Standard on Internal Audit (SIA) 330, Internal Audit Documentation Standard on Internal Audit (SIA) 330, Internal Audit Documentation Chartered Accountant CA ICAI Chartered Accountants CA ICAI CAinINDIA ICAI Announcements Accounting Standards CA News ICAI Students ICAI Members Case Laws CPT IPCC Final ICAI Course CA Course ICAI Forum CA Question Papers ICAI Study Material

« Auditing »

Open DEMAT Account in 24 hrs
NFRA issues Draft Procedure for Submission of Audit Files
Auditors barred from putting a value on companies they are auditing
Standard on Internal Audit (SIA) 18, Related Parties
Standard on Internal Audit (SIA) 17, Consideration of Laws and Regulations in an Internal Audit
Standard on Internal Audit (SIA) 16, Using the Work of an Expert
Standard on Internal Audit (SIA) 14, Internal Audit in an Information Technology Environment
Standard on Internal Audit (SIA) 13, Enterprise Risk Management
Standard on Internal Audit (SIA) 12, Internal Control Evaluation
Standard on Internal Audit (SIA) 11, Consideration of Fraud in an Internal Audit
Standard on Internal Audit (SIA) 9, Communication with Management
Standard on Internal Audit (SIA) 8, Terms of Internal Audit Engagement


« Standard on Internal Audit (SIA) 4, Reporting ...	Standard on Internal Audit (SIA) 320, Internal Audit... »
Standard on Internal Audit (SIA) 330, Internal Audit Documentation

November, 28th 2018
STANDARD ON INTERNAL AUDIT (SIA) 330 INTERNAL AUDIT DOCUMENTATION Contents Paragraph(s) Introduction ............................................................................................. 1 Objectives ......................... .................................................................... 2 Requirements .......................................................................................... 3 Explanatory Comments ............................................................................ 4 Effective Date ......................................................................................... 5 This Standard on Internal Audit (SIA) 320, "Internal Audit Evidence," issued by the Council of the Institute of Chartered Accountants of India should be read in conjunction with the "Preface to the Standards on Internal Audit," "Framework Governing Internal Audits" and "Basic Principles of Internal Audit" issued by the Institute. Note: This Standard on Internal Audit (SIA) supersedes Standard on Internal Audit (SIA) 3, Documentation , issued in August, 2007. 1. Introduction 1.1 "Internal Audit Documentation " refers to the written record (electronic or otherwise) of the internal audit procedures performed, the relevant audit evidence obtained and conclusions reached by the Internal Auditor on the basis of such procedures and evidence (Terms such as "work papers " or "working papers " are also used to refer documentation). 1.2 The Internal Auditor is expected to record and collate all the evidence obtained in the form of complete and sufficient audit documentation. This Standard explains certain key requirements in the process of collection, preparation, retention and subsequent review of internal audit documentation. 1.3 Scope: This Standard applies to all internal audit assignments. The nature and content of documentation is covered in a separate implementation guide on the subject. 2. Objectives 2.1 The objectives of preparing complete and sufficient audit documentation is to: (a) validate the audit findings and support the basis on which audit observations are made and conclusions reached from those findings; (b) aid in the supervision and review of the internal audit work; and (c) establish that work performed is in conformance with the applicable pronouncements of the Institute of Chartered Accountants of India. 2.2 The overall objective of preparing audit documentation is to allow the internal auditor to form an opinion on the outcome of the assignment. The internal audit documentation must stand on its own and not require any follow-up clarifications or additional information to arrive at the same conclusions. Standard on Internal Audit (SIA) 330 3. Requirements 3.1 The internal auditor shall record the nature, timing and extent of completion of all internal audit activities and testing procedures in the form of reproducible documents. (refer Para. 4.1). 3.2 Documentation shall be complete and sufficient to support the analysis conducted on the audit evidence, the identification of findings, the formulation of audit observations and the drafting of the internal audit reports based on the findings. Documentation shall clearly state the purpose of the procedure, the source of evidence, the outcome of the audit work and also identify the performer and reviewer. (refer Para. 4.2). 3.3 The internal audit function shall maintain a written process explaining the manner in which documentation will be prepared, reviewed, stored and finally discarded, to ensure quality and conformance to Standards on Internal Audit. (refer Para. 4.3). 3.4 The internal audit work paper files shall be completed prior to the issuance of the final internal audit report. Any pending administrative matters shall also be completed within sixty days of the release of the final report. (refer Para. 4.4). 3.5 The ownership and custody of the internal audit work papers shall remain with the Internal Auditor. Where part of the audit work is outsourced to an external audit service provider or an expert, and reliance is placed on the work papers to issue the internal audit report, the ownership of the work papers shall be assumed by the Internal Auditor from the third party. However, where reliance is placed only on the report of the third party who insists on retaining ownership to their work papers, adequate provisions shall be in place to have access to the work papers, if and when required (e.g., for quality review purposes). 4. Explanatory Comments 4.1 Nature of Documentation (refer Para. 3.1): Documentation includes written records (electronic or otherwise) of various audit activities and procedures conducted, including evidence gathered, information collected, notes taken and meetings held. It includes, for example, internal memoranda, letters of confirmation and representation, 2 Internal Audit Documentation checklists, external reports and correspondence (including e-mail) concerning sig nificant matters. Abstracts or copies of the entity's records, significant and specific contracts and agreements, may be included as part of internal audit documentation, if and when appropriate. These documents need not necessarily be printed on paper and soft/ electronic/ digital version may be used and filed. However, where alternate method of recording and storage is used, it must be reproducible in print form if required, similar in nature to the original documents. 4.2 Content and sufficiency of Documentation (refer Para. 3.2): The content and extent of documentation is a matter of professional judgment since it is neither practical nor necessary to document every matter or observation. However, all significant matters which require exercise of judgment, together with the Internal Auditor's conclusion thereon, shall be included in the internal audit documentation. Professional judgement is applied well if documentation helps achieve the objectives listed under Section 2, above. Nevertheless, documents shall be: (a) sufficient and complete to avoid the need for follow-up inquiry; (b) useful and relevant to the objectives of the audit procedure; (c) undergo at least one level of review or approval; and (d) dependable and reliable to allow a peer reviewer to reach the same conclusion. 4.3 Documentation Process (refer Para. 3.3): Internal audit documentation shall be collated and arranged logically in files as audit work papers and retained to support the performance of the internal audits as per a written process. It shall include various quality checks, e.g., check of completeness (list of contents of all work papers), check of relevance (cross reference to findings and reports), check of conformance to Standards of Internal Audit (reference to relevant SIAs). All audit work papers shall be retained in accordance with the legal and company's retention policy and only shared with those who are 3 Standard on Internal Audit (SIA) 330 authorised to access them. Advice of legal counsel and/or approval of senior management or engaging authority (for outsourced engagements) shall be obtained (if required) prior to releasing any audit documentation to external parties. 4.4 Timely Completion of Documentation (refer Para. 3.4): Audit working papers shall be compiled into internal audit files soon after the completion of all audit procedures, while pending matters may be closed during the draft stage of audit reporting. However, the final internal audit report shall not be released unless all significant audit evidence have been collected and documented. The administrative process of arranging the final audit files shall be completed within sixty days of the release of the final report. 4.5 Confirmation of Compliance: To confirm compliance of audit procedures with this SIA, a list of the documents required is required, as follows: (a) Written documentation policy and process on audit work papers, as part of the Internal Audit Manual; (b) Work paper files for each audit assignment, reviewed and approved with cross reference to the Internal Audit Program, where appropriate. 5. Effective Date 5.1 This Standard is applicable for internal audits beginning on or after a date to be notified by the Council of the Institute. 4