Q#1

The general definition of an audit is an evaluation of a person, organization, system, process,

enterprise, project or product. Audits are performed to ascertain the validity and reliability of
information; also to provide an assessment of a system's internal control. The goal of an audit is
to express an opinion on the person / organization/system (etc) in question, under evaluation
based on work done on a test basis. Due to practical constraints, an audit seeks to provide only
reasonable assurance that the statements are free from material error. Hence, statistical sampling
is often adopted in audits. In the case of financial audits, a set of financial statements are said to
be true and fair when they are free of material misstatements - a concept influenced by both
quantitative and qualitative factors.

Audit is a vital part of accounting. Traditionally, audits were mainly associated with gaining
information about financial systems and the financial records of a company or a business (see
financial audit). However, recent auditing has begun to include other information about the
system, such as information about security risks, information systems performance (beyond
financial systems), and environmental performance. As a result, there are now professions
conducting security audits, IS audits, and environmental audits.

In financial accounting, an audit is an independent assessment of the fairness by which a

company's financial statements are presented by its management. It is performed by competent,
independent and objective person(s) known as auditors or accountants, who then issue an
auditor's report based on the results of the audit.

Such systems must adhere to generally accepted standards set by governing bodies regulating
businesses; these standards simply provide assurance for third parties or external users that such
statements present a company's financial condition and results of operations "fairly."

The Definition for Auditing and Assurance Standard (AAS) 1 by ICAI "Auditing is the
independent examination of financial information of any entity, whether profit oriented or not,
and irrespective of its size or legal form, when such an examination is conducted with a view to
expressing an opinion thereon."

Qualities required in auditor of limited companies

Quality audits are performed to verify the effectiveness of a quality management system. This is
part of certifications such as ISO 9001. Quality audits are essential to verify the existence of
objective evidence of processes, to assess how successfully processes have been implemented, for
judging the effectiveness of achieving any defined target levels, providing evidence concerning
reduction and elimination of problem areas and are a hands-on management tool for achieving
continual improvement in an organization.

To benefit the organization, quality auditing should not only report non-conformances and
corrective actions but also highlight areas of good practice. In this way, other departments may
share information and amend their working practices as a result, also enhancing continual
improvement.

Auditors are professionally qualified accountants who specialise in audits. Auditing involves
examining organisations' accounts to ensure that they are accurate and that finances are well
controlled.

There are two types of auditor - internal and external.

Internal auditors review an organisation's finances to give advice on how well it is managed
financially, and how it can improve efficiency and financial control. Internal auditors can be
employees of the organisation or specialists brought in from outside.
External auditors must be legally registered to carry out an independent assessment of an
organisation's annual accounts to make sure they provide accurate information and give a fair
view of the financial position. Limited companies must, by law, have their accounts audited
externally by a registered external auditor. The auditor examines the accounts to check they have
been accurately prepared in accordance with the Companies Act.

Government departments and other public bodies are audited by specialist public finance
accountants.

External auditors do some of their work on the organisation's premises. They must gain a
thorough knowledge of the client's business and gather evidence until they are certain that there
are no significant errors in the accounts.

They carry out audit tests and examine samples of documents and records to check that all
transactions, assets and liabilities have been properly recorded. They might inspect assets. They
might seek further details from within and outside the organisation. They may compare current
accounts with the previous year, or with a comparable organisation's accounts.

Auditors then prepare a report for presentation to the organisation's management, shareholders or
governing body.
Back to Top

To be an auditor you need to be highly numerate and able to use specialised software to analyse
and interpret figures and complicated accounts.

You should have an enquiring mind, good problem-solving skills, a good eye for detail and be
accurate and methodical in your work. You must be able to work under pressure and meet
deadlines.

You need good communication skills to explain results clearly and concisely and to write reports.

Q#2
Difference Between internal check & internal Control

Internal control refers to a process that is designed for helping the organization to accomplish
goals and objectives through people of the organization and IT systems. Whereas Internal Check
is a part of Internal Control. It refers to the accounting procedure that safeguards against frauds
and losses. On the other hand Internal Auditing is an activity that devises ways for organizations
for better achievement of objectives.

Similarities Between internal check & internal Control

1.both are internal in the stength of the campany's internal control system
2.aim at carrying out indipendent evaluation
3.both write clear and concise report
4.both are affected by strengths and weakenesses of the internal control system
5.both have a duty to unsure that organisation follows generally principles and above all of serves
stutory requarements
6.both my undertake continous audits
7.both have the the responsabilities of ensuring that the campany is running efficiently
Time-keepng & Supervision

To keep a reliable record of the activity of each employee, where such activity will be used to
calculate the remuneration due to such employee.

Overstated hours/productivity/activity
Unapproved absences on full pay.

Where remuneration is based on hours worked, a clock card system, or other efficient method of
monitoring hours worked, should be implemented.
Where remuneration is based on employee activity e.g. commission on sales, a schedule of such
activity should be maintained.
Clock cards/ schedule of activity should be checked by supervisory staff and signed as evidence
of approval.

FUNCTION DOCUMENTS/RECORDS RISKS INTERNAL CONTROLS

Payroll preparation & accounting

To calculate amounts payable in respect of remuneration and deductions.

Payroll

Payroll ledger accounts

Costing records analysing labour costs

Fictitious workers
Unauthorised deductions
Unauthorised pay rate changes
Misallocations
Calculation errors

Payroll details should only be changed in terms of authorised PAF’s, received from the personnel
department i.e. new employees, dismissals, and amendments to deductions and pay.
Management should review the payroll to ensure that it reconciles with the details in the
personnel files.
The payroll should be split and distributed to the departmental heads, for approval of payments to
their employees (evidenced by signature).
Reconciliations should be performed as follows:
Payroll to direct labour costing,
Payroll to tax records.
Someone independent of payroll preparation should check payroll computations.
Clear instructions should be given to ensure correct allocation of labour in cost accounting
records.
Above allocation should be checked by an independent person.

Payroll payments & recording

To prepare salary cheques and paypackets and distribute these to employees.

Payroll cheques

Payslips

Unclaimed wage register.

Errors of theft of cash during:

Drawing of cash,
Making of paychecks,
Payment of employees.
Defalcation of unclaimed wages or incomplete electronic transfers.

Isolate responsibility for signing of cheques to two independent senior officials.

These officials should review the payroll and perform random checks prior to signing the payroll
cheque for total net salaries or total net wages.

FUNCTION DOCUMENTS/RECORDS RISKS INTERNAL CONTROLS

Payroll deduction: payment & recording

To record liabilities in respect of deductions from employee remuneration and to pay these over
to the relevant authorities timeously.

Deduction records and G/L a/c’s for:

PAYE
UIF
Medical aid
Pension

General journal

Penalties/criminal charges due to late payments or errors.

Overpayment due to errors.

Isolation of responsibility for raising and paying over deductions.

A strict monthly schedule for:
Posting the entries to raise the liabilities for the deductions,
Making the necessary deductions on a timely basis and
Supervisory checks on the above activities.

SPECIAL CONSIDERATIONS IN RESPECT OF THE PAYMENT OF SALARIES

The cheque for the total net salaries should be drawn on the main bank account and deposited into
a separate “ Salaries Bank Account”.
Cheques for individual employees should then be drawn on the “ Salaries Bank Account”.

Cheque signatories should match cheques amounts to net salaries per the payroll, prior to signing
cheques.

The “ Salaries Bank Account” should be reconciled to the relevant bank statements on a monthly
basis.

Regular management reviews should be performed to ensure that:

The “ Salaries Bank Account” is reduced to nil soon after each month end,
There are no unusual endorsements on the returned paid cheques, and
Bank reconciliations are satisfactorily performed and there are no unusual reconciling items.

SPECIAL CONSIDERATIONS IN RESPECT OF THE PAYMENT OF WAGES

PAYMENT PROCEDURES

The cheque for total net wages should be drawn should be cashed from the main bank account, by
someone independent of payroll preparation or recording.

Paypackets for individual employees should be prepared by two staff, independent of the payroll
preparation.
The wage payout should be controlled by an independent paymaster, accompanied by the
foreman who are able to identify employees.

Employees should be required to produce ID, check the contents of their wage packets and sign
the payroll as evidence of acceptance.

UNCLAIMED WAGES

The paymaster and a foreman should reconcile paypackets still on hand at the end of the payout
(i.e. unclaimed wages) to amounts on the payroll which have not been signed for.

Both parties to the reconciliations should sign the payroll as evidence of their check.

All unclaimed wages should be entered in an “ Unclaimed wage register”.

Unclaimed wages should remain in the paymaster’s custody and should be locked in a safe. They
should kept for no longer than two weeks.

Employees who wish to collect unclaimed wages during this two-week period must produce ID
and sign in person in the unclaimed wage register.

Wages still unclaimed after two weeks should be re-deposited in the main bank account.
Incomplete EFT transfers should be investigated by management and followed up to ensure
satisfactorily resolved e.g. employee’s bank account details confirmed and corrected where
necessary.
AUDITING THE CYCLE

Test of Control

Introduction

The related controls discussed earlier may be tested in a number of ways:

Inspection of documents supporting transactions e.g. For signatures evidencing that a supervisory
check has been carried out,

Enquiry as to whether controls have been performed or not,

Observation as to whether intended controls have been performed,

Re-performance of internal controls e.g. sequence of document numbers.

Key control activities

The key control activities on which the internal auditor should focus when carrying out test of
controls for this cycle are:
Segregation of duties,

Authorisation of payroll amendments,

Adequate personnel records and documentation,

Clocking procedures/maintenance of activity schedules,

Wage payout procedures,

Unclaimed wages procedures,

Reconciliation procedures,

Supervisory procedures,

Supervisory and management checks.

Key control objectives

The key objectives in carrying out tests of control in respect of this cycle nay be described as
follows:
Validity
Test of control should be performed tom identify whether:
Employees on the payroll are valid or fictitious,

Hours worked per the payroll are valid or overstated,

Rates of pay per the payroll are authorised, and

Deductions per the payroll are valid and/or authorised.

Testing of all control activities will yield evidence as to the validity of payroll details. However,
key controls to test will be:
Clocking procedures and wage payout procedures. It is important to test these controls by surprise
observation,

Management reconciliations of payroll details to personnel records,

Management reviews of reconciliation between salaries bank account and the relevant bank
accounts.

Accuracy

Test of controls on the following key control activities should be performed to identify whether
errors are adequately detected and corrected:
Performance and review of the reconciliations would assist with ensuring accuracy, as well as
validity,

Independent checks of payroll calculations,

Any supervisory checks carried out on a regular basis to ensure that employees are performing
their functions and control activities accurately and conscientiously.

AUDIT OF SALARIES AND RELATED ACCOUNTS

Existence of salary earners

For a sample of employees extracted from the salaries payroll, establish the validity of the
employees listed as follows:
Inspect the documentation in the employee’s personnel file,

Perform a positive identification of salary earners’

By discussion with the staff in the personnel section and examination of the employment and
dismissal documentation, check that;

staff are introduced to and removed from the salaries register at the correct time,
employment and dismissal documentation is properly authorised by the designated staff.
Confirmation of the above can be obtained from the managers from whom the employees
works/worked.
Measurement/Completeness

By re-performance verify that postings from the payroll to the relevant accounts in the general
ledger have been correctly performed.

By re-performance, verify that clearing accounts, in respect of all deductions, are cleared by
paying over amounts deducted to the relevant authorities timeously.

General/Analytical Review

Compare salaries on a month to month basis in total and by cost centre, department or division
and investigate any large fluctuations.

Review payroll ledger accounts for any strange or out of the ordinary amounts or entries which
may require further investigation.

Obtain or extract exception reports of the following:

duplicate or missing records and employee numbers

duplicate bank account numbers
duplicate employee names and details

Q#3
Audit Sampling

Audit sampling is the application of an audit procedure to less than 100% of the population to
enable the IT auditor to evaluate audit evidence within a class of transactions for the purpose of
forming a conclusion concerning the population. When designing the size and structure of an
audit sample, the IT auditor should consider the audit objectives determined when planning the
audit, the nature of the population, and the sampling and selection methods.

Selecting the Sample

The auditor should select the sample items in such a way that they are representative of the
population. The most commonly used sampling selection methods are:
Statistical Sampling Methods
Random Sampling – ensures that all combinations of sampling units in the population have an
equal chance of selection.
Systematic Sampling – involves selecting sampling units using a fixed interval between
selections with the first interval having a random start.
Non-Statistical Sampling Methods
Haphazard Sampling – the auditor selects the sample without following a structured technique.
Judgmental Sampling – the auditor places a bias on the sample. For example, selecting only
sampling units over a certain value.

The selection of the sample size is affected by the level of sampling risk that the IT auditor is
willing to accept. Sampling risk is the risk the auditor’s conclusion may be different from the
conclusion that would be reached if the entire population were subjected to the same audit
procedure. The two types of sampling risk are:
The Risk of Incorrect Acceptance – the risk that a material misstatement is assessed as unlikely,
when in fact the population is materially misstated.
The Risk of Incorrect Rejection – the risk that a material misstatement is assessed as likely, when
in fact the population is not materially misstated.

Once the sample items have been selected to be tested, the auditor can begin audit tests using
Computer Assisted Auditing Techniques (CAATs), which will be discussed shortly.

Q#4
Vouching is the process of matching documentary evidence of an account balance or a transaction
with the details recorded in accounting records and provides evidence as to the totality, validity or
correctness of an account balance or a transaction. Actually this documentary evidence is called a
voucher.

Whenever an auditor is asked to provide the evidence of the validity, completeness and accuracy
of a transaction, the auditor gathers evidence that details of the account balance, transaction that
has been recorded in the accounting records and usually it is supported by a documentary
evidence i.e. voucher. For example, the auditor acquires evidence relating to the validity,
completeness and accuracy of an item such as sales recorded in a company's inventory records by
vouching from details recorded in the inventory records (e.g. name of the customer, date of the
sale, items sold and the total amount of the transaction) to details on suppliers' invoices.

Vouching is necessary for every registered organization so that the record should be kept with the
documentary evidence. Whenever auditor conducts the audit he should not face any problem and
specially vouching is considered important because it prevents from frauds that could have been
done by any one from with in the organization. Vouching is sometimes referred to as verification
of the accounting records.

In practice generally the job of vouching is done by two persons. A junior member of an audit
staff alls out the particulars in respect to each of the entry appearing in the books such as data,
particular, amount debited, credited and amount. The senior member compares the details called
out with the documentary evidence produced to him to satisfy himself as to the genuineness of
the transaction. In practice either of the following procedure is followed for identifying the act of
vouching on the vouchers.

The senior puts his initials on the voucher.

A rubber stamp is put upon the voucher and upon its supporting documents.

The object of cancelling the documents by above manners is to ensure that the same documents
are not produced again in support of other items.

If a transaction is satisfactorily considered to have vouched, distinctive tick is placed on the

amount appearing in the book of original entry. If an item is considered to be insufficiently
voucher for certain reasons a symbol Q is put on the amount appearing in the book of original
entry and the relevant particulars of the vouchers which are insufficiently vouched are noted on
the query list. So this is the complete procedure of the vouching.

Q#5
n recent years, social workers have become more aware of ethical challenges and risks.
Contemporary practitioners are familiar with a wide range of ethical issues related to client
confidentiality and privacy, informed consent, self-determination, conflicts of interest, dual
relationships, termination of services, and impaired professionals. Social work education,
continuing education, and staff development now routinely include discussions of ethical
dilemmas and ethics risk management.
Ethical standards in social work have matured. The profession has moved from relatively brief
and simplistic ethical standards to more comprehensive and detailed guides. As a result, social
workers are now expected to adhere to ambitious ethical standards set forth in pertinent codes of
ethics, licensing, and other statutes and regulations. In light of these increasing demands, social
workers should thoroughly examine their ethics-related practices, policies, and procedures to
ensure compliance with prevailing standards.

One way to assess the adequacy of one’s ethics-related practices, policies, and procedures is to
conduct an ethics audit. An ethics audit should focus on what is currently considered to be
essential or core ethical issues in social work. Social work’s literature suggests two key
knowledge areas that should form the foundation of the audit: (1) ethics-related risks in practice
settings, based on empirical trend data gathered from actual ethics complaints (filed with state
licensing boards and professional organizations, such as the National Association of Social
Workers [NASW]), lawsuits filed against social workers that allege ethics-related negligence, and
ethics committee and court findings and dispositions; and (2) current agency policies and
procedures for handling ethical issues, dilemmas, and decisions. Based on these sources, social
workers should audit their ethics-related policies, practices, and procedures related to a number of
key risks: client rights; confidentiality and privacy; informed consent; service delivery; boundary
issues and dual relationships; conflicts of interest; documentation; defamation of character; client
records; supervision; staff development and training; consultation; client referral; fraud;
termination of services and client abandonment; practitioner impairment; evaluation and research;
and ethical decision making.*

Purpose of an Ethics Audit

The primary purpose of an ethics audit is to provide social workers with a practical way to:

• Identify pertinent ethical issues in their practice settings. What specific ethical risks do social
workers face? Are there ethical issues that arise in the work that are unique to the client
population, treatment approach, setting, program design, or staffing pattern?

• Review and assess the adequacy of their current practices. Has the practice setting addressed
compelling ethical issues? How adequate are the current practices, policies, and procedures?
What issues need to be addressed?

• Design a practical strategy to modify current practices as needed. What steps does the agency or
practice need to take to protect clients, prevent disgruntled parties from filing ethics complaints
with state licensing boards and professional organizations, and prevent ethics-related lawsuits?
Who in the practice or agency should work to address these issues? What resources will they
need? What timetable should they follow?

• Monitor the implementation of this quality assurance strategy. How can practitioners ensure that
the implementation plan has been implemented effectively? What indicators can staff members
use to assess the extent to which the audit goals have been met?

Steps in an Ethics Audit

Conducting an ethics audit involves several key steps:

1. In agency settings, a staff member should assume the role of chair of the ethics audit
committee. Members should be appointed to the committee based on their demonstrated interest
in the agency’s ethics-related policies, practices, and procedures. Ideally, the chair would have
obtained formal education or training related to professional ethics. Independent practitioners
may want to consult with knowledgeable colleagues or a peer consultation group.
2. The audit committee should identify specific ethics-related issues on which to focus. In some
settings, the committee may decide to conduct a comprehensive ethics audit. In other agencies,
the committee may focus on specific ethical issues that are especially important in those settings.

3. The ethics audit committee should decide what kind of information it will need to conduct the
audit. Data may be gathered from documents (eg, informed consent forms, confidentiality
guidelines, client rights statements) and interviews conducted with agency staff that address
specific ethical issues. The committee should also review relevant codes of ethics and federal and
state statutes and regulations.

4. Once the necessary data are gathered and reviewed, the audit committee should assess the risk
level associated with each issue. Each issue should be assessed with respect to relevant agency
policies and the procedures staffers follow. Policies may be codified in formal agency documents
or memoranda. Procedures entail social workers’ actual handling of ethical issues in their
relationships with clients, colleagues, and third parties. Each topic should be assigned one of four
risk categories: no risk (current practices are acceptable); minimal risk (current practices are
reasonably adequate; minor modifications would be useful); moderate risk (current practices are
problematic; modifications are necessary to minimize risk); and high risk (current practices are
seriously flawed; significant modifications are necessary to minimize risk).

5. Once an ethics audit has been completed, social workers need to take steps to make use of its
findings. Social workers should develop an action plan for each risk area that warrants attention,
beginning with high-risk issues, then moving on to moderate- and minimal-risk issues. The action
plans should spell out specific measures that need to be taken to address the identified problem
areas. Examples include updating confidentiality policies to reflect current laws and code of
ethics standards, revising informed consent procedures and forms, and developing dual-
relationship and conflict-of-interest guidelines.

6. The committee should identify which staff will be responsible for the various tasks and
establish a timetable for completion of each and a mechanism to follow up on each task to ensure
its completion and monitor its implementation.

7. The committee should document the complete audit process to demonstrate its good-faith
effort to assess ethics-related policies and procedures. This documentation may be helpful in the
event that someone raises questions about the adequacy of the agency’s ethics-related practices.

The maturation of ethical standards in social work has accelerated the need for social workers to
examine more closely the ethical dimensions of their practice. The social work ethics audit is a
process designed to help social workers assess ethical issues systematically and comprehensively.
The concept of an ethics audit is consistent with social work’s enduring efforts to protect clients
and others from harm. Such systematic attempts to highlight, address, and monitor the ethical
dimensions of social work practice will, in the final analysis, strengthen the profession’s integrity.