Ans 1.

We know that the prime objective of an audit is to make a critical review of, the system of book keeping, accounting, and internal control etc. and report to the members stating whether, in the opinion of the auditor, the accounts shows a true and fair view of the affairs of the company. This Report lends credibility to the financial standards prepared by the companys management. Moreover, the companys management knows the at the financial statements, prepared by them would be subject to an independent professional review. Hence, they remain very vigilant and alert in preparation of financial statements, result in less erroneous and/or fraudulent information dissemination. Apart from above some other important advantages of audit are as follows: 1. It facilitates the early detection and easy prevention of fraud and errors. 2. It helps in reducing wastages and chances of losses or damage to business property. 3. Banks, financial institutions and Government required audited accounts before granting any financial assistance to the enterprises. 4. Liability of the enterprise as to income tax, wealth tax, VAT, etc can easily be determined on the basis of audited accounts as these are readily believed by the tax authorities. The Income Tax Act also contains a provision for holding tax audit. 5. Audited accounts help in determining purchase consideration of enterprise in case of outright sale, merger and acquisition etc.

Ans. 2 At guideline 300.06.4, the Standards for the Professional Practice of Internal Auditing (the
SPPIA) describes the overall system of controls as "the integrated collection of control systems developed by the organization to achieve its objectives and goals". At guideline 300.05 the SPPIA states that the primary objective of internal controls is to provide reasonable assurance to managers that: 1. Financial and operating information is accurate and reliable; 2. Policies, procedures, plans, laws and regulations are complied with; 3. Assets are safeguarded against loss and theft; 4. Resources are used economically and efficiently; and 5. Established program/operating goals and objectives will be met.

internal audit effectiveness Sector private versus public - The sector to which an organization belongs (that is, public versus private) will be related to the effectiveness of internal auditing. The function will be more effective in private organizations than in public organizations Professional prociency of internal auditors - Greater professional prociency on the part of the internal auditors will be related to greater auditing effectiveness. Quality of audit work - Greater quality of the auditing work will be related to greater auditing effectiveness Organisational independence - Greater organisational independence will be related to greater auditing effectiveness Career and advancement - More career opportunities for internal auditors in the organisation will be related to greater auditing effectiveness. Top management support - Greater support from top management will be related to greater auditing effectiveness. Ans. 3 Job description - Examines, verifies, evaluates and reports on financial, operational and managerial processes, systems and outcomes to ensure financial and operational integrity and compliance, and assists in business process reviews, risk assessments, developing deliverables and reporting progress against outcomes. Registration or licensing is required.

Skill level - This occupation has a level of skill commensurate with a bachelor degree or higher qualification. At least five years of relevant experience may substitute for the formal qualification. In some instances relevant experience and/or on-the-job training may be required in addition to the formal qualification Program eligibility - Applicants in this occupation may be eligible for skilled migration under the following programs: Employer Nomination Scheme (ENS), Regional Sponsored Migration Scheme (RSMS), Points Based Skilled Migration visa, Temporary Business Skills assessment authority - Before you can migrate to Australia as a skilled migrant you must have your skills assessed by the relevant national assessment authority. The assessment authority for your occupation is Vocational Education and Training Assessment Services (VETASSESS). Licensing or registration requirements - In many occupations you must be registered with or obtain a license from a local authority in the state or territory where you want to practise your occupation. Contact the local authority in your relevant state or territory to enquire about the licensing or registration requirements. The role of internal auditor in the companys management :-

Internal auditor while performing audit should communicate clearly the responsibilities of internal auditor and an overview of the planned scope and timing of audit with the management Communication regarding the planned scope and timing of internal audit may assist the management to understand better the objectives of internal auditors work, to discuss issues of risk and materiality with internal auditor and to identify any areas in which they may request the internal auditor to undertake additional procedures, assist the internal auditor to understand the entity and its environment better Different stages of communication and discussion should be: discussion of draft; exit meeting; formal draft; and final report Clear communication of internal auditors responsibilities, planned scope and timing of internal audit and expected general content of communications helps establishing the basis for effective twoway communication Appropriate timing for communications will vary with the circumstances of the engagement. Relevant circumstances include significance and nature of the matter, and the action expected to be taken by management Where matters required by this SIA to be communicated, are orally communicated, internal auditor shall document them and when and to whom they were communicated. Where matters have been communicated in writing, the auditor shall retain a copy of the communication as part of internal audit documentation

Ans. 4 Internal control comprises preventive actions as well as daily and subsequent controls needed to ensure the achievement of business objectives. Internal control plays an active role in company management, administration and daily operations. Objectives of internal control are: effectiveness and efficiency of operations reliability of financial and operational reporting compliance with laws, agreements and policies safeguarding assets and information Kesko's values and policies together with the corporate strategy and objectives create the basis for the entire internal control. The definition of the focus in control is based on identifying business threats and opportunities as part of Kesko's risk management. Kesko's policies are made known to Kesko employees in the 'Our Responsible Working Principles' guide, distributed to all personnel. Daily control comprises the definition and segregation of responsibilities, job descriptions,

authorisations, work instructions and system controls, substitute arrangements, and financial reporting.

RESPONSIBILITIES OF INTERNAL CONTROL Internal control of a listed company is governed by laws, regulations, stock exchange rules and recommendations, and good corporate governance principles. The company's Board of Directors, operative management, controlling function and Internal Audit are the main parties in the system of internal control. External control is performed by the company's auditors and authorities. Kesko is committed to comply with the rules and recommendations of the Helsinki Stock Exchange. Kesko's Corporate Governance, including duties and control responsibilities of different parties, is maintained in Kesko's web site.

In a listed company, the Board of Directors and the Managing Director are responsible for organising internal control. The Board of Directors is accountable to owners and the Managing Director to the Board of Directors. The chain of responsibilities continues throughout the entire organisation so that in Kesko the direct subordinates of the President and CEO report to him and each Kesko employee is accountable to his or her immediate superior for the control in his or her area of responsibility.

RESPONSIBILITIES OF INTERNAL CONTROL Internal control of a listed company is governed by laws, regulations, stock exchange rules and recommendations, and good corporate governance principles. The company's Board of Directors, operative management, controlling function and Internal Audit are the main parties in the system of internal control. External control is performed by the company's auditors and authorities. Kesko is committed to comply with the rules and recommendations of the Helsinki Stock Exchange. Kesko's Corporate Governance, including duties and control responsibilities of different parties, is maintained in Kesko's web site.

In a listed company, the Board of Directors and the Managing Director are responsible for organising internal control. The Board of Directors is accountable to owners and the Managing Director to the Board of Directors. The chain of responsibilities continues throughout the entire organisation so that in Kesko the direct subordinates of the President and CEO report to him and each Kesko employee is accountable to his or her immediate superior for the control in his or her area of responsibility.

In Kesko, internal control is adequate and effective, when the following have been defined and implemented in each division:

Ans 5. In the recent years large numbers of papers have appeared in accounting and accounting-related journals that can be classified under the general heading of "Auditing in the EDP Environment." The research and implementation effort has been immense, however, as in many new areas, many of the efforts have been of a repetitive nature. The primary objective of this paper is to present a review of the still existing literature concerning auditing and EDP systems. According to Ron Weber in EDP Auditing, Conceptual Foundations and Practice, "There are five major reasons for setting up a function to examine controls over computer data processing that is :a. Need to control evolutionary use of computers. b. Computer abuse. c. Possibility of loss of data processing capabilities. d. Possibility of incorrect decisions if data is in error and, e. Need to maintain individual privacy. It is the purpose of this study to analyse the problems faced by Auditors in the internal Control in EDP environment. It is hoped that the analysis of findings will help to ascertain the steps to encourage the management to provide the best possible level of control in the company.

Ans 6. Control activities are designed and implemented to address the risks that the bank identified through the risk assessment process described previously. Control activities involve two steps: (1) the establishment of control policies and procedures; and (2) verification that the control policies and procedures are being complied with. Control activities involve all levels of personnel in the bank, including senior management as well as front line personnel. Examples of control activities include: a) Top level reviews - Boards of directors and senior management often request presentations and performance reports that enable them to review the banks progress toward its goals. For example, senior management may review reports showing actual financial results to date versus the budget. Questions that senior management generates as a result of this review and the ensuing responses of lower levels of management represent a control activity which may detect problems such as control weaknesses, errors in financial reporting or fraudulent activities.

b) Activity controls - Department or division level management receives and reviews standard performance and exception reports on a daily, weekly or monthly basis. Functional reviews occur more frequently than top-level reviews and usually are more detailed. For instance, a manager of commercial lending may review weekly reports on delinquencies, payments received, and interest income earned on the portfolio, while the senior credit officer may review similar reports on a monthly basis and in a more summarised form that includes all lending areas. As with the top-level review, the

questions that are generated as a result of reviewing the reports and the responses to those questions represent the control activity.

c) Physical controls - Physical controls generally focus on restricting access to tangible assets, including cash and securities. Control activities include physical limitations, dual custody, and periodic inventories.

d) Compliance with exposure limits - The establishment of prudent limits on risk exposures is an important aspect of risk management. For example, compliance with limits for borrowers and other counterparties reduces the banks concentration of credit risk and helps to diversify its risk profile. Consequently, an important aspect of internal controls is a process for reviewing compliance with such limits and follow-up on instances of non-compliance.

e) Approvals and authorisations - Requiring approval and authorisation for transactions over certain limits ensures that an appropriate level of management is aware of the transaction or situation, and helps to establish accountability.

f) Verifications and reconciliations - Verifications of transaction details and activities and the output of risk management models used by the bank are important control activities. Periodic reconciliations, such as those comparing cash flows to account records and statements, may identify activities and records that need correction. Consequently, the results of these verifications should be reported to the appropriate levels of management whenever problems or potential problems are detected.