ICSI AUDITING STANDARDS (CSAS-1 to CSAS-4)
INTRODUCTION
The Institute of Company Secretaries of India (ICSI) issued the following four Auditing Standards applicable on the Audit Engagements accepted by the Auditor: ·
- Auditing Standard on Audit Engagement (CSAS-1)
- Auditing Standard on Audit Process and Documentation (CSAS-2)
- Auditing Standard on Forming of Opinion (CSAS-3)
- Auditing Standard on Secretarial Audit (CSAS-4)
Here “Auditor” means a Company Secretary who is deemed to be in practice under sub-section (2) of Section 2 of the Company Secretaries Act, 1980 and includes a firm or Limited Liability Partnership (LLP) registered with ICSI, undertaking the Audit
The above Standards were made recommendatory w. e. f. 1st July, 2019 and mandatorily applicable for Audit Engagements accepted by the Auditor on or after 1st April, 2020 as per the decision of the Council of the ICSI. However, due to unprecedented situation occurred by the spread of COVID-19, the mandatory applicability was deferred to Audit Engagements accepted by the Auditor 1st October, 2020.
In view of the current situation of the pandemic, the mandatory applicability of the Auditing Standards is hereby further extended and the Standards shall be mandatorily applicable to Audit Engagements accepted by the Auditor on or after 1st April, 2021.
THE AFORESAID STANDARDS HAVE BEEN BRIEFLY DESCRIBED AS BELOW:
AUDITING STANDARD ON AUDIT ENGAGEMENT (CSAS-1)
Scope
This Auditing Standard (‘the Standard’) is applicable to the Auditor undertaking Audit Engagement under any statute. The Standard deals with the Auditor’s role and responsibilities with respect to an Audit Engagement and the process of entering into an understanding/agreement with the Appointing Authority for the purpose of audit.
Objective:
The objective of the Standard is to prescribe for the Auditor, principles and procedures to be followed while accepting or continuing with an Audit Engagement by agreeing to the terms of engagement with the Appointing Authority or any changes therein and matters relating thereto.
Coverage:
- Audit Engagement Process
The Auditor shall undertake the following steps with respect to the Audit Engagement: Pre-Engagement Meeting Before accepting the Audit Engagement, the Auditor should have a pre-engagement meeting with the Auditee. The meeting may inter-alia include discussion about the terms of engagement, prior year audit findings and conclusions, appropriateness of reporting framework, understanding Auditee’s business operations and environment including internal control system, commercial terms of the audit and the timelines and milestones, if any, for conducting the Audit and submission of the Audit Report.
- Appointment-
The appointment of auditor shall be in accordance with applicable laws, acts, rules and regulations, standards and guidelines and if no manner is given, then by manner made by the Appointing Authority.
- Certificate:
Before accepting an audit, the Auditor shall furnish a certificate to the Appointing Authority that: a. The number of audits are within the ceiling prescribed by the ICSI as specified in para 2 of CSAS 1. b. No substantial conflict of interest as defined in para 3 of CSAS-1 exists with the Auditee. c. There is no restriction to render the professional services under ICSI Guidelines. d. He is not debarred to undertake such audit under any law or under the disciplinary mechanism of the ICSI.
- Audit Engagement Letter:
The Auditor shall obtain an Audit Engagement Letter along with a copy of the resolution, if any, passed by the Appointing Authority and shall provide acceptance to the Appointing Authority.
- Communication to the Predecessor or Previous Auditor:
The Auditor shall communicate in writing to the Predecessor or Previous Auditor, if any, before accepting the Audit Engagement.
- Limit of Audit Engagement
The Auditor shall accept Audit Engagement with in the limits prescribed under any law being in force or by ICSI.
ICSI has presribed following limits:-
- 10 secretarial audits by PCS/partner
- An additional 5 audits by partner/PCS ,if unit is peer reviewed.
- Conflict of interest
The Auditor shall not have any substantial conflict of interest with the auditee and any conflict of interest , other than substantial conflict of interest may be disclosed to the auditee.
The conflict of interest explained below shall not be constructed as substantial conflict of interest:-
- Auditor holding not more than 2% of paid up share capital or shares of value Rs. 50,000.
- Auditor indebted for an amount not more than Rs. 5,00,000.
- Auditor was in employment more than 2 years ago.
- Confidentiality
The Auditor shall not disclose the information obtained during Audit without proper and specific authority or unless there is a legal obligation to disclose.
- Changes in terms of Engagement
The Auditor shall not agree to a change in terms of employment without any proper justification. If terms of engagement are changed, the Auditor and Appointing Authority shall agree to the new engagement by way of supplementary deed or any other suitable form in writing.
AUDITING STANDARD ON AUDIT PROCESS AND DOCUMENTATION (CSAS-2)
Scope
This Auditing Standard (‘the Standard’) is applicable to the Auditor undertaking Audit Engagement under any statute. The Standard deals with the Auditor’s role and responsibilities with respect to an Audit Engagement and the process of entering into an understanding/agreement with the Appointing Authority for the purpose of audit.
Objective:
The objective of the Standard is to prescribe principles for an Auditor:
(i) to conduct audit as per the specified audit process;
(ii) to maintain documentation that provide:
- sufficient and appropriate record to form the basis for the Auditor’s Report; and
- evidence that the audit was planned and performed in accordance with the applicable Auditing Standards and statutory requirements.
Coverage:
- Audit Planning
The Auditor shall make audit plan to conduct audit as per the terms of Audit Engagement. he Auditor shall prepare an audit plan, which shall include detailed layout for conducting audit procedures, timings, sample sizes basis of sampling, etc. Audit Planning involves establishing the overall audit strategy for the engagement and development of Audit Plan.
- Risk Assessment
The Auditor shall evaluate high risk areas and activities of the Auditee relating to:
- Internal control systems and processes of the Auditee for adherence to the constitutional documents, applicable laws, acts, rules, regulations and standards;
- Transparency, prudence and probity; and c. Changes or Attrition in the compliance team and frequency of such changes and attrition
- Information about the Auditee
The Auditor shall obtain sufficient information about the Auditee that is relevant for conduct of audit and forming an opinion and its expression.
- Audit Check-lists
The Auditor shall use systematic and comprehensive audit check-lists for carrying out the audit and to verify the compliance requirements.
- Collection and verification of Audit Evidence
The Auditor shall verify compliance with applicable laws, rules, regulations & standards. Any deviation shall be recorded.
- Third Party Confirmation
The Auditor shall obtain confirmations from third party(ies), wherever required, with respect to information which is related to such party(ies)
- Analysis of Audit Evidence
The Auditor shall evaluate the Audit Evidence to arrive at the conclusion.
- Documentation
Documentation of Audit evidence supports audit conclusions and confirms that audit was carried out in the scope of audit. It shall take place throughout the Audit process
- Record Keeping and Retention
The Audit document shall be collated for records within a period of 45 days from the date of signing of the Audit Report and shall be retained for a period of 8 years from the signing of such report
AUDITING STANDARD ON FORMING OF OPINIONS (CSAS-3)
Scope
This Auditing Standard (‘the Standard’) is applicable to the Auditor undertaking Audit under any statute. The Standard deals with basis and manner for forming Auditor’s opinion on subject matter of the audit.
Objective:
The objective of the Standard is to enable the Auditor to lay down the basis and manner for evaluation of the conclusions drawn from the Audit Evidence obtained and express the opinion through written report.
Coverage:
- Process for forming of opinion
The Auditor shall consider materiality while forming its opinion and adhere to
- The Principle of Completeness
- The Principle of Objectivity
- The Principle of timeliness
- The Principle of Contradictory Process
- Judgment, Clarification and Conflicting Interpretation
The Auditor may consider various judgments, clarifications, opinion, conflicting interpretations while framing the opinion to the best of his professional acumen.
- Precedence and Practices
The Auditor shall adhere to generally accepted precedence and practices in relation to forming of an opinion as may be available from historical perspective of any kind of aud
- Third Party Report or Opinion
The Auditor shall consider the important findings/ observation of Third Party;
- Form of an Opinion
There are two types of opinion
- a) Unmodified opinion- The Auditor concludes that
- Due compliance with applicable laws
- Records are free from misstatement
- b) Modified opinion- The Auditor Concludes that
- Non Compliance of applicable laws
- Records are not free from misstatement
- Auditor’s Responsibility
The Auditor’s Report shall include a section with the heading “Auditor’s Responsibility”. Auditor’s Report shall state that the responsibility of the Auditor is to express opinion on the compliance with the applicable laws and maintenance of records based on audit.
- Format of Report
The Report shall be addressed to appointing authority unless otherwise specified in Engagement letter.
Signature block shall mention the name of the audit firm along with the registration number, certificate of practice number, whether ACS or FCS. The Audit Report shall be prepared in detail.
AUDITING STANDARD ON SECRETARIAL AUDITS (CSAS-4)
Scope
This Auditing Standard (‘the Standard’) is applicable to the Auditor undertaking Secretarial Audit under Section 204 of the Companies Act, 2013 and rules made thereunder. The Standard deals with basis and manner for carrying out the Secretarial Audit.
Objective:
The objective of the Standard is to enable the Auditor to lay down the basis and manner for evaluation of the conclusions drawn from the Audit Evidence obtained and express the opinion through written report.
Adherence to other Auditing Standards
The Auditor shall adhere to the Auditing Standards on – (a) Audit Engagement (CSAS-1); (b) Audit Process and Documentation (CSAS-2); and (c) Forming of Opinion (CSAS-3).
Coverage:
- Identification and segregation of applicable laws
The Auditor shall take note of the industry specific laws and other laws as may be applicable to the Auditee based on the identification/segregation by the Management and his own verification
- Verification of corporate conduct and compliance of laws
The Auditor shall identify events/corporate actions that took place during the audit period. The Auditor shall verify all event and calendar based compliances from the Records of the Auditee, database or website of the regulators and other relevant sources
- Board Composition
The Auditor shall verify compliance of the Companies Act, 2013, SEBI (Listing Obligations and Disclosure Requirements) Regulations 2015, agreement with Lenders/Investors, Articles of Association and provisions of other Acts / rules/ regulations, guidelines and policies, board decisions, shareholders decisions, as may be applicable to the Auditee with regard to the overall constitution and composition of Board and Committees of the Board.
- Board Processes
The Auditor shall verify that the decisions of the Board and its Committees are taken and recorded in compliance with applicable laws, rules, regulations, guidelines, standards and defined internal processes, if any
- Systems and Process
The Auditor shall assess the efficacy and adequacy of the system and processes of the Auditee. System and process broadly refers to the framework of legal and procedural compliances of the Auditee including but not limited to internal regulations, control, guidance and governance.
- Detection and Reporting of Fraud
The Auditor shall exercise professional judgment and maintain professional scepticism throughout the planning and performance of the audit to detect and report the fraud envisaged under the provisions of Section 143(12) of the Companies Act, 2013 read with Companies (Audit and Auditors) Rules, 2014. and he shall endeavour to collect further evidence for the same.
He shall report the same to Audit Committee/Board/Central Government as per the process laid down under the Companies Act, 2013 and include the same in Secretarial Audit Report
- Identification and Reporting of the events/actions having major bearing on Auditee’s affairs
It shall be the duty of the Auditor to identify and report in the Secretarial Audit Report all events/actions having major bearing on the Auditee’s affairs in pursuance of the applicable laws, act, rules, regulations, guidelines, standards, etc.
Published on: March 24, 2021