Professional Documents
Culture Documents
INTRODUCTION
The Risk Based Internal Audit Tool devised in excel is compatible only in Microsoft Excel 2007
and above.
The tool is protected and only selected cells are open to users for punching of data.
The users are advised not to alter or tamper with the tool and use only the specified cells for
preparing the audit report under the new format.
WORK FLOW
Following is the suggested workflow under the new format for the user-
1. Branch Profile
2. Business Risk Checklist
3. Control Risk Checklist
4. Risk Matrix – Last RBIA Score
5. Forex, if any
6. Currency Chest, if any
While working on the checklists aforementioned, the user may simultaneously fill the following
sheets -
a. Appendices
b. Revenue Leakage
c. Statement of charges
On completion of the above, the following worksheets get automatically filled up-
1. Coversheet
2. Certificate
3. Business Risk Scorecard
4. Control Risk Scorecard
5. Forex Scorecard
6. Risk Matrix
7. Trends
The user need not work on the automatic filled up sheets.
Subsequently, the user may fill the following worksheets to complete the risk based audit-
1. Flash Report
2. Ex- Summary
3. Risk Mitigation Steps
4. Exit Meeting
5. MAP
6. Index- change Pg nos need based
PAGE-TO-PAGE GUIDANCE
Cover Sheet
By default, page numbers are mentioned but if the user utilizes more worksheets then he may
change the page number order. He may also add new headings by inserting rows in Row 46.
Certificate
The certificate gets generated automatically. However, the user and branch manager needs to
sign the hard copy.
Flash Report
Although the Flash Report is to be submitted along with the RBIA Report, however, if the
inspector finds some glaring irregularities in the working of the branch, he may send the special
flash report at that point of time as well.
The inspector can increase the row size in this sheet if the information he is providing exceeds
the existing row size.
Executive Summary
The basic data of the branch is already filled in by the user in branch profile and will flow
automatically to the executive summary. For eg- Branch Name, Branch Code, Zonal Office,
Total Deposit Figures, Advances Figures, Income/Expenditure Figures, Recovery Figures, etc.
Certain cells have a facility of selecting an option from drop down list which get indicated as
soon as the cursor falls on it. To select an option from the drop down list, the user may click the
drop down menu ‘button’ on the right hand corner of the cell with such a list and then select the
relevant option for the branch under audit.
He may also use keys “Alt+ Arrow Down” to select the appropriate option from the drop down
list.
Branch Profile
The user is to fill this sheet cautiously as the information provided in this sheet will flow to the
other worksheets like Business Risk Checklist, Control Risk Checklist, Certificate, Ex-Summary,
Coversheet, etc.
Highlighted fields worked in the sheet are to be filled in compulsorily as the information will
either flow into the other worksheets or it will allot marks in the Business Risk & Control Risk
Checklist.
Caution
Any compulsory field left blank may not allot the desired marks to the branch and may lead to
incorrect classification of Risk Profile.
Certain cells have a facility of selecting an option from drop down list which get indicated as
soon as the cursor falls on it. To select an option from the drop down list, the user may click the
drop down menu ‘button’ on the right hand corner of the cell with such a list and then select the
relevant option for the branch under audit.
He may also use keys “Alt+ Arrow Down” to select the appropriate option from the drop down
list.
Protected Cells
The user will not be allowed to punch data in the protected field and we suggest the user to not
intervene in the functionality of the protected cells.
The fields in the branch profile meant for numeric fields are restricted for numeric values and the
user should not try to punch characters or other special characters to such fields.
The user should fill in all the cells open to them and not leave anything blank as far as possible.
Business Risk & Control Risk Checklist
The marks to highlighted risk areas will automatically get allotted on the basis of information
provided in branch profile provided the user has filled up all the specified cells as the chart given
below.
By selecting ‘NA’ option for a particular risk area, the maximum applicable marks shall get
reduced to zero and the marking will be done proportionately.
Cells which do not flow from Branch Profile or are not based on statistical data of the branch
should be given marks as follows-
1)The user is required to punch in his sample size in the column ‘No. of items checked’ and the
deviations noted in the column ‘No. of Deviations’ so as to enable the system to automatically
allot marks proportionately.
The deviation size cannot be more than the sample size and the user should first fill up the
sample size before filing up the deviation size. Both these columns are numeric fields, thus, the
user to punch in only numeric values into these columns.
The deviations noted should form part of the appendices. New appendix may be inserted
preferably at the end of the report so that the existing page numbers are retained if the need
arises.
The user only needs to select either Yes, No or NA to provide appropriate marks pertaining to
that risk area.
Generally, No, will give Zero marks, Yes, will give full marks and NA, will reduce the
maximum applicable marks to Zero unless otherwise specified vice versa in a particular Risk
Area.
The major positive and negative factors may be detailed in area specified specifically for the
same at the end of each risk profile.
The information thereby provided may be used to form ‘ Monitorable Action Plan(MAP)’.
In case of Response time and Fraud Detection and recovery in the fraud cases, the option given
are a,b,c,d,e which may be selected as per parameters given in the particular columns.
Compliance of various audit reports by the branch highlighted in green in cell nos (C,D,E-324 to
327) should be mentioned by the inspector which will flow to Executive Summary point 33.
This scorecard is a summary of scores allotted in Business Risk Checklist and Control Risk
Checklist. The user need not work on this sheet.
Risk Matrix
The user is required to fill score awarded in last RBIA Report. The current RBIA score will flow
from Business Risk Scorecard and Control Risk Scorecard.
The matrix will highlight the composite risk profile of the branch as per the scores allotted. The
user need not select the composite risk profile in the matrix given.
Trends
The trends will be calculated as per the information provided by the user for last RBIA and
marks allotted in current RBIA. The trend will get highlighted in the table automatically without
user intervention.
Variation of marks ( Business Risk /Control Risk) in the same category upto + 3% or -3% of the
marks obtained in Last on-site audit, indexed to 1000 as explained above, shall be considered as
STABLE. Variation of marks in the same category more than this will be considered as
decreasing/ increasing as the case may be.
By default, the sheet is marked ‘NA’ (Not Applicable). The authorized branch may select all the
columns as applicable before working on this work sheet.
Marking criteria is based on sample size and deviation size. Please refer to business risk checklist
and control risk checklist for further details.
This scorecard is a summary of scores allotted in Foreign Exchange Checklist. The user need not
work on this sheet.
The user only needs to select Yes, No, NA (Not Applicable) relevant to the branch under audit.
A brief description regarding non-compliance of the code, if any be mentioned at the end of the
sheet in the space provided.
Currency Chest
By default, the sheet is marked ‘NA’ (Not Applicable). The authorized branch may select all the
columns as applicable before working on this work sheet.
Marking criteria is based on sample size and deviation size. Please refer to business risk &
control risk checklist for further details.
Tax Certificate
Two rows below each certification statement is open to user to comment upon.
He may also give his observations in point wise deviations, specifically provided towards the end
of the sheet.
Revenue Leakage detected & recovered during the period under audit may be reported in
Revenue Leakage and Statement of Charges Sheet. The inspecting officer should sign the hard
copy of this worksheet.
Appendices 1 to 20
Any irregularities observed in the branch under audit be reported under the specific appendix
allotted.
The user may insert rows if the data exceeds the rows provided in the format.
The user is allowed to increase the row size depending upon his requirement.
Visit Report
Multiple sheets can be created by user which is explained under the head special commands
SPECIAL COMMANDS