Rated 4.9/5 by 312+ Chennai clientsZero penalty record across all filings24-hour response · WhatsApp-first supportOffices: Maduravoyal, Nerkundram & Nolambur (upcoming)15+ years of expert tax & compliance consulting500+ active clients across 243 Chennai areasRated 4.9/5 by 312+ Chennai clientsZero penalty record across all filings24-hour response · WhatsApp-first supportOffices: Maduravoyal, Nerkundram & Nolambur (upcoming)15+ years of expert tax & compliance consulting500+ active clients across 243 Chennai areas
End-to-end Internal Audit for Red Hills residential industrial mix northern suburb establishments — on fixed, transparent fees
Internal Audit for Red Hills firms under Chennai North (Anna Nagar Division) — qualified review, a 7-year workpaper archive and fixed fees from day one. Call 9566-068-468.
Who is eligible to be appointed as internal auditor under Section 138 in Red Hills, Chennai?
Section 138(1) read with Rule 13(1) prescribes that the internal auditor may be a Chartered Accountant, a Cost Accountant (CMA), or such other professional as the Board may decide. The auditor may be an individual, a partnership firm or a body corporate. The internal auditor need not be a CA in practice — an employee of the company qualified as CA or CMA is also eligible. The Board determines scope, periodicity and methodology in consultation with the internal auditor.
Applicable Laws & Rules
StatuteSection 138 of the Companies Act 2013 read with Rule 13 of the Companies (Accounts) Rules 2014 — internal audit mandatory for every listed company; unlisted public company with paid-up capital ≥ ₹50 crore or turnover ≥ ₹200 crore or borrowings ≥ ₹100 crore or deposits ≥ ₹25 crore; private company with turnover ≥ ₹200 crore or borrowings ≥ ₹100 crore. Auditor appointed by Board, eligible: CA / CMA / individual / firm / professional designated by Board.
ICFRSection 134(5)(e) of the Companies Act 2013 — Director's Report of every listed company must assert that internal financial controls were laid down and operated effectively. Section 143(3)(i) requires statutory auditor opinion on IFC. ICAI Guidance Note on Internal Financial Controls Over Financial Reporting 2015 adopts the COSO 2013 framework as the benchmark.
StandardsICAI Standards on Internal Audit SIA 110 to 740 — including SIA 140 Governance, SIA 220 Conducting Internal Audit, SIA 230 Objectives, SIA 240 Using Work of Other Experts, SIA 250 Communicating with Stakeholders, SIA 320 Audit Evidence, SIA 360 Communication with Management, SIA 510 Documentation, SIA 610 Reporting and SIA 740 Quality Assurance — mandatory for all Section 138 engagements.
Relevant Court Rulings
SEBI / NFRA Order
NFRA Orders 2022-2023 against statutory auditors of listed companies (IL&FS, Coffee Day, Reliance Capital lineage) — emphasised that Section 134(5)(e) IFC assertion is not boilerplate; absence of documented ICFR testing by internal audit is treated as a contributory deficiency in ICAI disciplinary proceedings.
Section 177 Compliance
Securities and Exchange Board of India v. listed corporates under SEBI LODR Regulation 18 — Audit Committee must review the internal audit function quarterly and the internal auditor must have direct access to the Chairperson without management filter. Companies Act 2013 Section 177(9) read with SEBI LODR Regulation 22 mandates whistleblower mechanism with internal audit oversight.
Transparent Pricing
Internal Audit in Red Hills — Plans & Pricing
Fixed fees · Zero hidden charges · Call 9566-068-468 for a custom quote.
MonthlyAnnualSave 2 Months
Single Cycle
Quarterly internal audit for one process cycle
₹15,000/year
Single Cycle Coverage (Revenue OR Procurement OR Payroll)
Prices exclude GST. For enterprise pricing, call 9566-068-468.
Why FilingPro?
Why Red Hills Clients Choose FilingPro
Expert Internal Audit in Red Hills — qualified professionals, 15+ years experience, zero-penalty track record.
ITGC Deep Dive on ERP
Oracle, SAP, Tally Prime, Microsoft Dynamics environments — ITGC reviewed across access management, change management, computer operations and program development. SOD conflict matrix built from ERP role profiles.
Section 134(5)(e) IFC Opinion
Annual IFC effectiveness opinion documentation prepared in the format expected by Audit Committee, statutory auditor and ROC — supporting the Section 134(5)(e) Director's Report assertion without rework.
CARO 2020 Coordinated
Internal audit reports made available to the statutory auditor with scope coverage analysis — supporting CARO 2020 Clause 3(xviii) consideration and Clause 3(xiv) adequacy reporting without last-minute scramble.
Section 177 Audit Committee Pack
Risk dashboard, observation status, FCCC finding memos, management responses, closure tracking and fraud indicators — packaged for the Audit Committee meeting under Section 177(8) at least four times a year.
Section 143(12) Fraud Risk Assessment
Fraud risk assessment integrated into audit planning under SIA 240. ₹1 crore reporting threshold tracked, sub-threshold matters escalated to Audit Committee under Section 177(9) whistleblower mechanism.
Section 144 Independent
FilingPro never serves as both statutory and internal auditor of the same Red Hills entity — Section 144 prohibition strictly observed, structural independence preserved, no scope cross-subsidy.
Key Benefits
What Red Hills Clients Get
Every Internal Audit engagement delivers measurable, guaranteed outcomes — expert professionals, on time, every time.
1
Clean ICFR Opinion for Director's Report
Annual IFC effectiveness opinion documentation supports the Section 134(5)(e) assertion in the Director's Report and Section 143(3)(i) statutory auditor opinion. No qualifications, no boilerplate.
2
CARO 2020 Sign-Off Smoothened
Internal audit work product made available to the statutory auditor in the format expected — Clause 3(xviii) consideration and Clause 3(xiv) adequacy reporting completed without delay.
3
Real Control Improvements
Vendor SOD conflicts, slow-moving inventory provision shortfalls, related-party transaction gaps under Section 188, payroll ghost employees — real findings, quantified, remediated. ROI on the audit fee is visible.
4
Fraud Detection & Section 143(12) Compliance
Material fraud reporting threshold of ₹1 crore tracked, fraud risk assessment integrated into planning, whistleblower investigations conducted under SIA 240 protocols — directors discharge their fraud-detection duty.
5
Statutory Auditor Reliance under SA 610
SIA-compliant documentation, peer-reviewed methodology and competent staffing meet SA 610 reliance criteria — the statutory auditor reduces own substantive testing where appropriate, indirectly compressing statutory audit fee inflation.
6
ITGC Foundation for Application Controls
Access management, change management, SOD matrices and privileged user recertification programmes implemented — application controls in Red Hills ERP environments become reliable, audit reliance is justified.
Comparison
Internal vs Statutory
Why this matters here — In Red Hills, the cluster of residential, wholesale, logistics businesses that defines Red Hills's commercial fabric; served by short connections to Madhavaram and Puzhal and onward to central Chennai.
Aspect
Internal
Statutory
Time limit
Per statutory window
Per alternative statutory window
Compliance burden
Lower / standard
Higher / specialised
Documentation set
Standard supporting documents
Extended supporting documents
Penalty exposure on default
Standard penalty under the Act
Enhanced penalty / disqualification consequence
Reversibility
Reversible by amendment / withdrawal
Reversible only by separate statutory procedure
Typical use case
Standard internal audit pathway
Specialised internal audit pathway
Cost implication
Within standard fee band
May attract specialist fees
Decision driver
Default for most situations
Required where alternative condition holds
Practitioner note
Confirm eligibility before commencement
Document the trigger before engagement begins
Definition
Internal pathway under internal audit
Statutory pathway under internal audit
Trigger basis
Statutory threshold or notified condition
Alternative condition prescribed by the operative section
Applicable section / rule
As prescribed by the operative provision
As prescribed by the alternative provision
Documents Required
Documents for Internal Audit
Share documents via WhatsApp to 9566-068-468. No office visit required for Red Hills clients.
Audited financial statements of last 3 years and current year trial balance
GST returns — GSTR-1, GSTR-3B, GSTR-9 / 9C — for the audit period
Income Tax Returns, Form 3CD tax audit report and TDS challans / 24Q / 26Q
Prior year internal audit reports, management letters and Audit Committee minutes
Organisation chart, delegation of authority matrix and SOD register
Process documentation / SOPs for revenue, procurement, payroll, inventory, fixed asset and treasury cycles
Ready to Get Started?
WhatsApp your documents to 9566-068-468 — our team begins within 24 hours. No office visit needed.
Miss any of these and the next consequence kicks in automatically.
Deadlines in this neighbourhood — In Red Hills, the business activity radiating outward from Red Hills Lake and nearby commercial pockets.
Trigger event
Days
Form
Consequence
Company crosses a Rule 13 threshold during the preceding financial year, making internal audit applicable
30 days
Board resolution appointing internal auditor
Continued default attracts the general penalty under Section 450 and an adverse comment under CARO 2020 paragraph 3(xiv)
Board must, in consultation with the internal auditor and audit committee, define scope, functioning, periodicity and methodology
30 days
Board minutes recording approved internal audit charter and plan
Undefined scope leaves the audit committee unable to review adequacy and weakens the internal financial controls assessment
Audit committee to review internal audit findings before the next Board meeting
7 days
Audit committee minutes recording review and follow-up
Unreviewed findings remain unactioned and recur, undermining the directors' responsibility statement
Management to submit an action-taken report closing internal audit observations
30 days
Action-taken report and updated control log
Open observations feed into the statutory auditor's internal financial controls opinion under Section 143(3)(i)
Statutory auditor to consider internal audit reports before signing the audit report
30 days
Working-paper reference to internal audit reports considered
If internal audit reports are unavailable or ignored, the statutory auditor reports adversely under CARO 2020 paragraph 3(xiv)(b)
Close of each quarter for which the internal auditor is engaged to report to the audit committee
45 days
Internal audit report for the quarter
Delayed reporting deprives the audit committee of timely findings and weakens Section 177 oversight
Re-assessment of internal audit applicability at the start of each financial year against Rule 13 thresholds
30 days
Board note on applicability review
Missing the reassessment means a newly-qualifying company operates the year without a mandated internal auditor
Deadline pressure points we see in Red Hills: On the ground in Red Hills, for Red Hills units balancing production cycles with monthly GST and quarterly TDS compliance.
Forms Library
Forms used in this engagement
Board Resolution - Internal AuditorBoard resolution appointing the internal auditor
Records the Board's decision to appoint a chartered accountant, cost accountant or other professional as internal auditor and fixes the terms of engagement. Unlike the statutory auditor, appointment of an internal auditor is not filed with the Registrar in Form ADT-1; it is a Board minute kept in the company's records.
Passed at the Board meeting when applicability is triggered Company Board (retained internally; not filed with the Registrar)
MGT-14 (where applicable)Filing of Board resolution with the Registrar where required
Where a Board resolution relating to the appointment or terms of an internal auditor falls within the matters requiring filing under Section 179(3) and the Companies (Meetings and Powers of Board) Rules 2014, it is filed in Form MGT-14. Private companies are exempt from filing many Section 179(3) resolutions, so this applies selectively.
Within thirty days of passing the resolution, where filing is required Registrar of Companies (MCA portal)
Internal Audit CharterInternal audit charter and engagement letter
Sets out the purpose, authority, independence, scope, reporting line and periodicity of the internal audit function, agreed between the Board, audit committee and internal auditor. It operationalises Rule 13(2) and aligns the engagement with the ICAI Framework Governing Internal Audits.
Approved before the audit cycle begins and reviewed annually Company Board and Audit Committee (internal record)
Risk-based Internal Audit PlanAnnual risk-based internal audit plan
Documents the risk assessment, auditable units, coverage and calendar for the year so that higher-risk processes receive priority. Prepared under the Standards on Internal Audit dealing with planning, it forms the basis on which the audit committee monitors coverage and frequency.
Prepared and approved at the start of the financial year Internal auditor, approved by Audit Committee
Internal Audit ReportPeriodic internal audit report to the audit committee
Communicates observations, root causes, risk ratings and recommendations to the audit committee or Board. Prepared in line with the Standards on Internal Audit dealing with reporting, it drives management action-taken reports and feeds the internal financial controls assessment.
Issued each quarter or at the periodicity fixed by the Board Internal auditor to Audit Committee / Board
Audit Committee MinutesAudit committee minutes recording review of internal audit
Evidence that the audit committee reviewed the adequacy of the internal audit function, discussed significant findings with the internal auditor and monitored follow-up, as required by Section 177. These minutes support the directors' responsibility statement and the statutory auditor's CARO reporting.
Recorded at each committee meeting that reviews internal audit Audit Committee (internal record)
Statutory Basis
Operative provisions cited on this page
Every claim on this page can be traced back to a section or rule below.
Section 138 requires prescribed classes of companies to appoint an internal auditor to conduct a periodic internal audit of the functions and activities of the company. The internal auditor may be a chartered accountant, a cost accountant, or such other professional as the Board decides, and may be an individual, a partnership firm or a body corporate. The auditor need not be an employee of the company. The Central Government prescribes the manner and intervals of the audit through rules made under sub-section (2). This is the operative provision that distinguishes internal audit from the statutory audit under Section 143 and the tax audit under Section 44AB of the Income-tax Act 1961.
Rule 13 sets out which companies must appoint an internal auditor. Every listed company is covered. An unlisted public company is covered if it had paid-up share capital of fifty crore rupees or more, or turnover of two hundred crore rupees or more, or outstanding loans or borrowings from banks or public financial institutions of one hundred crore rupees or more, or outstanding deposits of twenty-five crore rupees or more, during the preceding financial year. A private company is covered if turnover was two hundred crore rupees or more, or outstanding loans or borrowings from banks or public financial institutions were one hundred crore rupees or more. Under sub-rule (2) the Board, in consultation with the internal auditor and the audit committee, formulates the scope, functioning, periodicity and methodology.
Framework Governing Internal Audits and Standards on Internal Audit (SIA), ICAIAnchor
Professional standards - ICAI SIA framework
The Institute of Chartered Accountants of India has issued the Framework Governing Internal Audits together with a series of Standards on Internal Audit (SIA) that guide the planning, evidence gathering, documentation, supervision and reporting of an internal audit assignment. These standards promote a risk-based internal audit approach, define the nature of assurance provided, and address internal controls, fraud consideration and communication with those charged with governance. While the SIAs are recommendatory for members, they represent the accepted professional benchmark and are frequently referenced when the Board or audit committee assesses the quality and independence of the internal audit function.
Section 450 is the residuary penalty provision. Where a company or officer contravenes a provision of the Act, or a rule made under it, for which no specific penalty is separately provided, the company and every officer in default are liable to a penalty of ten thousand rupees, and in the case of a continuing contravention a further penalty of one thousand rupees for each day the contravention continues, subject to a maximum of two lakh rupees for a company and fifty thousand rupees for an officer. Because Section 138 and Rule 13 do not carry a bespoke penalty, failure to appoint an internal auditor when required is enforced through Section 450.
Reporting linkage - CARO 2020 clause on internal audit
The Companies (Auditor's Report) Order 2020 requires the statutory auditor to state whether the company has an internal audit system commensurate with the size and nature of its business, and whether the reports of the internal auditors for the period under audit were considered by the statutory auditor. An adverse or qualified comment here signals to lenders, investors and regulators that internal controls are weak. This clause is a practical driver for maintaining a documented, functioning internal audit even where the strict Rule 13 thresholds are borderline, because the statutory auditor must form and disclose a view.
In the case of a listed company, Section 134(5)(e) requires the directors' responsibility statement in the Board's report to confirm that the directors had laid down internal financial controls to be followed by the company and that such controls are adequate and operating effectively. Internal audit provides the ongoing, independent evidence that lets directors make this representation with confidence. A weak or absent internal audit function leaves the Board exposed when it signs this statement, tying the internal audit engagement directly to directors' accountability.
Red Hills is a northern Chennai suburb with wholesale logistics and light manufacturing units alongside residential growth around the Red Hills Lake. Statutory correspondence for Red Hills businesses routes through the Anna Nagar Division, so we align every Internal Audit engagement to that jurisdiction from the start. We keep a cycle-by-cycle record of how the Anna Nagar Division of the Chennai North handles Red Hills filings and approvals. The 600xx geo-zone covering Red Hills groups several locality clusters under common administration, keeping documentation expectations predictable.
Working in Red Hills brings a logistical edge: proximity to Red Hills Lake and the Red Hills Bus Stop corridor keeps physical document handling fast. Commercial activity in Red Hills runs medium, so Internal Audit volumes scale through peak months and we staff the Red Hills desk accordingly. The businesses clustered around Red Hills Lake in Red Hills drive the bulk of the Internal Audit workload we see each cycle. Each Internal Audit cycle for Red Hills reflects its commercial rhythm — invoices generated near Red Hills Lake, expenses routed through the Red Hills Bus Stop freight network.
logistics units around Red Hills share recurring Internal Audit patterns — input-credit timing, vendor reconciliation, and sector-specific documentation. The logistics firms we serve in Red Hills value a Internal Audit partner who already understands their sector's compliance rhythm. Sector concentration matters: when Red Hills leans toward logistics, the Internal Audit risks cluster around the same few line items each cycle. Mixed logistics activity across Red Hills means our Internal Audit team keeps sector playbooks ready rather than improvising per client.
The qualified-review step on every Red Hills Internal Audit file is where errors get caught before they reach the portal. Every Internal Audit file we open for Red Hills is reconciled, reviewed by a qualified practitioner, and archived for seven years. From the first Internal Audit cycle, a Red Hills engagement is set up to be audit-ready rather than reconstructed under pressure later. Fixed-fee scoping means a Red Hills business knows the Internal Audit cost up front, with no surprise additions mid-engagement.
Coverage from Red Hills naturally extends to Puzhal, so group entities across the area share one Internal Audit workflow. Serving Red Hills and Puzhal from one team keeps Internal Audit turnaround identical across the cluster. Proximity to Puzhal means a Red Hills engagement can extend across the locality cluster with no change in cadence. From the same Red Hills team we also serve Puzhal and other nearby localities without re-onboarding clients.
Sector signals in Red Hills — seasonal wholesale swings and peak-period volumes — shape how we schedule Internal Audit work. Each engagement in Red Hills adds to a record of what the Chennai North jurisdiction expects, sharpening the next Internal Audit file. The longer we serve Red Hills, the more precisely we predict where a Internal Audit file needs attention. Recurring gaps in Red Hills wholesale records are the first thing our Internal Audit review closes out.
First-time Internal Audit for a Red Hills business is where getting the basics right saves years of cleanup later. For a new business incorporating in Red Hills or shifting its principal place of business here, Internal Audit setup is one of the first things to get right. Incorporating in Red Hills comes with jurisdiction, registration and Internal Audit steps that we sequence so nothing stalls the launch. We onboard new Red Hills entities onto a Internal Audit cadence that is audit-ready from the very first cycle.
4.9★
Average Rating
15+
Years Experience
500+
Active Clients
Zero
Penalty Instances
Expert Guide
Internal Audit in Red Hills — Complete Guide
Internal audit deliverables for Red Hills clients are formatted for the Audit Committee under Section 177(8) of the Companies Act 2013. Each finding is presented in FCCC format — Finding, Criteria (control / law / SOP), Cause, Consequence and Recommendation — with management response columns and closure timelines. Quarterly meeting packs include risk dashboard, observation status, fraud indicators under SIA 240 and KPIs of internal audit closure rate and repeat findings.
Internal Audit Services in Red Hills, Chennai
Section 138 Companies Act risk-based internal audit for Red Hills private and public companies — SIA-compliant methodology, COSO 2013 framework, quarterly Audit Committee reporting and ICFR support for the Section 134(5)(e) Director's Report assertion.
Section 138 Internal Auditor in Red Hills — Risk-Based Methodology
Appointed under Section 138 read with Rule 13, our internal auditors build the Red Hills entity's risk universe, score inherent and residual risk, prepare the heat map and design audit cycles around the highest-residual-risk processes — fully aligned with SIA 230.
ICFR / IFC Review in Red Hills — Listed and Section 138 Companies
Internal Financial Controls testing under the ICAI Guidance Note IFC 2015 covers all five COSO components — Control Environment, Risk Assessment, Control Activities, Information & Communication and Monitoring — with full ToD and ToE documentation feeding the Section 134(5)(e) assertion.
Audit Committee Reporting & CARO 2020 Coordination in Red Hills
Quarterly internal audit reports formatted for Audit Committee meetings under Section 177(8), with management responses, closure tracking and CARO 2020 Clause 3(xviii) coordination with the statutory auditor — ready for Red Hills listed and threshold-bound entities.
Get Expert Help Today
Qualified professionals handle your Internal Audit in Red Hills. WhatsApp documents — we begin within 24 hours. From ₹15,000/quarterly. Free consultation.
Offices at Maduravoyal, Nerkundram & Nolambur (upcoming)
Key Facts — Internal Audit in Red Hills
Section 138 mandatory internal audit applicability assessed for Red Hills entities — listed, public ≥ ₹50 cr cap / ₹200 cr turnover / ₹100 cr borrowing / ₹25 cr deposits, private ≥ ₹200 cr turnover or ₹100 cr borrowing — under Rule 13.
Risk universe built and scored on inherent and residual risk — heat map presented to the Audit Committee under SIA 230 and ICAI risk-based audit methodology.
Testing of Design (ToD) and Testing of Operating Effectiveness (ToE) on key controls — preventive, detective and corrective — across revenue, procurement, payroll, inventory and fixed asset cycles.
COSO 2013 five-component framework — Control Environment, Risk Assessment, Control Activities, Information & Communication, Monitoring — applied per ICAI Guidance Note IFC 2015.
ITGC review for Access Management, Change Management, Computer Operations and Program Development — SOD conflict matrices built around ERP role profiles for Red Hills clients.
Section 143(12) fraud risk assessment integrated — material fraud reporting threshold ₹1 crore tracked, Audit Committee escalation for sub-threshold matters.
CARO 2020 Clause 3(xviii) coordination with the statutory auditor — internal audit reports made available with completed scope coverage analysis under Clause 3(xiv).
Walkthroughs documented for every material cycle at the start of each engagement — process narratives, control points and SOD inventory mapped to risk register.
Quarterly audit reports in FCCC format (Finding / Criteria / Cause / Consequence / Recommendation) under SIA 360, with management response columns and closure timelines tracked.
People Also Ask — Internal Audit in Red Hills
Is internal audit mandatory for my company in Red Hills?
Internal audit is statutory under Section 138 of the Companies Act 2013 read with Rule 13 if your Red Hills entity is — (a) any listed company, (b) an unlisted public company with paid-up capital ≥ ₹50 crore or turnover ≥ ₹200 crore or borrowings ≥ ₹100 crore or deposits ≥ ₹25 crore at any time during the preceding financial year, or (c) a private company with turnover ≥ ₹200 crore or borrowings ≥ ₹100 crore. Below these thresholds, internal audit is voluntary but recommended.
Who can be appointed as internal auditor under Section 138?
Section 138(1) read with Rule 13(1) permits a Chartered Accountant, a Cost Accountant or such other professional as the Board may decide. The internal auditor may be an individual, a firm or a body corporate. The internal auditor cannot be the statutory auditor of the same company under Section 144 of the Companies Act 2013.
What is the difference between statutory audit and internal audit?
Statutory audit under Section 143 is an annual external audit expressing a true-and-fair opinion on the financial statements. Internal audit under Section 138 is a continuous, risk-based, internal assurance activity covering processes, controls, compliance and governance throughout the year, reporting to the Audit Committee. SA 610 governs the statutory auditor's use of internal audit work.
What is ICFR and why does my listed company need it?
Internal Financial Controls Over Financial Reporting (ICFR) is the system of policies and procedures providing reasonable assurance regarding the reliability of financial reporting. Section 134(5)(e) requires the Directors of every listed company to assert ICFR adequacy and operating effectiveness in the Director's Report. ICAI Guidance Note IFC 2015 adopts COSO 2013 as the benchmark — internal audit is the primary tool to test ICFR throughout the year.
How is the internal audit scope decided for my Red Hills company?
Rule 13(2) of the Companies (Accounts) Rules 2014 places scoping responsibility on the Audit Committee or Board in consultation with the internal auditor. We build a risk universe of all business processes, score inherent and residual risk, present a heat map to the Audit Committee and design coverage cycles — high-risk processes audited every quarter, medium-risk half-yearly and low-risk annually with analytical review.
What is the role of the Audit Committee in internal audit?
Section 177(4) of the Companies Act 2013 mandates the Audit Committee to (a) review the adequacy of internal audit function including structure, staffing and frequency, (b) discuss audit findings with the internal auditor, (c) review observations and management responses, and (d) ensure follow-up. Section 177(8) requires meetings at least four times a year. The internal auditor has direct access to the Audit Committee Chairperson.
Can the statutory auditor of a company be appointed as its internal auditor?
No. Section 144 of the Companies Act 2013 expressly prohibits the statutory auditor from rendering internal audit services to the same company, its holding or subsidiary. The same firm cannot perform both roles. ICAI Code of Ethics and the Standards on Auditing reinforce this independence requirement. A Chartered Accountant in practice can be internal auditor...
Who appoints the internal auditor and what is the role of the Audit Committee?
Under Section 138(1), the Board of Directors appoints the internal auditor on the recommendation of the Audit Committee where one is constituted under Section 177. For listed companies and Section 138 entities meeting Rule 6 thresholds, an Audit Committee is mandatory. Section 177(4) requires the Audit Committee to review the internal auditor's appointment, scope, frequency...
What is the role of the Audit Committee in monitoring internal audit?
Section 177(4) of the Companies Act 2013 mandates the Audit Committee to evaluate internal financial controls and risk management systems, review the adequacy of internal audit function including structure, staffing, frequency and seniority, discuss audit findings with the internal auditor and ensure follow-up on recommendations. Section 177(8) requires meetings at least four times a year.
What ICAI Standards on Internal Audit (SIA) apply to internal audit assignments?
ICAI has notified Standards on Internal Audit numbered SIA 110 to SIA 740. Key standards — SIA 140 (Governance), SIA 220 (Conducting Overall Internal Audit), SIA 230 (Objectives), SIA 240 (Using Work of Other Experts), SIA 250 (Communicating with Stakeholders), SIA 320 (Evidence), SIA 360 (Communication with Management), SIA 510 (Internal Audit Documentation), SIA 530...
What is the COSO Internal Control Integrated Framework?
The Committee of Sponsoring Organizations (COSO) 2013 framework defines internal control through five interrelated components — (i) Control Environment (governance, ethics, board oversight), (ii) Risk Assessment (identifying and analysing risks to objectives), (iii) Control Activities (policies and procedures including authorisation, reconciliation, SOD), (iv) Information & Communication (relevant, timely information flows), and (v) Monitoring Activities (ongoing...
What is risk-based internal audit (RBA) methodology?
Risk-based audit prioritises audit effort based on the risk register and heat map. The internal auditor builds a risk universe of all business processes, scores each on inherent risk (likelihood × impact), maps existing controls and computes residual risk. High residual risk areas — revenue recognition, vendor onboarding, related-party transactions, IT access — are audited...
What Red Hills clients want to know before signing: On the ground in Red Hills, in the residential industrial mix northern suburb micro-market of Red Hills.
Expert Guide
A complete walkthrough — Internal Audit Services
Reading this guide locally — In Red Hills, around the Red Hills Lake catchment of Red Hills.
What is Internal Audit and when is it required
Service overview
Internal Audit in Chennai () is delivered by qualified Chartered Accountants under Section 138 of the Companies Act 2013 read with Rule 13 of the Companies (Accounts) Rules 2014. We build the risk universe, score inherent and residual risk, present the heat map to your Audit Committee and design quarterly audit cycles around your highest-residual-risk processes — fully aligned with ICAI Standards on Internal Audit (SIA 110-740) and SIA 230 risk-based methodology.
Why internal audit matters for your business
Audit Committee-Grade Quarterly Pack
Each quarter ends with a polished Audit Committee pack — risk dashboard, FCCC findings, management responses, closure status, fraud watch and KPIs. Directors come prepared, meetings move faster.
Clean ICFR Opinion for Director's Report
Annual IFC effectiveness opinion documentation supports the Section 134(5)(e) assertion in the Director's Report and Section 143(3)(i) statutory auditor opinion. No qualifications, no boilerplate.
CARO 2020 Sign-Off Smoothened
Internal audit work product made available to the statutory auditor in the format expected — Clause 3(xviii) consideration and Clause 3(xiv) adequacy reporting completed without delay.
How the engagement runs end to end
Engagement Scoping & Risk Universe
Section 138 applicability confirmed for the Chennai entity. Audit Committee or Board approval obtained for scope, periodicity and methodology under Rule 13(2). Risk universe of all business processes built — typically 30-60 processes mapped, with inherent risk scoring on likelihood and impact.
Walkthroughs & Risk Heat Map
Walkthroughs performed for each material cycle — revenue, procurement, payroll, inventory, fixed assets, treasury — with process narrative, control points and SOD inventory documented. Existing controls mapped, residual risk computed and the heat map presented to the Audit Committee.
Testing of Design (ToD)
Key controls identified per cycle — preventive, detective and corrective. Testing of Design through inspection of single instances and walkthrough confirmation. Design deficiencies (if any) raised immediately as significant deficiencies under ICAI Guidance Note IFC 2015 categorisation.
What FilingPro brings to the engagement
Section 138 Mandatory Triggers Tracked
Paid-up capital ≥ ₹50 crore, turnover ≥ ₹200 crore, borrowings ≥ ₹100 crore, deposits ≥ ₹25 crore — Section 138 thresholds tracked quarterly so Chennai entities never miss the appointment trigger.
Risk-Based Audit Methodology
Every engagement starts with a risk universe build, inherent versus residual risk scoring and Audit Committee-presentable heat map — high-risk areas get deep ToE, low-risk areas get analytical review. No checklist tick-box.
COSO 2013 Five Components Mapped
Control Environment, Risk Assessment, Control Activities, Information & Communication, Monitoring — every key control mapped to the COSO component for Chennai listed and Section 138 entities.
What Red Hills clients usually ask next: On the ground in Red Hills, for Red Hills units balancing production cycles with monthly GST and quarterly TDS compliance.
Glossary
Plain-English glossary for this service
Internal Audit Report
Form Internal Audit Report is the statutory form prescribed for internal audit engagements under the applicable Act. It carries the information set required by the prescribed authority and follows the timeline set by the relevant section or rule.
Section 138
Form Section 138 is the statutory form prescribed for internal audit engagements under the applicable Act. It carries the information set required by the prescribed authority and follows the timeline set by the relevant section or rule.
Risk Matrix
Form Risk Matrix is the statutory form prescribed for internal audit engagements under the applicable Act. It carries the information set required by the prescribed authority and follows the timeline set by the relevant section or rule.
Companies Section 138
Companies Section 138 is the operative provision of the Companies Act that governs internal audit in the present context. It sets the substantive obligation, the procedural pathway and the consequences of non-compliance.
materiality threshold
materiality threshold is a recurring compliance risk in internal audit engagements. Identifying it early in the workflow lets the practitioner mitigate the exposure before it ripens into an adverse statutory consequence.
control gap reporting
control gap reporting is a recurring compliance risk in internal audit engagements. Identifying it early in the workflow lets the practitioner mitigate the exposure before it ripens into an adverse statutory consequence.
board-level reporting
board-level reporting is a recurring compliance risk in internal audit engagements. Identifying it early in the workflow lets the practitioner mitigate the exposure before it ripens into an adverse statutory consequence.
Cost of Non-Compliance
Real-world penalty exposure
Numerical examples showing tax + interest + penalty across common default scenarios.
Scenario
Base tax
Interest
Penalty
Total
Company in {{area_name}} crosses the Rule 13 turnover threshold but fails to appoint an internal auditor for the year
Not applicable
Not applicable
Rupees 10,000 plus rupees 1,000 per day of continuing default
Up to rupees 2,00,000 for the company and rupees 50,000 for each officer in default
Statutory auditor reports adversely under CARO 2020 paragraph 3(xiv) that no internal audit system exists in a {{area_name}} company
Not applicable
Not applicable
No direct monetary penalty; adverse audit comment on record
Indirect cost - illustrative rupees 15-40 lakh in higher lender spreads and lost bids
Inventory misappropriation goes undetected for a year in a {{area_name}} manufacturer with weak segregation of duties
Not applicable
Not applicable
Illustrative direct inventory loss of rupees 22 lakh
Illustrative rupees 22 lakh loss plus remediation cost
TDS short-deduction on vendor payments surfaces late because no internal audit reviewed the process in a {{area_name}} firm
Rupees 6,00,000 (tax short-deducted)
Rupees 1,08,000 interest under Section 201(1A) of the Income-tax Act 1961
Disallowance and Section 271C exposure
Illustrative rupees 7,08,000 plus disallowance risk
Input tax credit mismatch accumulates over four quarters due to no process control in a {{area_name}} trading company
Rupees 4,50,000 (ITC reversed)
Rupees 81,000 interest under Section 50 of the CGST Act 2017
Rupees 45,000 penalty (illustrative 10% under Section 73)
Illustrative rupees 5,76,000
Vendor-master and payroll ghosting drains funds in a {{area_name}} services company lacking maker-checker controls
Not applicable
Not applicable
Illustrative fraud loss of rupees 18 lakh over the year
Illustrative rupees 18 lakh plus forensic and recovery cost
How Red Hills businesses typically avoid these: On the ground in Red Hills, the cluster of residential, wholesale, logistics businesses that defines Red Hills's commercial fabric; for Red Hills units balancing production cycles with monthly GST and quarterly TDS compliance.
By Industry
Industry-specific patterns in Red Hills
How the local trade mix shapes this — In Red Hills, the cluster of residential, wholesale, logistics businesses that defines Red Hills's commercial fabric.
Hospitals
Common issue:Chennai's multi-specialty and mid-size hospitals carry internal-audit risk in the pharmacy and consumables cycle, patient billing and vendor onboarding. Indent, goods receipt and stock issue are often handled by overlapping staff, so consumption outruns patient volumes and high-value consumables leak. Expiry write-offs are approved by a single hand, and package-versus-actual billing differences erode margins. Insurance and third-party-administrator claims are reconciled slowly, tying up cash. As turnover grows, many hospital companies cross Rule 13 thresholds and become subject to Section 138, yet clinical priorities often leave the internal audit function thin and its findings unactioned.
How we handle it:Scope the internal audit around indent-to-issue, patient billing and TPA reconciliation. Separate indenting, receiving and issuing roles, and require a second signatory for expiry write-offs and stock issue above a threshold. Test three-way match on consumables and reconcile package rates to actual charges on a sample of cases. Track insurance and TPA claims ageing and reconcile receipts monthly. Report leakage patterns and control gaps to the audit committee with risk ratings and follow-up, consistent with the Standards on Internal Audit on fraud consideration. Map the controls to internal financial controls over financial reporting so consumables cost and billing integrity improve without disrupting clinical operations.
Retail chains
Common issue:For multi-outlet retail chains across Chennai, internal-audit weakness clusters in cash handling, inventory and inter-store transfers. Practices differ store to store, daily cash reconciliation is inconsistent, and stock differences are written off without root-cause analysis, masking shrinkage and pilferage. Point-of-sale discounts and returns are not independently reviewed, and inter-store transfers move goods without tight documentation, so headquarters cannot compare store performance reliably. Once turnover crosses the Rule 13 limb the retail company falls under Section 138, and a functioning internal audit becomes the main tool to standardise controls and give the audit committee a comparable, store-level view of risk.
How we handle it:Embed a rotational store-audit programme in the risk-based internal audit plan covering daily cash reconciliation, POS discounts and returns, shrinkage and inter-store transfers. Score every store on a common control checklist so results are comparable and feed the operations review. Require documented approvals for transfers and investigate shrinkage above threshold for root cause rather than writing it off. Escalate repeat exceptions to the audit committee with a follow-up tracker under Section 177. Tighten discount and return authorisation at the POS, and review two or three outlets in depth each cycle, standardising controls and narrowing unexplained shrinkage without punitive statutory exposure.
Construction
Common issue:Chennai's construction and infrastructure firms carry internal-audit risk in project billing, subcontractor management and material control. Cost overruns surface late because measurement books, running-account bills and retention accounting are reviewed only after subcontractors are certified and paid. Change orders may exceed authority limits, material issued to site is not reconciled to consumption, and over-certification of quantities drains cash. Multiple concurrent sites make consolidated control difficult. As contract turnover crosses Rule 13 thresholds, Section 138 applies, and the board needs independent assurance over project costs before the statutory audit and before the internal financial controls opinion under Section 143(3)(i).
How we handle it:Scope the internal audit around the measurement-book-to-running-account-bill trail, subcontractor rate approvals, retention accounting and site material reconciliation. Re-perform certified quantities on a sample before payment and trace change orders to authority limits fixed in the internal audit charter. Reconcile material issued to consumption at major sites and flag variances for investigation. Introduce a pre-certification checklist so over-certification is caught before payment, and report project-level findings to the audit committee with a closure tracker under Section 177. Align the controls with internal financial controls over financial reporting so cost discipline improves and the board can support a clean Section 143(3)(i) position at year-end.
Manufacturing
Common issue:In Chennai's auto-ancillary and engineering units, the recurring internal-audit weakness sits in the procure-to-pay and inventory cycle. The three-way match between purchase order, goods-receipt-note and vendor invoice is often done manually, and the stores supervisor may both receive material and approve issue, collapsing segregation of duties. Bill-of-material consumption is not reconciled to production output, so scrap and rejection become a cover for leakage. Capital work-in-progress lingers uncapitalised, distorting depreciation. Because turnover here frequently crosses the Rule 13 two-hundred-crore limb, Section 138 applies, yet many first-time-covered private companies run the year without a formal internal auditor and are exposed at CARO 2020 paragraph 3(xiv) reporting.
How we handle it:Build a risk-based internal audit plan that prioritises procure-to-pay, stores and BOM-to-output reconciliation. Separate goods-receipt booking, invoice posting and payment release across three roles, and enforce three-way match with tolerance bands in the ERP. Introduce a monthly capital work-in-progress ageing review so assets capitalise once trial runs are documented. Reconcile standard versus actual consumption every month and investigate scrap above threshold. Report exceptions to the audit committee under Section 177 with a follow-up tracker, and map the coverage to internal financial controls over financial reporting so the findings support the Section 143(3)(i) opinion. Run walkthrough and re-performance tests each quarter as the Standards on Internal Audit envisage.
IT/ITES
Common issue:For Chennai's IT and ITES firms on the OMR and Guindy corridors, the internal-audit hotspot is the revenue cycle. Time-and-material and fixed-price contracts are billed off spreadsheets maintained by delivery managers, with no independent link between effort-tracking systems and revenue postings, so unbilled revenue and percentage-of-completion estimates are error-prone. Access controls over billing systems are loose, and the same person may raise and approve invoices. Master service agreements and statements of work are not always reconciled to actual billing, and foreign-currency receipts with their FIRC and SOFTEX compliance add another control layer. These weaknesses threaten the Section 143(3)(i) internal financial controls opinion and expose revenue-recognition assertions at the statutory audit.
How we handle it:Scope the internal audit around order-to-cash: walk through contract setup, effort capture, billing, unbilled revenue and collections. Integrate the effort-tracking tool with finance so revenue is not keyed from spreadsheets, and enforce segregation between delivery and revenue posting. Reconcile master service agreements and statements of work to billed amounts monthly, and reconcile foreign receipts to SOFTEX and FIRC records. Test a sample of milestone invoices against underlying evidence each quarter and rate findings by risk for the audit committee. Document the redesigned controls in the internal audit charter so they map cleanly to internal financial controls over financial reporting and reduce the risk of a modified Section 143(3)(i) comment.
Case Studies
Anonymised engagements we have handled
Real client situations (names changed); illustrative of the kind of work we do.
Project controlsConstruction
Project internal audit strengthened billing and subcontractor controls for a {{area_name}} construction firm
Issue:A construction firm in {{area_name}} executing multiple site contracts found cost overruns emerging late, after subcontractor bills were already certified and paid. The board wanted independent assurance over measurement books, running-account bills and retention accounting before the statutory audit.
Approach:The internal audit covered the measurement-book-to-running-account-bill trail, subcontractor rate approvals, retention money accounting and material reconciliation at two large sites. Certified quantities were re-performed on a sample, and change-order approvals were traced to authority limits set in the internal audit charter.
Outcome:Two instances of over-certification were caught before payment, retention accounting was corrected across sites, and a pre-certification checklist was institutionalised, tightening project cost control and supporting a clean internal financial controls position at year-end.
Rule 13 applicabilityManufacturing
Section 138 applicability review triggered first-time internal audit for a {{area_name}} auto-components maker
Issue:An auto-components manufacturer in {{area_name}} crossed a turnover of roughly rupees two hundred and twenty crore for the first time but had never appointed an internal auditor. The finance head was unsure whether Section 138 applied to a private company and feared an adverse CARO 2020 paragraph 3(xiv) comment at the coming statutory audit.
Approach:We ran a Rule 13 applicability test against the preceding year's turnover and borrowings, confirmed the company was covered as a private company on the turnover limb, and helped the Board pass the appointment resolution and approve an internal audit charter. A risk-based plan was drawn under the ICAI Framework Governing Internal Audits, prioritising procure-to-pay and inventory.
Outcome:The internal auditor was appointed within the financial year, the audit committee approved a quarterly reporting cadence, and the statutory auditor recorded a clean CARO 2020 paragraph 3(xiv) comment confirming an internal audit system commensurate with size and nature of business.
Risk-based planningIT/ITES
Risk-based internal audit tightened revenue-cycle controls for a {{area_name}} IT services company
Issue:A mid-size IT services company in {{area_name}} recognised revenue on time-and-material and fixed-price contracts through spreadsheets maintained by project managers, with no independent check before postings. The audit committee wanted assurance ahead of the Section 143(3)(i) internal financial controls opinion.
Approach:We built a risk-based internal audit plan focused on the order-to-cash cycle, performed walkthroughs of contract billing, effort capture and unbilled revenue, and tested a sample of milestone-based invoices against underlying evidence. Segregation of duties between project delivery and revenue posting was redocumented in the internal audit charter.
Outcome:Fourteen control gaps were logged and closed within one quarter; unbilled revenue reconciliation became a monthly control owned by finance; the statutory auditor issued an unqualified internal financial controls opinion under Section 143(3)(i) at year-end.
Financial controlsNBFC/Finance
Loan-portfolio internal audit surfaced KYC and provisioning gaps at a {{area_name}} NBFC
Issue:A non-banking finance company in {{area_name}} lending against gold and small-business receivables found its overdue book rising while branch-level documentation looked complete on paper. The board suspected process drift in loan origination and asset classification but lacked independent evidence.
Approach:The internal audit was scoped around origination KYC, loan-to-value discipline, income recognition and asset classification. Branch files were sampled, valuation slips re-performed, and the asset-classification logic tested against the ageing register. Findings were rated by risk and reported to the audit committee under Section 177.
Outcome:Eleven branches were flagged for KYC re-verification, the loan-to-value override register was activated, and provisioning was corrected before the statutory audit, avoiding a modified internal financial controls comment and steadying the overdue trend over two quarters.
Why these Red Hills engagements look the way they do: On the ground in Red Hills, the cluster of residential, wholesale, logistics businesses that defines Red Hills's commercial fabric; for Red Hills units balancing production cycles with monthly GST and quarterly TDS compliance.
“FilingPro took over our Section 138 internal audit when we crossed the ₹200 crore turnover threshold. They built the risk universe in three weeks, walked through every cycle and the first quarterly Audit Committee pack was ready inside 60 days. SIA-compliant work product, no fluff.”
2 weeks agoVerified Client
PR
Priya N
Internal Audit
“Our listed entity needed ICFR testing aligned with the ICAI Guidance Note 2015 — FilingPro mapped every key control to the COSO components, ran ToD and ToE with statistical sampling and the IFC documentation cleared the statutory auditor's review without a single rework. Excellent depth.”
1 month agoVerified Client
SU
Sundar M
Internal Audit
“Independent internal audit on procurement and inventory cycles for our Chennai manufacturing unit. They identified a vendor SOD conflict that had been open for two years and a slow-moving inventory provision shortfall — both quantified and remediated within the quarter. Real value, not a tick-box exercise.”
3 months agoVerified Client
DI
Divya K
Internal Audit
“Switched to FilingPro after a Big-Four practice quoted three times the fee for our private limited company internal audit. Same SIA framework, same quality reports, fraction of the cost — and the partner attends every Audit Committee meeting. Highly recommended for SME boards.”
6 weeks agoVerified Client
VE
Venkatesh P
Internal Audit
“ITGC review of our Oracle ERP environment — access management, change management, SOD conflict matrix, privileged user recertification. FilingPro's IT auditor knew Oracle role profiles cold. Findings drove three months of remediation and our SOX-grade documentation is now audit-ready.”
2 months agoVerified Client
LA
Lalitha B
Internal Audit
“Section 143(12) fraud reporting concern surfaced through our whistleblower line. FilingPro investigated the case under SIA 240 protocols, documented evidence, presented findings to the Audit Committee under Section 177(9) and the matter was closed without any reportable fraud. Discreet and professional handling.”
1 month agoVerified Client
4.9
312+ reviews
500+
Active Clients
15+
Years Exp
5★
4★
3★
Read all Google Reviews
312+ verified Google reviews — Chennai's most trusted tax consultants
Common questions from Red Hills clients. Call 9566-068-468 for specific queries.
Section 138(1) read with Rule 13(1) prescribes that the internal auditor may be a Chartered Accountant, a Cost Accountant (CMA), or such other professional as the Board may decide. The auditor may be an individual, a partnership firm or a body corporate. The internal auditor need not be a CA in practice — an employee of the company qualified as CA or CMA is also eligible. The Board determines scope, periodicity and methodology in consultation with the internal auditor.
detective and corrective?
Yes. We do not disappear after filing — Red Hills clients can come back to us for follow-up questions, notices or renewals tied to their Internal Audit. Ongoing support is part of how we work, not a paid extra for routine queries.
Fixed asset audit covers — capex authorisation against approved budget, capitalisation cut-off, useful life under Schedule II of the Companies Act 2013, depreciation method consistency, physical verification under Schedule III, asset tagging, disposal and scrapping authorisation, capital work in progress (CWIP) ageing, impairment indicators under AS 28 / Ind AS 36, GST input on capital goods under Section 16(3), and asset insurance coverage. Section 129(3) component accounting is tested where applicable.
ICAI has notified Standards on Internal Audit numbered SIA 110 to SIA 740. Key standards — SIA 140 (Governance), SIA 220 (Conducting Overall Internal Audit), SIA 230 (Objectives), SIA 240 (Using Work of Other Experts), SIA 250 (Communicating with Stakeholders), SIA 320 (Evidence), SIA 360 (Communication with Management), SIA 510 (Internal Audit Documentation), SIA 530 (Third Party Confirmations), SIA 610 (Reporting), SIA 740 (Quality Assurance). All Section 138 audits must comply with the SIA framework.
Yes. The first discussion about your Internal Audit requirement is free — call or WhatsApp 9566-068-468 and we will tell you honestly what is involved, what it costs, and the realistic timeline before you commit to anything.
SA 610 (Revised) — Using the Work of Internal Auditors — permits the statutory auditor to use internal audit work in two ways — (i) reading the reports as a source of information and (ii) using specific internal audit work as audit evidence after evaluating internal audit's competence, objectivity and the application of a systematic and disciplined approach. Coordination meetings between internal and statutory auditors are encouraged but the statutory auditor retains sole responsibility for the audit opinion.
Payroll audit covers — joining and exit controls, attendance to payroll interface, salary structure approval, statutory deductions (PF, ESI, PT, TDS u/s 192), bonus computation under the Payment of Bonus Act 1965, gratuity provision under AS 15 / Ind AS 19, leave encashment, full-and-final settlement, payroll reconciliation with GL, ghost employee detection, overtime authorisation and HR-payroll SOD. Payroll is also reviewed for Form 24Q TDS reconciliation and ESI/PF challan timeliness.
You can attempt it, but small errors in Internal Audit often lead to notices, penalties or rejections that cost more to fix than to avoid. For Red Hills clients we get it right the first time, which usually works out cheaper and far less stressful.
The IIA Three-Lines Model places — first line as operational management owning controls; second line as risk management, compliance and quality functions monitoring controls; third line as internal audit providing independent assurance to the Audit Committee and Board on the adequacy of the first two lines. Section 138 internal audit operationalises the third line in Indian companies. The model prevents conflict between control ownership, monitoring and assurance.
Companies (Auditor's Report) Order 2020 Clause 3(xviii) requires the statutory auditor to consider the internal audit reports of the company while reporting under CARO. Clause 3(xiv) of CARO 2020 specifically requires the auditor to state whether the company has an internal audit system commensurate with its size and nature of business and whether the reports of the internal auditor for the period under audit were considered. Strong internal audit work directly supports CARO sign-off.
Our main office is at Plot No. 6, Alapakkam Main Road (opposite KVB Bank), Maduravoyal – 600095, with a branch at No. 22 Reddy Street, Nerkundram – 600107. Both are an easy reach from Red Hills, and a third office at Nolambur is opening shortly. Most clients, though, never need to visit.
Testing of Design (ToD) evaluates whether a control, if operating as documented, would prevent or detect a material misstatement — done through walkthroughs, process narratives and inspection of single instances. Testing of Operating Effectiveness (ToE) evaluates whether the control consistently operated over the period — done through sample-based reperformance, observation and inspection of multiple instances. Both are required under ICAI Guidance Note on IFC 2015 to express an opinion on IFC adequacy.
For listed entities required to file the Business Responsibility and Sustainability Report (BRSR) under SEBI LODR Regulation 34(2)(f), assurance on identified core ESG metrics is mandatory from FY 2023-24 onward. Internal audit can perform pre-assurance reviews of ESG data — energy, emissions, water, waste, gender pay parity, board diversity, supplier ESG, community spend. Section 135 CSR expenditure is also a standard internal audit scope area.
Section 177(9) of the Companies Act 2013 mandates a vigil mechanism (whistleblower policy) for every listed company and every Section 138 entity. The mechanism must provide direct access to the Audit Committee Chairperson. Internal audit typically operates the whistleblower investigation, tests controls over the intake and resolution process, and reports to the Audit Committee on cases handled, themes identified and remedial action taken. SEBI LODR Regulation 22 reinforces this for listed companies.
Internal audit KPIs include — (i) audit plan completion rate, (ii) recommendation closure rate within target timelines, (iii) percentage of repeat findings (lower is better), (iv) average days from observation to closure, (v) coverage of risk universe, (vi) frauds detected, (vii) cost savings or recoveries identified, (viii) stakeholder satisfaction scores, and (ix) Audit Committee meeting attendance. ICAI SIA 740 Quality Assurance requires periodic external review of the internal audit function.
We serve businesses in every part of Red Hills, from PWD Office Street, TVK Street, Grand Northern Trunk Road, Grand Northern Trunk Road:old NH5 and Grand Northern Trunk Road (Old NH5) to the Madhavaram - Red Hills Road, Singaperumalkoil - Sriperumbudur - Thiruvallur - Red Hills Road, Pallikuppam Union Road and Sothupakkam Road commercial pockets, with Internal Audit handled end to end.
Free Consultation Available
Ready for Expert Internal Audit in Red Hills?
Professional Internal Audit in Red Hills, Chennai. Call @ 9566-068-468. Offices at Maduravoyal, Nerkundram & Nolambur (upcoming). 15+ years experience, 4.9★ rated.
FilingPro Chennai — 15+ Years of Expert Tax & Business Consulting. Offices at Maduravoyal, Nerkundram & Nolambur (upcoming), Chennai. Call @ 9566-068-468. Disclaimer: Information on this page is for general guidance only and does not constitute legal, financial or tax advice. Consult a qualified professional for specific advice.