physical verification
of fixedassets), or oral (confirmation from employees)

5. Relevant: Whether the audit evidence obtained by the auditor is relevant or not depends
on the purpose of audit procedures.

PRIMARY OBJECTIVES

The Primary objectives of auditing are as below;-

1. FAIRNESS OF STATEMENTS: The purpose of auditing is to determine the fairness of

statements. The financial statements can show true and fair view after auditing. Due to
limitationsof financial statements it is not possible to provide cent percent accuracy, So an attempt
is made to show the fair view of financial statements.

2. PRESCRIBED LAWS: The purpose of the audit is to check that prescribed laws have
been followed in the preparation of financial statements. There are various laws that govern the
wor
of many businesses. The auditor can indicate whether the prescribed laws were followed in the
preparation of final accounts.

3. ACCOUNTING POLICIES: The purpose of auditing is to examine the accounting

policies. There is need to follow the accounting policies for preparing accounting records. The
effective accounting system can provide better results. The auditor can express an opinion on the
accounting policies in the best interest of business.

4. INDEPENDENT OPINION: The purpose of the audit is to express an independent

opinion.The auditor must be honest in his work. Management and other persons must not
influence him There must be high ethical standard for independent reporting.

B) SECONDARY OBJECTIVES

The Secondary objectives of auditing are as below;-

6 . DETECTION OF ERRORS: The purpose of auditing is to detect the errors. The

auditor can use ways and means to find out errors in the accounting records. It is the duty of
management toavoid errors. The independent audit work is helpful for discovery and correction
of errors.

7. PREVENTION OF FRAUDS: The purpose of auditing is to Prevent frauds. In

accounting, it includes manipulation or alteration of records and misappropriation of assets, an
omission of theeffects of the transaction from records or documents, recording of the transaction
without substance and misapplication of accounting policies. The effective internal check is a
useful tool to prevent frauds.
 CHAPTER 2-RESEARCH METHODOLOGY

2.1-Problem definition
There is not much awareness about internal audit present in the
market The ca firms business institution should always practice
internal audit asa mandatory option

2.2-objective of study
The objectives of an internal audit are to:
establish the areas of risk in the area being audited;
establish the controls in place to address those risks and review
theiradequacy;
check whether the University’s financial regulations are being followed;
carry out detailed testing of the controls being relied on; and
make recommendations where weaknesses or inefficiencies are
observed.

Proper Control

One of the main objectives of an internal audit is to keep stringent

control over all the activities of an organization. The management
needs assuranceof the authenticity of the financial records and the
efficiency of the operations of the firm. An internal audit helps
establish both.

Perfect Accounting System

An internal audit keeps a very close check on the accounting system

of an organization. It checks everything from the vouchers, to the
authority oftransactions to mathematical accuracy. All entries are
verified against documents and other proof. Chances of mistakes or
frauds are greatly reduced.

Review of Business

1
 The purpose of an internal audit is to keep a check on the financial
and operational aspects of a business. So as the current financial
year is ongoing, internal audit can point out the mistakes, weak
points, and

strengths of the business. This will allow an ongoing review, instead

of waiting till the year-end.

Asset Protection

In the process of internal audit, there is always a valuation and

verificationof an asset. There is also a physical verification of the
ownership and possession of the asset.
And in case of special transactions like sale, purchase or revaluation
of theasset, the authorization of this is also audited in an internal
audit. So theassets enjoy complete protection.

Keeps a Check on
Errors
In a financial audit, the auditor will be able to determine if any
mistakeswere made in the financial records. But this only happens
at the end of thefinancial year.
And the mistakes are corrected thereafter. But in case of an
internal audit, the mistakes are spotted as soon as they are made,
and corrected immediately.

Detection of Fraud

In case the company has an internal audit in place, the detection of

fraudbecomes much easier. This is because there is a year-round
check on theemployees.
In fact, an employee is less likely to attempt fraud in the presence
of an internal auditor. He will not have any time gap between the
occurrence offraud and its detection to cover it up. This will
dissuade employees fromcommitting fraud.
One of the main objectives of an internal audit is to keep stringent
control over all the activities of an organization. The management

1
needs assurance of the authenticity of the financial records and the
efficiency of the operations of the firm. An internal audit helps
establish

1
Scope of Auditing

In comparison with earlier days, where the main objective of auditing was to detect fraud, we
nowhave enhanced ways to determine a true and fair view of financial statements. In recent times,
almost every country of the world has introduced various legislations and framed rules and regulation
of auditing. In India also legislations related to Tax Audit, Cost Audit, Management Audit and
operation Audit, etc. are coming up.

The main purpose of auditing is to certify the correctness of financial statements and to detect
Fraud.
17
 2.3 Sources of data
The data is covered by using the following :

primary data :

Information is collected by oral discussion from 5 Practicing

Chartered Accountants.
secondary data

Secondary data is also referred needed this data is obtained

through byfollowing means :~
1. Data available on internet
2. Books
3. Financial website
4. Audit Report
5. Annual Report

2.4 Exploratory design

Exploratory desig :Exploratory research conducted for a problem

that has not been not studied more clearly, intended to establish
priorities, develop operational definition and improve the final
research design.

2.5 Sample size

50 respondents from Mumbai

1
 CHAPTER-3
REVIEW OF
LITERATURE

Aftab Ahmad Khan, Management audit an effective tool for

ensuring all round efficiency this paper explains that management
audit as a concept in management literature evolved over a period of
seven decades. It was T.G. introduced Rose, an industrial consultant
from the United Kingdom who had first the concept of management
audit in a paper he presented in 1932 before the Institute of
Industrial Management (now merged with the British Institute of
Management).The management audit concept, however, received
greater attention in the United States of America. Jackson
Martindell, an investment consultant and founder President of the
American Institute of Management (incorporated in 1948) developed
a logical system of theconcept of management and employed it for
evaluating 52 publicly owned companies from 1948 to 1960. These
studies were published under the title, ―Investment Value of
Management Excellence‖. Few business terms have had as many
meanings in so short a period of time as management audit. For this
reason the modern management audit is often confused with its
better known (and understood) historical antecedent – financial
audit. Both of course, involve the gathering of information that can
aid decision making – a process as old as history.

G.S. Batra, Management audit as a service to public

enterprise management: a study of management audit and the
memorandum of understanding (MOU) system in India‘ the result
reviews that there is a constant demand from public enterprise
managers for increased autonomy in order to ensure better
efficiency and effectiveness in publicenterprises. The system of

1
MOU and

2
 Management Audit by articulatingthe missions, objectives
and expected results along with the methods ofperformance
evaluation goes a long way towards improving the performance of
public enterprises. Hence by adopting these strategies public sector
management in India is shaping up to face turbulent times.

Government of Saskatchewan News Release (2007) Results of

Independent Forest Management Audit Released, this article
refers the results of the second independent sustainable forest
management audit conducted under Saskatchewan's updated
legislation were released today, highlighting requirements for
monitoring and reporting of forest practices in the provides
correct auditing

Gurdeep Singh Batra, Narinder Kaur, ‗Emerging Dimensions of

Audit Accountability: A Case Study of Public Enterprise
Management and Efficiency Audit in India‘ this paper finds that
audit control over publicenterprises varies from case to case, and
the CAG should interpret this power according to the need of
situation, and there should be external efficiency audit for public
enterprises.

Dale L. Flesher,‗A Management Audit of Small Business

Long- Term Financial Affairs‘ the result suggested that the owner
or manager of a small business can conduct the audit on sort of a
do-it- yourself basis. Although every department could possibly
benefit from such an audit, itis the long-term financial management
of the organization that might profit the most from a value-for
money audit.

Dale L. Flesher,‗An Operational Audit of Working Capital

2
Management‘ this article explores that intended to end the
oversight.

2
 Anoperational audit can lead to better management of
working capital in the same way that it can lead to better
management of a production areaor by a treasurer who merely
wants to perform a self-audit of his or her own department's
efficiency and effectiveness.

F.Y. Chan, W. Willborn, H. Xiao, H. Li, ‗Research

Report: An Expert System for Quality Management Auditing‘ this
reports on thedevelopment of an expert system designed for auditors
of quality management, discussing its development process (QMA-
1), composition and structure. The system was tested in 20 Chinese
organizations and user feedback reported. Outlines plans for future
development of the system.

Gerrit Sarens Ignacio De Beadle, ‗The Relationship

Between Internal Audit and Senior Management: A Qualitative
Analysis of Expectations and Perceptions‘ this study finding that
senior management's expectations have a significant influence on
internal audit and that internal audit, generally, is able to meet most
of these expectations.

Kristin Reichborn-Kjennerud, ‗Auditors‘ understanding

of evidence: Aperformance audit of an urban development
programme‘ this article concerning the performance auditors‘ roles
as improvement agents and independent controllers is that the
improvement agenda often implies interacting closely with the
auditees whereas controlling requires independence.

2
Merce Bernardo, Marti Casadesus, Stanislaw Karapetrovic, Iwaki Hears,
‗Relationships between the integration of audits and management
systems: An empirical study‘ this study explore that it was found
that organizations that exhibited a higher level of integration of
their standardized MSs also demonstrated more highly-integrated
audits. In addition, the level of integration was generally higher for
internal compared with the external audits.

John Innes, External Management Auditing of Companies: A

Survey of Bankers‘ this paper revealed strong support from the
bankers for external management audit reports and the bankers
would like these reports to include assessments both of the general
management function and of certain individual business functions.

J. Lover, ‗The management audit function: Perceptions

of internal auditroles, effectiveness and evaluation‘ the results of
the study suggest significant expansion and refocus of the role of
MA and perceptions of its effectiveness. However, the findings also
suggest that performance evaluation mechanisms of MA have not
evolved contemporaneously. The misalignment between the role
and evaluation gives rise to difficultyin assessing the extent to
which IA functions are meeting stakeholders' expectations.

Kristin Reichborn-Kjennerud, ‗Auditors‘ understanding of

evidence: A performance audit of an urban development
programme‘ this article concerning the performance auditors‘
roles as improvement agents and independent controllers is that
the improvement agenda often implies interacting closely with the
auditees whereas controlling requires independence

2
 Chapter- 4 Data Analysis and Interpretation

AUDIT REPORT OF HDFC BANK

2
 Analysis of Balance sheet

Above table show the balance sheet of HDFC BANK.

A balance sheet gives a statement of a business’s assets, liabilities and shareholders equity
at a specific point in time. They offer a snapshot of what your business owns and what it
owes as well as the amount invested by its owners, reported on a single day. A balance
sheet tells you a business’s worth at a given time, so you can better understand its
financial position.

Total liabilities of the bank in the year 2020 is 1,5305,112,589 . As c0ampare with the
year 2019 liabilities are more then 2019. Capital of hdfc bank is 5483286. Deposits in 2020
is more then 2019. Borrowings of hdfc bank is 1446285372 . Other liabilities of the bank
in the year 2020 is 673943986. As we see the asset side of balance sheet cash balance ,bank
balance and amount of other items is more as camporee with year 2019.cash balance that
they have kept with reserve bank of India in the 2020 is 722051210. Investments of Hdfc
bank is 3918266581. Investments is increased by 7% in 2020 . Fixed and other assets are
also increased by 11%.

The rate of percentage is increased in 2020 as compare with 2019.. Performance of the
bank is good and effective.

When we compare the balance sheet of the HDFC bank with the year 2019 we can
that the balances of the bank are increased in 2020.Balancesheet of the bank is
prepared as per the accounting standards.

2
hkjhnknkn

2
Independent Auditor’s Report

2
2
 To the Members of HDFC Bank Limited

Report on the Audit of the Standalone Financial Statements OpinionWe have audited the
standalone financial statements of HDFC Bank Limited (“the Bank”), which comprise the
Balance Sheet as at

March 31, 2020, the Profit and Loss Account, Cash Flow Statement for the year then
ended, and notes to the standalone financial

statements, including a summary of significant accounting policies and other explanatory

information.

In our opinion and to the best of our information and according to the explanations given
to us, the aforesaid standalone financial

statements give the information required by the Banking Regulation Act, 1949 as well as
the Companies Act, 2013 (“the Act”) in

the manner so required for Banking Companies and give a true and fair view in
conformity with the accounting principles generally

accepted in India, of the state of affairs of the Bank as at March 31, 2020 and its profit and
its cash flows for the year ended on that

date.

Basis for Opinion

We conducted our audit in accordance with the Standards on Auditing (SAs) specified
under Section 143(10) of the Act.

Our responsibilities under those Standards are further described in the Auditor’s
Responsibilities for the Audit of the Standalone

Financial Statements section of our report. We are independent of the Bank in accordance
with the Code of Ethics issued by the

Institute of Chartered Accountants of India (“the ICAI”) together with the ethical
requirements that are relevant to our audit of the

standalone financial statements under the provisions of the Act and the Rules thereunder,
and we have fulfilled our other ethical

responsibilities in accordance with these requirements and the Code of Ethics. We believe
that the audit evidence we have obtained is sufficient and appropriate to provide a basis for
our opinion.

Emphasis of Matter

3
 We draw attention to Note 43 to the standalone financial statements, which describes that
the extent to which the COVID-19

Pandemic will impact the Bank’s standalone financial statements will depend on future
developments, which are highly uncertain.

Our opinion is not modified in respect of this matter.

Key Audit Matters

Key audit matters are those matters that, in our professional judgment, were of most
significance in our audit of the standalone financial

statements of the current year. These matters were addressed in the context of our audit of
the standalone financial statements as a whole, and in forming our opinion thereon, and we
do not provide a separate opinion on these matters.

Key audit matters

The Reserve Bank of India’s (“RBI”) guidelines on Income recognition and asset
classification (“IRAC”) prescribe the prudential norms for identification and classification
ofnon-performing assets (“NPA”) and the minimum provision required for such assets.

The Bank is required to have Board approved policy as per IRAC guidelines for NPA
identification and provision.

The Bank is also required to apply its judgement to determine the identification and
provision required against NPAs by applying quantitative as well as qualitative factors. The
risk of identification of NPAs is affected by factors like stress and liquidity concerns in
certain sectors.

The provision on NPA are estimated based on ageing and classification of NPAs, recovery
estimates, nature of loan product, value of security and other qualitative factors and is
subject to the minimum provisioning norms specified by RBI and approved policy of the
Bank in this regard. Additionally, the Bank makes provisions on exposures that are not
classified as NPAs including advances in certain sectors and identified advances or group
advances that can potentially slip into NPA. These are classified as contingency provisions.

In line with the COVID-19 Regulatory Package, the Bank has framed policies for
providing moratorium as a relief measure to the borrowers. Since the identification of NPAs
and provisioning for advances require significant level of estimation and given its
significance to the overall audit including possible observation by RBI which could result
into disclosure in the financial statements, we have ascertained identification and provisioning
for NPAs as a key audit matter.

3
 How our audit addressed the key audit matter The Bank has a complex IT architecture to
support its day to day business operations. High volume of transactions is processed and
recorded on single or multiple applications. The reliability and security of IT systems plays
a key role in the business operations of the Bank. Since large volume of transactions are
processed daily, the IT controls are required to ensure that applications process data as
expected and that changes are made in an appropriate manner.

Appropriate IT general controls and application controls are required to ensure that such
IT systems are able to process the data, as required, completely, accurately and consistently
for reliable financial reporting. We have identified ‘IT systems and controls’ as key audit
matter because of the high level automation, significant number of systems being used by
the management and the complexity of the IT architecture and its impact on the financial
reporting system. For testing the IT general controls, application controls and IT dependent
manual controls, we involved IT specialists as part of the audit. The team also assisted in
testing the accuracy of the information produced by the Bank’s IT systems. We gathered a
comprehensive understanding of IT applications landscape implemented at the Bank. It was
followed by process understanding, mapping of applications to the same and understanding
financial risks posed by people-process and technology.

Our key IT audit procedures includes testing design and operating effectiveness of key
controls operating over user access management which includes user access provisioning,
de-provisioning, access, review, password configuration review, segregation of duties and
privilege access, change management (which include change release in production
environment are compliant to the defined procedures and segregation of environment is
ensured), program development (which include review of data migration activity), computer
operations (which includes testing of key controls pertaining to, backup, Batch processing
(including interface testing), incident management and data centre security), System
interface controls. This included testing that requests for access to systems were
appropriately logged, reviewed and authorized. Also, entity level controls pertaining to
policy and procedure and Business continuity plan assessment due impact of COVID-19 was
also part of our audit procedure. In addition to the above, the design and operating
effectiveness of certain automated controls, that were considered as key internal system
controls over financial reporting were tested. Using various techniques such as inquiry,
review of documentation / record / reports, observation and re-performance. We also tested
few controls using negative testing technique. We had taken adequate samples of instances
for our test. Tested compensating controls and performed alternate procedures, where
necessary. In addition, understood where relevant, changes made to the IT landscape during the
audit period.

Auditor’s Responsibilities for the Audit of the Standalone Financial Statements

3
 Our objectives are to obtain reasonable assurance about whether the standalone financial
statements as a whole are free from material misstatement, whether due to fraud or error, and to
issue an Auditor’s report that includes
our opinion. Reasonable assurance is a high level of assurance but is not a guarantee that an
audit conducted in accordance with SAs will always detect a material misstatement when it exists.
Misstatements can arise from fraud or
error and are considered material if, individually or in the aggregate, they could reasonably be
expected to
influence the economic decisions of users taken on the basis of these standalone financial
statements. As part of
an audit in accordance with SAs, we exercise professional judgment and maintain professional
scepticism
throughout the audit. We also: • Identify and assess the risks of material misstatement of the
financial statements,
whether due to fraud or error, design and perform audit procedures responsive to those risks,
and obtain audit
ev
idence that is sufficient and appropriate to provide a basis for our opinion. The risk of not
detecting a material misstatement resulting from fraud is higher than for one resulting from
error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the
override of internal control. • Obtain an understanding of internal
control relevant to the audit in order to design audit procedures that are appropriate in the
circumstances. Under
Se
ction 143(3)(i) of the Act, we are also responsible for expressing our opinion on whether the Bank
has internal
financial controls with reference to financial statements in place and the operating effectiveness
of such controls. • Evaluate the appropriateness of accounting policies used and the
reasonableness of accounting estimates and
related disclosures made by Management. • Conclude on the appropriateness of Management’s
use of the going
concern basis of accounting and, based on the audit evidence obtained, whether a material
uncertainty exists
related to events or conditions that may cast significant doubt on the Bank’s ability to continue as
a going concern. If
we conclude that a material uncertainty exists, we are required to draw attention in our
Auditor’s report to the
related disclosures in the financial statements or, if such disclosures are inadequate, to modify
our opinion. Our conclusions are based on the audit evidence obtained up to the date of our
auditor’s report. However, future events
or conditions may cause the Bank to cease to continue as a going concern. • Evaluate the overall
presentation,
structure and content of the financial statements, including the disclosures, and whether the
financial statements
represent the underlying transactions and events in a manner that achieves fair presentation. We
communicate

3
with those charged with governance regarding, among other matters, the planned scope and
timing of the audit and significant audit findings, including any significant deficiencies in internal
control that we identify during our audit .
We also provide those charged with governance with a statement that we have complied with
relevant ethica l
requirements regarding independence, and to communicate with them all relationships and other
matters that
may reasonably be thought to bear on our independence, and where applicable, related
safeguards. From the
matters communicated with those charged with governance, we determine those matters that
were of most
significance in the audit of the standalone financial statements for the financial year ended March
31, 2020 and are therefore the key audit matters. We describe these matters in our auditor’s
report unless law or regulation
precludes public disclosure about the matter or when, in extremely rare circumstances, we
determine that a matter
should not be communicated in our report because the adverse consequences of doing so would
reasonably be
expected to outweigh the public interest benefits of such communication. Other Matter The
standalone financial
statements of the Bank for the year ended March 31, 2019, were audited by another auditor
whose report dated April 20, 2019 expressed an unmodified opinion on those standalone financial
statements. Our opinion is not modified in
respect of this matter.

Auditor’s Responsibility

Our responsibility is to express an opinion on the Bank’s internal financial controls with
reference to financial statements based on our audit. We conducted our audit in accordance
with the Guidance Note and the Standards on Auditing, issued by ICAI and deemed to be
prescribed under section 143(10) of the Act, to the extent applicable
to

an audit of internal financial controls. Those Standards and the Guidance Note require that we
comply with ethical requirements and plan and perform the audit to obtain reasonable
assurance about whether internal
financial

controls with reference to financial statements was established and maintained and if such
controls
operated

3
effectively in all material respects. Our audit involves performing procedures to obtain audit
evidence about
the

adequacy of the internal financial controls with reference to financial statements and their
operating
effectiveness.

Our audit of internal financial controls with reference to financial statements included
obtaining an understanding of internal financial controls with reference to financial statements,
assessing the risk that a material weakness
exists,

and testing and evaluating the design and operating effectiveness of internal control based on
the assessed risk. The procedures selected depend on the auditor’s judgement, including the
assessment of the risks of
material

misstatement of the financial statements, whether due to fraud or error. We believe that the
audit evidence we have obtained is sufficient and appropriate to provide a basis for our audit
opinion on the Bank’s internal financial
controls

with reference to financial statements.

Opinion

In our opinion, the Bank has, in all material respects, an adequate internal financial controls with reference to
financial statements and such internal financial controls with reference to financial statements were operating
effectively as at March 31, 2020, based on the internal control with reference to financial statements criteria
established by the Bank considering the essential components of internal control stated in the Guidance Note.

For MSKA & Associates

Chartered Accountants

ICAI Firm Registration Number: 105047W

Swapnil Kale

Partner Membership Number

3
: 117812 UDIN:

20117812AAAAET9256

3
27. Segment reporting

Business segments

Business segments have been identified and reported taking into account, the target customer profile, the nature of
products

and services, the differing risks and returns, the organisation structure, the internal business reporting system and
the guidelines

prescribed by RBI. The Bank operates in the following segments:

a) Treasury

The treasury segment primarily consists of net interest earnings from the Bank’s investment portfolio, money
market

borrowing and lending, gains or losses on investment operations and on account of trading in foreign exchange and

derivative contracts.

b) Retail banking

The retail banking segment serves retail customers through the Bank’s branch network and other channels. This
segment

raises deposits from customers and provides loans and other services to customers with the help of specialist
product

groups. Exposures are classified under retail banking taking into account the status of the borrower (orientation
criterion),

the nature of product, granularity of the exposure and the quantum thereof.

Revenues of the retail banking segment are derived from interest earned on retail loans, interest earned from
other segments

for surplus funds placed with those segments, subvention received from dealers and manufacturers, fees from
services

rendered, foreign exchange earnings on retail products etc. Expenses of this segment primarily comprise interest
expense

on deposits, commission paid to retail assets sales agents, infrastructure and premises expenses for operating the
branch

network and other delivery channels, personnel costs, other direct overheads and allocated expenses of specialist
product

groups, processing units and support groups.

c) Wholesale banking

The wholesale banking segment provides loans, non-fund facilities and transaction services to large corporates,
emerging

3
corporates, public sector units, government bodies, financial institutions and medium scale enterprises. Revenues
of the

wholesale banking segment consist of interest earned on loans made to customers, interest / fees earned on the cash

float arising from transaction services, earnings from trade services and other non-fund facilities and also earnings
from

foreign exchange and derivative transactions on behalf of customers. The principal expenses of the segment consist
of

interest expense on funds borrowed from external sources and other internal segments, premises expenses,
personnel

costs, other direct overheads and allocated expenses of delivery channels, specialist product groups, processing
units and

support groups.

d) Other banking business

This segment includes income from parabanking activities such as credit cards, debit cards, third party product
distribution,

primary dealership business and the associated costs.

e) Unallocated

All items which are reckoned at an enterprise level are classified under this segment. This includes capital and
reserves, debt

classified as Tier I or Tier II capital and other unallocable assets and liabilities such as deferred tax, prepaid
expenses, etc.

Segment revenue includes earnings from external customers plus earnings from funds transferred to other
segments.

Segment result includes revenue less interest expense less operating expense and provisions, if any, for that
segment.

Segment-wise income and expenses include certain allocations. Interest income is charged by a segment that
provides

funding to another segment, based on yields benchmarked to an internally approved yield curve or at a certain
agreed

transfer price rate. Transaction charges are levied by the retail banking segment to the wholesale banking segment
for the

use by its customers of the retail banking segment’s branch network or other delivery channels. Segment capital
employed

represents the net assets in that segment.

Geographic segments

3
The geographic segments of the Bank are categorised as domestic operations and foreign operations. Domestic
operations

comprise branches in India and foreign operations comprise branches outside India.

A CASE STUDY OF ICICI BANK.

Status of internal audit Where there is an internal audit
function, its status and remit derives from the needs of the
organisation and should be set at the top of the organisation,
i.e. by the board and the audit committee. There is no single
model for internal audit and each organisation will determine
what is appropriate to suit it requirements.In general, internal
audit could, if agreed by the audit committee,
seekrequirements.In general, internal audit could, if agreed by
the audit committee, seek requirements.In general, internal
audit could, if agreed by the audit committee, seek assurance
that: • The organisation has a formal governance process which is
operating as intended: values and goals are established and
communicated, the accomplishment of goals is monitored,
accountability is ensured and values are preserved. • Significant risks
within the organisation are being managed and controlled to an
acceptable level as determined by the board. In addition, internal audit
can be used to facilitate the strengthening of the governance and risk
framework within the organisation. The audit committee will need to
consider the role that has been set for internal audit within the
organisation’s overall assurance framework.(3) It will, on an ongoing
basis (at least annually), wish to challenge the organisation’s decisions
in relation to the role that has been set for internal audit and question
whether its scope, authority and resources are adequate and consistent
with the risks that the organisation faces and the effectiveness of the
internal controls that are in place to address those risks.

3
4.2-PRIMARY DATA

We visited 50 Audit firms in our Region and asked them about several
scenarios and got few insights and also made a questionnaire and asked.
These auditors have been engaged in auditing of manufacturing concerns, Sole
proprietorship, Partnership Firms and Limited Liability Partnerships.
These auditors have diverse experience and they also have audited co-
operative banks.

Following are the questions asked to the Auditors from our region:

1-According to you how much internal audit is useful ?

no of
factor responses
Upto 29
50%
Upto
10% 9
Upto
20% 9
it
isn't 3
total 50

INTERPRETATION
Internal auditing in the organization is quite useful when the

4
usefulness was asked from the respondents 29 numbers of
people went for up to 50%, 9 went for up to 10%, where as the
same number of people also went for up to 20% and the least
number of people that is 3

2- what is the relationship of risk and internal audit?

no of
Factor responses
decrease
risk 27
prefer
not
t 14
osay
increase
risk 9
total 50

3- what do you think about of internal auditing?

4
 no of
factor responses
useful 22
very
useful 21
not
much 7
total 50

INTERPRETATION
The usefulness of internal auditing was in three different
categories useful, very useful and not much and the responses
for the same were 44%, 42%, and 14% respectively.

4
 4- Do you think challenges of internal audit can affect the
organization?
no of
factor response
yes 38
no 12
total 50

INTERPRETATION
Challenges are something which can create problem in the
procedures similarly it can also harm the internal auditing in the
negative way whichwas agreed by 76% of people and disagreed by
24% of people.

4
 5- what is the effect of challenges of internal audit?
no of
factor responses
effect in
objectivity 31
effect in
accuracy 19
total 50

INTERPRETATION
There are various different challenges related to the internal
auditing such as effect in objectivity, effect in accuracy the opinion
of respondents are explained in the above pie chart

4
6. Do you think severe steps should be taken to avoid the challengesof
internal audit?

INTERPRETATION
As, it is stated that challenges can harm in a negative way hence it
is suggested that some serious steps should be taken to avoid those
challenges and the negative effect similarly, the respondents replied
to the same 76% of people responded yes for the steps to be taken
for the challenges and 24%of the replied no for the steps

7. what are the challenges of internal audit?

no of
Factor responses
Proper
Information 26
Gaining
Trust 12

4
 Accuracy 12
Total 50

INTERPRETATION
The different challenges related to the internal auditing were given
to the respondents such as gaining trust, accuracy and proper
information among which 24%, 24% and 52% respectively

4
CHAPTER -5 FINDINGS, CONCLUSION,
SUGGESTIONS, ANDRECOMMENDATIONS
5.1 CONCLUSION
According to the study it is concluded that internal auditing is effective and useful
for the organization but the awareness is not much present inthe minds of people
various different sources should be develop to createawareness about the internal
auditing among the people.
It is found that there are various challenges related to the internal auditing that
can affect the working of organization and that can create the negative impact of
the organization in the market which can also increase the possibilities of facing a
huge loss
To avoid such negative impact and a huge loss organisation should takecorrective
measures to face up the challenges in a way which should notat all harm the image
and working of the organisation
Challenges may result in ineffectiveness and inefficiency in the working of the
organisation and may result in winding up of the company
So it very important to take up some serious steps to control the working and
prevent the loss occurring out of challenges of internal audit

5.2-SUGGESTIONS AND RECOMMENDATIONS

To find solutions to avoid the challenges
To increase awareness about internal
auditing To gain knowledge about internal
auditing
To attain the seminars and events that can help to increase knowledgeabout
internal audit
To find alternative solutions regarding challenges related to internalauditing
To apply internal auditing regularly