AUDIT Interview

Om Namah Shivaya
CA MONK’S
101 Statutory Audit Interview

Questions & Answers
Complete Guide to crack an interview for Statutory Audit
By CA Shivam Palan (IIMI)
Reading Material for CA Monk Statutory Audit Master Class

Website: - www.camonk.com
Statutory Audit Interview Questions || CA Monk
Title: The 101 Statutory Audit Interview Questions & Answers
Author’s Name: Shivam Palan
Published by: Shivam Palan
Publisher’s Address: CA Monk, Near Sri Shivam Hotel Ring Road Lohiya ward, Gondia- MH-
441614 (Mobile No: +91 8767613647)
Publisher’s Details: CA Monk, Near Sri Shivam Hotel Ring Road Lohiya ward, Gondia- MH-
441614 (Mobile No: +91 8767613647; email id: shivam.p@camonk.com)
First Edition
ISBN No: (Application Reference numbers) Copyright: © CA Monk
Special Thanks to Prateek Verma, Pranshul Sapra, Prateet Chetan & Anurag Kabra for helping in
doing research related to interview questions.
Price: Rs. 2499
All rights reserved. No part of this book should be copied, reproduced, stored in a retrieval system,
or transmitted, in any form, or by any means, electronic, mechanical, recording, or otherwise,
without obtaining the prior permission in writing from the authors.
Every effort has been made to avoid errors or omissions in this publication. Despite this, errors
may creep in. Any mistake, error or discrepancy noted may be brought to our notice which shall
be taken care of in the next edition. It is notified that neither the publisher nor the author or seller
will be responsible for any damage or loss of action to anyone, of any kind, in any manner,
therefrom. It is suggested that to avoid any doubt; the reader should cross-check all the facts, law,
and contents of the publication with original Government publication or notifications. No part of
this book may be reproduced or copied in any form or by any means [graphic, electronic or
mechanical, including photocopying, recording, taping, or information retrieval systems] or
reproduced on any disc, tape, perforated media or other information storage device, etc., without
the written permission of the publishers. Breach of this condition is liable for legal action.
All disputes are subject to Gondia jurisdiction only.
CA Monk Statutory Audit Master Class || By CA Shivam Palan 2

Meaning
A statutory audit, also known as a financial audit, is one of the main types of audit to be done as
per the statutes applicable to the entity. Its primary purpose is to gather all relevant information so
that the auditor can give his opinion on the true and fair view of the company’s financial position
as on the balance sheet date.
Purpose
The purpose of the statutory audit is that the auditor gives his view independently without being
influenced in any manner. It helps the stakeholders to rely on financial statements. Stakeholders,
other than shareholders, also benefit from this audit. They can take decisions based on the accounts
as they are audited and authentic.
Statutory Audit in India
The provisions under Sec. 139 - Sec. 149 of the Companies Act 2013 regulate the procedure of the
statutory audit and the conduct of the auditors, states that:
● A statutory auditor has the power to go through and analyse all of the sensitive data of the
company, such as financial books, records, and information. The auditor also has the right to
seek any further information that he thinks is necessary for the purpose
● It is his responsibility to write an auditor’s report. In this, he should state if the financial
statements of the company give a true and fair description of their financial status and affairs.
● If he raises an issue, such as the statements are not true and fair, he must clearly state his
reasons for the same.
● If the auditor finds any fraud during his audit, he must communicate it to the Central
Government authorities.
● While auditing and presenting the Audit Report, he must comprehend the auditing standards
as per the ICAI guidelines.
Interview process
The typical interview process of large professional organizations consists of following rounds of
interview:
Preliminary test :
This is the first and foremost round of interview and in this stage the candidate is usually tested
with questions on general knowledge, basics of mathematics, logical reasoning, english and basic
questions related to your profile.
Group Discussion:

This is the second round where the candidates are tested for communication skills by making them
express their views and perspectives on various general, social, business topics in groups. A good
amount of updated knowledge in current affairs is needed to crack this round. Some companies
would not have this GD round and directly forward the candidates to HR Round.
HR Round :
This round basically checks the soft skills such as confidence, communication skills, attitude, etc.
A professional resume with a good understanding of the company, its vision, mission, values, etc.,
would help the candidate cakewalk this round. General questions about the candidate, questions
like why should we hire you, why did you choose this company, strengths, and weaknesses are
normally asked in this round.
Technical Round :
This is purely technical round. The candidates should prepare as per their job profile all the
technical questions and keep themselves updated about the changes in their respective domains.
The candidates are normally tested for their confidence level and technical knowledge in this
round.
Partner Round:
In a partner round interview, you will typically be interviewed by one or more partners of the firm.
This is often the final round of interviews.
During the interview, the partners will ask you questions about your experience, skills, and goals. They
may also ask you to solve a case study or business problem, or to give a presentation on a topic of their
choosing. In partner round they don’t check your technical knowledge because the same has already
been evaluated in the previous round.
The partner round interview is an opportunity for you to showcase your skills and demonstrate your fit
with the firm's culture.

Technical Questions for Statutory Audit Questions
1. What are Audit Assertions/Financial Statements Assertions ?
Audit Assertions are the claims (implicit or explicit) made by the management responsible
for the preparation of financial statements regarding the appropriateness of the various
elements of financial statements and disclosures. Audit Assertions are also known as
Management Assertions and Financial Statement Assertions.
The auditor has to perform his audit to verify the assertions made by the management by
obtaining sufficient and appropriate audit evidence.
2. What are Transaction level assertions?
Transaction level assertions are made in relation to classes of transactions, such as revenues,
expenses, dividend payments, etc.
There are five types of transaction-level assertions:

● Occurrence: Transactions that are recognized in the financial records have occurred, i.e.,
did it really happen?
● Completeness: Transactions that are completed and supposed to be recorded have been
recognized in the financial statements, i.e., did it include all transactions?
● Accuracy: Transactions have been accurately reflected within the financial statements at
appropriate amounts, i.e., have correct prices, quantities, and calculations been used?
● Cut-off: Transactions have been recognized in correct and relevant accounting periods.
● Classification: Transactions have been classified properly and fairly presented in the
financial statements.
3. What are account balance assertions ?
Account balance assertions apply to the balance sheet items, such as assets, liabilities, and
shareholders’ equity.
There are four types of account balance assertions:
● Existence: The assets, equity balances, and liabilities exist at the period ending time.
● Completeness: The assets, equity balances, and the liabilities that are completed and
supposed to be recorded have been recognized in the financial statements.
● Rights and Obligations: The entity has ownership rights or the right to benefit from
recognized assets on the financial statements. Liabilities recognized in the financial
statements represent the actual obligations of the entity.
● Valuation: The assets, equity balances, and liabilities have been valued appropriately.

4 What do you understand by Materiality? How and on what basis an auditor assesses
materiality?
The materiality threshold in audits refers to the benchmark used to obtain reasonable
assurance that an audit does not detect any material misstatement that can significantly
impact the economic decision of users of financial statements.
Determining materiality involves the exercise of professional judgment. A percentage is

often applied to a chosen benchmark as a starting point in determining materiality for the
financial statements as a whole. While exercising the professional judgement there are many
factors which the auditor has to consider.
Some of them are:
● Size and nature of entity
● Environment in which entity operates
● Complexity of the transactions involved
5. What are the components of Materiality? /What is Performance Materiality and why is
it set?
Materiality are of 3 types:

Overall Materiality (OM)- The level which represents the significant level in the
company’s financial statements, which can influence the decision making of the users of the
company’s financial statement as a whole.
Performance Materiality(PM) - The amount set by us as auditor at less than the Overall
Materiality, so that the aggregate of undetected misstatements does not exceed Overall
Materiality. PM is the buffer which the auditor creates at the certain %age of the OM so that
the the aggregate level misstatement does not exceed the OM.
Specific Materiality - The misstatements or events that are used by the auditor to identify
misstatements at lesser than the Overall Materiality. Specific Materiality could relate to
sensitive areas such as particular note disclosures (that is, management remuneration or
industry-specific data), compliance with legislation or certain terms in a contract.
6. What is the applicability of CARO 2020?
It shall apply to every company including a foreign company except

(i) a banking company
(ii) an insurance company
(iii) a company licensed to operate under section 8 of the Companies Act

(iv) a One Person Company and a small company

(v) a private limited company, not being a subsidiary or holding company of a public
company, having a paid up capital and reserves and surplus not more than one crore
rupees as on the balance sheet date and which does not have total borrowings exceeding
one crore rupees from any bank or financial institution at any point of time during the
financial year and which does not have a total revenue (including revenue from
discontinuing operations) exceeding ten crore rupees during the financial year as per the
financial statements.
7. Changes in the CARO 2020 vs CARO 2016? What are the new clauses added in the
CARO 2020 ?
Particulars CARO 2016 CARO 2020
Fixed Assets
Reporting on all Reporting on Property, Plant, Equipment, and
fixed assets intangible assets.
Review of Company Property, Plant and
Equipment.
No format If title to all immovable property is disclosed in

provided the financial statements that are not withheld on
behalf of the company, provide details in the
standard format provided including the reason
for non-management on behalf of the company.
No such clause Also report that the company owns any Benami
property under the Benami Transactions
(Prohibition) Act
Inventory
Inventory Also includes Inventory Reporting whether any
Reporting 10% or more discrepancies in the rating of each
category were identified at the time of physical
verification and whether they have been properly
addressed in the books of account.

Working
capital limits Not provided Provide all the details if the company is approved
for a transaction of more than five crore rupees,
collectively, from banks or financial institutions
based on the security of current assets.
Default in
repayment of No format given If the company has failed to repay the loan, then
loans provide details in the specified standard format.
Not provided Also report if the company is said to be

deliberately not paying by any bank, financial
institution, or lender.
Loan terms
Term loans Also, report on whether the term loan has been
reporting loaned to obtain a loan; if not, report the amount
of the deviation loan and the purpose for which
it is used.
Fraud
Reporting To be reported Also report if the auditor has considered
reporting complaints, if any, received by the
company during the year.
Registered
under the RBI Registration Also report if the company has performed any
Act details will be Non-Banking or Mortgage financing activities
provided if without a valid Registration Certificate (CoR)
available. from the Reserve Bank of India in terms of the
Bank of India Act, 1934.
Resignation
of Official Not provided Report if there have been any cancellations of
Auditors official auditors during the year, and reported on
whether the auditor has taken into account the
issues, objections, or complaints rose by the
outgoing auditors.

Auditors’
remarks for Not provided Report if there have been qualifications or
Incorporated conflicting comments of the relevant auditors in
Companies the CARO reports of companies included in the
consolidated financial statements. If available,
the Auditor-General must provide company
details and section numbers of the CARO report
with the qualifications or objections.
8. What are the types of Audit opinion issued by the Statutory Auditor?
There are 2 types of Audit opinions issued by statutory auditor which are as follow:
Unmodified opinion
● Unqualified Audit Report: The auditor issues an unqualified audit report to financial
statements when auditors found no material misstatements after their testing.
Therefore, this report contains an unqualified opinion from an independent auditor.
Modified opinion
● Qualified Audit Report: The qualified Audit report is the report issued by auditors
to the financial statements:
1. Auditor having obtained sufficient and appropriate audit evidence, found
misstatements that are material but not pervasive to the financial statements
2. Auditor is not able to obtain sufficient and appropriate audit evidence to support
their opinion but the possible effects of undetected mistataments could be material but
not pervasive.
● Adverse Audit Report: An adverse Audit Report is a type of audit report issued to
the financial statements when auditors found material misstatements in the financial
statements. These mistatements individually, or in aggregate are both material and
pervasive to the financial statements. When such findings are materially misstated for
themselves and can potentially affect others accounts and items in the financial
statements, these are called pervasive.
Disclaimer Audit Report: A disclaimer report is issued when an auditor is not able
to obtain sufficient and appropriate audit evidence to support their opinion and the
possible effects of undetected mistataments could be material and pervasive.
9. What is the special purpose audit report and general purpose audit report?
Special Purpose Report: A special-purpose financial report is intended for presentation to

a limited group of users or for a specific purpose. For example, special-purpose financial
statements are prepared for tax reporting, bank reporting, and industry-specific reporting.
Most SME’s (Small to Medium Enterprises) and not for-profit entities will produce a simple

profit and loss and balance sheet, in any format that the business requires or desires them to
be in by following specific guidelines or reporting requirements established by the directors,
owners or members.
General Purpose Report: General purpose financial reports provide financial information
about the reporting entity that is useful to existing and potential investors, lenders and other
creditors in making decisions about providing resources to the entity. General-purpose
financial statements are issued throughout the year and includes a balance sheet, income
statement, statement of owner’s equity/retained earnings, and statement of cash flows.
10. As an Auditor how will you report fraud committed in the company ?
● Reporting to Central Goverment: As per Section 143 of Companies Act, 2013 if

auditor has reason to believe that offence involving fraud (of amount Rs 1 Cr or more)
has been committed against the Company by its officers or employees, it is to be
reported to the CG.
● Reporting in CARO 2020: Auditor has to report the details of the fraud in the clause
xi of CARO.
11. List down the 5 Step model as per Ind AS 115. (V.IMP)
1. Identification of the contract.

2. Identifying various separate performance obligations in the contract.
3. Determining the transaction price.
4. Allocate the transaction price to separate performance obligations.
5. Recognise the revenue when each performance obligation is satisfied.
12. Explain the concept of cut off procedure?
Cutoff procedures are undertaken to check whether all income and expenses are reported in
the correct accounting period. Simply put, Cut off procedures are performed for separation
of transactions from one period to another (say, upto 31st March and after 31st March). This
ensures that transactions and events are recorded in the correct accounting period and
accrual principle of accounting has been followed.
13. What are the audit procedures for Account Receivables testing?
● Ledgers, Agreements and other related supporting documents are obtained from the
client to ensure the completeness & accuracy of transaction

● Perform ageing analysis and check whether there is any need for making provision for
doubtful debts for long outstanding balances.
● Independent external Confirmations are sent to the customers and their response are
noted to ensure the existence and accuracy of balances.
● Alternate procedures for confirmation replies not received have to be performed –
payments should be checked for transactions subsequently settled and proof of service/
proof of delivery should be checked for transactions not settled to ensure that Trade
receivables have been correctly recorded.
● Perform sampling to select the customers for test of details to ensure completeness and
accuracy of transaction.
● Obtain the PO, invoices and proof of delivery for the above samples from client & match
it from GL.
14. What are the audit procedures for Property, Plant & Equipment testing?
● Reconciling the FAR (Fixed assets register) and GL to ensure the accuracy of the books
of accounts.
● Recalculation of the depreciation as per useful life (prescribed in Schedule II of
Companies Act, 2013 or as per management estimate) and scrap value.
● TOD of Additions and disposals to ensure the completeness of the FAR.
● Existence is an essential audit assertion to be tested for PPE with the help of physical
verification of assets.
● The compliance of Ind AS 16 Property, Plant and Equipment to ensure the disclosure
requirements.
15. What are the audit procedures for Cash and Cash Equivalents testing?
● List of all bank accounts should be obtained from client

● Independent Bank Confirmations are sent to all banks (with whom the client holds an
account) to ensure the existence & valuation of the balance at year end.
● Reconciling of balance as per books with the Bank confirmation and bank statement to
ensure the accuracy of books of account.
● Reconciling that all accounts confirmed by the bank are adequately shown in books of
accounts t ensure the completeness.
● Audit of the items standing in bank reconciliation statements.
● Management certificate for cash in hand.
16. What are the audit procedures for unusual Journal entries testing?
● Journal entries made to unrelated, unusual, or seldom-used accounts.

● Journal entries made by individuals who typically do not make journal entries.
● Journal entries containing consistent ending numbers (“999”).
● Journal entries with line items containing specific wording.
● Unbalanced journal entries.
● Journals recorded at the end of the period or as post-closing entries that have little or no
explanation or description.
● Journal entries over performance materiality.
● Journal entries posted on weekends/holiday.
17. Applicability of IND AS on the companies?
● All the Listed Companies are required to apply IND AS

● All the unlisted Co. having Net Worth of >250 CR.
18. As per which schedule the company prepares its financial statements?
Schedule III of the Companies Act, 2013 provides the manner in which every company
registered under the Act shall prepare its Financial Statements.
19. Give a walkthrough of the cash flow statements and give at least one example of each
activity?
CFS has 3 activities namely:
● Operating Activity - Salary paid to staff
● Investing Activity - Purchase/Sale of Fixed Assets
● Financing Activity - Borrowing money
20. What is the difference between Basic EPS and Diluted EPS?
Basic EPS (Earning per share) is a ratio that is widely used by financial analysts, investors
and other users to gauge an entity’s profitability. Its purpose is to indicate how effective an
entity has been in using the resources provided by the ordinary shareholders, and to assess
the entity’s current net earnings. EPS determines the shareholder’s wealth on each share
held by them.
Diluted EPS is a metric used in fundamental analysis to gauge a company’s quality of EPS
assuming all convertible securities have been exercised. Convertible securities include all
outstanding convertible preference shares, convertible debt, equity options (mainly
employer-based options), and share warrants.

21. What are the criteria to define a reportable segment as per IND AS 108?
An entity should report separately information about an operating segment that meets any
of the following quantitative thresholds:
● Its reported revenue, including both sales to external customers and intersegment sales
or transfers, is 10% or more of the combined revenue, internal and external, of all
operating segments.
● The absolute amount of its reported profit or loss is 10% or more of the greater, in
absolute amount, of (i) the combined reported profit of all operating segments that did
not report a loss and (ii) the combined reported loss of all operating segments that
reported a loss.
● Its assets are 10% or more of the combined assets of all operating segments.
Operating segments that do not meet any of the quantitative thresholds may be considered
reportable and separately disclosed, if management believes that information about the
segment would be useful to users of the financial statements.
22. How will you do the audit of payroll or employee benefit expenses?
● Summarise the payregister on a month wise basis.

● Perform the analysis of month wise variance of gross pay and inquire reasons for major
changes which are not substantiated by change in head count or payscale.
● Perform head count reconciliation procedure to match the number of employees each
month i.e. (Opening employees + New joiners – leavers = Closing employees).
● Verified the total net payable amount in salary sheet from the respective months bank
statement to ensure payout.
● TOD of the new joiners and leavers including recalculation of their salary and FnF.
● Recalculate the PF deducted and PF contributed by the employer as per the PF act
and verify the payment of the same via challans for all months.
● Recalculated the ESIC deducted and ESIC contributed by the employer as per the
ESIC act and verify the payment of the same via challans for all months.
23. How do you evaluate the risk of material misstatement in a company's financial
statements?
● Assess the significance of the assessed risk, impact of its occurrence and also revise
the materiality accordingly for the specific account balance.
● Determine the likelihood for assessed risk to occur and its impact on our auditing
procedures.
● Document the assertions that are effected.

● Consider the impact of the risk on each of the assertions (completeness, existence,
accuracy, validity, valuation and presentation) relevant to the account balance, class of
transactions, or disclosure.
● Identify the degree of Significant risks that would require separate attention and
response by the auditor. Planned audit procedures should directly address these risks.
● Enquire and document the management’s response.
● Consider the nature of the internal control system in place and its possible effectiveness
in mitigating the risks involved. Ensure the controls :
 Routine in nature (occur daily) or periodic such as monthly.
 Designed to prevent or detect and correct errors.
 Manual or automated.
● Consider any unique characteristics of the risk.
● Consider the existence of any particular characteristics (inherent risks) in the class of
transactions, account balance or disclosure that need to be addressed in designing
further audit procedures.
● Examples could include high value inventory, complex contractual agreements,
absence of a paper trail on certain transaction streams or a large percentage of sales
coming from a single customer.
24. If debtors’ confirmations are not received, then how would you deal with this kind of
situation?
A non-response to a confirmation request may indicate a previously unidentified risk of

material misstatement. In such situations, the auditor may need to revise the assessed risk
of material misstatement at the assertion level, and modify planned audit procedures, in
accordance with SA 315. For accounts receivable balances – examining specific
subsequent cash receipts, shipping documentation, and sales near the period-end.
25. What do you mean by walkthroughs and control testing?
A walk-through test is a procedure used during an audit of an entity's accounting system

to check its reliability. A walk-through test traces a transaction step-by-step through the
accounting system from the start till end.
A test of controls is an audit procedure to test the effectiveness of a control used by a

client entity to prevent or detect material misstatements. Depending on the results of this
test, auditor may choose to rely upon a client's controls or not.
Do check out Statutory Audit Master Class for understanding of all the concepts in detail,
click on the below link and register for the course:
https://www.camonk.com/courses/statutory-audit

26. What is MRL and why is it used and who takes it?
Management Representation Letter is issued by the client (Auditee) to the auditor in writing
as a part of Audit Evidence. This document during the audit clarifies the separation of
responsibilities of the auditor and auditee (management). In essence, the letter states that
all of the information submitted by the management during the course of audit is accurate,
and that all material information has been disclosed to the auditors.
27. What are the disclosure requirements of Disclosure Note 1 of financial statements?
Major disclosure which are required in note 1 of the financials are:

● Fundamental accounting assumptions like going concern, consistency of the
accounting policy, accrual basis of accounting etc.
● If an entity departs from a requirement of an Ind AS it shall disclose it along with the
reasons.
● If an entity offset assets and liabilities or income and expenses, in such cases it shall
be disclosed.
28. What is TOC & TOD?
Test of details is TOD which means actually performing substantive testing by picking a
sample of transactions to test to see if account balance is misstated.
Test of control is TOC, it is done to see if controls are operating properly, example - is the
check dual signed, is the reconciliation initiated, etc.
29. What is the difference between contingent liability & provisions?
Provision Contingent Liability
Provisions are liabilities which are Contingent liability is a possible

recognised (assuming that a reliable obligation that arises from past events
estimate can be made) because they are and whose existence will be confirmed
present obligations and it is only by the occurrence or non-
probable that an outflow of resources occurrence of one or more uncertain
will be required to settle the obligations. future events not wholly within the
control of the entity.

Provision Contingent Liability
The event which can result in a The event which can result in a
provisional liability is probable to occur. contingent liability may or may not
occur.
The amount of the obligation can be The amount of the obligation cannot be
measured with sufficient reliability. measured with sufficient reliability.
Any increase or decrease in provision Contingent liability is off – balance sheet
liability gets recorded in the Profit and item and is not routed through the books
Loss Account. of accounts. Its shown only as a part of
disclosure.
30. What are non-balance sheet items?
Non-balance sheet items also called as off-balance sheet items is a term for assets or
liabilities that do not appear on a company's balance sheet. These items as on balance sheet
date are not entirely company’s assets or liabilities and do not meet the criteria of recording
as asset or liabilities in books of accounts. Contingent assets and contingent liabilities
typically constitute off-balance sheet items.
31. What will be the journal of bad debts and provision for bad debts?
Journal for bad debts

Bad Debts a/c Dr.
To Debtors A/c
Journal for provision for bad debts

Profit & loss account Dr.
To Provision for bad debts
32. What is audit risk? What are the components of audit risk?
Audit risk is the risk of expressing an inappropriate audit opinion on financial statements
that are materially misstated. The components of audit risk are inherent risk, control risk
and detection risk.

33. What is Inherent risk & Control risk
This term refers to susceptibility of an account to a material misstatement, regardless of

whether the company has strong internal controls. Certain transactions and industries
present greater inherent risk than others.
Sometimes a company’s internal controls are inadequate to prevent or detect material
misstatements. Control risk increases when the company fails to deploy or enforce effective
internal controls, or when employees or third parties override them without the company
discovering their actions.
34. What is Detection risk?
Audit procedures are designed to uncover material misstatements. Detection risk is the risk
that audit procedures might not detect a material misstatement. When detection risk is
elevated, the auditor might, for example, test a larger sample of transactions to mitigate
audit risk.
35 How the Inherint risk, control risk and detection risk are related (relationship).
Inherent risk and control risk are collectively known as risk of material misstatement
(ROMM). ROMM and detection risk together constitute the Audit risk.
When the ROMM is high the auditor will increase the substantive testing and will try to
keep the detection risk to be minimum and vice a versa. Therefore, an inverse relationship
is maintained between ROMM and detection risk in order keep the audit risk to a minimum.
36 What are the steps of the audit. / How you will perform the audit of a client ?
Step 1 - Client onboarding formalities and engagement acceptance formalities

Step 2 - Planning the audit by analysing the CY and PY financials of client, determining
the materiality
Step 3 - Assessing the risk of material misstatement by understanding the entity & its
environment and its internal control
Step - 4 Performing the control testing of the various areas to identify the effectiveness of
the controls
Step - 5 Performing the substantive testing of the BS and PL items.
Step - 6 Reporting to shareholders

37. What are Internal Financial controls?
Internal financial controls are the policies and procedures adopted by the company for
ensuring the orderly and efficient conduct of its business, including adherence to the
company’s policies, the safeguarding of its assets, the prevention and detection of frauds
and errors, the accuracy and completeness of the accounting records, and the timely
preparation of reliable financial information.
38. What is audit programme?
An audit programme, also called an audit plan, is an action plan that documents what
procedures an auditor will follow to express an opinion on the financial statement.
39. What are the methods for the depreciation allowed in the companies act.
Under the companies act 2013 company can follow either Straight line method or written
down method for charging depreciation.
40. What is difference between vouching and verifications?
Vouching means checking the vouchers which supports the financial transaction / journal
entry. Verification means validating the resemblance of the facts of voucher with those
appearing in the books of accounts.
41. What are the audit procedures for the cash & cash equivalents?
The audit procedures for cash and cash equivalents may include the following:
● Obtain and review the client's policies and procedures for cash management, including
any controls over cash disbursements and receipts.
● Review the client's bank statements and reconcile them to the cash balances recorded
in the financial statements.
● Obtain the external confirmations from the banks
● Test a sample of cash receipts by reviewing supporting documentation such as
customer invoices and bank deposit slips, and verifying that the receipts were properly
recorded.
● Review the client's documentation for any investments classified as cash equivalents,
such as short-term certificates of deposit or commercial paper, and verify that they
meet the criteria for classification as cash equivalents.

42. What are the financial assets as per IND AS 32?
Financial Asset means:

● Any contractual right to receive cash or other financial asset
● Cash & cash Equivalents
● Equity Investmenst
● A contract that will or may be settled in the entity’s own equity instruments
43. What are the equity instruments as per IND AS 32?
Equity instruments are those

● Instruments where there is no obligation to deliver the cash or any other financial asset
● Instruments where fixed no of equity shares are to be issued in settlement
44. What are the substantive audit procedures?
Substantive audit procedures are audit procedures that are designed to test the assertions
of financial captions. These procedures are typically more in-depth and extensive than
tests of controls, which are designed to assess the effectiveness of the client's internal
control system.
45. What are the analytical procedures in audit?
Analytical procedures are a type of audit procedure used to test financial information and
identify unusual or unexpected relationships. These procedures involve the use of ratios,
trends, and other statistical analysis techniques to compare financial information to
previous periods or to industry benchmarks
46. What is Limited Review?
Limited Review can be defined as an examination of financial statements on quarterly

basis. In India, listed companies are required to conduct limited review through statutory
auditors. Every listed co. under clause 41 of the listing agreement is required to furnish the
unaudited quarterly result in the prescribed format to the concerned stock exchange within
45 days of the end of respective quarter.

47. How you will perform the control testing?
Control testing is an audit procedure used to determine whether internal controls

effectively prevent or detect material misstatements at assertion level. It includes the
following steps:
● Understanding the process: The first step in control testing is to understand the
process existing in the client entity
● Walkthroughs:A walk-through test is a procedure used during an audit of an entity’s
accounting system to gauge its reliability. A walk-through test traces a transaction
step-by-step through the accounting system from its inception to the final disposition
● Sample Selection: After the walkthrough, to decide on the number of samples to be
tested as part of control testing. No of samples to be selected can depend on various
factors.
● Control Testing: The effectiveness of control is then tested by verifying a few
samples. Here, the internal control is tested for factors like, preparer and reviewer,
approval based on authorisation matrix etc.
48. What are the 2 models under which the PPE can be recorded under IND AS – 16?
Under IND AS 16 PPE can be recorded under cost model or revaluation model. Under the
cost model only downward revaluation (impairment) is allowed when the fair value of the
asset is less than the book value. Under revaluation model company has to revalue its PPE
on every year end at the fair value whether its upward revaluation or downward revaluation.
49. What are the reporting requirements under Clause 7 of the CARO 2020?
The auditor is required to report whether the company is:

– Regular in depositing undisputed statutory dues.
– As on balance sheet date, statutory dues which are unpaid and oustanding for a period
of more than 6 months from the date they became payable
– In case of any disputed statutory dues, the amount of such dues, the forum before
whom the dues are litigated.
50. What are the various benchmarks which can be used while calculating the
materiality?
Selection of the benchmark for calculating the materiality depends upon the various
factors like nature of company, objective of the company and the sector in which the

company is operating. The various benchmarks which can be used to calc the materiality
are as follow
Scenarios Generally acceptable benchmarks

Profit maximising objective Profit before tax
Total revenue
Net assets
Banks Profit before tax
Total revenue
Total assets
Company that have significant assets - eg - Profit before tax
airlines Total assets
Net assets
Company that trade mainly for capital gain Total assets
via investments Total revenue
Net assets
Start up entiites predominantly focused on Total assets
capital expenditure Total expenses
Net assets
Start up entiites not predominantly focused Total expenses
on capital expenditure Net assets
Company operating on low profit (such as Total revenues
PBT no longer serves as benchmark) Total assets
Net assets
Cost plus entities Total expenses
Total assets
Net assets
51. What is deferred tax ?
The tax effect due to the timing differences is termed as deferred tax which literally refers
to the taxes postponed. Deferred tax is recognised on Temporary timing differences.
Permanent differences do not result in deferred tax assets or deferred tax liabilities. These
deferred taxes are given effect to in the financial statements through Deferred Tax Asset
and Deferred Tax Liability.
52. When DTA and DTL arises ?
Deferred tax assets are the amounts of income taxes recoverable in future periods. Deferred
tax assets arise when the tax amount has been paid or has been carried forward but has still
not been recognized in the income statement. The value of deferred tax assets is created
when the book income is less than the taxable income.

Deferred tax liabilities are the amounts of income taxes payable in future periods. Deferred
tax liability arises when the tax amount has to be paid in future for a transaction or
adjustment that has taken place already in the income statement. The value of deferred tax
liability is created when the book income is more than the taxable income.
53. What is LIFO and FIFO method in inventory valuation?
LIFO (Last In, First Out) and FIFO (First In, First Out) are two methods used to value
inventory and cost of goods sold (COGS) for financial reporting and tax purposes.
In the LIFO method, the inventory that is most recently acquired is assumed to be sold first.
This means that the cost of the most recent inventory is recorded as the cost of goods sold,
while the cost of older inventory remains in the ending inventory. This method is useful in
times of rising prices, as it results in a lower cost of goods sold and a higher gross profit
on the income statement. However, it can also result in a higher tax liability, as the cost of
goods sold is taxed in the year it is recorded.
In the FIFO method, the inventory that is oldest is assumed to be sold first. This means that
the cost of the oldest inventory is recorded as the cost of goods sold, while the cost of more
recent inventory remains in the ending inventory. This method is useful in times of falling
prices, as it results in a higher cost of goods sold and a lower gross profit on the income
statement. However, it can also result in a lower tax liability, as the cost of goods sold is
taxed in the year it is recorded.
Both LIFO and FIFO are acceptable methods of inventory valuation, and a company can
choose the method that is most appropriate for its business and financial reporting needs.
54. What are the audit procedures for Inventory ?
● Obtaining a list of entire inventory inlcuding Raw Material, Work-in-progress and

Finished goods.
● Sample selection and evaluation of the cost of the inventory with the help of
purchase invoices for selected samples to verify accuracy.
● Verification whether the inventory has been recorded at lower of cost or NRV to
check the valuation assertion.
● Evaluation of the NRV by calculating the expected selling price
● Physical verification of the inventories at the year end to check the existence of
inventory.

55. What are the different formats for the preparation of the financial statements ?
There are 3 different formats under schedule III

1. Division 1 - For the companies to whom AS are applicable
2. Division 2 - For the companies to whom IND AS are applicable
3. Division 3 - For the NBFC to whom IND AS are applicable
56. What are the reporting requirements under Clause 1 of the CARO 2020 ?
The clause 1 requires the details of the tangible and intangible assets which are mention
below:
a) A. whether the company is maintaining proper records showing full particulars, including
quantitative details and situation of Property, Plant and Equipment;
B. whether the company is maintaining proper records showing full particulars of
intangible assets;
b) whether these Property, Plant and Equipment have been physically verified by the
management at reasonable intervals; whether any material discrepancies were noticed on
such verification and if so, whether the same have been properly dealt with in the books of
account;
c) whether the title deeds of all the immovable properties (other than properties where the
company is the lessee and the lease agreements are duly executed in favour of the lessee)
disclosed in the financial statements are held in the name of the company, if not, provide
the details thereof;
d) whether the company has revalued its Property, Plant and Equipment (including Right of
Use assets) or intangible assets or both during the year and, if so, whether the revaluation
is based on the valuation by a Registered Valuer; specify the amount of change, if change
is 10% or more in the aggregate of the net carrying value of each class of Property, Plant
and Equipment or intangible assets;
e) whether any proceedings have been initiated or are pending against the company for
holding any benami property under the Benami Transactions (Prohibition) Act, 1988 (45
of 1988) and rules made thereunder, if so, whether the company has appropriately disclosed
the details in its financial statements.
57. What are the reporting requirements under Clause 11 of the CARO 2020 ?
The clause 11 requires the auditor to report:
a) whether any fraud by the company or any fraud on the company has been noticed or
reported during the year, if yes, the nature and the amount involved is to be indicated;

b) whether any report under sub-section (12) of section 143 of the Companies Act has been
filed by the auditors in Form ADT-4 as prescribed under rule 13 of Companies (Audit and
Auditors) Rules, 2014 with the Central Government;
c) whether the auditor has considered whistle-blower complaints, if any, received during the
year by the company.
58. What kind of leases are exempt from the application of the IND AS 116?
● Leases which are the for the period of less than 12 months
● Leases which are for low value assets. (no limit has been specified in IND AS 116 to
classy a lease in low value lease. It depends on the use and the nature of the asset)
59. How do you ensure the independence and objectivity of a statutory audit?
There are a number of ways to ensure the independence and objectivity of a statutory audit.
Some of these include:
● The auditor must be independent in fact and in appearance in order to maintain
objectivity. This means that the auditor must not have any financial or other interest in
the company being audited, and must not be influenced by any outside party.
● Avoiding conflicts of interest: The auditor must avoid any situation that could create a
conflict of interest, such as performing other services for the client while conducting
the audit.
● Establishing audit procedures: The auditor should establish appropriate audit
procedures to ensure that the audit is conducted in an objective and unbiased manner.
● Maintaining professional skepticism: The auditor should approach the audit with a
healthy skepticism and should be willing to challenge assumptions and test information
obtained during the audit.
60. What is the latest definition of a small company?

The Act defines a small company as a company that is not a public company and has: A
paid-up share capital equal to or below Rs. 4 crore or such a higher amount specified not
exceeding more than Rs. 10 crores.
61. Which companies are required to conduct internal audit?

As per section 138, the following companies shall be required to appoint an internal
auditor-
(a) Every listed company;
(b) Every unlisted public company if satisfy any of the criteria given as under-
● paid-up share capital of fifty crore rupees or more during the preceding financial year

● turnover of two hundred crore rupees or more during the preceding financial year
● outstanding loans or borrowings from banks or public financial institutions exceeding
one hundred crore rupees or more at any point of time during the preceding financial
year
● outstanding deposits of twenty five crore rupees or more at any point of time during
the preceding financial year; and
(c) Every private company if satisfy any of the criteria given as under-
● Turnover of two hundred crore rupees or more during the preceding financial year; or
● Outstanding loans or borrowings from banks or public financial institutions exceeding
one hundred crore rupees or more at any point of time during the preceding financial
year.
62. What are defined benefit plans as per IndAS 19?
They are post-employment benefit plans under which an entity pays fixed contributions
into a separate entity (a fund) and will have no legal or constructive obligation to pay
further contributions if the fund does not hold sufficient assets to pay all employee benefits
relating to employee service in the current and prior periods. In these plans, the
contribution is defined i.e. contribution is fixed and known to the entity.
Example : Provident Fund contribution by the employer to the Employees’ Provident

Fund Organisation, Ministry of Labour & Employment, Government of India.
63. What are the components of an internal control framework?
There are five components of an internal control framework. They are as follows:
• Control Environment;
• Risk Assessment;
• Information & Communication;
• Monitoring;
• Control Activities.
64. If you are the auditor of HUL, you would like to limit your examination of account
balance tests. What are the control objectives you would like the accounting control
system to achieve to suit your purpose?
Basic Accounting Control Objectives: The basic accounting control objectives which are
sought to be achieved by any accounting control system are -
● Whether all transactions are recorded;
● Whether recorded transactions are real;

● Whether all recorded transactions are properly valued;

● Whether all transactions are recorded timely;
● Whether all transactions are properly posted;
● Whether all transactions are properly classified and disclosed;
● Whether all transactions are properly summarized.
65. Nicco Park has six recreational parks to provide recreational facilities for the children
and youngsters at different locations and Collections are made in cash. Suggest some
of the adequate internal control system for their sales and revenue.
Control System over Selling and Collection of Tickets: In order to achieve proper internal
control over the sale of tickets and its collection , following system should be adopted -
1. Printing of tickets: Serially numbered pre-printed tickets should be used and designed
in such a way that any type of ticket used cannot be duplicated by others in order to
avoid forgery.
2. Ticket sales: The sale of tickets should take place from the Central ticket office
3. Daily cash reconciliation: Cash collection at each office and machine should be
reconciled with the number of tickets sold.
4. Daily banking: Each day’s collection should be deposited in the bank on the next
working day of the bank.
5. Entrance ticket: Entrance tickets should be cancelled at the entrance gate when public
enters the centre.
6. Advance booking: If advance booking of facility is made available, the system should
ensure that all advance booked tickets are paid for.
7. Discounts and free pass: Discount and free passes should be properly authorized and
signed by the authorization person.
66. What is the difference between IFC and Internal Audit ?
Internal Financial Control (IFC) and internal audit are two different processes that serve
different purposes within an organization.
Internal Financial Control (IFC) is a process that is implemented by a company to ensure

the integrity of its financial reporting, as well as the efficiency and effectiveness of its
operations. It includes a set of policies and procedures that are designed to safeguard the
company's assets, ensure the accuracy and reliability of its financial records, and promote
compliance with relevant laws and regulations. The purpose of IFC is to provide assurance
that the company's financial reporting is reliable, and to detect and prevent errors, fraud,
and other financial irregularities.

Internal audit, on the other hand, is an independent, objective assurance and consulting
activity that helps an organization improve its operations by evaluating and improving the
effectiveness of its risk management, control, and governance processes. Internal auditors
are responsible for evaluating the adequacy and effectiveness of the organization's internal
controls, and for providing recommendations for improvement. Internal audit is a separate
function from IFC, and it is typically carried out by a team of internal auditors who report
to the board of directors or audit committee.
In summary, while IFC is focused on the integrity of financial reporting and the protection
of assets, internal audit is focused on evaluating and improving the effectiveness of the
organization's risk management, control, and governance processes.
67. During the course of his audit, the auditor noticed material weaknesses in the internal
control system and he wishes to communicate the same to the management. You are
required to elucidate the important points the auditor should keep in the mind while
drafting the letter of weaknesses in internal control system.
As per SA 265, “Communicating Deficiencies in Internal Control to Those who Charged

with Governance and Management”, the auditor shall include in the written communication
of significant deficiencies in internal control -
(i) A description of the deficiencies and an explanation of their potential effects; and
(ii) Sufficient information to enable those charged with governance and management to
understand the context of the communication.
68. Suppose you are the auditor of Reliance Ltd having a net worth of INR 5000 crores.
The internal auditor of RIL is your best friend & you have developed a good bonding
during the course of the audit. How will you rely on the work of your friend?
As the auditor of RIL, the friendship with internal auditor should in no way affect the
independence of external auditors and SA 610, “Using the work of internal auditor” should
be followed which highlights the below pointsto be kept in mind:
A. Whether the work of the internal auditors is likely to be adequate for purposes of the audit
and evaluate:
 The objectivity of the internal audit function;
 The technical competence of the internal auditors;
 Whether the work of the internal auditors is likely to be carried out with due
professional care
B. The planned effect of the work of the internal auditors on the nature, timing or extent of
the external auditor’s procedures

70. While conducting the audit of a limited company for the year ended 31st March, 2023,
the auditor wanted to refer to the Minute Books. The Board of Directors refused to
show the Minute Books to the auditor.
In case the directors have refused to produce the Minute Books, the auditor may consider
extending the audit procedure and also consider modifying/ qualifying his report in an
appropriate manner.
71. You, a CA are the auditor of Siddha Ltd. & appointed in September, 2022.
Subsequently in February, 2023, you joined Mr. Bajaj, another CA, who is the
Manager Finance of Siddha Ltd., as a partner. Is your appointment valid?
Mr. Siddharth, an auditor of Siddha Ltd., joined as partner with Mr. Bajaj, who is Manager
Finance of Siddha Limited. The given situation has attracted sub-section (3)(c) of Section
141 and, therefore, he shall be deemed to have vacated office of the auditor of Siddha
Limited.
72. You, a CA. provide services of design and implementation of financial information
system to HEG Ltd. Now, you also wished to be appointed as an auditor of the
company for the current financial year. Can you be the auditor?
The position of auditor cannot be accepted as the service rendered of implementation of

financial information system are prohibited as per section 141(3)(i) read with section 144
of the Companies Act, 2013.
73. You are the internal auditor of a Cement Manufacturing Company, what will be the
audit procedure for verification of transportation charges for dispatches from the
factory.
● Examine the agreement to note the rates contracted with transporters for carriage of
goods.
● Examine whether the rates charged in the invoice is as per the contract & authorised by
the appropriate authority.
● Examine whether the transporter’s invoice includes a delivery challan bearing the
customers stamp indicating the receipt of goods.
● Check whether all the goods to be dispatched have a transport booking order reference.
● Ensure correct recording of amount stated in invoice.
● Check whether TDS has been deducted at appropriate rate and deposited with the
government in time.

74. What are the audit procedures for auditing revenue & expenditure of Multiplex?
● Whether the object clause of MOA permits to engage in such business activity.
● Income from Sale of Tickets:
○ Examine internal control system.
○ Examine system of online booking and realisation of cash.
○ Examine system of reconciliation of collections with seat availability.
● Income from cafes, shops, pubs, etc in the multiplex examine their internal control
system.
● Examine system of collection from parking areas.
● Examine the expenses incurred in maintenance of building.
● Examine the system of payment of salaries & other benefits to employees.
● Examine the system of payment to distributors.
75. As statutory central auditors of a Nationalized bank, what special points are to be
borne in mind in the audit of compliance with "Statutory Liquidity Ratio" (SLR)
requirements?
Obtain an understanding of the relevant circulars/ instructions of the RBI, particularly

regarding composition of items of DTL.
● Request the branch auditors to send their weekly trial balance as on Friday and
these are consolidated at the head office. Based on this consolidation, the DTL
position is determined for every reporting Friday. The statutory central auditor
should request the branch auditors to verify the correctness of the trial balances
relevant to the dates selected by him/her. The branch auditors should also be
specifically requested to examine the cash balance at the branch on the selected
dates.
● Examine, on a test basis, the consolidations regarding DTL position prepared by
the bank with reference to the related returns received from branches. The auditor
should examine whether the valuation of securities done by the bank is in
accordance with the guidelines prescribed by the RBI.
● Examine whether the consolidations prepared by the bank include the relevant
information in respect of all the branches.
● It may be noted that, even though interest accrues daily, it is recorded in the books
only at periodic intervals. Thus, examine whether such interest accrued but not
accounted for in books is included in the computation of DTL.
● The auditor at the central level should apply the audit procedures listed above to
the overall consolidation prepared for the bank as a whole. Where such procedure
is followed, the central auditor should adequately describe the same in the report.

● While reporting on compliance with SLR requirements, the auditor should specify
the number of unaudited branches and state that he/she has relied on the returns
received from the unaudited branches in forming an opinion. Recently, there has
been introduction of Automated Data Flow (ADF) for CRR & SLR reporting and
the auditors should develop necessary audit procedures around this.
76. Explain the scope of concurrent audit of a bank with reference to Reserve Bank of
India guidelines.
Banks ensure that risk sensitive areas identified by them as per their specific business
models are covered under concurrent audit. Concurrent audit aims at shortening the interval
between a transaction and its independent examination. The detailed scope of the
concurrent audit may be determined by head of internal audit of banks, and approved by
the Audit Committee of the Board of Directors.
77. List down matters to be ensured to achieve the objectives of Internal control relating
to accounting system is that all transactions are promptly recorded in an appropriate
manner to permit the preparation of financial information and to maintain
accountability of assets.
The basic accounting control objectives which are sought to be achieved by any accounting
control system are -
● Transactions are executed in accordance with management’s general or specific
authorisation;
● Transactions and other events are real & promptly/timely recorded at correct amounts;
● Transactions should be classified in appropriate accounts and in the appropriate period
to which it relates;
● Transactions are properly posted.
● Transactions should be recorded in a manner so as to facilitate preparation of financial
statements in accordance with applicable accounting standards, other accounting
policies and practices and relevant statutory requirements
78. CA Amit has been appointed as Statutory Auditor of Tata Ltd. The Co. For the year
under audit one additional profit and loss account is prepared that disclosed specific
items of expenditure and included the same as an appendix to the financial
statements. Guide CA Amit as to how he should deal with this issue while reporting
on the financial statements of Tata Ltd.

Additional profit and loss account is not considered an integral part of the audited financial
statements and the auditor shall evaluate that supplementary information is presented in a
way that sufficiently and clearly differentiates it from the audited financial statements.
79. You are the auditor of Umbrella Ltd. and you are concerned with the quality &
effectiveness of internal control. Towards achieving your objective you want to assess
and evaluate the control environment. What set of the Standard Operating
Procedures will you use?
(i) Enterprise Risk Management

(ii) Segregation of Job Responsibilities
(iii) Job Rotation in Sensitive Areas
(iv) Delegation of Financial Powers Document
(v) Information Technology based Controls
80. The reports of the Comptroller and Auditor General of India on the audit of PSUs
are presented to the Parliament and to various state legislatures to facilitate a proper
consideration. Enumerate the contents of Audit Report presented by C & AG.
● Introduction containing a general review of the working results of Government

companies, deemed Government companies and corporations;
● Results of comprehensive appraisals of selected undertakings conducted by the Audit
Board;
● Resume of the company auditors’ reports submitted by them under the directions issued
by the C&AG and that of comments on the accounts of the Government companies;
and
● Significant results of audit of the undertakings not taken up for appraisal by the Audit
Board.
81. You have been appointed as Concurrent auditor of one of the branches of Coin Bank
Ltd. This branch is dealing mainly in foreign exchange. State the suggested audit
procedures to be covered by you to check the foreign exchange transactions of this
branch while doing Concurrent audit.
● Check foreign bills negotiated under letters of credit.

● Check FCNR and other non-resident accounts whether the debits and credits are
permissible under rules.
● Check whether inward/outward remittance have been properly accounted for.

● Examine extension and cancellation of forward contracts for purchase and sale of
foreign currency. Ensure that they are duly authorized and necessary charges have been
recovered.
● Ensure that balances in Nostro accounts in different foreign currencies are within the
limit as prescribed by the bank.
● Ensure that the overbought/oversold position maintained in different currencies is
reasonable, considering the foreign exchange operations.
● Ensure adherence to the guidelines issued by RBI/HO of the bank about dealing room
operations.
82. You are appointed as the forensic auditor of Dharma Ltd., as the company is involved
in siphoning of funds through payments to shell companies. What steps will you take
in forensic audit process.
Step 1. Initialization
Step 2. Develop Plan
Step 3. Obtain Relevant Evidence
Step 4. Perform the analysis
Step 5. Reporting
83. You are the auditor of Emami Ltd., and want to perform external confirmation
procedures to obtain audit evidence. List the factors that will help you in determining
whether external confirmation procedures are to be performed as substantive audit
procedures?
● The confirming party’s knowledge of the subject matter – responses may be more
reliable if provided by a person at the confirming party who has the requisite
knowledge about the information being confirmed.
● The ability or willingness of the intended confirming party to respond for example,
the confirming party;
- May not accept responsibility for responding to a confirmation request;
- May consider responding too costly or time consuming;
- May have concerns about the potential legal liability resulting from responding;
- May account for transactions in different currencies; or
- May operate in an environment where responding to confirmation requests is
not a significant aspect of day-to-day operations.
● In such situations, confirming parties may not respond, may respond in a casual
manner or may attempt to restrict the reliance placed on the response.
● The objectivity of the intended confirming party – if the confirming party is a
related party of the entity, responses to confirmation requests may be less reliable.

84. While auditing an insurance company indicate the circumstances when the company
should not issue the policy documents?
● Premium had not been collected at all;

● Premium had been collected but the relevant cheques have been dishonoured; (refer
Cheque Dishonoured Book);
● premium had not immediately been collected due to furnishing of a bank guarantee or
cash deposit but either the deposit or guarantee had fallen short or has expired or the
premium had been collected beyond the stipulated time limit (i.e., there is a shortfall
in bank guarantee account or cash deposit account of the insured);
● premium had not been collected due to risk cover being increased or where stipulated
limits have been exhausted in respect of open declaration policies (i.e., where premium
has accrued but has not been received); and
● instalments of premium have not been collected in time in respect of certain categories
of policies, e.g., marine-cum-erection policies where facility has been granted for
premium being paid in instalments (such facility is normally available subject to
certain conditions, e.g., that the first equated instalment is more by 5 per cent of the
total premium payable by instalments).
● Premium collected but policies not issued for long periods of time.
● Whether the premium received during the year but pertaining to risk commencing in
the following year has been accounted for under the head ‘Premium Received in
Advance’ and has been disclosed separately.
85. You are appointed as Peer Reviewer of M/s AMC Associates, a CA firm consisting of
18 partners. As a Practicing unit what are the obligations that are to be complied by
M/s AMC Associates in addition to furnishing the questionnaire, statements and such
other particulars as the Board may deem fit?
● Produce to the Reviewer or allow access to, any record, document or prescribed
register maintained by the Practice Unit or any other record or document which is of
a class or description so specified, and which is in the possession or under the control
of the Practice Unit.
● Provide to the Reviewer such explanation or further particulars/ information in respect
of anything produced in compliance with a requirement under sub clause (1) above,
as the Reviewer shall specify.
● Provide to the Reviewer all assistance in connection with Peer Review.
● Where any information or matter relevant to a Practice Unit is recorded otherwise than
in a legible form, the Practice Unit shall provide and present to the Reviewer a
reproduction of any such information or matter, or of the relevant part of it in a legible
form, with a translation in English or Hindi, if the matter is in any other language, and

if such translation is requested for by the Reviewer. The Practice Unit shall be
responsible and accountable for the accuracy and truthfulness of the translation so
provided.
86. You are the statutory auditor of Jadu Ltd., for issuing an audit opinion on financial
statements and internal controls over financial reporting (ICFR) under the
Companies Act, 2013. What questions will you include while preparing a checklist in
the form of questions for testing internal control over cash and bank balances.
I will check that the cashier -

● Is not responsible for opening the incoming mails;
● Does not authorise any of the ledgers;
● Does not authorise any expenditure or receipt;
● Does not sign cheques;
● Takes his annual leave regularly;
● Inks and balances the cash book every day;
● Verifies physical cash balance with the book figure daily at the end of the day;
● Prepares monthly bank reconciliation statement;
● Holds no other funds or investment;
● Holds no unnecessary balance in hand;
● Does not pay money without looking into compliance with proper procedure and
due authorisation; and
● Has tendered proper security or has executed a fidelity bond?
87. TQR Limited is engaged in the business of garment manufacturing, one of the senior
Managers was involved in creating false documents and legitimate documents were
altered to support fictitious transactions. As a forensic auditor how will you deal and
suggest Technology based/Digital forensic techniques.
Many open-source digital forensics tools are now available to assist you in this phase of
the investigation. (i) Cross Drive Analysis (ii) Live Analysis (iii) Deleted Files (iv)
Stochastic Forensics (v) Steganography (vi) EnCase (vii) MD5 (viii) Tracking Log Files
(ix) PC System Log (x) Free Log Tools.
88. You have been appointed as an auditor of Ambani Life Insurance Company Ltd.
There are several cases of lapsed policies. The policy lapsation is tracked over the
PMS software. You are requested by the Management to explain in clear terms about
Policy lapses and Revival. Also state your role as an auditor in verifying the same.

Policy Lapse and Revival: “Lapse” is the discontinuance of the policy owing to
nonpayment of premium dues. In order to keep a life insurance policy “in force” the policy
holder is required to pay premiums when due (either monthly/ quarterly/annual/bi-
annual). If payment is missed, the insurer allows a period of 15/30 days from the premium
due date for making the payment. This period is termed as “grace period”. If the policy
holder does not make the payment within the grace period, the policy gets “lapsed”. Thus,
a payment within the grace period is deemed to be a payment on the due date. The terms
and conditions of the policy stipulate that where the premium is not paid within the grace
period, the policy lapses but may be revived during the lifetime of the life assured. Some
insurers do not allow revival, if the policy has remained in lapsed condition for more than
five years. This is because of the possibility that the arrears of premiums on such a policy
would be too heavy and that it would be better to take out a fresh policy. The insurer
should have taken persistent measures for monitoring receipt of renewal premium within
the due dates. In case of most of insurers, policy lapsation is tracked over the PMS,
wherein premium due dates are monitored by the system once initial data of the policy is
entered in the system.
Role of Auditor: The primary objective of the audit is to check and confirm that due dates
are recorded and monitored properly and polices are marked as “lapsed” on non-receipt
of renewal premium within due dates/grace period. In case of revival request, whether
adequate checks are in place for receipt of outstanding amounts and adequate documents
are obtained before reviving the policy.
89. You are the auditor of PRAG Limited, a listed company, which has three subsidiaries
and also 15 branches across India. Auditors are duly appointed for the subsidiaries
and branches as well. What should be the considerations with regard to the
determination of materiality during the audit of consolidated financial statements?
● The auditor is required to compute the materiality for the group as a whole. This materiality
should be used to assess the appropriateness of the consolidation adjustments (i.e.
permanent consolidation adjustments and current period consolidation adjustments) that
are made by the management in the preparation of CFS.
● The parent auditor can also use the materiality computed on the group level to determine
whether the component's financial statements are material to the group to determine
whether they should scope in additional components, and consider using the work of other
auditors as applicable.
● The principal auditor also computes materiality for each component and communicates to
the component auditor, if he believes is required for true and fair view on CFS.

90. You have to conduct "Due Diligence" of assets of the Indian Company which is going
t be acquired by a European company, having a market share of 51% and assets
over Rs.1000 Crores. To find out if any of the assets is overvalued. List down the
areas of due diligence exercise to find out overvalued assets.
● Uncollected/uncollectable receivables.
● Obsolete, slow non-moving inventories or inventories valued above NRV; huge
inventories of packing materials etc. with name of company.
● Underused or obsolete Plant and Machinery and their spares; asset values which have
been impaired due to sudden fall in market value etc.
● Assets carried at much more than current market value due to capitalization of
expenditure/foreign exchange fluctuation, or capitalization of expenditure mainly in
the nature of revenue.
● Litigated assets and property.
● Investments carried at cost though realizable value is much lower.
● Investments carrying a very low rate of income / return.
● Infructuous project expenditure/deferred revenue expenditure etc.
● Group Company balances under reconciliation etc.
● Intangibles of no value.
91. What are the recent changes in the schedule III of the companies act 2013 ?
● Disclosure of trade payable and trade receivable ageing of the LY & CY

● Disclosure of title deeds of PPE whether held in the name of the company
● Disclosure on the any proceedings initiated on Benami Property Act
● Disclosure on Wilfull defaulter
● Disclosure on transactions and relationship with struckoff companies
● Disclosure on Utilisation of the borrowed funds
● Calculation of many ratios and explanation with the change in ratio if more than 25%
● Disclosure on Transaction in the crypto currency
92. What are the reporting responsibility of the Statutory Auditor under clause 5 of
CARO 2020 ?
The auditor has to ensure whether the company has followed the directives of the RBI as
under: – Compliance with the provisions prescribed for accepting deposits under section
73 to 76 of the Companies Act, 2013. – The nature of contraventions, if the above
provisions are not followed. – Compliance with any order passed by any court or tribunal.
– Reporting of any non-compliance with the provisions of Companies Act, 2013.

CARO 2020 ?
The auditor has to report in case If the company has given any loans to directors or any
other person in whom the director is interested, or made any investments, whether the
company has made compliance with the provisions governing such loans, investments and
guarantees.
CARO 2020 ?
The auditor has to ensure that If the company has raised any funds from a public offer
(equity or debt capital), details of the funds applied for the purposes. Also, the details of
default or delays and rectification measures taken. – Has the company made any private
placement or preferential allotment of shares or convertible debentures (fully, partially or
optionally convertible) during the year, whether the same is in accordance with section 42
and section 62 of the Companies Act, 2013. – Whether the funds raised, have been used
for the purposes they were raised and the non-compliance, if any.
96. What do you mean by the equity instruments as per IND AS 32 ?
Equity instruments means:

● Instruments where there is no obligation to deliver the cash
● No obligation to exchange the Financial asset or liability under unfavourable
condition/
● Instruments where fixed no of own shares to be issued in settlements.
97. What are the compounded financial instruments ?
Compounded financials instruments are those instruments which has features of both, the
financial liability and equity. For eg. irredemable debentures with mandatory interest.
98. What are the three different methods under which the Debt instruments can be
recognised ?
● Amortised cost method

● FVTPL
● FVTOCI

99. Explain the concept of Integrated framework issued by Committee of the Sponsoring
Organisations of the Treadway Commission (COSO Framework) duly mentioning
its four out of five components.
COSO’s Internal Control – Integrated Framework was introduced in 1992 as guidance on

how to establish better controls so companies can achieve their objectives. COSO
categorizes entity-level objectives into operations, financial reporting, and compliance.
Five Components of COSO are as follows: (i) Control Environment (ii) Risk Assessment
(iii) Control Activities (iv) Information and Communication (v) Monitoring
100. You while conducting audit of PQR Ltd, come across certain transactions which
according to you are significant transactions with related parties and identified to be
outside the entity's normal course of business. How will you understand the nature of
significant transactions outside the entity's normal course of business?
As per SA 550 “Related Parties”, examples of transactions outside the entity’s normal
course of business may include:
● Complex equity transactions, such as corporate restructurings or acquisitions.
● Transactions with offshore entities in jurisdictions with weak corporate laws.
● The leasing of premises or the rendering of management services by the entity to
another party if no consideration is exchanged.
● Sales transactions with unusually large discounts or returns.
● Transactions with circular arrangements, for example, sales with a commitment to
repurchase.
● Transactions under contracts whose terms are changed before expiry.
101. You are the statutory Branch audit of PNB Ltd., you observe that some borrower
accounts have been regularised before Balance sheet date by payment of overdue
amount. What are the audit procedures to be carried out with special focus on the
Classification of advances and Provisioning for Non-Performing assets of the Branch.
The Audit procedures of advances and provisioning for NPAs:

● As per the Reserve Bank guidelines, if an account has been regularised before the
balance sheet date by payment of overdue amount through genuine sources, the
account need not be treated as NPA.
● Where subsequent to repayment by the borrower (which makes the account
regular), the branch has provided further funds to the borrower (including by way

of subscription to its debentures or in other accounts of the borrower), the auditor

should carefully assess whether the repayment was out of genuine sources or not.
● Where the account indicates inherent weakness based in the data available, the
account shall be deemed as a NPA.
Classification and Provision:

● Examine whether the classification made by the branch is appropriate. Particularly,
examine the classification of advances where there are threats to recovery.
● Examine whether the secured and the unsecured portions of advances have been
segregated correctly and provisions have been calculated properly.
● It is to be ensured that the classification is made as per the position as on date and
hence classification of all standard accounts be reviewed as on balance sheet date.
● The date of NPA is significant to determine the classification and hence specific
care be taken in this regard.
● NPA should be recognized only based on concept of Past Due/ Overdue concept,
and not based on the Balance Sheet date.
Do check out Statutory Audit Master Class for understanding of all the
concepts in detail, click on the below link and register for the course:

Om Namah Shivaya
CA MONK’S
109 Internal Audit Interview

Questions & Answers
Complete Guide to crack an interview for Internal Audit
By CA Shivam Palan (IIMI)
Reading Material for CA Monk Internal Audit Master Class

Website: - www.camonk.com
Internal Audit Interview Questions || CA Monk
Title: The 109 Internal Audit Interview Questions & Answers
Author’s Name: Shivam Palan
Published by: Shivam Palan
Publisher’s Address: CA Monk, Near Sri Shivam Hotel Ring Road Lohiya ward, Gondia- MH-
441614 (Mobile No: +91 8767613647)
Publisher’s Details: CA Monk, Near Sri Shivam Hotel Ring Road Lohiya ward, Gondia- MH-
441614 (Mobile No: +91 8767613647; email id: shivam.p@camonk.com)
First Edition
ISBN No: (Application Reference numbers) Copyright: © CA Monk
Special Thanks to Yashaswi Goyal, Gaurav Mishra, Garvit Dhingra for helping in doing research
related to interview questions.
Price: Rs. 1499
All rights reserved. No part of this book should be copied, reproduced, stored in a retrieval system,
or transmitted, in any form, or by any means, electronic, mechanical, recording, or otherwise,
without obtaining the prior permission in writing from the authors.
Every effort has been made to avoid errors or omissions in this publication. Despite this, errors
may creep in. Any mistake, error or discrepancy noted may be brought to our notice which shall
be taken care of in the next edition. It is notified that neither the publisher nor the author or seller
will be responsible for any damage or loss of action to anyone, of any kind, in any manner,
therefrom. It is suggested that to avoid any doubt; the reader should cross-check all the facts, law,
and contents of the publication with original Government publication or notifications. No part of
this book may be reproduced or copied in any form or by any means [graphic, electronic or
mechanical, including photocopying, recording, taping, or information retrieval systems] or
reproduced on any disc, tape, perforated media or other information storage device, etc., without
the written permission of the publishers. Breach of this condition is liable for legal action.
All disputes are subject to Gondia jurisdiction only.
CA Monk Internal Audit Master Class || By CA Shivam Palan 2

109 Internal Audit Interview Questions and Answers

Que 1. Why is an internal audit necessary?
Answer: Internal audits are an excellent way to study and assess a specific process or area. It is
the best strategy to identify areas for development and address possible problems before they arise.
Corrective action must be taken when necessary without undue delay. The role of an internal audit
is to provide assurance that a company's risk management, governance, and internal control
processes are operating effectively. Moreover, internal audits also prove to be a defense
mechanism in detecting violations of laws, regulations, and provisions of contracts and
agreements.
Que 2. Steps to perform Internal Audit.
Answer:
● Determine the areas that need to be audited.

● Ascertain the frequency such area needs to be audited
● Prepare a schedule and maintain consistency
● Brief the people involved beforehand so they’re prepared
● Formulate the audit checklist and execute the audit
● Document and analyze the findings
● Define remediation controls to improve the shortcomings
● Monitoring & following up in the future.
Que 3. Highlight the difference between management and operational audit.
Answer:
● Management audit focuses on the ‘Quality of managing’ whereas operational audit deals
with the ‘Quality of operations’.
● Management audit concerned with quality of decision making whereas operational audit is
concerned with effectiveness & efficiency of operations.
● Management audit is audit of the management. Operational audit is audit for the
management.
● In management audit, the auditor assesses the management all the way up to the top
management regarding objectives, established plans, policies and decision making,
whereas in operational audit he ensures if operations adhere to the plans & policies
formulated.
Join Internal Audit Master Class for a better understanding of all the concepts in
detail; click on the below link and register for the course:
https://www.camonk.com/courses/Internal-Audit-Masterclass

Que 4. How do you resolve conflicts arising during management audits? state any 2 methods.
Answer: Conflicts such as resistance to change are common while performing management audit,
the methods to resolve such conflicts are:
● Adopting a participative approach & building mutual trust and team spirit.
● The reports should be focused on areas that need improvement rather than pointing out
inefficiencies.
Que 5. What are the important aspects to be considered by an external auditor in the
evaluation of the internal audit function?
Answer: He shall determine the adequacy of the Internal audit work for his own purposes through:
● Objectivity of internal auditor

● Competency of the internal auditor
● Application of systematic & disciplined approach
Que 6. Explain what is required to perform an internal audit?
Answer: In order to perform an internal audit, a complete process walkthrough should be

conducted of relevant business processes as per scope of audit. The roles and responsibilities of
people involved and documents / workflow maintained should be noted along with the relevant
financial information basis discussions with the relevant stakeholders and employees of the
company to understand the as is process knowledge. Further, company management should
commit to provide any assistance that may be required to perform the audit.
Que 7. What is the meaning of the plan drawn up in an internal audit?
Answer: An audit plan is a document that acts as a road map for execution of the overall audit
strategy. An audit plan is required to be established and adhered to in order to make sure the
internal audit is carried out effectively & efficiently.
Que 8. Can you describe substantive tests and when we use them in the process of auditing
the business process?
Answer: Substantive tests are tests conducted by the auditor to obtain evidence w.r.t.
Completeness, validity and accuracy of account balances and related transactions. During
substantive tests, all the documents are thoroughly checked to catch and correct even the small
errors.
Join Internal Audit Master Class for a better understanding of all the concepts in detail;

Que 9: What are the qualities that an internal auditor should possess to be effective?
Answer:
● The Internal auditor should possess the expertise for evaluating management control
systems, especially financial and accounting controls.
● Knowledge of technology and commercial practices to evaluate the operational
performance and non-monetary controls.
● Basic knowledge of commerce, laws, taxation, cost accounting, economics, quantitative
methods and EDP systems.
● Understanding of management principles and techniques.
● Questioning & an analytical mindset
● Solution driven approach
● Ability to deal with people.
Que 10. What are the key components of a SOP?
Ans: The key components of a SOP are listed hereunder:
 Process Name
 Date of issue
 Date of effective use
 Approval Details
 Process Changes History
 Detailed process
 Process Map with flowcharts
Que 11. What are the differences between regulatory or statutory audits and performance
audits?
Answer: Regulatory or statutory audit primarily focuses on the financial reporting whereas
performance audit is concerned with the effectiveness and efficiency of daily operations and
individual projects.
Join Internal Audit Master Class for a better understanding of all the concepts in detail;

Que 12. What is the difference between vouching and verification?
Answer:
Basis Vouching Verification
Meaning Checking the accuracy of Verification is done to

transactions recorded in the substantiate the validity of
books of accounts. assets and liabilities appearing
in the balance sheet.
Objective Ensure correctness, validity To confirm the ownership,

and completeness of the possession, existence,
transaction. valuation and disclosure of the
items appearing in the balance
sheet.
Examination Profit & Loss items Balance Sheet items
Frequency Varies based on the At the end of the financial year

requirements of the
assignment
Items Incomes and expenses Assets and Liabilities
Que 13. Why is Internal Audit necessary?
Answer: Internal Audit is increasingly becoming necessary because of the following reasons:
● Increased compliance requirements.

● Unconventional Business models
● Extensive use of IT in businesses
● Cut throat competition
● Increased size and complexity of businesses
Que 14. Difference between process and controls?
Answer: Processes are actions done to accomplish a task, for example, sending a material
requisition note to the stores department. Controls are put in place to ensure the accuracy of such
processes, for example, ensuring that such material requisition was authorized, documented and
reconciled at various stages.
Que 15. What is IFC?
Answer: Internal Financial Controls are the policies and procedures adopted by the company to
ensure:

● Orderly and efficient conduct of business, including adherence to company’s policies

● Safeguarding of assets,
● Prevention and detection of fraud and errors,
● Accuracy and completeness of the accounting records and
● Timely preparation of reliable financial information.
Que 16. Difference between Top-Down Approach and Bottom-Up Approach
Answer: The top-down approach and Bottom-up approach are two popular approaches that are
used in order to measure operational risk.
The top-down approach relies mainly on historical data and analyzes the risk by aggregating the
impact of internal operational failures.
The bottom-up approach analyzes individual risk in the process by using mathematical models and
is thus data-intensive. This method does not rely on historical data. It is a forward-looking
approach unlike the top-down model, which is backward-looking.
The main difference between the top-down and bottom-up approaches is the process's starting
point and focus. The top-down approach prioritizes high-level planning and decision-making,
while the bottom-up approach prioritizes the execution of individual tasks and the development of
detailed knowledge.
Que 17. How do you audit cash and cash equivalents?
Answer: Audit procedures that may be adopted while auditing cash and cash equivalents are:
● Internal Control Evaluation: Ensure reliability of functions such as authorization,

recording, safe custody of cash, cheque books, etc.
● Verification of cash balance: Periodic verification and documents maintained for such
verification, unduly large cash balances, procedures for discrepancies noticed, frequency
of monitoring and follow ups.
● Verification of bank balance: Procedures for verification, examination of BRS, unusually
old balances, confirmations from banks, FDs, treatment of stale cheques, valuation of forex
transactions.
● Examination of valuation and disclosure: Compliance with recognized accounting policies,
practices and statutory requirements.
Que 18. What would you do after internal audit?
Answer: The auditor should discuss discrepancies noticed with the department concerned and
basis management comments received internal auditor should guide company’s management in
taking corrective actions and help in designing adequate controls over the processes. The internal

auditor should also ensure that such corrective actions are in fact being taken through monitoring
and appraisal.
Que 19. What steps would you take before starting an internal audit?
Answer:
● Ensure everyone in the team understands the hierarchy and authority.

● Examine areas of the company that needs to be audited and frequency of the audits.
● Identify the purpose of the audit and internal processes and systems.
● Study the documents that needs to be audited.
● Meet with the team and discuss the plan, scope and purpose of the audit.
Que 20. What are the major responsibilities that an internal auditor is entrusted with?
Answer:
● To maintain adequate system of internal control and provide adequate safeguards against
misappropriation of assets.
● To operate independently and not divest himself of any responsibilities placed on him.
● To observe unusual facts and circumstances and bring them to the notice of the
management.
● To appraise prevailing policies and bring to the notice of management deficiencies as and
when he encounters them.
● To perform his work with independence.
Que 21. How would you as an Internal auditor appraise the organizational structure?
Answer:
● Review the manner in which the activities of the enterprise are grouped for managerial
control
● Examine the organizational chart to evaluate the structure and ensure that no function
enjoys an undue dominance.
● Evaluate the process of managerial development in the enterprise.
● Examine the reasonableness of the span of control of each executive.
Que 22. Mention the things to consider while dealing with cheques and vouchers in internal
audit?
Answer:
● Ensure that there are no missing cheques

● All cheques are recorded in the register
● Vouchers are written for all cheques

● Amount of cheque matches amount on voucher

● Adequate explanation is provided for all expenditures
Que 23. Your take on working with external auditors?
Answer: External auditors can look at the company from the outside. They can spot things and
issues which we as internal auditor may fail to spot. Getting our wok reviewed and working with
external auditors can only help the company in the long run.
Que 24: What would be the first things that you would do if you get this job?
Answer: I’d review the latest audit reports and suggested improvements which would help me
understand the current standing and an insight into how future audits need to be planned.
Que 25. State the key elements in an internal audit report?
Answer:
● An overview of the objectives, scope and approach of the audit assignment

● Internal audit has been conducted in accordance with the standards of internal audit.
● An executive summary covering all important aspects.
● Summary of all corrective actions required for each observation.
● Nature of assurance that can be derived from the observations.
● Scope Limitations, if any.
Que 26. MD of ABC Ltd. is worried about the high attrition rate among the employees, as
the internal auditor you are required to point out the factors that you would consider for the
same.
Answer: Factors responsible for high employee attrition rate could be:
● Job stress/ Work life imbalance

● Policies of management
● Safety factors
● Limited growth opportunities
● Better opportunities in the market
● Low monetary benefits
● Lack of labour welfare schemes
Do check out Internal Audit Master Class for a better understanding of all the concepts
in detail; click on the below link and register for the course:

Que 27. When are the provisions of internal audit attracted?
Answer: As per section 138 of the Companies Act, 2013, read with rule 13 of Companies (Audit
and Auditors) Rules, 2014,
● every listed company;

● every unlisted public company having- (i) paid up share capital of fifty crore rupees or
more during the preceding financial year; or (ii) turnover of two hundred crore rupees or
more during the preceding financial year; or (iii) outstanding loans or borrowings from
banks or public financial institutions exceeding one hundred crore rupees or more at any
point of time during the preceding financial year; or (iv) outstanding deposits of twenty
five crore rupees or more at any point of time during the preceding financial year; and
● every private company having- (i) turnover of two hundred crore rupees or more during
the preceding financial year; or (ii) outstanding loans or borrowings from banks or public
financial institutions exceeding one hundred crore rupees or more at any point of time
during the preceding financial year.
Que 28. State the steps in Procure to pay (P2P) process.
Answer:
● Establish Needs: Purchase teams should evaluate the company’s requirements in various
departments and come up with specification of products that needs to be procured.
● Generate requisition: Once the product specifications have been decided upon, purchase
requisitions are then created. Special care needs to be taken to make sure that all the
administrative processes have been carried out before generating the requisitions.
● Accepting Requisitions: Procurement department reviews the requisition and based on
the available budget and resources approves the requisition.
● Generating Purchase orders: Once the requisition is accepted purchase orders need to be
generated.
● Acceptance of purchase orders: Purchase orders should be checked for accuracy and
validity. Once this is done the approved purchase orders are sent to the vendors.
● Receipt of goods: Once the goods are delivered there needs to be check to ensure that
everything is in place as was ordered.
● Invoice approval and payment: Once the goods received have been verified, the invoice
is sent to the finance department which is then verified by the finance department for
accuracy and genuineness for which payment will be made by the finance department.
Que 29. According to you what kind of strategy and mindset is a pre-requisite for this role?
Answer:
● Clarity w.r.t. scope of audit

● Knowledge of business processes to be audited along with knowledge of accounting,

taxation and ERP used by client
● Good communication with team members
● Relevant factors in directing the team efforts
● A solution driven approach to every task
Que 30. How would you review the custodianship and safeguarding of assets?
Answer:
● Verification of the existence of asset.

● Review whether segregation of duties is in place.
● Review the control system to ensure that all assets are accounted fully.
● Review the means of safeguarding the assets from losses.
● Review the control system for intangible assets.
Que 31. What are the key principles that an internal auditor is expected to apply and uphold?
Answer:
● Integrity
● Objectivity
● Confidentiality
● Professional competence
● Professional skepticism
Que 32. Explain the three lines of defense model for an organization?
Answer:
● First line of defence are the business and process owners i.e. the management.
● Second line of defence lies with the risk management and compliance personnel who
support the management and ensure that the risk and controls are managed properly.
● Third Line of defence is the internal audit which assures the senior management about the
working of the first and second lines of defence.
Que 33. What are the components of internal control as per the COSO framework?
Answer:
● Control Environment
● Risk Assessment
● Control Activities
● Information and communication
● Monitoring

Que 34. The chief audit executive of an organization has dual reporting to the board and the
senior management. Explain.
Answer: Dual reporting means when the report is to two different supervisors. Dual reporting
creates independence of management by aligning reporting relationships with board.
Que 35. List a few indicators (red flags) of possible fraud?
Answer: Few broad indicators of fraud are:
● Discrepancies in accounting records

● Conflicting or missing evidence
● Unusual relationship between auditor and management
● Employee and other TPI (Third Party Intermediary) collusion
● Limitations imposed by management
● Frequent changes in accounting estimates.
Que 36. How can you find Fraud in reimbursement expenses?
Answer:
● Verify whether reimbursement is being done in accordance with the reimbursement policy.
● Verify whether reimbursement details match with the original supporting documents.
● Verify authenticity of transactions to rule out cases of fictitious expenditure.
● Check whether cases of duplicate reimbursements exist.
● Ensure checks are in place and working for inflated expenses if any.
Que 37. A cloth manufacturing company has recently added an online venture, what factors
would you consider in formulating the audit strategy of the company?
Answer:
● Obtain an understanding of the class of transactions of the entity’s operations

● Understanding of how the records are being maintained
● Ascertaining how the information system captures the events and conditions and respective
effect on financial statements
● The procedure by which transactions are initiated, processed, recorded, corrected are
transferred to the general ledger and reported in financial statement
● Controls regarding journal entries, unusual transactions and adjustments.
Que 38. What are the 3 phases in conduct of a Risk Based Audit?
Answer:
● Risk Assessment

● Risk Response
● Risk Reporting
Que 39. What would be your flow while performing the risk assessment process in a
company?
Answer:
● Define business objectives and goals

● Identify events that affect the achievement of business objectives
● Assess likelihood and impact
● Respond and mitigate risks
● Assess residual risk
Que 40. Your junior is seeking information about steps for risk identification how would you
explain him?
Answer:
● Consider the existence of inherent risks in the class of transactions, account balance or
disclosures and whether further audit process is required.
● Assess the nature and effectiveness of the internal control system in place
● Assess the impact of risk on each of the assertions
● Determine the likelihood, impact and significance of each risk
● Document the assertions
● Enquire the management’s response
Que 41. What are the basic accounting control objectives which are sought to be achieved by
any accounting control system?
Answer:
● Whether recorded transactions are real

● Whether all transactions are recorded
● Whether all transactions are recorded timely
● Whether all transactions are properly classified
● Whether all transactions are properly valued
● Whether all transactions are properly posted
● Whether all transactions are properly summarized
● Whether all transactions are properly disclosed
Do check out Internal Audit Master Class for a better understanding of all the
concepts in detail; click on the below link and register for the course:

Que 42. What are the SOPs that you would follow for evaluation of the control environment
Answer:
● Evaluate the existence and effectiveness of an enterprise risk management

● Segregation of job responsibilities
● Job rotation in sensitive areas
● Proper documentation of delegation of financial powers
● Effectiveness and efficiency of IT based controls
Que 43: Explain the flow chart technique for evaluation of the internal control?
Answer: It’s a visual representation of the state of affairs of internal controls in an organization
using lines and symbols. Shows relevant details in a condensed but meaningful manner. It is a
concise way of reviewing internal controls and evaluate findings. MS Visio is a common software
through which flowcharts are made
Que 44. State the inherent limitations of internal control systems?
Answer:
● The potential for human error

● Less effectiveness against unusual transactions
● Manipulation and override of control by management
● Management’s consideration that cost of internal control exceeds the benefits that accrue
from having an internal control system
● Circumvention of internal controls through collusion
Que 45. Why is there a need for internal checks?
Answer: The answer can be along the lines of:
● To detect error and frauds with ease

● To avoid and minimize possibility of commission of errors or fraud by staff
● To increase efficiency of staff working in the organization
● To prevent embezzlement of cash and falsification of accounts
● To strengthen the internal controls for maximizing organization’s operating efficiency
Que 46. How should the internal control be designed of an entertainment center where
primary collections are made in cash?
Answer:
● The system shall ensure that all advance bookings are paid for
● Sale of tickets should take place from central ticket office

● Discounts should be in accordance with the authorized discount policy and any
circumvention shall be detected
● Daily cash collected shall be reconciled with the tickets sold.
● Cash should be deposited in bank in a timely manner and should be under proper custody.
Que 47. How would you identify risks associated with IT systems?
Answer:
● The auditor should understand and document each of the business process in narratives or
flowcharts
● Identify processes and areas that could lead to risks.
● Analyze the possible risks and impact that it may cause
● Prioritize risks based on the probability of them materializing
Que 48. What are Direct and Indirect ELCs?
Answer: Direct ELCs operate at a business process or sub process levels to prevent, detect, correct
a misstatement in a timely manner whereas indirect ELCs cannot be directly attributed to a specific
business process or a sub process level but help and support the Direct ELCs and other control
activities. (ELCs: Entity level control)
Que 49. If an ageing report is pulled from SAP based on which provisioning is calculated by
accounting personnel and approved by the financial controller what type of control would it
be?
Answer: IT Dependent manual control as ageing report is relied upon for calculation of
provisioning for debtors.
Que 50. What would you do post completing an audit?
Answer: Meet with the auditees, point out what was done well, what were the non-conformances,
make sure that the auditees understand the non-conformances and causes and implementation of
corrective actions. Prepare and furnish the report in a timely manner. Monitor and ensure the
corrective actions are taken before the deadline agreed upon. Help them if needed and also take
feedback on how our audit team performed.
Que 51. What does an internal audit charter contain?
Answer: It describes the objectives, independence, scope, responsibilities, accountability,

authority of the internal audit function. It contains details regarding delegation of authority to
ensure smooth functioning during an audit.
Que 52. According to you how is a career in internal audit different from other type of
careers in accounting and finance?

Answer: Here you may tell about your knowledge and your view on the domain. Internal auditors
have a unique role in the organization it’s essential that you bring out and justify this along with
what made you choose this career and what you enjoy about it.
Internal Audit is different from traditional work fields like Stat Audit, Taxation & Finance; herein
one gets in depth knowledge of different business processes and also gets the exposure to work on
various data analytical tools.
Que 53. How do you stay updated with the changes in auditing regulations and the industry?
Answer: Internal auditors must be up to date and knowledgeable about the latest changes and
regulations in their fields. Here you may share resources and methods that you use to stay updated
and learn more about the domain. The interviewer here wants to make sure that you have a plan to
keep your skills up to date.
Que 54. How Does the Internal Audit Differ from An External Audit?
Answer:
Basis Internal Audit External Audit
Meaning Continuous function Audit function by a

performed by internal audit department which is not a part
department. of the organization.
Examination Examination of operational Examination of accuracy and

efficiency of the organization. validity of Financial
Statements.
Appointment Appointed by the management Appointed by the

members/shareholders
Users of Reports Management is the primary Stakeholders are the users.

user.
Period Continuous process Usually once a year
Status of auditors Internal auditors could also be External audit cannot be

from within the company conducted by persons within
the organization.
Do check out Internal Audit Master Class for a better understanding of all the concepts in

Que 55. If a client is upset with you for a mistake you’ve made how would you approach this
situation?
Answer: Acknowledge the mistake and empathize with them. Assess the impact on the audit and
how to minimize the impact. Find and communicate on how and to what extent can the error be
fixed.
Que 56. What according to you are the most significant challenges faced by businesses when
it comes to compliance and risk management?
Answer: Internal auditors are expected to identify and address the challenges faced by the
organization, here you would be expected to demonstrate your knowledge on compliance issues
and how you approach them. Example of a challenge could be not having a formalized risk
management process which makes it difficult to identify the risks that the business is exposed to
and how to mitigate such risks. Internal auditors can perform the audit, evaluate the results and
help develop the processes. The businesses then can use such results to formulate policies to reduce
such risks.
Que 57. How do you conduct internal audit for P2P process?
Answer:
● Identify and establish objectives: The goals that need to be achieved at the end of the
audit need to be clear. Goals should be quantifiable and measurable. More measurable the
better.
● Reconcile the purchase orders and the resulting transactions: This needs to be done to
bring out the discrepancies that may exist in the P2P process.
● Gauge the supplier’s selection: This could be done by ranking the suppliers based on
quality, timeliness, payment terms, overall efficiency etc. Also, evaluating other suppliers
available and minimizing the single source procurement situations
● Evaluate purchase and finance function: There needs to be active communication and
liaison between these two functions to achieve overall efficiency in P2P process.
● Compare budget and actual: Comparison of the actual expense and budgeted expenses
related to purchase would determine if the end goal is being achieved.
Que 58: Give us a brief about the Order to Cash(O2C) process
Answer: Order to Cash(O2C) is the entirety of the company’s sales process, everything from
receiving the order to fulfilling it is covered under the O2C process.

Que 59: Can you state the steps in O2C process?
Answer:
● The O2C process is initiated when the customer places an order for purchase with the
company.
● The customer order is recorded.
● The order is processed or the services are arranged.
● Order is delivered or services are rendered.
● Invoice is generated and sent to the customer
● Customer makes the payment which is then collected by the company
● Payment is recorded in the company
Que 60: How can internal audit make the O2C process more efficient?
Answer:
Setting standards in the process makes sure that the efficiency is maintained. Efficiency can be
measured in terms of the O2C cycle time reduced, increase in cash and working capital.
Support from existing systems. Other existing systems should be integrated to work with the O2C
cycle thereby creating synergies and increasing the efficiency of the O2C process.
Since auditing continuously evaluates the processes, any discrepancies noticed in the cycle can be
promptly corrected and hence the process can work smoothly and improve productivity issues
swiftly.
Que 61. What do you understand by Hire to Retire (H2R) process?
Answer: Hire to retire is a HR process that encompasses everything that needs to be done during
which the person is an employee of the company. Every process from hiring them up until when
they retire.
Que 62. What would you check while auditing the HR department?
Answer:
● Management functions such as whether HR goals are aligned with the organization, is the
working time clearly defined, whether there’s proper communication between HR and
other departments.
● Recruitment related areas like whether each position have a proper job role description, are
such descriptions up to date, are openings offered to existing employees, whether there’s a
check on employee turnover .
● Onboarding related things such as, whether onboarding documents are properly done,
employees are properly trained etc.

● Whether there’s a policy for appraisal, whether policies are properly communicated with
the employees
● Whether trainings are conducted to keep employees’ skills up to date, whether there’s a
well-established feedback mechanism
● Whether personal documentation is properly done.
Que 63. What according to you should be the internal controls over fixed assets?
Answer:
● Purchase order shall be issued and approved according to the policies

● Receipt of asset and preparation of receipt report should be verified
● Receipt of an invoice from a vendor
● Reconciliation of the vendor invoice to the related receiving report and purchase order
● Authorization of the payment of the vendor invoice
● Issuance of a check for payment of the vendor invoice
● Posting of the entry in the equipment sub-ledger
● Posting of the equipment sub-ledger activity to the related general ledger control accounts.
Que 64. What type of information should be protected by IC as per SOX?
Answer: Information that is not required to be disclosed to general public should be protected,
controls need to be in place to ensure that there’s no unauthorized disclosure of such information
either.
Que 65: Suggest some internal control processes for inventory.
Answer:
● Inventory records should be properly maintained and periodically verified

● Receipt of inventory should be verified
● Person receiving the inventory should not be the same as the custodian of inventory
● Ensure the documentation is accurate and preserved for future uses
● Inventory should be stored in a safe place and access to such area should be for authorized
personnel only.
Que 66. What do you understand by IT controls?
Answer: An IT control is a control that ensures that the IT being used by the organization is
operating as intended and the data being maintained is accurate and reliable and compliant by the
relevant IT regulations within which it operates.

Que 67. What are some benefits of the Sarbanes Oxley Act?
Answer:
● More confidence in CEO/CFO in meeting reporting requirements

● Better coordination of Company Management Team
● Improved Corporate Governance process
● Systematized process for early identification of business risks/ whistle blowing
issues/incident management
● Systematized approach to dealing with change (i.e., transactions, personnel, accounting
principles, internal controls and operating procedures)
● Increased operational effectiveness
Que 68: Give some examples of typical Internal Control Procedures.
Answer:
● Independent checks on performance

● Proper procedures for authorization
● Segregation of duties
● Proper maintenance of records and documents
● Proper physical control over assets and records
● Hiring the right personnel
Que 69. State some examples of preventive internal controls?
Answer:
● Segregation of duties
● Dual cheque signing authority
● Purchase policy
Que 70. List some control activities that you would use for assets.
Answer:
● Periodic asset counts

● Use of perpetual records
● Reconciliation of accounting records to perpetual records
● Thorough investigation of discrepancies
● Periodic summaries of inventory usage
● Proper authorization of purchases

Que 71: Why do you think monitoring of internal controls is important?
Answer: Monitoring ensures that the internal control system is functioning as anticipated. This
helps to ensure that the system is running smoothly and efficiently, providing the necessary
safeguards to protect the organization's assets. Managers should regularly monitor their respective
areas and individual employees should monitor their workstations to ensure that the control system
is reliable and effective. By performing these ongoing monitoring activities, managers and
employees can ensure that the control system is functioning as intended. Monitoring is a detective
control that helps to detect losses, errors, and irregularities. It is an invaluable tool for ensuring
accuracy and preventing potential issues. By keeping a close eye on operations, organizations can
quickly identify and address any discrepancies that may arise.
Que 72: Can you enlist some examples that you may have seen for management override of
control?
Answer:
● Back dating or forward dating documents to a different period.

● Making adjusting entries during the financial reporting closing process.
● Reclassifying items improperly between the statement of activity and the statement of
financial condition.
Que 73. What would be some general IT safeguards that you think that an organization
should have?
Answer:
● User access tracking.

● Tracking data inserts, modifications, and deletes.
● Limiting access to necessary system areas.
● Keeping user id’s and passwords secure.
● Periodically testing security roles.
Que 74. What do you understand by Business continuity plan (BCP)?
Answer: BCP encompasses Solution Design, Implementation, Testing, and Organization

Acceptance, Maintenance, as well as Information Update and Testing, Technical Solution
Verification, and Testing and Verification of Organization Recovery Procedures. BCP is a critical
component of Disaster Recovery Planning.

Que 75. Suggest some controls that should be existent in the sales cycle?
Answer:
● Restrictive endorsements are placed on checks and a list of payments received is prepared.
● Payments received list is verified against daily deposit and cash receipts journal.
● Pre-numbered transactional documents are prepared for each sale transaction.
Statements/billings are generated at least monthly.
● Personnel independent of the sales cycle review/authorize customer discounts, refunds, and
credit memos.
● Aged accounts receivable is reviewed by supervisory personnel at least monthly.
Que 76. How should segregation of duties work in Finance and accounts?
Answer: The segregation of cash receipt handling and accounting is essential to ensure that all
control objectives are met. Adequate segregation of duties minimizes the risk of errors, both
intentional and unintentional, going undetected by providing an accounting check over the receipt
of cash. For instance, those responsible for handling cash receipts should not have the authority to
prepare or sign cheques, should not have access to accounting records, and should not be involved
in reconciling bank accounts.
Que 77. How would you audit an executive bonus program of an organization?
Answer:
● Obtain written documentation on the bonus program. Review goals and targets and
compare to entity’s strategic goals. Determine that the program has been properly reviewed
and approved.
● Document processes and controls involved in tracking, computing reporting, and paying
bonuses.
● Perform analytical review of performance against program targets. Determine whether or
not a bonus should have been paid for each applicable period.
● Recalculate expected bonus percentages based on plan documentation. Obtain
confirmation that bonuses paid were accurate based on this calculation.
Que 78. Can you explain what business disruption risk is?
Answer: Business disruption risk assesses the consequences of a system failure or disaster
situation that renders a function or activity inoperable. It takes into account the impact on both
Company customers and other Company operations. Such an event could have far-reaching
implications, so it is essential to consider the potential risks and plan accordingly.

Que 79. What do you understand by float risk?
Answer: Float risk considers the opportunity cost of lost revenues if funds are not processed or
invested promptly. This risk also takes into account the additional expenses incurred if obligations
are not met in a timely manner. Receivables, payables, and suspense accounts are all subject to
float risk.
Que 80. What is data integrity risk?
Answer: Data integrity risk addresses the potential consequences of using inaccurate data to make
inappropriate business or management decisions. This risk also considers the impact of incorrect
customer information, such as account balances or transaction histories, as well as the potential
repercussions of using inaccurate data in payments to and from external entities. The release of
inaccurate data outside the company to customers, regulators, shareholders, the public, etc. could
lead to a loss of business, possible legal action, or public embarrassment.
Que 81. What are the general considerations of the internal auditor with respect to EDP/IT
Department?
Answer:
● Is there a separate EDP department within the Company?

● Is there a steering committee and their duties and responsibilities for managing MIS are
clearly defined?
● Has the Company developed an IT strategy linked with the long- and medium-term plans?
● Is the EDP Department independent of the user department and in particular the accounting
department?
● Are there written job descriptions for all jobs within EDP department and these job
descriptions are communicated to designated employees?
● Are EDP personnel prohibited from having incompatible responsibilities or duties in user
departments and vice versa?
● Are there written specifications for all jobs in the EDP Department?
● Are the following functions within the EDP Department performed by separate sections:
System design, Application programming, Computer operations, Database administration,
Systems programming, Data entry and control?
Ques 82. What is the difference between Due Diligence and Audit?
Answer: Audit is an independent examination and evaluation of the financial statements of an

organization with a view to express an opinion thereon. Whereas, due diligence refers to an
examination of a potential investment to confirms all material facts of the prospective business
opportunity. It involves review of financial and non- financial records as deemed relevant and
material.

Ques 83. What does internal audit documentation help in?
Answer:
• Aid in planning and performing the internal audit.

• Aid in supervision and review of the internal audit work.
• Provide evidence of the internal audit work performed to support the internal auditor’s findings
and opinion.
• Aid in third party reviews, where so done.
• Provide evidence of the fact that the internal audit was performed in accordance with the scope
of work as mentioned in the engagement letter, SIAs and other relevant pronouncements issued by
the Institute of Chartered Accountants of India.
Ques 84. In how many days the internal audit file should be assembled?
Answer: The internal audit file should be assembled within sixty days after the signing of the
internal audit report.
Ques 85. What sort of changes can be made in the internal audit file? Give examples.
Answer: Changes may be made to the audit documentation file only if such changes are
administrative in nature. For example:
• deleting or discarding superseded documentation;
• sorting, collating and cross-referencing internal audit documentation;
• signing off on completion checklists relating to file assembly process;
• documenting audit evidence that the internal auditor has obtained, discussed and agreed with the
relevant members of the internal audit team before the date of the internal auditor’s report.
Ques 86. What should the Executive Summary paragraph of the internal auditor’s report
indicate?
Answer: The Executive Summary paragraph of the internal auditor’s report should clearly indicate
the highlights of the internal audit findings, key issues and observations of concern, significant
controls lapses, failures or weaknesses in the systems or processes.
Ques 87. What should the Action Taken Report paragraph of the internal auditor’s report
include?
Answer: The Action Taken Report paragraph should be appended after the observations and
findings and should include:

(a) Status of compliance / corrective action already taken / being taken by the auditee with respect
to previous internal audit observations;
(b) Status of compliance / corrective action not taken by the auditee with respect to previous
internal audit observations and the reasons for noncompliance thereof; and
(c) Revised timelines for compliance of all open items in (b) above and fixation of the
responsibility of the concerned process owner.
Ques 88. What should be the frequency of external quality review?
Answer: The frequency of the external quality review should be based on a consideration of the
factors such as the maturity level of the internal audit activity in the entity, results of the earlier
internal audit quality reviews, feedbacks as to the usefulness of the internal audit activity from the
customers of the internal audit, costs vis a vis perceived benefits of the frequent external reviews.
The frequency should not in any case be less than once in three years.
Ques 89. What are the key activities in Process Risk and Control Assessment?
Answer:
• Identify Standard business risks.

• ‘What if analysis’ or ‘what can go wrong’ – Gross risk identification.
• Identify mitigating controls, if any.
• Identify non-value add, iterative and duplicate activities in process.
• Adopt ‘Lateral Thinking’ approach to challenge approaches followed for executing business
activities.
• Identify areas for business improvement opportunities, if any.
• Document the identified risk and control into a Risk and Control Matrix (RCM).
Ques 90. Is Risk-based Internal Audit better or Traditional Audit, Why?
Answer: The Risk-based Internal Audit is superior to traditional audit approaches for two reasons.
First, it focuses on risks, the underlying causes of financial surprises, not just the accounting
records. Secondly, the Risk-based Internal Audit shifts the focus from inspecting the quality of the
financial information that is recorded in the financial statements to building quality into the
financial reporting process and adding value to the organization's operations.
Ques 91. What are the two primary questions to consider when evaluating the risk inherent
in a business function?
Answer: The two primary questions to consider when evaluating the risk inherent in a business
function are:
• What is the probability that things can go wrong? (the probability of one event)

• What is the cost if what can go wrong does go wrong? (the exposure of one event) Risk is
evaluated by answering the above questions for various risk factors and assessing the probability
of failure and the impact of exposure for each risk factor. Risk is the probability times the exposure.
Ques 92. What are the risk factors inherent in business include?
Answer: The risk factors inherent in business include the following:

● access risk
● business disruption risk
● credit risk
● customer service risk
● data integrity risk
● financial/external report misstatement risk
● float risk
● fraud risk
Ques 93. What are the most common internal control weakness in an organization?
Answer: Most common weaknesses we see in organizations are:

• Philosophy- understood but not written, open to misinterpretation;
• Roles and responsibilities- responsibilities are not explicit throughout the organization;
• Risk to delivering performance- some form of risk profiling, but often divorced from
practical reality of doing business;
• Performance appetite- lack of understanding of the organization's appetite for risk taking;
• Summary of performance and risk effectiveness- boards do not receive the right
information, either too little or too much;
• Behavior- disincentives exist which lead employees to behave in a dysfunctional manner.
Ques 94. What is Risk Management Framework?
Answer: The totality of the structures, methodology, procedures and definitions that an
organization has chosen to use to implement its risk management processes.
Ques 95. With what view the internal quality review framework should be designed?
Answer: The internal quality review framework should be designed with a view to provide
reasonable assurance to that the internal audit is able to efficiently and effectively achieve its
objectives of adding value and strengthening the overall governance mechanism of the entity,
including the entity’s strategic risk management and internal control system.

Ques 96. What does the scoping document made at the planning stage of internal audit
agreement include?
Answer: The scoping document contains the following:

• Objective- what the project aims to achieve,
• Scope- the magnitude and boundaries of activities, objectives and exposures to be revie-wed,
• Proposed timeline for the completion of the work,
• Scoping document can also include the results from any previous internal audit or any other
independent reviews, and
• Additional information on recent events may also be included in the scoping document.
Ques 97. What are the steps in construction and selection of sample?
Answer. Key steps in the construction and selection of a Sample include:

• Determine the objectives of the internal audit.
• Define the population to be sampled.
• Determine the sampling methods.
• Calculate the sample size.
• Select the sample covering population from the whole review period and high value
transaction.
Ques 98. What are the Advantages of CAATs (Computer-assisted audit Tools)?
Answer. CAATS offers the following advantages: ▪ Reduced level of audit risk. ▪ Broader and
more consistent audit coverage. ▪ Faster availability of information. ▪ Improved exception
identification. ▪ Greater opportunity to quantify internal control weaknesses. ▪ Cost savings over
time.
Ques 99. What are the 2 types of internal audit procedures?

Answer. There are two types of internal audit procedures:
• Tests of Design is to evaluate the control design to ensure that the design is robust to manage or
mitigate the risk in a complete and comprehensive manner. To test design, we take one transaction
for each type of activity and trace it through each control step and activity.
• Tests of effectiveness confirms whether key internal controls identified during business process
analysis are in existence and are operating as intended. To test effectiveness, we select a sample
of transaction to test whether they follow the design in consistent manner.

Ques 100. How will the Risk-based Internal Audit Approach would add value to the entity?
Answer: The Risk-based Internal Audit Approach would add value to the entity by:
• Addressing risks affecting the entity and their financial reporting;
• Providing services that help the entity manage its business and risks;
• Communicating with the entity on important issues;
• Improving identification of financial statement misstatement;
• Improving assessment of the entity’s business viability;
• Improving identification of fraud; and
• Improving quality and timeliness of reporting.
Ques 101: Explain RBIA Process.
Answer: Risk based internal auditing (RBIA) is a methodology that links internal auditing to an
organization’s overall risk management framework. RBIA allows internal audit to provide
assurance to the board that risk management processes are managing risks effectively, in relation
to the risk appetite.
The key work steps in RBIA are listed hereunder:
1. Risk Identification
2. Risk Assessment
3. Risk Management
4. Risk plan and implementation
5. Risk reporting, review and evaluation.
Que 102: What is ICFR Testing?
Ans: ICFR testing is performed by both the company and its auditor to test internal controls over
financial statements. Auditors use larger sample sizes later in the year to test internal control
procedures, as required by the PCAOB. Companies assess risk and the control environment for
testing strategies and implement continuous monitoring.
Que 103: What is the difference between ICFR and IFC?
Ans: The main difference between ICFR (internal control over financial reporting) and IFC
(internal financial control) is that IFC is much more comprehensive than ICFR, which specifically
relates to financial reporting internal controls.
Que 104: What are the key components of an RCM (Risk & Control Matrix)?
Ans: The key components of RCM are listed hereunder:
 Control No

 Process
 Sub-Process
 Risk
 Control Objective
 Control Description
 Key Control / Non-Key-Control
 Control Frequency
 Nature of Control (Manual / IT / Automated)
 Type of Control (Preventive / Detective)
 Financial Statement Assertion addressed
 Control Owner
Que 105: What are the Audit Assertions?
Ans: The Audit Assertions to be checked in Internal Controls are listed hereunder:
 Rights & Obligations

 Occurrence
 Existence
 Completeness
 Cut-Off
 Accuracy
 Valuation & Allocation
Que 106: Can one control satisfy more than one assertion at the same time?
Ans: Yes, a particular control may satisfy one or more than one audit assertion at the same time.
For e.g., Physical Verification control of Fixed Assets at year-end will cover Existence &
Valuation and Allocation assertions at the same time.

Case Scenario Questions
Note: Small case scenarios might also be put up in interview, and any case scenario doesn't
have a unique one solution. Each case scenario may have multiple approaches, only the mindset
of the candidate is tested in the same
Que 107: A large size service-based industry is having employee population of more than
10,000 personnel and the employees are operating from various client locations or even using
client laptops for the work or doing work from home. There is no biometric attendance or
process of daily attendance recording. Employees weekly submit their timesheets in the
system.
There is a ghost employee (who not actively works on client engagements) and is supported
by all key management people and even HR. All documentation is perfect, weekly timesheet
is regularly submitted, education and experience documents are genuine and in case the
employee is called at office that he / she will also turn up. How will you as an auditor figure
out that ghost employee
Ans: Here the main problem is widely scattered huge employee population, we will first take
system activity report from IT Team and lower down the population to a small size to figure out
who are the people which are not regularly using their office systems
When we get the details of people who are not actively using their system then we will proceed on
other work steps like checking their deployment on projects and even having a work with the
project managers or even with the client to figure out the ghost employee.
Other things which company should check:
1. Require background checks for all accounting employees before hiring.

2. Keep detailed and accurate personnel records.
3. Segregate payroll steps so no one person has authority over payroll preparation, disbursement,
and distribution.
4. Audit so you can spot paychecks without deductions for taxes or Social Security.
5. Eliminate paper paychecks and use direct deposits to make it difficult to forge checks.
6. Regularly check payroll records and look for things such as duplicate names, addresses, bank
accounts, and Social Security numbers.
7. Even if you use direct deposit, try to hand-deliver paychecks every two months and ask for
positive identification so you can discover leftover paychecks.
8. Run payroll budget reports to spot variations and discrepancies where you see higher-than-
budgeted labor costs.
9. Reduce the opportunity for fraud by introducing an online paperless system with customizable
security levels to keep your most sensitive data protected.
10. Use in-house automated audit software to catch suspicious activity related to ghost payroll.

Que 108: A manufacturing entity is procuring a bulky raw material which is not easy to be
lifted by an individual. The logistics arrangement is made by their authorized vendors. The
good receipt system entry at the warehouse is done by the contractual labor.
During the mid-year physical verification, a large quantity of this bulky material was
missing. How as an investigator will you proceed on this case?
Hint: Here the material is very bulky and so pilferage can’t be done by few individuals. Either the
warehouse management is involved in facilitating these material pilferages or the material has
never reached warehouse and good receipt entry was faked initially.
Lifestyle check of contractual labor doing good receipt entry should be made and check for
availability of the pilfered material in local markets as there seems to be a collusion between
warehouse employees and logistics vendor employees.
Que 109: A manufacturing entity is procuring goods from a vendor who is providing raw
material as well as doing job work on the same material. The vendor raises monthly invoice
for the goods supplied and job work done.
The management of the entity is suspicious of excess payment being made for the raw
material. How as an investigator will you proceed on this case?
Hint: Here the material receipt entry must be made in the system basis confirmation from vendor
of goods being used in job-work and then NRGP (Non-Returnable Gate Pass) entry will be made
for the goods being sent out for job-work.
Basis the reconciliation of goods being produced by using that raw material and goods procured
the time period in which probable excess procurement was facilitated should be highlighted.
Discuss with vendor on usage of raw material in job work in the suspected period and look out for
possibility of recovery if excess supply was claimed by vendor.
Note: If you are going to apply or sit for interview of Internal audit please be ready to travel.

AUDIT Interview

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AUDIT Interview

Uploaded by

Copyright:

Available Formats

Om Namah Shivaya

101 Statutory Audit Interview

By CA Shivam Palan (IIMI)

Reading Material for CA Monk Statutory Audit Master Class

Title: The 101 Statutory Audit Interview Questions & Answers

Author’s Name: Shivam Palan

Published by: Shivam Palan

ISBN No: (Application Reference numbers) Copyright: © CA Monk

Price: Rs. 2499

All disputes are subject to Gondia jurisdiction only.

CA Monk Statutory Audit Master Class || By CA Shivam Palan 2

Statutory Audit in India

CA Monk Statutory Audit Master Class || By CA Shivam Palan 3

CA Monk Statutory Audit Master Class || By CA Shivam Palan 4

Technical Questions for Statutory Audit Questions

1. What are Audit Assertions/Financial Statements Assertions ?

2. What are Transaction level assertions?

There are five types of transaction-level assertions:

3. What are account balance assertions ?

CA Monk Statutory Audit Master Class || By CA Shivam Palan 5

Determining materiality involves the exercise of professional judgment. A percentage is

Materiality are of 3 types:

6. What is the applicability of CARO 2020?

It shall apply to every company including a foreign company except

CA Monk Statutory Audit Master Class || By CA Shivam Palan 6

(iv) a One Person Company and a small company

Particulars CARO 2016 CARO 2020

No format If title to all immovable property is disclosed in

CA Monk Statutory Audit Master Class || By CA Shivam Palan 7

Not provided Also report if the company is said to be

CA Monk Statutory Audit Master Class || By CA Shivam Palan 8

Special Purpose Report: A special-purpose financial report is intended for presentation to

CA Monk Statutory Audit Master Class || By CA Shivam Palan 9

● Reporting to Central Goverment: As per Section 143 of Companies Act, 2013 if

1. Identification of the contract.

12. Explain the concept of cut off procedure?

CA Monk Statutory Audit Master Class || By CA Shivam Palan 10

● List of all bank accounts should be obtained from client

● Journal entries made to unrelated, unusual, or seldom-used accounts.

CA Monk Statutory Audit Master Class || By CA Shivam Palan 11

17. Applicability of IND AS on the companies?

● All the Listed Companies are required to apply IND AS

CA Monk Statutory Audit Master Class || By CA Shivam Palan 12

● Summarise the payregister on a month wise basis.

CA Monk Statutory Audit Master Class || By CA Shivam Palan 13

A non-response to a confirmation request may indicate a previously unidentified risk of

25. What do you mean by walkthroughs and control testing?

A walk-through test is a procedure used during an audit of an entity's accounting system

A test of controls is an audit procedure to test the effectiveness of a control used by a

CA Monk Statutory Audit Master Class || By CA Shivam Palan 14

Major disclosure which are required in note 1 of the financials are:

28. What is TOC & TOD?

29. What is the difference between contingent liability & provisions?

Provision Contingent Liability

Provisions are liabilities which are Contingent liability is a possible

CA Monk Statutory Audit Master Class || By CA Shivam Palan 15

Provision Contingent Liability

30. What are non-balance sheet items?

Journal for bad debts

Journal for provision for bad debts

CA Monk Statutory Audit Master Class || By CA Shivam Palan 16

33. What is Inherent risk & Control risk

This term refers to susceptibility of an account to a material misstatement, regardless of

34. What is Detection risk?