Auditing in Bangladesh

AUDITING: THE MOST RELIABLE ECONOMIC GUARD
INTRODUCTION
In todays society the exercise of an auditors to the economic and ethical
leadership sets the bounding standard or in other words equips an auditor
in such a way that recognizes him as a reliable body. With the growing
conscious recognition of the importance of financial data in the ordering of
everyday business and economic life, the need of basic economic facts is
providing
constantly
enlarging
opportunity
for
the
accounting
profession. The auditors' reports have an especial capacity to fulfill the

need for reliable and authoritative financial material not only because of
the reputation or prestige of the certified statements, but also because of
the significance generally attached by the business man to the functions
of the auditor and his reports. These functions, and the scope of these
reports, have in the past been definitely related to the character of and
changes in business activity.
Audits and reviews are basically procedures performed on the financial
statements of a company, for the purpose of determining whether the
financial statements include any material misstatements. Misstatements
are essentially wrong numbers due to numerical errors, fraud, or errors in
interpreting the accounting rules. Misstatements are material if they are
large enough to make a difference to a user of the financial statements,
such as a bank or investor. And the person who involved in auditing is
known as auditor. It also provides the techniques necessary to examine
the internal control system of a company and perform operational or
compliance audits by internal or external auditors.
The early conceptions of the functions of the auditor were such as to
confine him to the duties of a mere checker and verifier of debits and
credits. As business became more complex in its interrelationships there
has been a compensating broadening demand for the acceptance of new
and formerly unrecognized responsibilities by the auditor. This has
INTRODUCTION TO AUDITING | ACT 341

PAGE |

progressed so far that the highest type of auditor is looked upon today as
a financial expert. The premises upon which most audits are predicated,
however, are still largely those of the checker-verifier. Recent economic
trends have accentuated the new conceptions and demands upon the
auditor. The control of business enterprises within and among themselves
has emphasized the importance of the budgetary and managerial aspects
of the accountants' reports in enabling business units to coordinate their
internal and external activities in the scheme of the economic plan.
Thus the word audit is derived from the Latin word audire which
means to hear. In olden times, whenever the owners of a business
suspected fraud, they appointed certain persons to check the accounts.
Such persons sent for the accountants and heard whatever they had to
say connection with the accounts. It was an Italian, Luca Paciaio, who first
published his treatise on double entry system of book-keeping for the first
time in 1494. He mentioned and described the duties and responsibilities
of an auditor, since then; there have been lot of changes in the scope and
definition of audit and the duties and responsibilities of an auditor.
Spicer and Pegler , have defined Audit as such as examination of the
books, accounts and vouchers of a business, as will enable the auditor to
satisfy himself that the balance sheet is properly drawn up, so as to give a
true and fair view of the state of the affairs of the business, and whether
the profit and Loss account gives a true and fair view of profit or loss for
the financial period, according to the best of his information and the
explanations given to him and as shown by the books and if not, in what
respect he is not satisfied.
F.R.M. De Paula, an English authority on auditing literature, describes
auditing as the examination of a balance sheet and Profit and Loss
account prepared by others, together with the books, accounts, and
vouchers relating thereto in such a manner that manner that auditor may
be able to satisfy himself and honestly report that, in his opinion, such
balance sheet properly drawn up so as to exhibit a true and correct view
PAGE |

of the state of affairs to the particular concern according to the
information and explanations given to him, and as shown by the books.
He further continues that an audit of a balance sheet involves the
verification of the profit and loss account, as the balance of that account
must be included in some form or other in the former.
HISTORY OF AUDITING
The complicated evolution of auditing has been changing throughout the
historical changes. Thus the practice of auditing have always had a
dramatic shift of change to cope with the needs of everyday business
environment. Auditing has been around since the beginning of human
civilization, focusing mainly, at first, on finding fraud. As the United States
grew, the business world grew, and auditing began to play more important
roles. In the late 1800s and early 1900s, people began to invest money
into large corporations. The Stock Market crash of 1929 and various
scandals made auditors realize that their roles in society were very
important. Scandals and stock market crashes made auditors aware of
deficiencies in auditing, and the auditing community was always quick to
fix those deficiencies. The auditors job became more difficult as the
accounting principles changed, and became easier with the use of internal
controls. These controls introduced the need for testing; not an in-depth
detailed audit. Auditing jobs would have to change to meet the changing
business world. The invention of computers impacted the auditors world
by making their job at times easier and at times making their job more
difficult.
The practice of auditing has been in the human society since its
beginning. Auditing was used mostly for the detection of fraud and was
PAGE |

done through extensive detailed examination from ancient times until the
late nineteenth century. Fraud was a great concern during the early
history of auditing, because internal controls were not used or not used
effectively until the twentieth century. To protect the public, the British
Companies Act of 1844 provided for mandatory audits. Soon afterward, in
1853, organizations of chartered accountants were formed in Scotland.
The same industrial revolution was occurring across the Atlantic in the
United States. By the late nineteenth century, British auditors were being
sent to audit American companies. Thus it was the British who built the
infrastructure for professional auditing in the United States.
The late nineteenth century was a turning point in auditing history, when
laws like the English Companies Act of 1862 were enacted. The English
Companies Act of 1862 was a general acceptance of the need for an
independent review of accounts for both large and small enterprises (Lee,
1988).
This Act of 1862 showed that there was a great demand for
specialized-trained professionals to perform these reviews reliably and

independently.
The Late 1800s to Early 1900s

During this era a lot of items were omitted from the records were
overlooked by the auditors, and the result was an auditing profession that
was viewed by outsiders as more clerical than professional. Auditing of the
late nineteenth century involved a complete review of transactions and
the preparation of the corrected accounts and financial statements. This
was obviously an inefficient and expensive way to perform an audit.
England and the United States saw the need to make an audit more
efficient and less expensive. Around 1895, the technique of sampling
emerged. The audits of the late 1800s and early 1900s were largely
devoted to the accuracy of bookkeeping detail. In most cases, all vouchers
were examined and all footings verified. Hence, items omitted from the
records were overlooked by the auditors, and the result was an auditing
profession
that
was
viewed
by
professional.
PAGE |
outsiders
as
more
clerical
than

In the late 1890s, therefore the main objectives of auditing were the
detection/prevention of fraud and the detection/prevention of errors.
Auditing in the United States began to branch from the heavy influences
of Britain in the 1900s. The main objectives of auditing in the United
States were to obtain accurate financial conditions and earnings of an
enterprise and secondly to detect fraud and errors. Auditors in the early
1900s were primarily used to submit a certified balance sheet to banks to
obtain credit. Bankers were no longer loaning money based on good
character, but now focused on the definite knowledge of the financial
affairs of the borrowers. Large life insurance companies also began using
independent public accountants to certify published statements since the
Hughes investigation of 1905.
The improvement of accounting practices and standards were the main
concerns of the accounting community in the early 1900s. Any deviation
from the Interstate Commerce Act was forbidden and punishable. The
business world also began to feel the need for improvement of accounting
principles when the businessmens pocketbooks were being squeezed
during the World War I era. Income taxes before World War I were at such
a low rate that they had no or little effect on the accounting practices of
the business world. In 1917 and 1918, the U.S. Government significantly
increased income taxes and a new tax was enacted that was a heavy
graduated excess profits tax. These taxes made the business world see
the need for improvement of accounting principles and the need for
accountants to mitigate the increase in taxes. Public accountants were
now commonly called on for financial advice and tax planning guidance.
This led to periodical auditing of the companies accounts.
Between the 1920s and the 1930s

When auditors and business managers learned about internal controls,
they were able to evaluate an entitys controls. Through this evaluation,
they can do less detailed testing if the controls are strong, strong controls
will save time and money. After the Stock Market Crash of 1929, the
government saw the need for more standards and audits. They were
PAGE |

needed to keep businesses and publicly traded securities to stay uniform
and truthful with respect to their financial condition.
In 1930s, the Securities and Exchange Commission had rigorous control
of public utility holding companies and this would result in a very
important accounting provision. The Public Utility Act of 1935 specified the
prevention of the payment of dividends out of capital or unearned surplus
without the approval of the Commission. This was a very significant
movement that made the distinction of earned and unearned surplus in
statutory law, which was previously only mentioned, in accounting
practice and few corporate laws.
The responsibility to of fraud detection was a question that was
unanswered for many years until the McKesson & Robbins scandal case of
1939, which put this question in the spotlight. Before 1940, the uniform
agreement as to the audit responsibility for the detection of fraud did not
exist. By 1940, with heavy influence of the McKesson & Robbins scandal
case, the responsibility for fraud detection now began to shift to
management. Auditors main concern was to determine the fairness of the
reported financial statements. By this time, a uniform agreement was
made that testing was the auditors technique, and detailed examination
was only done when deemed necessary. Of course, the strength of the
internal controls was the deciding factor on how much testing should be
done.
The 1950s continued to reduce the importance of fraud detection on
auditors. The belief that fraud detection was the responsibility of the
management of the company was generally held. If auditors found any
irregularities as they performed their audit, it was their obligation to bring
this to the attention of the management. Ironically, many audit techniques
of the period were specifically designed to assist in the detection of fraud.
Emphasis of the audit was placed on the determination of the truthfulness
of the financial statements. The late 1950s and 1960s brought more
reform and brought up the concept of reasonable assurance of financial
PAGE |

statements. Also, materiality of misstatements was brought to attention of
the accounting profession. The auditor was required to perform tests in
line with G.A.A.S. to detect material misstatements that would influence
the confidence of investors in a company. The general concept to start an
audit with an examination of the companies internal controls and the
extent of testing required was decided from the test results. The computer
had a great impact on how businesses and accounting would be
performed from the 1960s to the present.
Technology changing the world of auditing

The evolution of computers changed auditing forever. The first electronic
computers were analog devices that began in the 1920s and developed
through World War II. These computers were used to perform complex
mathematical computations such as integration. The 1940s brought the
development of digital computers that used binary logic. With binary logic,
it was now possible to express exact numerical values instead of using
approximate analog quantities to approximate numerical values.
In 1958, the Institute of Chartered Accountants issued a statement
entitled Accounting by Electronic Methods. This statement referred to
E.P.D. as he method of analyzing, marshaling, recording and reporting
business information by means of equipment, the central feature of which
is an electronic digital computer. Bookkeeping for accountant has been
time consuming and in the 1950s accountants have looked around for
new ways of processing this data. Punch card machines was the first move
but they were not fast enough for their needs, the digital computer was
the next choice for providing a faster and more detailed cost analysis.
Accountants didnt change their ways overnight; changing over from
manual system to computers took many years.
Auditing in general was changed forever, as data once on paper was now on
magnetic tape reels and later floppy disks. The detection of fraud was more
difficult to discover when data could be easily erased or changed. Auditing
changed with the times as it always had. The discovery for new internal controls
was needed, as these controls were important to make an audit successful and
efficient. A computer system within a business with strong internal controls made
PAGE |

an audit easier and resulted in more dependable financial statements. The
computer of the 1970s could handle large amounts of data and process the
information in a very short time. Computers made accounting jobs in general
easier, with the computer handling the bookkeeping work. This freed up time so
accountants could focus on more important jobs.
THE AUDITOR
PAGE |

An auditor in general engages in the evaluation of an organization,
system, process, project or product. Auditors tasks are performed to
ascertain the validity and reliability of information; also to provide an
assessment of a system's internal control. The goal of an auditor is to
express an opinion on the person/organization/system in question, under
evaluation based on work done on a test basis. Due to practical
constraints, an audit seeks to provide only reasonable assurance that the
statements are free from material error. Hence, statistical sampling is
often adopted in audits. In the case of financial audits, a set of financial
statements are said to be true and fair when they are free of material
misstatements - a concept influenced by both quantitative and qualitative
factors.
Traditionally, audits were mainly associated with gaining information
about financial systems and the financial records of a company or a
business. However, recent auditing has begun to include other information
about the system, such as information about environmental performance.
As a result, there are now professions conducting environmental audits.
An auditor also engages in an independent assessment of the fairness by
which
company's
financial
statements
are
presented
by
its
management. It is performed by competent, independent and objective

person(s) known as auditors or accountants, who then issue an auditor's
report based on the results of the audit. However an auditor may be a
watchdog but not a bloodhound.
The task of an auditor is to determine the quality of financial &
operational/administrative control by examining and evaluating the
records,
system
and
procedure,
operations
and
activities
of
an
organization. Financial and operational control can be easily determined

by analytical reviews, intra and inter firm comparison and comparison of
current information with anticipated results. Profit as a percentage of
sales, expenses as a percentage of sales, working capital ratio, return on
investment
and
important
guidelines

PAGE |
to
measure
concerns

performance. Through interpretation of significant ratios an auditor can
find firms strength and weaknesses and where to emphasize to detect
fraud and error.
It is not possible for an auditor to check every single thing. In such a
situation, the auditor has to evaluate the internal control system
introduced by the organization. By doing this, an auditor also become
aware of the operational control in force in an organization. For example, if
an auditor finds that the wages as a percentage of sales is far higher in
this year than last year, then he will decide to apply more substantive
tests in this regard.
Internal auditor conclude whether the resource utilization of the enterprise
is effective & efficient or not by reviewing whether the accounting records
have been properly maintained, the assets adequately safeguarded and
the procedure lay down by the management properly compiled with.
Auditors have to conduct an appraisal of the various organizational
functions and provide advice and recommendation on the activities and
operation reviewed by him.
The auditors are straightforward, honest, independent and sincere in his
approach to this professional work. Professional ethics ensure right action
on the part of the members of the profession. That is why everybody relies
on auditors determination on the reliability of the financial and
operational control of an enterprise.
The auditor needs to follow a certain guidelines and standards. Standard
is the means of judging the level of professional competence and the
degree of consistency attained by auditors in the performance of their
duties/functions. For this purpose, we are to study and understand
professional pronouncements on auditing which indicating the collective
view of the profession on: Principles and techniques of auditing and

PAGE |
10

The application of such principles and techniques to various auditing
situations.
Professional bodies of accountants of various countries have issued
pronouncements on accepted auditing practices for the guidance of their
members. Most of these pronouncements discuss various auditing
practices primarily required for the purpose of expressing an expert
opinion
on
financial
statements.
The
pronouncements
issued
by
professional bodies attempt to codify the auditing practices expected to

be observed by the auditor when he seeks to express an opinion on
financial statement. These however, do not interfere with the auditors
individual judgment in selecting the procedure to be followed and in
determining the extent to which he should apply such procedures.
The analytical review steps for forming his overall conclusions about the
consistency of financial information as a whole with his knowledge of the
entitys business and relevant economic conditions is also performed by
the auditor. For example an auditor can compare significant ratios for the
entity with those of other entities in the same industry or with the industry
average. This review may assist an auditor in identifying an unusual and
unexpected balance, which was not previously identified. Though the
procedures of analytical review have been highly commendable in the
arena of professional audit, the extent of its reliance much depend on the
substantive information that might be available from the entity, nature of
assertion the auditor might exert on the business logically and the
predictability of relationships among items of financial information (so that
any deviation there from can be taken as being indicative of potential
miss statements) and the strength of the evaluation of the internal
control. If the auditor really faces any such circumstance where the
application of analytical review may not be expected to desired results as
expected of a good audit report, there is no barrier for the auditor for an
extensive check, as he may think proper and adequate. The system of
analytical review adopted generally in combinations of other method have
in major cases yielded the desired results enabling the auditor to present
PAGE |
11

a good audit report; exhibiting a proper statement of financial information
of the entity under audit.
The auditors concept of internal control is fundamentally identical to the
concept of control or management control of the management theorists. It
is one of the activities or functions of management, but it is notable in its
complete dependence upon the other functions of management. This has
led some management thinkers to suggest that it should not be regarded
as a distinct function in its own right, just as others have suggested that
coordination should not be regarded as a separate function.
As we know, there can be no control unless there is a plan to be
controlled.
successful
organization,
which
established
individual
responsibilities, is likewise an essential component of control. Staffing

must also be appropriate for control to be effective. All it means is that
when the auditor reviews an enterprises arrangements for internal
control, the evaluation is of the management process, embracing all the
functions of management viz: planning, organizing, staffing, directing and
leading controlling and finally coordinating.
In practice an internal auditor may be restricted by the terms of reference
to conducting reviews only in certain sections of the enterprise. They may
be asked to audit only up to a certain level. Usually it is impossible for
internal audit effectively above the organizational level of the director of
internal audit. They may audit only certain operations, such as accounting
and financial.
Even if internal audit has a restricted scope but within the areas where it
does have a mandate it should be concerned with all the functions of
management (planning, organizing, staffing, directing, controlling, and
coordinating). The only exception to this is where internal audit if
restricted
to
checking
for
distributed
compliance
with
laid
down
procedures and has no role in connecting upon which procedures are the
right ones: sterile mode of internal auditing if fortunately seldom seen
now a days. So it appears that internal audit is concerned to review all the
PAGE |
12

arrangements that have been made to manage the enterprise, being
limited only by any boundary that management themselves have
prescribed defining the scope of their internal auditing department. But
within these boundaries internal audit is concerned to review all the
functions of management. Anyway the financial auditor has no limitation
like that of the internal auditor and hence, he can go for in depth auditing
as per acceptable audit practices.
The term investigation in auditing means a systematic and in depth
examination or enquiry to establish a fact or to evaluate a specific
situation. Professional accountants are often called upon to investigate the
accounts or related records of an undertaking. Such assignments differ
substantially from a normal audit tasks. Audit aims at collection on the
financial statements or other data under examination. An investigation, on
the other hand, requires a special in depth scrutiny of the particular
records or transactions with the object of substantiating a fact or
happening or assessing a particular situation.
In the backdrop of the basic differences between nature and objectives of
an audit and those of an investigation, the approach to an investigation is
different from that followed in an audit. An investigation calls for a more
thorough examination of the selected areas than what is required in an
audit of the entire financial aspect of the entity under audit. This is
because the scope and objective of an audit are broad and general while
those of investigation are narrow and specific. The investigators are
concerned with a particular task in a given area but the audit cannot be
completed without examination and scrutiny of the whole area of the
entity. It will this appear that an investigation looks for substantive and in
some cases, even conclusive evidence for establishing a fact, say a
specific complain in installing a machinery, whereas, an auditor may rely
on a persuasive evidence for his circumstantial audit report. An
investigator does not accept a fact as correct until it is substantiated.
Unlike an auditor, an investigator cannot presume that in the absence of
suspicious circumstances, a figure or a stated fact is necessarily correct.
PAGE |
13

As an investigator to investigate the alleged misappropriation of closing
stock or of finished stock of the company under investigation, a
professional accountant is engaged. His objective would be to gather
substantive evidence in support of the quantitative and monetary figures
of the opening stick, production, sales and dispatches and the stock
register. For these, he would check all the related records thoroughly,
looking into every item carefully. If he uses here the statistical sampling
techniques like random sampling, he would do so merely to narrow down
his inquiry. Rather, he would scrutinizes and crosscheck the various
transactions till he is able to check precisely what he is looking for. In a
financial audit assignment on the other hand, the auditor i.e. a
professional accountant would select a representative sample from the
transactions, examine it in depth and if nothing arouses his suspicious, he
would rely on the examination and report that the accounts and the
statements represent a true and a fair view of the affairs of the
undertaking. To use the oft repeated metaphor, an auditor is a watchdog
and not a bloodhound. But the investigator shall stretch his nose for the
faintest of scents of frauds, material misstatements, material omissions
from the record and the like.
Due to the very purpose and nature of investigators, an investigator, even
though he is a professional accountant is not bound unlike an auditor, by
accounting conventions, IGAs, ISAs (International Guidelines on Auditing,
International Standard on Auditing) policies and disclosure requirements.
The exact nature and procedures to be followed in conducting an
investigation depend entirely upon the circumstances of the case, the
nature of appointment, requirement of the investigation results, etc. but
the fundamental achievements to be obtained through investigation
entirely depends on the knowledge, Intelligence Quest (IQ), honesty,
integrity and the foresightedness of the professional accountant being
appointed as such as an investigator.

PAGE |
14

Now it is clear that the importance of audit of the financial data is so vast
that it is much more important in an organization in order to run it
efficiently, effectively and in an orderly manner.
Types of Auditors Involved in the Current Days

Auditing
There are two types of auditors who are basically involved with present
days auditing practices:
Internal Auditor - Internal auditors are employees of a company hired

to assess and evaluate its system of internal control. To maintain
independence, they present their reports directly to the Board of
Directors or to Top Management. They provide functional operation
to the concern. Internal Auditors are employees of the company so
that they can easily find out the frauds.
External Auditor External auditors are independent staff assigned

by an auditing firm to assess and evaluate financial statements of
their clients or to perform other agreed upon evaluations. Most
external auditors are employed by accounting firms for annual
engagements. They are called upon from the outside of the
company.
Common types of Audit in Practice

1) Single Audit
The Single Audit, is a rigorous, organization-wide

of an entity that expends $500,000 or more of
audit
or examination
Federal
funds received
for its operations. Usually performed annually, the Single Audits

objective is to provide
assurance
to the
US federal government
management and use of such funds by different

States, cities, universities,
and
non-profit organizations,
typically performed by an independent

encompasses both financial and
PAGE |
15
as to the
recipients,
such as
among others. The audit is
certified public accountant
compliance
(CPA) and
components. The Single

Audits must be submitted to the
Federal Audit Clearinghouse
along with a
data collection form.

2) Clinical Audit
It is the process formally introduced in
(NHS), and is defined as "a
National Health Service
that
seeks
systematic
1993
to
improve
review
of
patient
care
care
against
into the
United Kingdom's
process
quality improvement
and
outcomes
explicit
criteria
through
and
the
implementation of change".
The key component of clinical audit is that performance is reviewed
(or
audited)
to ensure that what should be done is being done, and if
not it provides a
framework
to enable improvements to be made.
3) Computer Security Audit
A computer security audit is a manual or systematic measurable

technical
assessment
assessments
include
of
system
interviewing
or
staff,
application.
Manual
performing
security
vulnerability scans, reviewing application and operating system

access controls, and analyzing physical access to the systems.
Automated assessments, or CAAT's, include system generated audit
reports or using software to monitor and report changes to files and
settings on a system. Systems can include personal computers,
servers, mainframes, network routers, switches. Applications can
include Web Services, Microsoft Project Central, Oracle Database.
4) Conformity Assessment Audit
It is any activity to determine, directly or indirectly, that a process,

product, or service meets relevant
standards
and fulfills relevant
requirements. Conformity assessment activities may include:
Testing
Surveillance
Inspection

PAGE |
16
Auditing
Certification
Registration
Accreditation
5) Environmental Audit
Environmental audits are intended to quantify environmental

performance and environmental position. In this way they perform
an analogous function to financial audits. An environmental audit
report ideally contains a statement of environmental performance
and environmental position, and may also aim to define what needs
to be done to
sustain
or improve on indicators of such performance
and position.
Environmental Auditors can get certified through written exam and
acceptance of the Environmental Auditor Association code of ethics.
Depending on the nature of the audit, there are several different
designations to choose from. CECAB administers these designations.
6) Financial Audit
A financial audit, or more accurately, an audit of financial

statements, is the examination by an independent third party of the
financial statements of a
governments),
company
or any other
legal entity
(including
resulting in the publication of an independent opinion on
whether or not those financial statements are relevant, accurate,

complete, and fairly presented.
Financial audits are typically performed by firms of practicing
accountants due to the specialist financial reporting knowledge they
require. The financial audit is one of many assurance or attestation
functions provided by
accounting
and
auditing
firms, whereby the firm
provides an independent opinion on published information.

PAGE |
17

Many organizations separately employ or hire
internal auditors,
who do
not attest to financial reports but focus mainly on the internal

controls of the organization.
External auditors
may choose to place limited
reliance on the work of internal auditors.

7) Internal Audit
Internal auditing is a profession and activity involved in advising

organizations regarding how to better achieve their objectives.
Internal
auditing
involves
the
utilization
of
systematic
methodology for analyzing business processes or organizational

problems and recommending solutions. Professionals called internal
auditors are employed by organizations to perform the internal
auditing
activity.
The
scope
of
internal
organization is broad and may involve
auditing
internal control
within
an
topics such as the
efficacy of operations, the reliability of financial reporting, deterring

and investigating fraud, safeguarding assets, and compliance with
laws
and
regulations.
Internal
auditing
frequently
involves
measuring compliance with the entity's policies and procedures.

However, internal auditors are not responsible for the execution of
company activities; they advise management and the Board of
Directors (or similar oversight body) regarding how to better
execute their responsibilities. As a result of their broad scope of
involvement, internal auditors may have a variety of higher
educational and professional backgrounds. Publicly-traded United
States corporations typically have an internal auditing department,
led by a Chief Audit Executive ("CAE") who generally reports to the
Audit Committee
of the
Chief Executive Officer.
Board of Directors,
with administrative reporting to the
The profession is unregulated, though there are a
number of international standard setting bodies, an example of

which is the
Institute of Internal Auditors
8) Performance Audit

PAGE |
18

Performance audit refers to an examination of a program, function,
operation or the management systems and procedures of a
governmental or
non-profit
entity to assess whether the entity is
achieving economy, efficiency and effectiveness in the employment

of available resources. The examination is objective and systematic,
generally
using
structured
and
professionally
adopted
methodologies.
In most countries, performance audits of governmental activities are
carried out by the external audit bodies at federal or state level.
Many of these audit bodies have established guides for conducting
performance
audits
which explain how performance audits are
planned, conducted and its results reported.

INTOSAI, the international association of Supreme Audit Institutions,
has published generally accepted principles of performance auditing
in its implementation guidelines. In the United States, the standard
for government performance audits is the Generally Accepted
Government Auditing Standards (GAGAS), often referred to as the
"yellow book", maintained by the federal
(GAO). Similarly, the
European Court of Auditors
Government Accountability Office
(ECA) has developed a
"performance audit manual" for its audits of the sound financial

management of the European Commission and the programs funded
through the EU budget.
Performance audits may also be conducted by Internal Auditors who
are employees of the entity being audited. However, some national
governments require agencies, departments and branches to
periodically retain outside auditors to conduct them.
In the USA, all auditors who follow GAGAS standards are required to
maintain
independence,
supervision,
continuing
professional
education, and conduct the audit using a specific process designed

to increase the quality of the audit and reduce the politicization of
PAGE |
19

audit work. Although there are separate professional credentials and
certifications for Financial Auditors, the persons that conduct
Performance Audits in the USA are often
Certified Public Accountants,
Certified Internal Auditors, or have a broad background in public

policy, business or public administration.
The scope of performance audits may include the detection of fraud,
waste and abuse, although often these are not included in the
scope. Prior to engaging in a performance audit, the auditor must
have a scope and plan defined which will be used to guide the audit
process.
Performance
auditing
differs
from
performance
measurement, the latter being the responsibility of management of

the entity. In addition, performance measurement may include a
broad variety of activities that do not meet the rigor of an
independent external assessment.
THE PREVAILING AUDITING PRACTICES

Today, auditors utilize sampling techniques to test certain transactions
during the performance of an audit or review, since it would be nearly
impossible and too expensive to test every single transaction. The
sampling may be aimed at the largest items or the items on the financial
statements that pose the most risk of misstatement. If material errors in
the
financial
statements
are
discovered,
the
auditors
will
direct
management to correct them.

Auditing has been the backbone of the complicated business world and
has always changed with the times. As the business world grew strong,
auditors roles grew more important. The auditors job became more
difficult as the accounting principles changed. It also became easier with
the use of internal controls, which introduced the need for testing, not a
complete audit. Scandals and stock market crashes made auditors aware
of deficiencies in auditing, and the auditing community was always quick

PAGE |
20

to fix those deficiencies. Computers played an important role of changing
the way audits were performed and also brought along some difficulties.
So how does fraud fit into the idea of material misstatements?
Misstatements can be caused by either error or fraud. Auditors have some
responsibility for the detection of both errors and frauds that are material,
but this responsibility is not absolute. Auditors give "reasonable"
assurance that material misstatements have been uncovered, but not
total assurance. Errors are much more likely to be discovered during an
audit than are fraud. Fraud schemes are crafted to purposely exploit the
accounting system and controls, and therefore it is more difficult for an
auditor to find them. Since auditors are not all-knowing beings, the
assurance that the financial statements are correct can only be
"reasonable" assurance and not total assurance.
Traditionally audits were mainly associated with gaining information about
financial systems and the financial records of a company or a business.
However, recently auditing has begun to include other information about
the system, such as information about environmental performance. As a
result there are now professions that conduct
accounting,
environmental audits.
In
financial
an audit is an independent assessment of the fairness by which a
company's financial statements are presented by its management. It is

performed by competent, independent and objective person or persons,
known as auditors or accountants, who then issue an auditor's report on the
results of the audit.
Such systems must adhere to generally accepted standards set by
governing bodies that regulate businesses. It simply provides assurance
for third parties or external users that such statements present 'fairly' a
company's financial condition and results of operations.
Auditing Rules
Its important to understand the guidance given to auditors on the topic of
fraud. Accountants performing audits in the United States follow Generally
PAGE |
21

Accepted Auditing Standards (GAAS) in their performance of audits.
Additional guidance is provided in the Statements on Standards for
Auditing and Review Services (SSARS) and Statements on Auditing
Standards (SAS). These sets of authoritative guidance outline the
responsibilities that auditors have for finding fraud while performing
audits and reviews.
SAS number 99, "Consideration of Fraud in a Financial Statement Audit,"
became effective in late 2003. This statement directs auditors to use
professional skepticism and to consider that a fraud could have occurred
and could materially affect the financial statements. The auditors must
consider and identify the risk of fraud, and must continuously evaluate
evidence throughout the audit to determine whether or not there are any
fraud indicators.
The American Institute of Certified Public Accountants (AICPA) recently
issued SSARS number 12, "Omnibus Statement on Standards for
Accounting and Review Services." This applies to reviews, rather than
audits. Reviews provide less assurance on the financial statements, as the
review procedures are typically less thorough and less detailed than audit
procedures. This statement dictates that during a review, the auditor is
not required to assess the risk of fraud or develop plans specifically to
identify fraud.
The guidance for auditors is continuously evolving as the accounting
profession acknowledges that fraud is becoming a bigger issue for clients.
All of this alphabet soup can be boiled down to the fact that it is
management's responsibility, not the auditor's, to prevent and detect
fraud. The auditors must consider fraud throughout their procedures, but
they do not have an absolute responsibility for the detection of fraud.
The Auditing Standards

When we talk about standards it means of judging the level of professional
competence and the degree of consistency attained in the performance of
PAGE |
22

their duties/functions. For this purpose, we are to study and understand
professional pronouncements on auditing which indicate the collective
view of the profession on (a) principles and techniques of auditing and (b)
the application of such principles and techniques to various auditing
situations.
Various
Professional
bodies
in
various
countries
have
issued
pronouncements on accepted auditing practice for the guidance of their

members. Most of these pronouncements discuss various auditing
practices primarily required for the purpose of expressing an expert
opinion on financial statements.
The pronouncements issued by professional bodies attempt to codify the
auditing practices expected to be observed by the auditor when he seeks
to express an opinion on financial statements. These however, do not
interfere with the auditors individual judgment in selecting the procedure
to be followed and in determining to the extent to which he should apply
such procedures.
In case a deviation is necessary in a particular situation that should be
reported in the audit report. Compliance of standard audit practices is
expected in normal circumstances. In many countries, the auditors are
specifically required to state in their audit report whether the audit was
carried out in accordance with the generally accepted auditing standards.
The institute of chartered accountants order, 1972 specifically provides
that a chartered accountant in practice shall be deemed to be guilty of
professional misconduct if he fails to invite attention to any material
departure from the generally accepted procedure of audit applicable to
the circumstances. It is thus apparent that in normal circumstances, an
auditor in Bangladesh has to follow the generally accepted procedure of
audit such as-international Auditing guidelines.
The development of a coordinated worldwide accountancy profession,
accountancy bodies of different countries established the international
federation of accountants (IFAC) in 1977. The international auditing
PAGE |
23

practices committee (IAPC) is a standing committee of the council of IFAC
and has been assigned specific reasonability and authority to issue
international guidelines on auditing and related fields. The guidelines
issued by IAPC shall. However, in no case override the local statutory
professional regulations.
The statement on standard auditing practices (SAPs) issued by the
institute of chartered Accountants of Bangladesh are generally based on
the
corresponding
international
Auditing
Guidelines.
However,
in
developing the SAPs, the institute also takes into consideration the
existing laws, customs, uses and business environments of Bangladesh.
The international accounting standards committee (IASC) developed by
professional bodies all over the world has been engaged in formulating
and publishing standard of financial accounting. Auditing and accounting
professions are therefore correlated, coordinated and interdependent
subjects.
The institute of chartered accountant of Bangladesh (ICAB) can be briefly
classified asa) statements on accounting and auditing, including statements of
auditing practices(SAPs)
b) Accounting standards
c) Guidance notes on matters relating to accounting, auditing,
taxation, company law, ethics and other related matters.
d) Opinion on specific queries
e) Research studies and other miscellaneous publications
The council of the institute of chartered Accountant of Bangladesh
regularly issues statements on basic principles governing an audit. A
member of the professional body is to generally follow these guidelines
while conducting an audit. The auditor should be straightforward, honest
and sincere in his approach to his professional work.

PAGE |
24

Last but not the least, the auditor should respect the confidentiality of
information acquired in the course of his work and should not disclose any
such information to a third unless there is a legal or professional duty to
disclose.
The Behavioral Aspect of Auditing

During the course of auditing there is no doubt that an important aspect
an auditor should very carefully take note of. The conflicting role inherent
in auditors position is principally a conflict of reporting on people to whom
an auditor apparently appears to be an adviser, guide and a controller.
The auditor should look it upon with multidimensional angles. Generally,
the auditor tries to play down formal authority although it is known that
imposed chances have a high risk of failure. Different people of different
branches of an organization will react in different ways on being reported
upon. But the auditors reaction will be absolutely nonpartisan provided
the report addresses issues rightly and within areas of main values and
problems. But the auditor is not received in a negative, hostile way. There
is an inherent dislike of control system which evaluates people before they
have chances of evaluating themselves.
The behavioral aspects of auditing have now become a need nowadays.
An auditor has the needs of performing his audit jobs and so does the
individual auditee for the purpose of a representative verification of the
financial state of affairs of the entity. When a need is not met, then there
is a dissatisfaction which is potentially damaging for the both. The auditor
should utilize their psychological balance in a way most suitable to his
techniques and programs. Relationship can be regarded as the other
component of the human behavior. There is a formal relationship, the
nature of which is dependent on the personal qualities of the persons
involved.
There
is
no
meaningful
relationship
without
proper
communication. The auditor should be well aware of all these techniques

of effective communications for his success in profession.

PAGE |
25
Types of Behavioral Auditing Study

The study of heuristics and biases appears to have been of limited
relevance for behavioral auditing research for several reasons. First, the
results have failed to reveal any consistent effects attributable to
heuristics and biases. Second, only narrow ranges of auditing tasks have
been used in heuristics and biases research. Third, it's not clear that
heuristics and biases are connected to central issues in behavioral
auditing. As a psychologist looking at the field, there appear to have been
three types of behavioral auditing studies. These are as follows:
The Replication Study:

The methods and procedures are borrowed in total. The major
research question is: Will the original findings replicate with auditors
as subjects? For the most part, behavioral auditing studies of
heuristics and biases fall into this category. They offer little advance
in methodology, analysis, theory, etc., over the original Kahneman
and Tversky studies. One positive feature of replication studies is
that they have introduced many auditing investigators to behavioral
research. On the negative side, however, replication studies are
limited in two important ways. First, they investigate issues which
originate with non-auditors and may be of questionable relevance to
auditing. Second, replication studies ask auditing subjects to answer
questions which have little relationship to their professional skills
and knowledge.
The Adaptation Study:

Another type of auditing study looks at a research problem
originating from accounting and/or auditing concepts, but using
methods
adapted
from
behavioral
research
approaches.
The
procedures are borrowed, but the problems arise from accounting.

One example involves analysis of sunk cost effects (e.g., Arkes &
Blumer, 1985; Thaler, 1980). The topic is of direct concern in

PAGE |
26

accounting, but the methods and analyses reflect procedures used
in heuristics and biases research.
Adaptation studies are obviously an advance over replication
research, since the research problems originate from accounting.
However, behavioral methods may be insufficient to investigate
many complex auditing issues, e.g., the effects of a new auditing
policy. Instead, it may be necessary to combine behavioral and nonbehavioral methods in unique ways to investigate such issues.
The Problem-Driven Study:

The third type of project involves research designed uniquely around
the concerns of behavioral auditing. Such studies lead to their own
methods and procedures; in contrast, the first two types of studies
are largely spin-offs from behavioral research. Thus, the methods
and procedures flow from important auditing problems, not the
other way around. This type of research marks the dividing line as
far as a non-auditor is concerned as a psychologist, I am no longer
qualified to comment on specific projects. I firmly believe, however,
that this is the direction that behavioral research in auditing should
head. In summary behavioral auditing research on heuristics and
biases falls primarily into the replication category; such research can
be viewed as a transition stage. Adaptation studies may apply some
of the methods from heuristics and biases research to accounting
problems; this is clearly an improvement over replication research.
Finally, problem-driven studies represent the future of behavioral
auditing research; it's not clear, however, that heuristics and biases
will play any role in that future.
The Management and Internal audit:

Internal auditing involves conducting a systematic examination of
the
record,
systems
and
procedures
and
operations
of
an
organization as a service to the management. Internal audit

department is an administrative unit of the management, whereas
PAGE |
27

statutory auditing is hired by the management or statutory
authorities for a counter auditor for external uses as per the
requirements of the law.
The traditional concept of internal auditing was thus primarily
concerned with questions like whether the assets of the organization
were
safeguarded
and
properly
accounted
for,
whether
the
accounting or other records were reliable and whether the

organizational procedures and policies were complied with. With a
significant emphasis, on the detection of fraud and accuracy of
financial records, the internal auditor was perceived as a status
Quo oriented auditor of financial records.
The Operating Procedures are:
1. Prepare Annual Internal Audit Plan
2. Communicate Annual Internal Audit Plan
3. Conduct Internal Audit Planning and Notification
4. Perform Audit Fieldwork
5. Report Results
6. Wrap-up Audit
7. Review Final Report
8. Disseminate Report
9. Evaluate and Follow Up
1. Prepare an Annual Audit Plan:

In cooperation with the senior management, perform the
following:
Conduct a preliminary risk assessment session utilizing a

facilitated group interview.

PAGE |
28
Gather top management input on the preliminary risk

assessment.
Prepare a Draft Annual Audit Plan based upon the results of

the risk assessment process.
Obtain the formal approval of the Audit & Governance

Committee of the Board of Trustees.
The need to conduct special requested projects from the Audit &
Governance Committee and senior management may also
require
the
deferral
of
planned
audits.
2. Communicate Annual Internal Audit Plan
Distribute the Annual Audit Plan to senior management.
Keep senior management informed of any changes to the

Annual Audit Plan.
Ensure that appropriate senior management is informed at

least a month prior to each planned audit.
Note
that
procedures
special
involving
requested
little
or
projects
no
require
notification
different
to
involved
management.
3. Conduct Internal Audit Planning and Notification
Contact department management at least two weeks in

advance of scheduled audit date to discuss risk considerations
that led to the audit being on the annual plan, expected scope
of the audit, and current management concerns.
Develop preliminary audit program outlining

scope, risk assessment, procedures and schedule.

PAGE |
29
anticipated
Schedule an Entrance Meeting with department management

and staff, and other stakeholders as appropriate, to go over
and finalize the audit program, obtain documents, schedule
interviews and communicate expected audit completion date.
4. Perform Audit Fieldwork
Carry out fieldwork as indicated in the audit program.
Obtain
cooperation
department
staff
from
as
the
line
management
necessary to
identify,
and
obtain
documentation and conduct interviews, etc.
Conduct fieldwork with minimal disruption to department

operations;
for
information
from
example,
central
whenever
sources
possible,
rather
obtain
than
from
departmental staff or line management.

5. Report Results
In general, share important and sensitive findings with

responsible managers immediately upon verification by the
auditor; short memo reports may be used in this process.
Prepare a first draft final report and discuss it with responsible

managers immediately following the fieldwork.
6. Wrap-up Audit
Schedule an Exit Meeting after responsible managers have

received the first draft report; this meeting will provide the
opportunity for responsible managers to discuss findings,
conclusions, and recommendations with the auditor.
During or immediately after the Exit Meeting, ask responsible

managers to provide their responses to the auditor's findings
and recommendations, either in writing or in sufficient detail

PAGE |
30

for the auditors to capture them and reduce them to writing in
the final draft report.
7. Review Final Report
Send final draft report to responsible managers and discuss

suggested changes. After processing changes, issue the final
report to the distribution indicated on the cover of the final
draft.
8. Disseminate Report
Provide the full report to members of the Audit & Governance

Committee,
the
President, the
CFO
and the
department
heads in the area being reported. Provide the Controller with

copies of any reports with financial system findings. Provide to
the Provost and Dean of each academic department when
appropriate.
9. Evaluate and Follow Up
At the completion of each audit, the auditor will send an

evaluation survey form to the primary clients of the audit. This
form should be completed and returned to the Office of
Internal Audit, in order to ensure continuous improvement of
these procedures and the internal audit function.
Approximately six months following completion of each audit,
the auditor will conduct a follow-up review to verify the
completion
of
agreed-upon
management
actions
and
ascertain the status of open recommendations. A follow-up

report will be generated annually for distribution to senior
management and members of the Audit & Governance
Committee.

PAGE |
31
Defining the Scope of Internal audit:

The scope of internal auditing encompasses the examination and
evaluation of the adequacy and effectiveness of the organization's
system of internal control; and the quality of performance in
carrying
out
assigned
responsibilities.
Examinations
and
evaluations are composed of the following types of audits:
Reliability and Integrity of Information
Compliance with Policies, Plans, Procedures, Laws, and

Regulations
Safeguarding of Assets
Economical and Efficient Use of Resources
Accomplishment of Established Objectives and Goals for

Operations or Programs
Dependability and Integrity of Information:

Internal auditors should review the reliability and integrity of
financial and operating information and the means used to identify
measure, classify, and report such information. Information systems
provide data for decision making, control, and compliance with
external requirements. Therefore, internal auditors should examine
information systems and, as appropriate, ascertain whether:
Financial and operating records and reports contain accurate,

reliable, timely, complete, and useful information.
Controls over record keeping and reporting are adequate and

effective.

PAGE |
32
Conformity with Policies, Plans, Procedures, Laws, and

Regulations:
Auditors especially internal auditors should review the systems
established to ensure compliance with those policies, plans,
procedures, laws, and regulations which could have a significant
impact on operations and reports, and should determine whether
the organization is in compliance. Management is responsible for
establishing the systems designed to ensure compliance with such
requirements as policies, plans, procedures, and applicable laws and
regulations. Internal auditors are responsible for determining
whether the systems are adequate and effective and whether the
activities audited are complying with the appropriate requirements.
1. Safeguarding of Assets:
Internal auditors should review the means of safeguarding assets
and, as appropriate, verify the existence of such assets. Internal
auditors should review the means used to safeguard assets from
various types of losses such as those resulting from theft, fire,
improper or illegal activities, and exposure to elements. Internal
auditors, when verifying the existence of assets, should use
appropriate audit procedures.
2. Economical and Efficient Use of Resources:

Internal auditors also should appraise the economy and efficiency
with which resources are employed. Management is responsible
for
setting
operating
standards
to
measure
an
activity's
economical and efficient use of resources. Internal auditors are

responsible for determining whether:
Operating standards have been established for
measuring economy and efficiency.
Established operating standards are understood and are
being met.

PAGE |
33

Deviations from operating standards are identified,
analyzed, and communicated to those responsible for
corrective action.
Corrective action has been taken.
3. Audits related to the economical and efficient

use of resources should identify
such conditions as:
Under-utilized facilities.
Nonproductive work.
Procedures which are not cost justified.
Overstaffing or understaffing.
4. Accomplishment of Established Objectives and Goals

for Operations or Programs
Management
is
responsible
for
establishing
operating
or
program objectives and goals, developing and implementing

control procedures, and accomplishing desired operating or
program results. Internal auditors should ascertain whether such
objectives and goals conform to those of the organization and
whether they are being met. The term "operations" refers to the
recurring activities of an organization directed toward producing
a product or rendering a service. Such activities may include,
but are not limited to, marketing, sales, production, purchasing,
human resources, finance and accounting, and governmental
assistance. An operation's results may be measured against
established objectives and goals which may include budgets,
time or production schedules, and/or operating plans. The term
"programs"
refers
to
special
purpose
activities
of
an
organization. Such activities include but are not limited to the

raising of capital, sale of a facility, fund-raising campaigns, new
product or service introduction campaigns, capital expenditures,
and special purpose
government

PAGE |
34
grants. Special
purpose

activities may be short-term or long-term, spanning several
years. When a program is completed, it generally ceases to
exist. Program results may be measured against established
program objectives and goals. Management is responsible for
establishing criteria to determine if objectives and goals have
been accomplished. Internal auditors should ascertain whether
criteria have been established. If so, internal auditors should use
such criteria for evaluation if they are considered adequate. If
management has not established criteria, or if the established
criteria, in the internal auditors' opinion, are less than adequate,
internal
auditors
appropriate
auditors
levels
may
depending
should
of
report
management.
recommend
on
the
such
Additionally,
appropriate
circumstances.
conditions
courses
Internal
to
the
internal
of
action
auditors
may
recommend alternative sources of criteria to management, such

as:
Acceptable industry standards.

Standards developed by professions or associations.
Standards in law and government regulations.
With adequate criteria are not established by management,

internal auditors may still formulate criteria they believe to be
adequate in order to perform an audit, form an opinion, and
issue a report on the accomplishment of established objectives
and
goals.
The
internal
auditors'
evaluation
of
the
accomplishment of established objectives and goals may be

carried out with respect to an entire operation or program or
only a portion of it. The objectives and goals established by
management for a proposed, new, or existing operation or
program are adequate and have been effectively articulated and
communicated.
The operation or program achieves its desired level of

interim or final results.

PAGE |
35
The factors which inhibit satisfactory performance are

identified, evaluated, and controlled in an appropriate
manner.
Management has considered alternatives for directing

an operation or program which may yield more effective
and efficient results.
An operation or program complements duplicates,

overlaps, or conflicts with other operations or programs.
Controls
for
measuring
and
reporting
the
accomplishment of objectives and goals are established
and are adequate.
An operation or program is in compliance with policies,

plans, procedures, laws, and regulations.
Internal auditors should communicate the audit results to the

appropriate levels of management. The report should state the
criteria established by management and employed by internal
auditors and disclose the nonexistence or inadequacy of any
needed criteria. Internal auditors can provide assistance to
managers who are developing objectives, goals, and systems by
determining
whether
the
underlying
assumptions
are
appropriate; whether accurate, current, and relevant information

is being used; and whether suitable controls have been
incorporated into the operations or programs.
REGULATIONS PROFESSIONALISM AND

ETHICS OF AN AUDITOR
The professionalism of an auditor is of utmost significance in the light of
the powers he exercises while scrutinizing the financial state of affairs of
an entity. He can go for in-depth auditing in any case he deems fit. But at
the same time, none would like that he would be arrogant, unscrupulous
PAGE |
36

and unreasonable while conducting an audit. So has been there provided
regulatory restrictions as to what he should do and what not.
In 1973 the institute of chartered account order aims at regulating the
profession of financial auditors of Bangladesh. Similarly, chartered
accountants act, 1949 regulates the Indian professional accountants.
Similar, regulatory laws exist in all the industrially developed nations. All
persons passing certain specified qualifications or those having passed
the examinations and completed the training prescribed by the institute of
chartered Accountants, can become its members. There are two
categories of members of Bangladesh institute of chartered accountants
(ICAB) associates and fellows. A person becomes an associate member of
the institute as soon as his name is entered in the membership register.
These entities he /she to write ACA after his/her name. An associate in
continuous practice in Bangladesh for at least five years and any other
associate who has been a member of the institute, can be enrolled as a
fellow of the institute and is entitles to use the words FCA after his/her
name.
According to the ICAB order, 1973 clearly defines the ethical standard of a
member of the institutes. Any contravention of the prescribed ethical
standard will invoke the penal measures for such a breach as laid down in
the statue. There have been provided different penal measures for
different types of professional misconduct. Membership of the institute is
not mandatory but for doing practice as a professional accountant,
membership is obligatory. Someone getting into a substantive cadre job
may not be forced to become a member of the institute. All these are
about the institutional methods.
The IFAC considers the following to the fundamental principles by which
an accountant should be governed in the conduct of his professional
relation with others.
Integrity: An accountant should be straightforward, honest

and sincere in his approach to his professional work.

PAGE |
37
Objectivity: An accountant should be fair and should not

allow prejudice or bias to override his objectivity. While on
financial statements which come under his review, he should
maintain an impartial attitude.
Independence: When in public practice, an accountant

should behold and appear to be free of any interest which
might be regarded, whatever be it actual effects, as being
incompatible with integrity and objectivity.
Confidentiality:
An
accountant
should
respect
the
confidentiality of informations required in the course of his

work and should not disclose any such information to a third
party without a specific authority or unless there is a legal or
professional compulsion to disclose. The breach would charge
him for guilty of misfeasance.
Technical standard: An accountant should carry out his

professional work in accordance with the technical and
professional standard relevant to that work.
Professional competence: He should have duty to maintain

his level of competence through his professional career. He
should only undertake works which he or his firm can expect
to compete with professional competence and within
reasonable time. Last but not the least, an accountant should
conduct himself and refrain from any conduct which might
bring discredit to the profession.
In fine the practice of professional ethics is largely a matter of conscience

and the determination of the members to distinguish between what is
wrong and what is right. It thus involves a high civic sense.

PAGE |
38
FUNDAMENTALS OF INTERNAL CONTROL

The Committee of Sponsoring Organizations (COSO) of the National
Commission on Fraudulent Financial Reporting (also known as the Tread
way Commission), in 1992, published a document called Internal Control
Integrated Framework, which defined internal control as a process,
effected by an entity's board of directors, management and other
personnel, designed to provide reasonable assurance regarding the
achievement of objectives in three categories:
1. Effectiveness and efficiency of operations.
2. Reliability of financial reporting.
3. Compliance with applicable laws and regulations.

Internal control can be judged as effective in each of these categories if
the board of directors and management have reasonable assurance that:
1. They understand the extent to which the entitys operations
objectives are being achieved.

2. Published financial statements are being prepared reliably.
3. Applicable laws and regulations are being complied with.

The COSO Framework consists of five interrelated components as follows:
Control environment:
Sometimes referred to as the tone at the top of the organization,
meaning the integrity, ethical values, and competence of the
entity's people; management's philosophy and operating style; the
way management assigns authority and responsibility and organizes
and develops its people; and the attention and direction provided by
the board of directors. It is the foundation for all other components
of internal control, providing discipline and structure.

PAGE |
39

Risk assessment:
The identification and analysis of relevant risks to achieve the
objectives that form the basis to determine how risks should be
managed. This component should address the risks, both internal
and external, that must be assessed. Before conducting a risk
assessment, objectives must be set and linked at different levels.
Control activities:
Policies
and
procedures
that
help
ensure
that
management
directives are carried out. Control activities occur throughout the

organization at all levels in all functions. These include activities
such as approvals, authorizations, verifications, reconciliations,
reviews
of
operating
performance,
security
of
assets,
and
segregation of duties.
Information and communication:

Addresses the need in the organization to identify, capture, and
communicate information to the right people to enable them to
carry out their responsibilities. Information systems within the
organization are key to this element of internal control. Internal
information, as well as external events, activities, and conditions
must be communicated to enable management to make informed
business decisions and for external reporting purposes.
Monitoring:
The internal control system must be monitored by management and
others in the organization. This is the framework element that is
associated with the internal audit function in the organization, as
well as other means of monitoring such as general management
activities and supervisory activities. It is important that internal
control
deficiencies
be
reported

PAGE |
40
upstream,
and
that
serious

deficiencies are reported to top management and the board of
directors.
These five components are linked together, thus forming an integrated
system that can react dynamically to changing conditions. The internal
control system is intertwined with the organizations operating activities,
and is most effective when controls are built into the organizations
infrastructure, becoming part of the very essence of the organization.
Significant Conditions in Internal Control:

A small number of familiar internal control conditions are described as
follows:
Compensating Controls: Some organizations are not able to

implement basic controls such as segregation of duties by virtue of
their size. It is vital that management institute compensating
controls to disguise for the lack of a basic control in these cases, or
if a straightforward control is not capable to function for some
period of time.
Material Drawback: Defined in the auditing journalism as a

reportable circumstance in which the outline or operation of one or
more of the internal control mechanism does not reduce to a
relatively low level. The risk that misstatements caused by errors or
fraud in amounts that would be material in relation to the financial
statements being audited may occur and not be detected within a
timely period by employee in the normal course of performing their
assigned duties.
Reportable Prerequisite: Has the same meaning as the term

substantial insufficiency. These two terms are used to define a
substantial insufficiency in the design or operation of internal
control. These could adversely
influence a company's ability to
record, process, summarize, and report financial data consistent

PAGE |
41

with the affirmation of management in the company's financial
statements. A material weakness could constitute an aggregation of
significant deficiencies.
Limitation of Internal Control

Internal control cannot ensure success, or even survival. An effective
system is not a guarantee that the organization will be successful; such is
important as an internal control structure is to an organization.
An
effective internal control structure will keep the right people informed
about the organization's progress (or lack of progress) in achieving its
objectives, but it cannot turn a poor manager into a good one.
Internal control is not a solution to management and the board about the
organization's accomplishment of its objectives. Due to limitations
inherent in all internal control systems, it can only provide reasonable
assurance. For instance, due to simple error or mistake; breakdowns in the
internal control structure can occur, faulty judgments that could be made
at any level of management as well. Controls can be inserted by collusion
or by management override. Lastly, there must be a cost-benefit analysis
in the design of the system, meaning that the design of the internal
control system is a function of the resources available.
Roles and Responsibilities:

Everyone in the organization has some role to play in the organizations
internal control system.
Chief executive officer (CEO): Aside from setting the tone

at the top, much of the day-to-day operation of the control system is
delegated to other senior managers in the company, under the
leadership of the CEO. The CEO has ultimate responsibility and
ownership of the internal control system. The individual in this role
sets the tone at the top that affects the integrity and ethics and

PAGE |
42

other factors that create the positive control environment needed
for the internal control system to thrive.
Chief financial officer (CFO): The audit committee should

use interactions with the CFO, and others, as a basis for their
comfort level on the internal control over financial reporting. Much
of the internal control structure flows through the accounting and
finance area of the organization under the leadership of the CFO. In
particular, controls over financial reporting fall within the domain of
the chief financial officer.
This is not done on purpose to propose that the CFO must provide
the audit committee with a level of reassurance regarding the
system of internal control over financial reporting. Rather, through
interactions with the CFO and others, the audit committee should
get a gut feeling about the completeness, accuracy, validity, and
maintenance of the system of internal control over financial
reporting.
Controller/director of accounting or finance: The

controller must demonstrate respect for the system though his or
her actions. Much of the basics of the control system come under
the domain of this position. It is a key that the controller
understands the need for the internal control system, is committed
to the system, and communicates the importance of the system to
all people in the accounting organization.
Internal audit: Each organization should assess the need for

this team, and employ one as necessary. A main role for the internal
audit team is to evaluate the effectiveness of the internal control
system and contribute to its ongoing effectiveness. With the internal
audit team reporting directly to the audit committee of the board of
directors and/or the most senior levels of management, it is often
this function that plays a significant role in monitoring the internal

PAGE |
43

control system. It is important to note that many not-for-profits are
not large enough to employ an internal audit team.
Board of director/audit committee: The audit committee

is the board's first line of defense with respect to the system of
internal control over financial reporting. A strong, active board is
necessary. This is particularly important when the organization is
controlled by an executive or management team with tight reins
over the organization and the people within the organization. The
board should recognize that its scope of oversight of the internal
control system applies to all the three major areas of control: over
operations, over compliance with laws and regulations, and over
financial reporting.
All other personnel: Employees throughout the organization

should understand their role in internal control and the importance
of supporting the system through their own actions and encouraging
respect
for
the
system
by
their
colleagues
throughout
the
organization. The internal control system is only as effective as the

employees throughout the organization that must comply with it.
Compensating Controls:
The audit committee should be tuned-in to the tone-at-the-top of the
organization as a first indicator of the functioning of the internal control
system. It is important to realize that both the design and compliance with
the internal control system is important.
In addition, audit committees should realize that the system of internal
control should be scaled to the organization. Some organizations will be so
small, for example, that they will not be able to have appropriate
segregation of duties. The message here is that the lack of segregation of
duties is not automatically a material weakness, or even a reportable
condition, depending on the compensating controls that are in place.
PAGE |
44

In this case, it is one and the same person, so the implication is that there
are no checks and balances on the accounts payable person, who could be
writing checks to a personal account, then passing on them during the
bank reconciliation process (that is, there is no one to raise the red flag
that personal checks are being written on the company account). For
example, suppose an organization's accounting department is so small
that it is not possible to segregate duties between the person who does
the accounts payable and the person who reconciles the bank statements.
Compensating controls could make up for this apparent breach in the
internal control system. Here are some examples of compensating
controls in this situation:
All checks are hand signed by an officer of the company, rather than
using a signature plate that is in the control of the person that
prepared the checks.
The bank reconciliation may be reviewed by the persons manager.
A periodic report of all checks that are cleared at the bank could be
prepared by the bank and forwarded to an officer of the company
for review.
Audit committees should be aware of situations like this and be prepared

to ask questions and evaluate the answers when an obvious breach in
internal control is surfaced.
Management Override of Controls

Another area that an audit committee needs to focus on is the ability of
management to override internal controls over financial reporting to
perpetrate a fraud. Examples of techniques used by management in
overriding internal controls over the financial reporting function include:
Back dating or forward dating documents to a different period.
Making adjusting entries during the financial reporting closing

process.

PAGE |
45
Reclassifying items improperly between the statement of activity

and the statement of financial condition.
Some of these override techniques were used in some of the recent

scandals and have gained considerable notoriety.
Questions
about
management
override,
and
the
controls
over
management override, as well as audit steps to detect if a management

override has occurred, should be addressed to the CEO, CFO, and
independent auditor during the respective executive sessions with the
audit committee as noted elsewhere in this toolkit. An audit committee
has the responsibility to help prevent or deter a management override of
controls. It is important for the audit committee to understand that there
is a system to uncover an override, as well as follow-up to determine its
appropriateness.
This instrument was projected to provide a summary of what is meant by
internal control. The concepts are not complex, but sometimes the
application of internal control can be a challenge in an organization,
depending on its size and culture. However, it is vitally important to
design the system of internal control to achieve the objectives of
a) Effectiveness and efficiency of operations
b) Reliability of financial reporting
c) Compliance with applicable laws and regulations.
WRITING AN AUDIT REPORT

Writing the Audit Report:
This is the official record of what auditor has done, which can be returned
to in future years. A copy of his presentation slides is not likely to contain
enough detail for people to see exactly how the project was carried out, in
PAGE |
46

order to duplicate it in other areas or for a re-audit. Presentation is also
unlikely to include the action taken / to be taken as a result of the audit.
One should be prepared to write up a report for each proven Audit project.
THINGS THAT MUST BE IN A CLINICAL AUDIT REPORT

Clinical Audit reports should include:
1. Front page:
o
Name of the organization and name of division/specialty
Project title
Project lead/s (and name of the person who wrote the report, if
different)
Date of report
2. Table of contents:
Recommended if report runs to more than eight pages
3. Executive summary:
It is good practice to begin a report with an executive summary (or
abstract). This should be a short paragraph (certainly no more than
10% of the total length of the report) that encapsulates the main
thrust of the report. Identify the issue, state the key findings,
conclusions and what course of action is recommended. This will
help people identify whether they need to read the full report, and
will be a Useful prcis for busy managers. You may (instead of or in
addition to an executive summary) want to produce a one A4 page
summary of the report for this purpose, especially if the report is
very long.
4. Background:
This is essentially narration, clarifying why the audit was done. For
example, was the project prompted by an identified local problem or
PAGE |
47

concern? The background should explain the rationale for doing the
audit, i.e. why this topic is a priority for quality improvement.
Summarize the evidence base for the audit topic, giving full
references at the end (see point 12). If you convened a team to
undertake this audit, this is a good point to say how this was
organized and who was involved.
5. Objectives:
These explain what the project is trying to achieve and should have
been identified at the start.
6. Standards:
Assuming an auditor is measuring against standards, guidelines or
benchmarks of some sort, you need to state what these are (using
the criteria/target/exception format, as detailed in How to set audit
objectives and standards) and where they come from (the source
and strength of evidence). State if the intention was to set
standards at the end of the project and if so, which aspects of care
those standards pertain to.
7. Methodology:
State the chosen population for this study (e.g. patients referred to
the one-stop breast clinic for suspected cancer) and then go on to
say how one has selected the sample for the audit, specifying
whether a retrospective or prospective methodology was used (e.g.
for a prospective audit, the first 100 patients referred to the clinic
starting from 1/10/04, or for a retrospective audit, all patients
seen at the
8. Results:
State how many subjects (e.g. patients) were included in the audit.
This is the initial n number. If the data is incomplete, explain why,
e.g. auditor might not be able to find every set of patient notes. How
PAGE |
48

one has analyzed the data depends upon the question. Ensure to
include the number and percentage of cases meeting each
standard, making it clear what number are taken into consideration
into Percentage of n number may change at different points of the
report, e.g. 45/50 (90%). To use a statistical test (e.g. Chi Square) to
analyze data, state clearly what the test is and whether the results
are statistically significant. Data may be presented as tables or as a
chart. Be selective in use of charts only illustrate the key findings
in this way so as not to overburden readers. Use the most
appropriate chart for each piece of data, e.g. pie charts to show
proportions, or bar charts for easy comparison between different
areas or standards. Quote both raw figures & percentages in the
chart where possible. Where one can only have one or the other, pie
charts should have the raw figures as a label by each segment,
rather than percentages, as this chart is designed to visually show
proportions (percentages). Charts showing only percentages should
be accompanied by a table showing the raw figures these will be
needed when it comes to re-auditing and comparing results.
Individual healthcare staff should not be identifiable in the report audit should not be used as a witch hunt. If, for example, you are
comparing the results of three consultant firms, you could call them
A, B and C. Have the decoder handy though - clinicians may wish to
identify themselves! Patients should also not be identified, for
confidentiality reasons.
9. Conclusions:
List the key points that flow from your results - use bullet points and
avoid long paragraphs. Ensure that the conclusions are supported
by the data, or if the data points to no firm conclusions, say so dont make claims that are not supported by the evidence. Make
objective, factual statements, not subjective ones, i.e. dont say it
is obvious that or clearly, what is happening is

PAGE |
49

10. Recommendations:
Where appropriate, recommendations for change should be made.
Make sure these are realistic and achievable. If you need money to
implement recommendations, have you got access to any suitable
funds?
11. Action Plan:
When your report is presented (e.g. at an audit meeting), your
recommendations will either be accepted or revised. Once this has
been done, an action plan should be agreed (preferably at that
meeting) saying what changes will be implemented, who will be
responsible for carrying them out and when this will be done.
Include this either in the body of the report, or if the report is
already written, as an addendum to the full report. If appropriate
(i.e. changes are to be made), set a date for a re-audit to complete
the audit cycle.
12. References:
The full references of the evidence base referred to in the
background. Try to be consistent in the way reference if one is
hoping to get the project published, some journals are quite
particular about how references are listed.
Give the names and
initials of all authors followed by the title of the article, the title of
the journal, the year of publication, the volume number and the first
and last page numbers. References to books should give the names
of any editors, place of publication, publisher and year.
13. Appendices:
Include a copy of the pro-forma/questionnaire that auditor used for
data collection.

PAGE |
50
Practices of Auditing in Bangladesh

Auditing a systematic process of objectively, obtaining and evaluating
evidence, regarding assertions about economic actions and events to
ascertain the degree of correspondence between these assertions and
established criteria. It is an independent examination of financial
statements or related financial information of an entity. The results of the
examination are finally expressed in the form of a specific opinion
communicated to the relevant parties. Auditing of financial statements of
companies registered under the
companys
act
1994 is compulsory in
Bangladesh. According to Sec 213(3), the auditor is to make a report to be

presented in the annual general meeting of the company on accounts
examined by him.
Before acceptance of the International Standards of Auditing (ISA) by the
Institute of Chartered Accountants of Bangladesh (ICAB), detection of
errors and frauds, and prevention of errors and frauds were the two
important objectives of auditing in Bangladesh. At present, Bangladesh
follows ISA guidelines in auditing. Auditing practices are regulated by the
Companies Act 1994, the Banking Companies Act 1991, the Insurance Act
1938, the Securities and Exchange Commission Act 1993, the Securities
and Exchange Rules 1987, the Foreign Donations Regulation Rules 1978,
and the Co-operative Societies Ordinance 1984.
According to the Companies Act 1994, accounts of companies registered
under this act must be audited by chartered accountants within the
regulations of the Bangladesh Chartered Accountants Order 1973.
Similarly, all books of accounts maintained by a
ORGANIZATION
NON-GOVERNMENT
receiving foreign donations shall be audited by a chartered
accountant as defined in the same Order. The accounts of every cooperative society are to be audited at least once in every co-operative
year. The audit is to be conducted by the Registrar, or by an audit officer
authorized by him, and by such date as may be prescribed. Accounts of
enterprises under sector corporations are audited at three levels INTRODUCTION TO AUDITING | ACT 341
PAGE |
51

corporations' internal audit departments, independent professional audit
firms, and the Comptroller and Auditor General (C&AG) of Bangladesh.
Internal audit, sometimes similar to an investigation, and often termed as
management audit, is conducted by the employees of a corporation on
special issues. The purpose of this audit is to check whether the
corporation's rules and regulations are being properly followed at the time
of execution of any policy. Independent professional audit is conducted by
chartered accountants to pass opinion about the financial statements
annually. The C&AG has the obligation to conduct a government
commercial audit where there is any government interest in the form of
ownership, or investments, or where the government provides help in the
form of subsidies.
The Constitution of Bangladesh empowers the C&AG of Bangladesh to
conduct an audit of the accounts of the Republic and report to the
sangsad
jatiya
(parliament) on the findings. The public accounts of the Republic
and of all courts of law, authorities and officers of the government are
audited and reported on by the Auditor General. For that purpose he or
any person authorized by him has access to all records, books, vouchers,
documents, cash, stamps, securities, stores or other government property
in the possession of any person in the service of the Republic. In the
exercise of his functions, the C&AG are not subject to the direction or
control of any other person or authority. Having derived his authority from
the Constitution, he with the assistance of nine Directors General placed
under him, conducts audit of all government departments, agencies,
public sector corporations and public companies having fifty percent or
more government owned shares.
The purpose of government audit is to ensure transparency and
accountability in the use of resources in all types of government
management. The objectives of audit work includes verification of the
statements of accounts and statement of income and expenditure to
determine whether these are prepared truly and correctly; examination of

PAGE |
52

the adequacy of the audited body's financial management systems and
internal control framework; making sure that sufficient arrangements have
been made to achieve economy, efficiency and effectiveness in the
utilization
of
the
entity's
resources;
examination
of
the
trading,
manufacturing, profit and loss accounts and balance sheets and other
subsidiary books of accounts with regard to state-owned commercial
organizations; and undertaking special studies where necessary to
determine if environmental legislation and procedures are being strictly
followed.
The audit directorates and training academy placed under C&AG are
Commercial Audit; Local Audit; Works Audit; Foreign Aided Project Audit;
Civil Audit;
railway
Audit; Post, Telephone and Telegraph Audit; Defense
Audit; Mission Audit; and Financial Management Academy (FIMA). Each of

the Directorates mentioned above has its own functional set up headed by
a Director General.
Commercial Audit Directorate:

The Commercial Audit Directorate was set-up in 1956 by the government
of Pakistan to undertake audit in state-owned commercial organizations.
Following the independence of Bangladesh, the role of the department of
commercial audit expanded because of the nationalization of industries,
banks etc. At present, all autonomous and semi-autonomous public
enterprises, government-owned commercial bodies, including nationalized
banks and public enterprises, having minimum 50% government share are
audited by the directorate.
Local and Revenue Audit Directorate:

The Director General, Local and Revenue Audit (DG, L&RA), conducts audit
in two important fields covering about 12,000 government units/individual
offices in a wide range of areas. These are the government offices (other
than Post, T&T, Works, Roads & Highways, Railways, Public Health
Engineering and Defense directorates; hospitals; educational institutions;
PAGE |
53

sports and cultural bodies) and autonomous and local bodies (city
corporations, municipalities, universities, port authorities and other
autonomous bodies).
Directorate of Works Audit:

The present office of the Directorate of Works Audit was established with
effect from 18 May 1964 under the name Director of Audit and Accounts
Works and WAPDA, East Pakistan, Dacca. After liberation, it was renamed
as Accountant General Works & WAPDA, Bangladesh, DHAKA and entrusted
with the accounting and auditing function of the works expenditure and
auditing
the
accounts
of
Bangladesh
WAPDA.
Following
departmentalization of government accounts, the present office of the

Directorate of Works was established in 1985.
Foreign Aided Projects Audit Directorate:

Different foreign countries and donor agencies provide grants and loans
for different development projects in the form of investment or technical
assistance. The Director General, Foreign Aided Projects Audit, is
responsible for auditing all projects implemented with funding by
foreign aid.
The main responsibilities of this Audit Directorate are to carry out audits in
all donor funded development projects to prevent error and fraud, to
ensure accuracy and completeness of accounting records and examine
the adequacy of rules and regulation; to prepare the annual audit report
and submit the same to C&AG for placement before the parliament; to
conduct audits of all Accounts and Financial Statements of donor fund in
accordance with the agreement between the government and donors; to
express an opinion as to whether the financial statements of the donor
funded projects presented are consistent with international standards on
auditing, whether the accounts prepared are in accordance with accepted
principles and whether they present fairly the results of the operation of
the project. In terms of IDA and ADB loans, a separate opinion needs to be
furnished for the statement of expenditure.
PAGE |
54

Civil Audit:
Following the departmentalization of government accounts, the Civil Audit
Directorate was established in 1985 to strengthen the capability of the
C&AG in discharging his duties. This directorate carries out audits in the
following accounts offices: office of the Controller General of Accounts,
Chief Accounts offices, Regional Accounts offices, District Accounts offices
and Upazila Accounts offices.
Railway Audit Directorate:

The present office of the DG Railway Audit, headed by a Chief Auditor, and
located at the Central Railway Building (CRB)
CHITTAGONG,
was established
in 1950. This office was entrusted with the audit responsibility of the
Eastern Bengal Railway and Pakistan Eastern Railway from 1950 to 1961
and from
1961
to
1971
respectively.
Following
the liberation
of
Bangladesh in 1971, all audit functions of Bangladesh Railway were

conducted by this office which was renamed as the office of the DG
Railway Audit in 1995. The office has 208 personnel including one
director, two deputy directors, and 14 audit and accounts officers working
in the regional and divisional offices throughout Bangladesh.
Auditing types, systems and procedures

Three main types of audit are the regularity or compliance audit, financial
statements audit and performance audit (value for money audit). The
regulatory audit is very traditional and it examines receipts and
expenditures and the financial systems and transactions of the audited
organization to see whether it has complied with relevant rules,
regulations, laws, procedures, orders etc. A financial statement audit is
the examination of the financial statements of an audited body to express
an opinion on whether they truly present the expenditures and receipts in
the case of the accounts prepared. It includes the audit of the
appropriation and finance accounts of the government and of the
government owned commercial enterprises. The performance audits
PAGE |
55

examine an organizations programs, activities, functions or management
systems and procedures to assess whether the organization has achieved
economy, efficiency, and effectiveness in the utilization of its resources.
Bangladesh recently adopted programs to conduct performance audits on
different issues in some organizations.
The auditing system adopted in all audit directorates is very similar. There
are, of course, slight variations depending on the nature and scope of the
audited organization. Each audit directorate prepares a year-wise audit
plan at the beginning of the financial year and on the basis of the budget
and risk involved with the organizations under audit. Some organizations
are audited every year; some once in every two years and some are once
in every three years or more. The director general is entrusted with audit
planning and a director and deputy directors help him in the planning
exercise. Each audit team has, in general, two/three members assigned
with fixed man-days based on risk and volume of work of the concerned
organization.
The DG Audit instructs the audit team as to what percentage of
transactions will be subject to audit. The general points taken into
consideration in audit planning are volume of transactions of the auditable
unit, number of vouchers, and nature of expenditure. Prior to the start of
an audit in any organization, the audit team needs to be familiar with the
nature, activities and objectives of the organization as well as with the
annual report and past audit report including the budget book prepared on
the organization.
The audit team gives notice to the audited body well in advance letting
them know the exact date of commencing audit and the records required
to be examined. Procedures followed in carrying out an audit of any office
include initial discussion with the head of the audited body, collection of
all the records and information needed for auditing, examination of the
records, checking the facts, collection of sufficient evidence in support of

PAGE |
56

his statement, discussions with relevant people, coming to a conclusion
and preparation of the report.
The audit team follows the guidelines mentioned in the Audit Code and
Manual and Government Auditing Standards. In some cases, the team
follows the special instructions given by the Audit Directorate. In course of
the audit work, all queries raised by the auditor are to be clarified by the
audited organization and are to be substantiated by proper supporting
documents. Queries not met with valid documents are included in the
Inspection Report. On completion of each audit, the audit team discusses
the audit report with the head of the audited organization and obtains his
opinion on it. Then an Inspection Report is issued to him. The Audit Report,
along with the working papers and an observation summary sheet is
submitted to the Deputy Director Audit for review, after which the entire
report and the audit file, with his comments on it, are submitted to the
Director/Director General for final review and approval.
Paragraphs of serious irregularities known as Advance Clauses are
communicated, after proper scrutiny, to the concerned management,
including the Principal Accounting Officer (Secretary) of the concerned
ministry. The Audi tees are given five weeks time to give explanations on
irregularities. One reminder is issued, allowing an additional two-week
time in case the explanations are not satisfactory, or if there is no
response at all. A DO (Demi-official) letter/Management letter for such
clauses is written to the Principal Accounting Officer giving four-week
time. If the reply is not satisfactory or there is no reply at all, the report is
finalized (as draft clauses) and sent to the C&AG for his approval and for
inclusion in the audit report within thirteen days.
Serious financial irregularities along with audit comments are incorporated
in the Annual Audit Report, after they have been approved by the C&AG.
The Audit Report is then submitted to the President of the Republic by the
C&AG to be laid before Parliament. The reports placed before the
Parliament is discussed by the Public Accounts Committee (PAC) and
PAGE |
57

Public Undertaking Committee (PUC). PAC deals with Audit Reports and
related issues, whereas PUC attends to issues relating to efficiency and
effectiveness of commercially run government organizations.
CONCLUSION
In todays world; auditing has become an incorporated segment of the
association. All association wants auditing not only for avoidance and
recognition of fake but in addition for organizational effectiveness.
Auditing plays an essential part to appropriately finish the accounting
records and timely preparation of the consistent financial information.
Internal audit moreover helps organization to defend the property and
maintaining
the arranged and effectively accomplish of the business
including adherences to the management policies. The manner of auditing

is becoming easier day by day because of using computer aided audit.
The computer aided audit tools and technique software is simplifying and
automating the audit process. The auditor is now able to find any kind of
fraud or material misstatement through the use of CAATTs software.
Government audit also helps the government to find whether the
resources are use effectively and efficiently. They evaluate the data and
directly report to the Comptroller and Audit general of Bangladesh.
Also
to guard the shareholder, creditor and supplier from any kind of fraud,
every corporation must verify their financial report by an external auditor.
The external auditor must be an independent man also has to be a
member of the ICAB in Bangladesh.

PAGE |
58

In modern business advancement audit is one of the core factor to be
considered. Because auditing provides support to the whole organization
in such a way that it serves both the external and internal users. For
internal users it provides information to manager to make judgment and
for external user it provides guarantee that the financial report is all right
and out of any kind of material misstatement.
BIBLIOGRAPHY
Lee, T. A., The Evolution of Audit Thought and Practice(New York: Garland
Publishing, Inc., 1988), p. 3, 5, 6

o
Staub,
Walter
A.,
Auditing
Developments
During
the
Present
Century(Massachusetts:
Harvard University Press, 1942), p.15, 17, 26, 29
o
Carmichael, D.R. & Willingham, John J., Perspectives in Auditing(New York:

McGraw-
Hill Book Company, 1979), p.8, 10, 55

o
Pinkney, A., An Audit Approach to Computers(London: The Institute of

Chartered

PAGE |
59

Accountants Press, 1966), p.11
o
McRae, T. W., The Impact of Computers on Accounting(New York: John

Wiley & Sons,
1964), p.38, 50, 182

o
Needleman, T., Micro-Computers for Accountants(New Jersey: PrenticeHall, Inc.,
1983), p.3, 7

PAGE |
60

Auditing in Bangladesh

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Auditing in Bangladesh

Uploaded by

Copyright:

Available Formats

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

profession. The auditors' reports have an especial capacity to fulfill the

INTRODUCTION TO AUDITING | ACT 341

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

specialized-trained professionals to perform these reviews reliably and

The Late 1800s to Early 1900s

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

Between the 1920s and the 1930s

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

Technology changing the world of auditing

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

management. It is performed by competent, independent and objective

organization. Financial and operational control can be easily determined

INTRODUCTION TO AUDITING | ACT 341

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

INTRODUCTION TO AUDITING | ACT 341

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

professional bodies attempt to codify the auditing practices expected to

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

responsibilities, is likewise an essential component of control. Staffing

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

INTRODUCTION TO AUDITING | ACT 341

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

Types of Auditors Involved in the Current Days

Internal Auditor - Internal auditors are employees of a company hired

External Auditor External auditors are independent staff assigned

Common types of Audit in Practice

The Single Audit, is a rigorous, organization-wide

for its operations. Usually performed annually, the Single Audits

management and use of such funds by different

typically performed by an independent

among others. The audit is

certified public accountant

components. The Single

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

Federal Audit Clearinghouse

data collection form.

It is the process formally introduced in

(NHS), and is defined as "a

National Health Service

to ensure that what should be done is being done, and if

to enable improvements to be made.

3) Computer Security Audit

A computer security audit is a manual or systematic measurable

vulnerability scans, reviewing application and operating system

It is any activity to determine, directly or indirectly, that a process,

and fulfills relevant

requirements. Conformity assessment activities may include:

INTRODUCTION TO AUDITING | ACT 341

AUDITING: THE MOST RELIABLE ECONOMIC GUARD

Environmental audits are intended to quantify environmental

or improve on indicators of such performance

A financial audit, or more accurately, an audit of financial

resulting in the publication of an independent opinion on

whether or not those financial statements are relevant, accurate,

firms, whereby the firm

provides an independent opinion on published information.

INTRODUCTION TO AUDITING | ACT 341