inspection and audit manual eng

7/31/2019 Inspection and Audit Manual Eng

1/21


2/21

Matters, Budget and Financial powers, Inspection and Audit ,

Maintenance of office Premises, Housekeeping functions and

Miscellaneous matters. Since then changes have taken place in

the Internal Audit mechanismincluding introduction of Control

Self - Assessment Audit and Concurrent Audit in the Regional

Offices (ROs)/ Central Office Departments (CODs)/ Training

Establishments (TEs), besides strengthening of the Audit

Monitoring Arrangements in Inspection Department at Central

Office. Further, the process of ISO Certification has added a

new dimension to the responsibilities of the ROs/ CODs

concerned in addition to casting similar responsibility on the

Inspection Department. Although, Chapter 5 of the GAM-2000

dealt with Inspection and Audit, the structural changes

indicated above have been in place and the ROs/ CODs/ TEs

were required to refer to various instructions issued by the

Inspection Department from time to time. In view of greater

emphasis being laid on Internal Audit and Inspection

mechanism in the Bank as also on the system of ISO

certification, it was considered appropriate to compile the

general instructions of internal inspection at one place in the

f f "M l fI ti dAdit" i t d fb i


3/21

Mishra, Manager, in drafting, editing and updating the Manual,

need to be commended.

RESREVE BANK OF INDIA (C. KRISHNAN)

INSPECTIONDEPARTMENT Executive Director

MUMBAI


4/21


5/21

Corporation of India and Bharatiya Reserve Bank Note Mudran PrivateLimited, collectively referred to as Auditee Office hereinafter.

1.1 The Inspection Department would act as the eyes and ears ofManagement and discharge its duties with utmost professionalism as theprincipal provider of independent and objective feedback on the working of theBank to Management to enable it ensure that the organisation functionsefficiently and effectively.

1.2 The objectives of the Department are as under:

To assess in clear terms the achieved and achievable performance ofthe Auditee Office with the available resources.

To give objective feedback to Management on the performance of theAuditee Office.

To assess risks and evaluate controls designed to address those risksand furnish an analysis, recommendations, counsel and information

concerning the activities reviewed. To critically analyse and assess the staff requirements as and when

required with a view to examining the adequacy or otherwise of staff ata particular Auditee Office.

2 Main Functions of Inspection Department

The main f nctions of Inspection Department are as nder


6/21

To examine whether the work in the Auditee Office is being carried outaccording to the prescribed procedures / instructions without any

deviations/aberrations as also to exercise a check over the administrativeprocedures followed by Offices so that irregular practices, if any, are detectedand rectified early and to report on the health of the Auditee Office.

(c) Information Systems Audit

To assess the adequacy and effectiveness of internal controls in respect of

Information Systems policies, standards and procedures.

(d) Snap Audit

To oversee the effectiveness of the systems of Control Self-Assessment Auditand Concurrent Audit.

(e) Staffing Inspection

To undertake Staffing Inspection of Auditee Office as and when required byCentral Office, DAPM/Top Management to do so with a view to examining theadequacy or otherwise of staff requirement of that particular establishment.

(f) Quick Follow-up Inspection

T i th d i li f M t A dit & S t


7/21

Department. The work of the Department is being carried out in the followingSections:

Administration Section

Planning Section, including Inspection Wing

Follow-up Section

Audit Monitoring Cell

Information Systems Audit Section, including ISO Certification

Inspection and Audit Sub-Committee Section

4 Internal Inspection Units under the charge of a General Manager willconduct Management Audit and Systems Inspection of all the Auditee Offices.The Units will also conduct Staffing Inspection/Special Investigations/Studiesas and when entrusted by the Top Management/Central Office Departments.

5 Inspection Programmes

The schedule for Management Audit and Systems Inspection Programmes tobe carried out in the ensuing calendar year will be drawn in each year andAuditee Office advised by the Inspection Department sufficiently in advance inthis regard. Auditee Offices will arrange necessary infrastructural facilities forthe Inspection Unit.

6 Procedure for Management Audit & Systems Inspection


8/21

9 The Auditee Offices are required to submit compliance in respect ofthose paragraphs which are marked to them for action. The Inspection

Department shall make arrangements to forward a copy of relevant chaptersof the Report on various Departments to the respective Central OfficeDepartments to apprise them of the position of working of their RegionalOffices at various centres. Also, extracts of paragraphs of a RegionalOffice/Central Office Department where action is required to be taken by otherRegional Offices/Central Office Departments would also be forwarded to themfor necessary action.

10 The Officer-in-Charge of the Auditee Office will furnish a certificate tothe effect that except for the paragraphs, (to be specified) of the report onwhich comments have been offered; the remaining paragraphs have beennoted for compliance.

11 The Management Audit & Systems Inspection Report on the AuditeeOffice will be handed over to them immediately on conclusion of the

inspection and a copy thereof will be forwarded to DAPM for information andnecessary action, if any.

12 Executive Summary of findings

The Inspection Unit will prepare an Executive Summary of Positive Features,Major Findings and Suggestions on the basis of Management Audit &Systems Inspection Report and submit the same to the Executive Director(I ti ) f l th h Chi f G l M I ti


9/21

Managerial Effectiveness, (ii) House-keeping, Record Management andSubmission of Control Returns, (iii) Developmental Activities, (iv) Customer

Service and (v) Compliance of Inspection and Audit Reports. The grade(Excellent, Very Good, Good, Average and Unsatisfactory) is awarded to theRegional Office/Regional Director on the basis of average marks assignedafter having discussion with the Regional Director concerned by ChiefGeneral Manager, Inspection Department and with the approval of theExecutive Director-in-Charge of the Department.

15 Audit Monitoring Arrangement

Consequent upon the closure of Regional/Central Audit Cells with effect from01 July 2004, an Audit Monitoring Cell has been set up in InspectionDepartment with a view to overseeing and monitoring the effectiveness ofControl Self-Assessment Audit and Concurrent Audit Systems.

15.1 Control Self-Assessment Audit

As a sequel to the recommendations of the 'Sharma Working Group', ControlSelf-Assessment Audit (CSAA) was introduced in the Bank in July 1999 withthe objective of enabling Auditee Office to undertake regular health check,assessing key risks in their areas of operations and frequently review andfortify internal checks and balances so that the Auditee Offices on their ownevolve better internal control regime on an on-going basis. The CSAA shall beconducted in respect of risk areas identified by the Inspection Department/A dit Offi t l t i i th All th CSAA t ill b


10/21

of Control Self-Assessment Audit and Concurrent Audit on the working ofAuditee Offices. Audit Monitoring Cell will draw up the Snap Audit

programmes for half-yearly audit with the approval of the Chief GeneralManager of the Inspection Department. The audit is conducted by a team ofofficers headed by a Deputy General Manager. The Auditee Office shallsubmit compliance on action paragraphs to Inspection Departmentwithin one month from the conclusion of the Snap Audit.

15.4 It must be ensured by all Auditee Offices that irregularities having

financial implications are complied with within a period of one month.Any laxity on the part of dealing staff would be viewed seriously.

15.5 Appointment of Chartered Accountant Firms as ConcurrentAuditors

Chartered Accountant firms will be appointed as Concurrent Auditors of theBank by the Officer-in-Charge of the Auditee Office as per

instructions/guidelines issued by Inspection Department from time to time.

15.6 Meetings with Concurrent Auditors

The Officer-in-Charges of the Auditee Offices will hold meetings withConcurrent Auditors at least once in a quarter to enable them to assess thecontent, coverage and quality of concurrent audit and give directions toConcurrent Auditors to make audit an effective management tool. In

ti l it b d b th O i C th t th C t A dit i b i


11/21

17.1 On conclusion of the Audit/Inspection of an Auditee Office, one set ofhard and soft copy of the Inspection/Audit Reports will be supplied to the

Officer-in-Charge of Auditee Office who will initiate the process of complianceimmediately and endeavour to secure maximum compliance in a time boundmanner.

17.2 The work relating to co-ordination of compliance of Audit andManagement Audit and Systems Inspection Reports both Banking andIssue Departments will be entrusted to the Manager (Audit, Budget and Co-ordination Cell) of the Auditee Office. He will ensure that compliance inrespect of Management Audit and Systems Inspection Report is obtainedfrom the Sectional/Departmental-in-Charges and put up to the Officer-in-Charge who will be the final authority for accepting the compliance in respectof action paragraphs and treat them as closed provided he is satisfied that theobservations made in the Inspection Report are fully complied with.

17.3 To facilitate quick identification of paragraphs requiring action by the

Office orCentral Office Department, it will be indicated as (Action) or (Action-Central Office Department concerned) at the end of each paragraph of theReport. The action paragraphs will be further classified as Major and Otherdeficiencies.A summary of Major deficiencies will be furnished at the end ofeach chapter. The deficiencies, which are not included in the summary, willbe treated as Other deficiencies. The work of scrutiny and acceptance ofcompliance of Management Audit and Systems Inspection Reports has beendecentralised. The acceptance of the compliance of Other deficiencies hasb d l t d t th Offi i Ch f th A dit Offi I ti


12/21

(d) Compliance of Other deficiencies accepted by the Officer-in-Charge willbe advised to Inspection Department in the prescribed format (Annex II).

(e) Compliance furnished to Inspection Department in respect of Majordeficiencies should be complete and state in specific terms the remedialaction taken by Auditee Office. The forwarding letter should be signed bythe Officer-in-Charge of the Auditee Office or should specifically indicatethat it is being sent with his approval/clearance.

(f) Substantial portion of the Management Audit and Systems InspectionReport is required to be complied with by Auditee Offices in the firstcompliance report itself. Cent per cent compliance is ordinarily expectedwithin three months of submission of the Report.

18 Inspection/Audit of an Auditee Office will not in any manner absolvethem of their primary responsibilities in the performance of the work withaccuracy and in accordance withthe prescribed procedure and failure on the

part of the Inspection Unit to point out any discrepancy will not absolveAuditee Office of the lapse/ irregularity.

19 Irregularities in Audit Reports- Non-compliance

In case it is not possible to furnish a compliance certificate in respect of anyparagraph of the Inspection/Audit Report, the Office will convey the same tothe Inspection Department together with the reasons for non-compliance

th f Th iti h ld b i d d d i d til ll th


13/21

Inspection to assess the adequacy and effectiveness of internal controls(management/ operational/ technical) and provide independent assurance

(with external assistance, wherever required) about the compliance ofInformation Systems in use in the Bank with its policies, standards andprocedures, as well as with regulations/ industry standards/ guidelines/bestpractices/frameworks set by internationally recognized professionalbodies/associations while conforming to the standards of audit practice andethical behaviour. The assessment generally includes a review of:

a. Management Controls (information security policy, information/computer security program management, information/ computer security riskassessment/ management, security and planning in the information systemlife cycle, assurance, etc.),

b. Operational Controls (personnel/user issues, preparing forcontingencies and disasters, information/computer security incident handling,awareness, training, and education, security considerations in information

systems support and operations, physical and environmental security, vendormanagement); and

c. Technical Controls (identification and authentication, logical accesscontrol, audit trails, cryptography, shared infrastructure, network andcommunication channels, etc.)

23 Risk Based Inspection/Audit (RBIA)


14/21

25 Quick Follow-up Inspection

The Chief General Manager/General Manager, Inspection Department may, ifconsidered necessary, conduct a Quick Follow-up Inspection of anOffice/Branch about three months after the completion of the regularinspection to assess the pace of progress made in the implementation as alsoto ascertain bottlenecks, if any, in securing total compliance. The findings ofthe Follow-up Inspection will then be deliberated upon by a committeeconsisting of Executive Director in-Charge of DAPM, Executive Director in-Charge of Inspection Department and Chief General Manager in-Charge ofDAPM.

26 Certifications

The Department is entrusted with the task of co-ordinating the efforts foroutsourcing Certifications as per international standards like, InternationalStandards Organization (ISO) across selected work areas/Departments with

effect from September 2004. The various activities undertaken by theDepartment in this regard are:

(a) To arrange and co-ordinate the implementation of various internationalstandards in the domain of Quality Assurance, Management, RiskAssurance, Information Technology/Information Security etc. asdecided by the Bank from time to time.

(b) T t f ( ) b th h i l t ti f


15/21

The Committee will be chaired by the Executive Director in-Charge of theInspection Department. All other Executive Directors will be its members.

Chief General Manager of Inspection Department will be the MemberSecretary. It will review the compliance position in respect of ManagementAudit & Systems Inspection Reports of Offices/Central Office Departments,hold discussions with the respective Regional Director/Chief GeneralManager/Officer-in-Charge/Principal/Chief Executive Officer and issuedirections as deemed appropriate. Serious irregularities which may lead/hasled to potential loss to the Bank, frauds, etc., deviations from laid downpolicies/non-implementation of policy guidelines and other critical areas wouldbe identified by the Executive Directors' Committee for submission to theInspection and Audit Sub-Committee of the Committee of Central Board.

b) Inspection and Audit Sub-Committee of the Central Board

The Inspection and Audit Sub-Committee (IASC) of the Central Board reviewsthe Inspection and Audit Reports and their compliance at periodic intervals,

and also with a view to giving a sharper focus to the internal audit andinspection exercises towards maximizing productivity and efficiency ofoperations. The IASC will consist of four Directors of Central Board,nominated by the Governor besides the Deputy Governor in-charge of theInspection Department and Executive Directors in-charge of the Departmentof Administration and Personnel Management and Inspection Department.The Chief General Manager of the Inspection Department will be the Member-Secretary of the Committee. The other Deputy Governors and the ExecutiveDi t ill tt d ti f th S b C itt b i it ti Th


16/21


17/21

First/ monthly Compliance as on

_______________________________________________________________________

_____

Chapter No. &

Para No.

Action taken ( To be reported only in

respect of paragraphs on which

compliance is complete @

Comments of Inspection

Department

(1) (2) (3)

(To be left blank )


18/21

Management Audit & Systems Inspection (latest):

Compliance position as on _____________________________________________________________________________

Total No. of paragraphs on

which action is called for

from the office *

Total No. of paragraphs

complied with fully

Percentage of

compliance

(1) (2) (3)

Banking Issue Banking Issue Banking Issue

No. Date:

Forwarded to the Chief General Manager, Reserve Bank of India, Inspection

Department, Central Office, C-7, Bandra-Kurla Complex, Bandra (East) , Mumbai-

400 051


19/21

CONCURRENT AUDIT/SNAM* Annex - III

Name of the Auditee Office:______________________________________________________Position for the quarter ended:____________________________________________________Banking/Issue Department (Only in respect of ROs) to be given separately.

Part I STATISTICAL DATA

Sr.No.

Monthsof the

quarter

TotalNo. ofParas

Financial Paragraphs Non-Financial Paragraphs Remarks

Major Others

TotalActionParas

Complied with

Outstanding

% ofComplia

nce

TotalActionParas

Complied with

Outstanding

% ofComplianc

e

TotalActionParas

Complied with

Outstanding

% ofComplia

nce

(1)

(2) (3) (4) (5) (6) (7) (8) (9) (10) (11) (12) (13) (14)

@

@

@

Part II Details of Outstanding paragraphs (including outstanding paras of earlier quarters, if any, in terms of InspectionDepartment Circular Insp.AMC.No.2251/05.01.01/2004-05 dated 11.01.2005)

Sr.No. Quarter ended Para Nos. Nature of Para F/M/NF

Particulars in brief Reasons for Outstanding

F- Financial, M- Major, NF- Non-financial


20/21

Part III List of CA Reports findings/observations referred to COD/Inspection Department, if any, in terms of para 4(vii) ofInspection Department Circular Insp.AMC.No.2251/05.01.01/2004-05 dated 11.01.2005.

Part IVCertified that CA Reports paragraphs complied with were approved by the RD/CGM-in-Charge and accepted by the Concurrent Auditors.

@Indicate the month-wise position of bthe relating quarter*Where SNAM Audit was conducted, the position may be furnished separately.

SignatureDesignation

20


21/21

Annex IVControl Self-Assessment Audit (CSAA)

Name of the Auditee Office:___________________________

CSAA report for the half-year ending 30 June. / 31 December ..Reporting position as on 30 September.. / 31 March.@

Banking /Issue Department (only in respect of ROs) to be given separately.

Part I - STATISTICAL DATA

Sr.No

Total No. ofParas

Total ActionParas

No. of Paras Remarks

Compliedwith

Outstanding % of compliance

1 2 3 4 5 6 7

Part II - Details of outstanding paragraphs (including outstanding paras of earlier half year if any in terms of InspectionDepartment Circular Insp.AMC.No.2251/05.01.01/2004-05 dated 11-01-2005)

Sr.No

Para Nos. Half-year ended Particulars in brief Reasons foroutstanding

Part III- Certified that CSAA exercise was undertaken strictly as required in terms of Inspection Department's Instructions of

para 3 of circular letter No. INSP.Plan No. 4737/02.02.198/2003-04 dated 14-06-2004.@ Compliance statement showing the position as on 30 Sept and 31 March should be furnished on or before 15 October and 15 April each yearrespectively.

SignatureDesignation

21

inspection and audit manual eng

Documents