ICSI

AUDITING
STANDARDS
 Journey

ICSI constituted Released four Final Versions

the ASB Auditing Standards Oct, released and April
July for Public Comments 17– recommended by May Recomme 01
ASB
2016 May 18 2019 ndatory 2021
y
Consultation Four
September May
May process carried July 01 Mandatory
1st
Meeting of ASB 2017 out at various 2018 standards
2016 places 2019
held at New Delhi Approved and
released by
Council
 Why Auditing Standards?

Study made by SEBI/NSE on Secretarial Audit

Reports for the year ended at 31.03.2015

Observations of NSE/SEBI on variations in

reporting and need expressed for standardizing
the audit process & reporting

Increase the confidence of stakeholders on the

audit reports

Reduce the possibilities of mistakes by Auditor

 Why Auditing Standards?

Auditing Standards constitute the

criteria or the yardstick against
which the quality of the Audit
Results is evaluated

Auditing Standards provide

minimum guidance for the Auditor
that helps determine the extent of
audit steps and procedures that
should be applied to the audit
objective
 Why Auditing Standards?

Dave Williamson said:

“Any move towards standardization is a move in
the right direction”

Keeping this thought in mind,

the Institute of Company
Secretaries of India has made an
attempt to standardize one of the
most significant activities
undertaken by its members, i.e.,
‘Audit’
 Why Auditing Standards?

Duties of Auditors as specified in the Companies Act, 2013:

 Section 143(12): Duty to report any instance of Fraud

The auditor, if he is of the reasonable opinion that an offence of fraud of amount(s) as may be specified is
being or has been committed in the company by its officers or employees, then he is dutybound to report
such instance to the Central Government, the audit committee or the Board of the Company as the case
may be.

 Section 143(13): Applicability of Section 143 of the Companies Act, 2013

“The provisions of this section shall mutatis mutandis apply to—

(a) the cost accountant conducting cost audit under section 148; or
(b) the company secretary in practice conducting secretarial audit under section 204.”
 Initiative by ICSI

The Institute of Company Secretaries of India recognised the need to provide

support to its members for:
i) developing auditing acumen, audit techniques and tools
ii) inculcation of best auditing practices

Hence it has developed four Auditing Standards under the

aegis of ‘ICSI Auditing Standards Board’
 Scope of
Auditing Standards Board

Formulation and Development of

Standards and Guidance Notes

Revision, improvisation and Identification

of prospective Auditing Areas

Making recommendations for Capacity

Building

Making recommendations for regulation of

Audits
Objectives of Auditing Standards

Integrate
Law Practices

Process Documentation

Standardize Harmonize
Auditing Standards – CSAS – As Released by ICSI

Audit Engagement Audit Process and

1 2 Documentation

Forming of Opinion Secretarial Audit

3 4
 Illustrative List of Audits undertaken by Practising Company Secretaries
Type of Audit Act/Regulation Section/Regulati Auditee
on No.
Secretarial Audit Companies Act, 2013 204 Company
Secretarial Audit SEBI (LODR) Regulations 24A Listed Entities
2015
Internal Audit Companies Act, 2013 138 Company
Audit of Depository SEBI (Depositories and 76 Sole Proprietorship,
Participants Participants) Regulations Partnership Firm,
2018 read with SEBI circular LLP,
no. SEBI/HO/MRD/ DOP2- Company
DSA2/ CIR/P/2019/22 dated
January 23, 2019
 Illustrative List of Audits undertaken by Practising Company Secretaries
Type of Audit Act/Regulation Section/Regulati Auditee
on No.
Internal Audit of Stock SEBI (Stock and sub-broker) SEBI circular no. Sole Proprietorship,
Internal Audit of Stock SEBI (Stock & Sub-Broker) SEBI Circular Sole Proprietorship,
Brokers Regulations 1993 [Link]/ HUF,
DPSIII/ Cir-26/ 08 Partnership Firm,
LLP,
Company
Internal Audit of Investment SEBI (Investment Advisors) 19(3) Sole Proprietorship,
Advisors Regulations 2013 Partnership Firm,
LLP,
Company
Internal Audit of Portfolio SEBI (Portfolio Managers) SEBI circular no. Body Corporate
Managers Regulations 1993 IMD/PMS/
CIR/1/21727/ 03
dated November 18,
2003
 Illustrative List of Audits undertaken by Practising Company Secretaries
Type of Audit Act/Regulation Section/Regulati Auditee
on No.
Internal Audit of Credit SEBI (Credit Rating SEBI circular Public Financial
Rating Agencies Agencies) Regulations 1999 [Link]/CRA/ Institution,
CIR-01/2010 dated Scheduled
January 06, 2010 Commercial
Bank,Foreign Bank
operating in India,
Foreign Credit
Rating Agency
operating in India
Internal Audit of Research SEBI (Research Analysts) 25(3) Sole Proprietorship,
Analysts Regulation 2014 Partnership Firm,
LLP,
Company
AUDITS BY PEER REVIEWED UNITS
The following Secretarial Audits / Secretarial Compliance Reports can be
undertaken ONLY by Peer Reviewed units:

Top 100 companies as per market capitalization w.e.f. April 01, 2020

Top 500 companies as per market capitalization w.e.f. April 01, 2021

All listed companies w.e.f. April 01, 2022

All companies w.e.f. April 01, 2023

 Principles not the Procedures

PRINCIPLES
Procedures are part of
Guidance Note
No Immunity
No pick and choose
Letter and Sprit
 Framework of Standards

All four released standards are Scope

having common framework
Effective Date

Objective

Definition

Text of Standard
 Scope of Standards

Details CSAS-1 CSAS-2 CSAS-3 CSAS-4

Applicable Audit Engagement under Audit under any Audit under any Secretarial Audit
any statute statute statute under S-204 of the
to Auditor CA, 2013
undertaki
ng
Deals with Auditor’s role and Responsibilities Basis and manner Basis and manner
responsibilities with and duties of the for forming for carrying out the
respect to an Audit Auditor with Auditor’s opinion Secretarial Audit
Engagement and the respect to Audit on subject matter
process of entering into Process in of the audit
an conducting audit
understanding/agreeme and maintaining
nt with the Appointing proper audit
Authority for the purpose documents
of audit
 Effective Date of Standards

Audit Engagement Audit Engagement

Accepted on and after Accepted on and after
July 1, 2019 April 01, 2021

Recommendatory Mandatory
 Objectives of Standards

CSAS-1 CSAS-2 CSAS-3 CSAS-4

To prescribe for the To prescribe principles for an To enable the To lay down
Auditor, principles and Auditor:
procedures to be (i) to conduct audit as per the
Auditor to lay the principles
followed while specified audit process; down the basis for
accepting or (ii) to maintain documentation and manner for evaluation of
continuing with an that provide:
Audit Engagement by (a) sufficient and appropriate
evaluation of statutory
agreeing to the terms record to form the basis for the the conclusions compliances
of engagement with the Auditor’s Report; and drawn from the and
Appointing Authority or (b) evidence that the audit was
any changes therein planned and performed in
Audit Evidence corporate
and matters relating accordance with the applicable obtained and conduct in
thereto Auditing Standards and express the relation
statutory opinion through thereto
requirements.
written report.
CSAS-1 - Auditing
Standard on Audit
Engagement
 Overview

Audit Limits on Change in

Conflict of
engagement Audit Confidentiality terms of
Interest
process engagements engagement
 Scope

• CSAS-1 is applicable to the auditor undertaking audit engagement

under any statue

• Deals with Auditor’s Role and Responsibilities with respect to

a. an audit engagement and
b. the process of entering into an understanding/ agreement with
the Appointing Authority for the purpose of audit
 Effective Date

• Voluntary - w.e.f. 1st July 2019

• Original Mandatory - w.e.f. 1st April 2020

• Revised Mandatory - w.e.f. 1st October 2020

• Final Mandatory implementation – w.e.f. 1st April 2021

for audit engagements accepted by the Auditor
 Objective

• to prescribe principles and procedures to be followed by

an Auditor for accepting or continuing an Audit
engagement

• Auditor shall agree to the terms of engagement with the

Appointing Authority including for any changes or
modifications
 Definition
For the purpose of CSASs unless specified otherwise, the
terms shall have following meaning attributed to them:

 “Appointing Authority” means any person having authority to

appoint the Auditor.

 “Audit Engagement” means detailed terms of reference of

appointment including scope of audit, remuneration and limiting
conditions, if any.

 “Auditee” means a person subject to audit.

 Definition
 “Auditor” means a Company Secretary who is deemed to be in practice
under sub-section (2) of Section 2 of the Company Secretaries Act, 1980
and includes a firm or Limited Liability Partnership (LLP) registered with
ICSI, undertaking an Audit.

 “Management” includes Board of Directors and persons who are entrusted

with the responsibility of governance and compliances of the Auditee

 “Predecessor or Previous Auditor” means an Auditor who has conducted

the most recent audit assignment of the Auditee and submitted report
thereon prior to the incumbent Auditor or was engaged but did not
complete the audit assignment due to his resignation, termination or
otherwise
 Process
1. Audit Shall be in the manner prescribed in the
1.1
Engagement Appointment Act/Rules etc.
Process of Auditor
Shall be in the manner prescribed by the
Appointing Authority if not specified in the
Act/Rules etc.
Auditor shall submit eligibility certificate for
appointment to the Appointing Authority

Auditor shall obtain appointment letter along

with copy of resolution, if any, and give
acceptance to the Appointing Authority
 Process
Shall inter-alia, include the following:
1. Audit 1.2 Audit  Objective & Scope of the Audit
Engagement Engagement
Process Letter  Responsibilities of the Auditor & the
Auditee
 Written Representations including particulars
of previous Auditor from the Management

 Period within which Audit Report shall be

submitted by the Auditor with mile stones, if
any
 Commercial Terms including reimbursement of
OPE in connection with the audit

 Limitation of the Audit, if any

 Process
 Engagement Letter shall contain:

A. reference to the provisions of law/act/rules etc. if

1. Audit 1.2 Audit following aspects are contained therein:
Engagement Engagement
Process Letter • the objective and scope of the audit

• responsibilities of the Management and

• responsibilities of the Auditor

B. a statement that the Management acknowledges and

understands its responsibilities for:

• preparation and maintenance of records

• devising proper systems to ensure compliance with

applicable laws/act/rules etc., applicable for the time
being in force
 Process
1.3
1. Audit
Intimation  Before accepting the audit engagement, the Auditor
Engagement
to previous shall communicate in writing to the Predecessor or
Process
auditor Previous Auditor, if any

2. Limit on
No. of  The Auditor shall ensure that the number of audit
Audit engagements are within the limit specified in the law
Audits
Engagements
or by the Institute as the case may be
 Process
 Auditor shall not have Substantial Conflict of Interest with
Conflict
3. Conflict Auditee
of
of Interest Interest  Auditor shall disclose before accepting audit engagement or as
soon as he becomes aware of conflict of interest, other than
substantial conflict of interest, if any

 Holding shares or having voting power by the Auditor* in

Auditee entity above certain thresh hold limit – holding more
Substantial than 2% of the paid up share capital or holding shares of
Conflict of nominal value or Rs.50,000/-, whichever is lower or more
Interest than 2% of the voting power as the case may be
2
 Indebtedness of the Auditor* to the Auditee entity exceeding
Rs.5,00,000/-# other than in ordinary course of business
* singly or along with partners, spouse, parent, sibling,
child of such person or of the spouse any of whom is  Previous employment of the Auditor with the Auditee, its
financially dependent on such person. holding or subsidiary and 2 years have not elapsed from the
date of cessation of employment.
 Process

The Auditor
4.
 shall not disclose information obtained during the course of
Confidentiality
audit except under following circumstances:
• if permitted by the Auditee or
• If there is legal obligation or duty to disclose

 shall not use or share information obtained during the course

of audit with any body except for the purpose of Audit
 shall ensure that his audit team and other experts engaged by
him for the purpose of audit or to provide advice shall also
adhere to the confidentiality
 Process
5. Changes
 Auditor shall not agree for change in the terms of Audit
in Terms of
Engagement Engagement unless there is reasonable justification

 If the Auditee wants change in the scope of Audit before

completion of assignment resulting in lower level of assurance,
the Auditor shall consider appropriateness of carrying out the
Audit
 Change in the terms shall be agreed by way of Supplementary or
revised Engagement Letter or in any suitable manner in writing
 CSAS-2 - Auditing
Standard on Audit Process
and Documentation
 Audit Planning

Record
Keeping and
Risk
Assessment
Overview
Retention

Information
Documentation about the
Auditee

Analysis of Audit Check-

Audit Evidence lists

Collection and
Third Party
Verification of
Confirmation
Audit Evidence
 Scope

• CSAS-2 is applicable to the Auditor undertaking audit under any

statue

• The Standard deals with Auditor’s responsibilities and duties with

respect to:

a. audit Process in conducting audit and

b. maintaining proper audit documents
 Effective Date

• Voluntary - w.e.f. 1st July 2019

• Original Mandatory - w.e.f. 1st April 2020

• Revised Mandatory - w.e.f. 1st October 2020

• Final Mandatory implementation – w.e.f. 1st April 2021

for audit engagements accepted by the Auditor
 Objective

• to prescribe principles for an Auditor:

• to conduct audit as per the specified audit process
• to maintain documentation that provide:
• sufficient and appropriate record to form the basis for the
Auditor’s Report and
• evidence that the audit was planned and performed in
accordance with the applicable Auditing Standards and
statutory requirements
 Definition
For the purpose of CSASs unless specified otherwise, the
terms shall have following meaning attributed to them:

 “Audit Documentation” means the working papers prepared or

records obtained by the Auditor in connection with the audit

 “Audit Evidence” refers to relevant information and documents

gathered in the course of the audit for arriving at the conclusion on
which the Auditor’s opinion is based.

 “Management” as defined in CSAS-1

 Definition
 “Auditor” means a Company Secretary who is deemed to be in practice
under sub-section (2) of Section 2 of the Company Secretaries Act, 1980
and includes a firm or Limited Liability Partnership (LLP) registered with
ICSI, undertaking an Audit.

 “Management” includes Board of Directors and persons who are entrusted

with the responsibility of governance and compliances of the Auditee

 “Predecessor or Previous Auditor” means an Auditor who has conducted

the most recent audit assignment of the Auditee and submitted report
thereon prior to the incumbent Auditor or was engaged but did not
complete the audit assignment due to his resignation, termination or
otherwise
 Process
Audit The Auditor shall make audit plan to conduct audit as per the terms of
Planning 1.1
Audit Engagement
Audit Planning is to establish and develop an overall audit process,
1.2 including:

• identification of broad audit areas

• seeking previous audit findings and observations from the

Management and the Previous Auditor

• determination of subject matters and audit areas requiring special

attention

• risk assessment and materiality

• audit technique
• allocation of audit resources for the audit

• preparation of audit schedule

 Process
shall ensure that qualitative audit is carried out in an
Manner efficient, effective and timely manner
1. Audit
1.3 of
Planning Planning
shall ensure that crucial areas of audit and significant
issues are identified in a timely manner

1.4 Skepticism shall plan the audit with professional skepticism for
exercising professional judgment in an objective manner

1.5 Adhere to Shall adhere to the audit plan and may modify the plan if
Plan
circumstances so warrant
 Process
The Auditor
2. Risk
2.1  shall look into risk assessment with respect to the Auditee
Assessment
connected to Audit Engagement, considering industrial &
business environment, organisational structure and
compliance requirements
2.2  shall evaluate high risk areas and activities of the Auditee
relating to:
a. i) internal control systems

ii) processes of the Auditee for adherence to:

 the constitutional documents
 applicable laws, acts/rules/regulations and standards

b. transparency, prudence and probity and

c. changes or attrition in the compliance team and frequency
of such changes and attrition.
 Process
3. About  The Auditor should obtain sufficient information about
Information the
the Auditee that is relevant for:
Auditee

a) conduct of audit and

b) for forming opinion and its expression

 Process
4. Audit Use of  Auditor shall use systematic and comprehensive audit check-
Checklist Checklist lists for:

a) carrying out the audit and

b) to verify the compliance requirements

 Process
5. Collection
&
Verification 5.1  Auditor shall:
of Audit
Evidence a) verify compliance with applicable laws/act rules/ regulations
and standards
b) deviation, if any, shall be recorded.

5.2 obtain complete, relevant and necessary evidence to support the

opinion

continue the process of gathering and evaluating evidence until

5.3 satisfied that sufficient and appropriate evidence exists to provide
a basis for formation of the Audit Opinion.
 Process

6. Third  Auditor shall obtain confirmations from third

Party Responsibility party(ies), wherever required with respect to
Confirmation information:
a. which is related to such party(ies) and
b. which is relied upon
 Process

7. Analysis  Auditor shall evaluate the Audit Evidence to arrive

of Evidence 7.1 Evaluation
at the conclusion

 if Audit Evidence is conflicting, assess the extent

7.2 Evaluation and credibility of conflicting evidence in order to
reach a conclusion or collect more evidence to
resolve the conflict
 Process
Auditor shall adequately document the Audit Evidence in
Documentation 8.1 Adequacy working papers, including the basis and extent of planning, work
performed and the findings of audit

a) Audit documents shall contain sufficient information

8.2 Evaluation b) should enable an Auditor having no previous connection with

the audit to ascertain from such documentation the significant
findings and conclusions of the Auditor

a) Audit Documents shall take place throughout the audit

process.
Collection
8.3 & b) Working papers shall be complete and appropriately detailed
Indexation to provide a clear trail of the audit.

c) Audit Documentation shall be properly indexed, referenced

with and supplemented by the set of working papers
 Process
Documentation 8.4

Discussions  Auditor shall document:

with the discussions with the Management with respect to
Management significant matters in respect of which written record
is not available.
 Process
9. Record Policies &
9.1  Auditor shall establish policies and procedures for
Keeping & Procedures retention of Audit Documents
Retention

9.2 Collation  Audit documents shall be collated for records within a

Period period of 45 days from the date of signing of Auditor’s
Report

9.3 Mode of  Audit documents shall be maintained in physical or

Retention electronic form

9.3 Retention  Audit documents retained for a period of 8 years from

Period the date of signing of Auditor’s Report
 CSAS-3 - Auditing
Standard on Forming of
Opinion
 Overview

Process for Third Party

Precedence Form of an Auditor’s Format of
forming of Report or
and Practices Opinion Responsibility Report
opinion Opinion
 Scope

• CSAS-3 is applicable to auditor undertaking engagements under any statue

• The Standard deals with basis and manner for forming Auditor’s opinion on
subject matter of the audit
 Effective Date
• Voluntary - w.e.f. 1st July 2019

• Original Mandatory - w.e.f. 1st April 2020

• Revised Mandatory - w.e.f. 1st October 2020

• Final Mandatory implementation – w.e.f. 1st April 2021

for audit engagements accepted by the Auditor
 Objective

• to enable the Auditor to lay down the basis and manner for
evaluation of the conclusions drawn from the Audit
Evidence and

• to express the opinion through written report

 Definition
For the purpose of CSASs unless specified otherwise, the terms shall have following
meaning attributed to them:

 “Audit Evidence” as defined in CSAS-2

 “Misstatement” means any information or statement which is false, incorrect,

incomplete, misleading or misrepresents, omits or suppresses a material fact.

 “Materiality” is the threshold above which missing or incorrect information is

considered to have an impact on the decision making of the Auditor. Information
is considered as material if its omission or misstatement could influence the
opinion of the Auditor. Materiality can also be construed in terms of net impact.
 Definition
 “Records” include:
(i) Memorandum and Articles of Association, byelaws or any other constitutional
documents
(ii) Minutes, returns, forms, index and Registers
(iii) Books and papers including books of accounts, deeds, vouchers
(iv) Agreements, Memorandum of Understanding
(v) Other documents maintained by the Auditee either in physical or electronic form and
(vi) Correspondence

 “Third Party” means any person who does not have a direct connection with the audit but
whose inputs or opinion might influence the audit conclusion and includes an expert
 Process
1. Process
for  Auditor shall consider Materiality while forming his opinion
forming 1.1 Principles
and adhere to:
of a. The principle of completeness - Auditor should consider all
Opinion relevant Audit Evidence before issuing a report
b. The principle of objectivity - Auditor should apply
professional judgment and skepticism to ensure that all
reports are factually correct and that findings or conclusions
are presented in a relevant and appropriate manner
c. The principle of timeliness - implies preparing the report
within due time and
d. The principle of a contradictory process - implies checking
the accuracy of facts and incorporating responses from
concerned persons
1.2 Judgements
Auditor may consider various judgments, clarifications, opinion,
etc.
conflicting interpretations while framing the opinion
 Process
2.
Precedence  Auditor shall adhere to generally accepted precedence and
Precedents
and practices in relation to forming of an opinion
Practices
 Process
3. Third
Opinion or  Auditor shall adhere to the following while forming an opinion
3
Report based on third party reports or opinions:

a) indicate the fact of use of third party report or opinion and

record the circumstances necessitating the use of third party
report or opinion

b) indicate the fact if third party report or opinion is provided by the

Auditee

c) shall consider the important findings/observation of third party

d) if necessary and feasible, carry out a supplemental test to check

veracity of the third party report or opinion
 Principle of “Contradictory Process”

Meaning: checking the accuracy of facts and incorporating responses from concerned persons

When two contradictory facts emerge on same subject matter of audit, Auditor must strive to find additional
evidence/material which supports or negates one of the facts.

This process must continue until one of the facts is eliminated

In case of inability to find further evidence/material and contradiction continues to persist,

Auditor should bring out that fact clearly in his report and if circumstances warrants, disclaim
opinion on that particular subject matter
 Principle of “Contradictory Process” (Part 2)

It also implies checking the accuracy of facts with the Auditee and incorporating responses
from responsible officials as appropriate

Auditor should consider relevant evidential matter regardless of whether it appears to

corroborate or to contradict the assertions

Auditor should consider all relevant evidential matter even though it might contradict or be
inconsistent with other conclusions

Audit documentation must contain information or data relating to significant findings or issues
that are inconsistent with the Auditor’s final conclusions on the relevant matter
 Process
4. Form
of Limitation If limitation on scope of audit is imposed by the Appointing
4.3.1
Opinion Authority after accepting the Audit and

If the opinion of the Auditor limitation is likely to result in

expressing a modified opinion or a disclaimer in the opinion
then

He shall request the Appointing Authority to remove the

limitation

If the Appointing Authority refuses to remove the limitation, the

4.3.2 Refusal Auditor shall take up the matter with the Management and
determine whether it is possible to perform alternative
procedure to obtain sufficient and appropriate Audit Evidence
 Process
4. Form If the Auditor is unable to obtain sufficient and
of 4.3.3 Limitation appropriate Audit Evidence, the Auditor shall
Opinion determine the implications and:

a. If the Auditor concludes that the possible effects of

unavailable Audit Evidence could be non-material,
the Auditor shall modify the opinion or

b. If the Auditor concludes that the possible effects of

unavailable Audit Evidence could be material, the
Auditor shall express disclaimer of opinion
 Process
 Auditor’s Report shall include a section with the
5. Auditor’s Section in heading “Auditor’s Responsibility”.
Responsibility 5.1 the Audit Auditor shall in his report state that:
Report • his responsibility is to express opinion on the
compliance with the applicable laws is based on the
records maintained audited by him.
• the audit was conducted in accordance with
applicable Standards.

 The Auditor’s Report shall also explain that the

Standards require that the Auditor comply with
statutory and regulatory requirements and plan and
perform the audit to obtain reasonable assurance about
compliance with applicable laws and maintenance of
Records
 Process
5. Auditor’s Unavoidable  Auditor’s Report shall state that even though the audit is
Responsibility 5.2 Risks properly planned and performed in accordance with the
Standards

• there are inherent limitations of an audit (including

internal, financial and operating controls) and

• there is an unavoidable risk that some misstatements

or material non-compliances may not be detected
 Process
 The report shall be addressed to the Appointing
6. Audit Authority unless otherwise specified in the Audit
6.1 Format
Report Engagement Letter or provided in the applicable law

 Report shall be detailed enough to serve its intended

purpose

 If specific formats are prescribed the formats shall be

followed for reporting

 If information cannot be appropriately placed within the

report, it shall be given in form of annexure(s).
 Process
6. Audit  In the signature block mention the:
6.2 Signature
Report
• name of the audit firm

• registration number of the firm, if any

• name of the Auditor

• COP number

• the membership number of the Auditor [specify

whether associate or fellow member]

• place of signing the report

• date of signing the report

 CSAS-4 - Auditing
Standard on Secretarial
Audit
 Adherence to other standards

The Auditor shall adhere to the Auditing

Standards on – (a) Audit Engagement (CSAS-1);
(b) Audit Process and Documentation (CSAS-2);
and (c) Forming of Opinion (CSAS-3).
 Identification and
segregation of
applicable laws

Identification and Reporting Verification of

of events/actions having corporate conduct
major bearing on Auditee’s and compliance of
affairs laws

Reporting of Fraud
Overview Board Composition

Detection of Fraud Board Processes

System and Process

 Scope

• CSAS-4 is applicable to the Auditor undertaking Secretarial Audit under Section

204 of the Companies Act, 2013 and rules made thereunder

• The Standard deals with the basis and manner for carrying out the Secretarial
Audit
 Effective Date
• Voluntary - w.e.f. 1st July 2019

• Original Mandatory - w.e.f. 1st April 2020

• Revised Mandatory - w.e.f. 1st October 2020

• Final Mandatory implementation – w.e.f. 1st April 2021

for audit engagements accepted by the Auditor
 Definition

For the purpose of CSASs unless specified otherwise, the terms shall have following
meaning attributed to them:

 “Management” as defined in CSAS-1

 “Records” as defined in CSAS-3

 Process
1.
Identification
and
1 5.1  Auditor shall make a note of the industry specific laws and other
Segregation laws applicable to the Auditee based on:
of Applicable
Laws a. the identification/segregation by the Management and

b. his own verification

Verification of Corporate Conduct
and Compliance of Laws
 Process
2.
Verification  identify events/corporate actions that took place during
of Corporate
2.1 5.1 Identification the audit period by reviewing:
Conduct and of Events & a. the website of the regulators
Compliance Corporate b. website of the Auditee
of Laws Actions c. statutory records
d. by interaction with the Management and in any other
appropriate manner.

 verify all events and calendar based compliances for the

Verification audit period from:
2.2 of a. records of the Auditee
5.3 Compliance b. database or website of the regulators and
c. other sources
Board Composition
 Process
 Check compliance of the:
3. Board
Compliances a. Companies Act, 2013
Composition
b. SEBI (Listing Obligations and Disclosure Requirements)
Regulations 2015, if applicable

c. Agreement with Lenders/Investors

d. Articles of Association

e. Provisions of other Acts /rules/regulations

f. Guidelines and policies

g. Board decisions

h. Shareholders decisions
 Process
33. Board 3.
3.1
Overall  Check overall composition including the
Composition 1 composition minimum and maximum strength of the Board.

3.2 Optimum  Check optimum combination as may be applicable

Combination with respect to:
a. executive directors
b. non-executive directors
c. independent directors
d. non-independent directors
e. retiring directors
5.3 Verification
of f. non- retiring directors
Compliance g. woman directors
h. nominee directors
 Process
3. Board 5.1
3.3  Check the eligibility criteria including
Composition Eligibility
disqualifications

3.4 Committees  Check the constitution and composition of

Committees of the Board
Board Process
 Process
5.1
Eligibility
Check whether the decisions of the Board and its Committees are
4. Board
4 taken and recorded in compliance with applicable laws, rules,
Process
regulations, guidelines, standards and defined internal processes, if
Committees
any.
Systems and Process
 Process
5. Assessing
efficacy & 5.1  By reviewing records maintained by the Auditee
5.1
adequacy of
Systems &  By understanding:
5.2
Processes a. compliance responsibility centers
b. control points matrix
c. flow of information
d. mechanism for escalation of non-compliances to
different levels
e. reporting of any noncompliance.

5.3  Assess compliance mechanism, its extent, coverage and severity

5.3 mapping
 Assess compliance manual/standard operating procedures, if
any, available with the Auditee.
 Process
5. Assessing
efficacy & 5.4  Analyze instances of:
5.1
adequacy of
Systems &
a. show cause notices received
Processes
b. prosecution initiated
c. fine or penalties levied
d. imprisonment ordered
e. qualification, adverse remark or observations in the statutory,
internal or industry specific audit
f. orders passed by regulatory bodies or judicial/quasi-judicial
5.3 authorities
 Process
6. Detection
6.1 5.1  Exercise professional judgment with professional skepticism
of Fraud throughout the audit to detect and report the fraud envisaged under
the provisions of Section 143(12) of the Companies Act, 2013 read
with Companies (Audit and Auditors) Rules, 2014.

6.2  If commission of fraud suspected, collect further evidence for the

same.

 The suspicion may arise:

a. on perusal of internal control systems

5.3
b. complaint under whistle blower mechanism and
c. reports of the other auditors etc.
 Process
Detection 5.1
6.3  ensure to collect sufficient evidence which substantiates the
of Fraud
suspicion of the commission of the fraud against the Auditee by its
employees and officers
 Process
Reporting 5.1 Report to Audit Committee/Board/Central Government as per the
7.1
of Fraud process laid down under the Companies Act, 2013 any commission
of fraud after carrying out thorough checks

7.2  Include the fact of fraud committed in the Secretarial Audit

Report
 Verify whether the Audit Committee/ Board has given any
comments on the fraud reported by the auditor in their report as
required under the Companies Act, 2013

7.3  verify if the fraud detected by other Auditor has been reported to
the Audit Committee/Central Government and report the same in
the Secretarial Audit Report.
 Process
Identification &  Auditor should identify and report in the Secretarial Audit Report:
Reporting of 8.1
5.1
events/actions • all events/actions having major bearing on the Auditee’s affairs in
having major pursuance of the applicable laws, act, rules, regulations, guidelines,
bearing on standards, etc.
Auditee’s affairs
8.2  Following events/actions shall be considered as having major bearing
on the Auditee’s affairs if :
a. it affects going concern or
b. alters the charter or
c. capital structure or
d. management or
e. Business operations or
f. Control etc.
 Guidance Notes on CSAS 1 to
CSAS 4
The Institute of Company Secretaries of India (ICSI), recognising the need to provide support to its
members in developing auditing acumen, techniques and tools and for inculcation of best auditing
practices among its members, has released the guidance notes on CSAS 1 to CSAS 4 in the month of
November, 2020 at the National Convention.

The Guidance Notes on Auditing Standard on Audit Engagement (CSAS 1), Audit Process and
Documentation (CSAS 2), Forming an Opinion (CSAS 3) and Secretarial Audit (CSAS 4) are available
on the website of the institute and can be accessible at
[Link]
UNREGULATED
REGULATED
 ROLE OF COMPANY SECRETARIES

Just as religion and spirituality make a nation great, Good

governance in the sense of ethical, moral and character will make a
company great. The society without values, ethics and character is
like a multistory building without a sound base which may
CRUMBLE & CRUMBLE.
 THANK YOU!

CS Raghavendra J. Joshi
Founder Partner
Joshi and Joshi,
Company Secretaries, Pune
Email:
rjjoshi@[Link]
Mobile No.: (+91) 98230 60396