Chartered Accountant · ICAI M.No. 153926 · FRN 136869W
The typical coverage
An internal audit ranges across the operating cycle: procurement and vendor payments, inventory and stores, sales, billing and receivables, payroll, cash and bank, statutory compliance (GST, TDS, labour), and increasingly IT and access controls. The aim is to check that the controls actually operate, not just that they exist on paper.
Risk-based and tailored
The scope is set by management (or the audit committee), focused on the company’s highest-risk areas — a manufacturer emphasises inventory and procurement; a services firm emphasises billing and payroll. It tests samples, traces transactions, and looks for leakages, policy breaches and fraud indicators. A formal audit plan should define the cycle and coverage.
A worked example
Example: an internal audit of a retailer’s procurement samples 50 purchase orders and finds several placed without the required quotes, and stock differences in two stores — pointing to a control gap and possible pilferage. Management tightens the approval workflow and stock counts. That is how internal audit adds value — catching issues a year-end audit wouldn’t. Our team can scope and run it.