IA ResearchC Users Varun AppData Local Temp Nps34D6

8/9/2019 IA ResearchC Users Varun AppData Local Temp Nps34D6

1/38

TheEvolvingFaceofInternalAudit

inIndiaItsRole,KeyChallengesandtheWayForward

GOVERNANCE, RISK AND COMPLIANCE SERVICES

ADVISORY


2/38

BetweenAprilandJune2009,KPMGinIndiaandBSEjointly

surveyed225seniorexecutivesofIndiancompaniesofwhich

approximately75percentwerelistedcompanies,large

corporatesandMNCs.Throughthissurvey,weaimedto

understandtheprofileoftheInternalAudit(IA)functionwithin

organizationsandgatherfactsontheinternalauditpractices

thatarefollowed.

FortysixpercentoftherespondentsbelongedtotheC-level

categoryorvicepresidentInternalAudit,andtheother54

percenthadvastresponsibilitiesforfinance,riskorgeneral

managementwithintheorganizations.

Wearegratefultoalltherespondentsfortheirvaluabletime

andinsights.

Aboutthesurvey

54%CFO,

HeadAccounts&Finance,

ComplianceOfficer,etc.

23%ManagingDirector

16%ChiefExecutiveOfficer

7%VicePresidentInternalAudit

Respondentprofile

2009KPMG,anIndianPartnershipandamemberfirmoftheKPMGnetworkofindependentmemberfirmsaffiliatedwithKPMGInternational,aSwisscooperative.Allrightsres


3/38

InternalAuditinIndiahas

evolvedsignificantlyinthe

lastfewyearsatapace

fasterthanonewouldhave

expected.Withanincreased

spotlightongood

governancepractices,the

profileofIAcanonlyget

higher.HowgearedIA

functionsaretomeetthe

scaledupexpectationsof

thevariousstakeholders

requiressomeintrospection.

-NikhilJain,IA-Head,

GlaxoSmithKlineConsumerHealthcareLtd,

India.



4/38

Foreword

Toeffectivelydevelopandexecutecorporatestrategy,riskandcontrolsmanagement

needtobedeeplyembeddedinthecorporateculture.TheroleoftheInternalAudit

(IA)functioninanorganizationistoprovideeffectiveandindependentassuranceto

theboardonhowkeybusinessrisksaremanagedandstrategiesareimplemented.

IAsupportstheboardindischargingitsoversightresponsibilitiesrelatingtostrategy

implementation,internalcontrolsandfinancialreporting.

Corporatefrauds,governancefailures,regulatoryscrutinyandglobalizationhaveall

contributedtoanincreasedfocusontheIAfunctionandtheroleitplays.Thereis

considerablere-thinkingonIAsroleintermsofhowitcansuccessfullymakethe

transitionfromvaluepreservationtovaluecreation.

ThishasledtoaparadigmshiftinexpectationsfromIAtodaycomparedtowhatthey

wereafewyearsago.

What is IA expected to deliver today?

Implementationofariskbasedapproachtoassuranceincludinganindependent

evaluationofmanagementsriskassessmentandmanagementprocesses

Assuranceonavarietyofcriticalrisksthatarecrucialtoachievingcorporategoals

Processimprovementrecommendationsthatwillpavethewayforsimple,

standardizedandsustainableprocesseswithreducedpotentialforerrors

Rightskillstoaddvalue

Perspectivesonindustrybestpractices

Adoptionofappropriatequalitystandards.

Takingthefirststeptowardsthis,organizationsarenowattemptingtoclarifyand

definetheroleofinternalauditintheorganization.Tofacilitateorganizationsindoing

so,KPMGinIndiaandBSEconductedthissurveywhichfocusesonassessingthe

currentstateofIAinorganizationsandpavingthewayforward.

InternalAudit

shouldstay

aheadofthe

businessand

notfollowit



5/38

ThissurveyaimstounderstandtheprofileofinternalauditfunctioninIndiaIncusing

KPMGsconceptualframeworkforIAwhichisbasedonthethreedrivingprinciplesof

IAssuccess,i.e.positioning,peopleandprocesses.

Wehopeyouwillfindthisreportbeneficialinsupportingyourowndrivetoembeda

cultureofexcellenceinriskandcontrolsmanagementandinunlockingthepotential

ofvalueprotectionandenhancementinyourorganization.

Neville. M. Dumasia

ExecutiveDirectorandHead

Governance,RiskandComplianceServices

KPMGinIndia

Madhu Kannan

ManagingDirector&CEO

BombayStockExchangeLtd.

Positioning IsIAstrategicallypositionedwithinthebusinesstoenableittocontributetobusinessperformance?

People DoesIAhavetherightstaffingstrategytodeliverontheagreedobjectives?

Processes DotheIAprocessesenableittoachieveobjectivesandisthedepartmentresponsivetochangingbusinessneeds?



6/38

ExecutiveSummary

Key Survey Findings:

IA Priorities are becoming broad based and getting clearly articulated

ThereisnowgreaterclarityaroundIArolesandresponsibilities.Whiletheassessmentofinternalcontrol

systemsandreportingdeficienciescontinuestobeIAsnumberonepriority,IAactivitiesarebecoming

morebroadbasedtoincluderiskassurance,fraudriskandbusinessprocessimprovementsthereby

indicatingthatIAismovingupthevaluechain.

2

5

7

9

12

15

More is expected of IA in the sphere of fraud risk; however, IA needs to overcome some

real challenges in meeting this expectation

RecenteventsincorporateIndiahaveputthespotlightonfraudrisk.AuditcommitteeexpectationsfromIA

aregrowingintheareaoffraudriskassessmentandmonitoring.Shortageofspecialistskills,lowlevelof

skillsandconfidenceintheuseoftechnologyandanalyticsandtherelativelackofindependenceforIAare

thefactorsimpedingIAeffectivenessinfraudriskmonitoring.

IAs independence and stature in the organization needs to grow

AmajorityofIAheadsarereportingtomanagement.WithIArolesbecomingbroadbased,IAsreportingrelationshipanditscommunicationwiththeBoard/auditcommitteeneedstoimproveinordertoprovideit

withtheindependenceitneeds.

IA funding is not impacted by recessionary trends

AmajorityoftheIndiancompaniesbelievethatthecurrentfinancialcrisishasnothadamajorimpactonIA

fundinganditsactivities.

IA talent management continues to cause concerns especially when it relates to areas

requiring specialist skills

IAstaffingandskillsetsareproficientingeneralauditingandtraditionaloversightareassuchasfinancial

reporting.Inareasrequiringspecialistskills,talentacquisitionandretentionposesasignificantchallenge.

There is a significant gap between IA plans and their execution

Completionofauditplanisachallengewithatleast25percentoftherespondentscompletinglessthan80

percentoftheauditplanoverthepasttwoyears.



7/38

Careful consideration of IA sourcing parameters is critical to enhancing IA capabilities

Sourcingparametersthattakeaccountofstakeholderexpectations,theorganizationalcultureandtherisk

profileneedtobeclearlyidentifiedtoovercomeIAchallengesrelatingtoappropriateriskcoverage,

adequacyofspecializedskillsandIAplanexecution

17

20

24

26

29

IA Risk Assessments are not holistic enough and they often lack the organizational buy-in

ThereisstillsomewaytogoinmakingIAplansriskbased.EvenwhereIAfunctionsdohavearisk-based

plan,IAneedstoovercomethechallengeofaligningitsriskassessmentswiththeenterprise-wideviewof

risks.

Embedding controls consciousness within the business is still evolving in India Inc

ManyorganizationshavedeployedIAasthefirstlineofdefenseintestingtheeffectivenessofinternal

controlstherebyindicatingthatembeddingofriskmanagementandinternalcontrolsystemsarestill

evolvinginanumberofIndiancompanies.

Practices followed to assess IA performance and quality lack consistency and need to be

formalized

AstructuredapproachtomeasuringandsustainingIAqualityislacking.Asignificantmajoritydonot

undertakeanexternalqualityassessmentoftheirIAfunctionatperiodicintervals.

Indian companies with a global footprint are not entirely satisfied with their coverage of

internal operations

Clearlythereisscopeforenhancingcoverageofinternationaloperationsknowledgeoflocallawsand

regulationsandemergingriskissuesposeoneofthebiggestchallengeincoverageofinternational

operations.



8/38

Positioning

TheprofileofpresentdayIAcoverageis

expanding.Thecanvashasbroadenedtoincludea

mixofcomplianceandadvisoryservices.Therole

ofinternalauditisbeingdrivenbythe

expectationsofnumerousstakeholders

comprisingtheCEO,auditcommittee,executive

managementandexternalauditors.Itisimportant

thattheCEO,headofIAandtheauditcommittee

haveacommonsharedvisionforIAthatiswell

communicatedandclearlyunderstoodbyall

stakeholdersconcerned.

ArunMehra,IA-Head,WMIndiaTechnical&ConsultingServices(P)Ltd

1



9/38

ThereisnowgreaterclarityaroundIArolesandresponsibilities.Whileassessmentof

internalcontrolsystemsandreportingdeficienciescontinuestobeIAsnumberone

priority,IAactivitiesarebecomingmorebroadbasedtoincluderiskassurance,fraud

riskandbusinessprocessimprovements.ThisindicatesthatIAismovingupthevalue

chain.

Amajorityoftherespondents(72percent)(seeFigure1)haveanIAcharterindicatingthatthereisclarityaroundthestructureandmandateforIA.Withinthe

IAcharters,thereissufficientcoverageofIAsmission,objectives,expectationsof

andaccesstoauditcommittees,independence,natureandscopeofwork,

communicationandreporting.However,theresultsindicatethatthereneedsto

begreaterclarityaroundIAsperformanceassessmentprocessesandthe

escalationprotocolsitadoptstoreportissuesandconcerns(seeFigure2).

Notsurprisingly,surveyresultsindicatethatevaluationandreportingof

deficienciesininternalcontrolscontinuestodominateIAagendas.Additionally,

evaluationandreportingonkeybusinessrisksandmonitoringfraudriskarealso

emergingaskeyprioritiesforIAfunctions.IAfunctionsarealsoincreasingly

focusingonprocessandcontrolimprovements,sharingofbestpracticesand

revenueenhancement/costreductionrecommendationswhichisindicativeofthe

factthatIAfunctionsarenotonlycompliancedrivenbutalsofocusingonvalue

creation(seeFigure3).

Positioning

IAPriorities

No

28%

Yes

72%

Existence of IA charter

Figure 1

KPMGinIndiaandBSE'sInternalAuditSurvey2009



10/38

81%

81%

66%

48%

89%

76%

82%

61%

55%

53%

41%

6%

0% 25% 50% 75% 100%

Mission, purpose, and objectives

Access to books and records

Access to the audit committee and C level executives

Escalation protocols

Scope and nature of internal audit work

Independence and objectivity

Communication and reporting

Expectations of the audit committee

Expectations of executive management

Alignment with other risk management functions

Performance assessment

Other

80%

92%

62%

62%

72%

65%

60%

31%

54%

49%

57%

41%

20%

8%

17%

7%

33%

36%

25%

35%

38%

52%

36%

41%

39%

49%

54%

38%

3%

1%

5%

2%

3%

1%

2%

17%

11%

10%

4%

9%

26%

54%

0% 25% 50% 75% 100%

Evaluating and reporting of key risks in business

Evaluating and reporting of deficiencies in internal controls

Evaluating & reporting on risk assessment & management process

Input into development of action plans for identified deficiencies

Monitoring fraud risk

Monitoring resolution of identified deficiencies

Suggesting improvements in internal controls

Support of the external audit process

Performing testing related to the Internal Control Regulation

Sharing of leading practices across the business

Suggesting improvement in process design and operation

Suggesting opportunities for cost reduction or increasing revenues

Development of people for leadership positions

Other

Very Important Somewhat Important Not Important

Major components of IA charter

Activities ranked for importance in meeting expectations and mandate for internal audit

Figure 2

Figure 3



3



11/38

Originallydevelopedasameansofassisting

organizationswithsafeguardingcorporateassetsand

enforcingcorporatepoliciestopreservebusiness

value,IAisexpandingtonowalsofocusonactivities

thathelptheorganizationcreatebusinessvalue.

InternalAudithasbecomeahighlysophisticated

functionvirtuallyabusinessuntoitself.

Figure 4TheComplianceJourney,KPMGInternational,2004



12/38

RecenteventsincorporateIndiahaveputthespotlightonfraudrisk.Audit

committeesareexpectingmorefromIAintheareaoffraudriskassessmentand

monitoring.However,ashortageofspecialistskills,lowlevelofskillsandconfidence

intheuseoftechnologyandanalyticsandtherelativelackofindependenceforIAare

factorsimpedingIAeffectivenessinfraudriskmonitoring.

Overhalfoftherespondents(56percent)(seeFigure5)indicatedthatIAhastheprimaryresponsibilityforfraudriskassessmentandmonitoring.Itisalso

somewhatdisconcertingthat41percentofthesurveyrespondentshave

indicatedthatIAeitherdoesnotfocusonfraudriskorIAconductsinvestigations

concerningfraudsonlyifrequiredbythemanagement

IncreasedexpectationsofIAinrespectoffraudriskassessmentandmonitoring

emphasizestheneedforgreaterindependencetoIA.IAindependenceisvitalto

developtheconfidencethatIAwillreportsuspiciousseniormanagement

activitiestotheboardand/ortheauditcommittee

ResponsesacrossvariousmodelsofIAfunctions(in-house,co-sourcedand

outsourced)regardingtheuseoftechnologyindicatesthatthereisscopeto

improveauditefficienciesbythedeploymentoftechnologyandanalyticsinthe

auditprocess.Amajority(over60percent)ratedtheircapabilityintheuseof

technologyandanalyticstoberangingfromaveragetopoor(seeFigure6)

Thereisagrowingrealizationthatdataminingtoolsareeffectiveinpreventingor

detectingfraudsinorganizations.However,organizationsaregenerallyslowin

usingdataminingandanalyticstodetecttrendsandpatternswhichcouldyield

thempotentialredflags.Thisisinlargepartattributabletotheshortageof

adequateskillsinthisareawithintheIAfunction.

Positioning

IAfocusonfraudrisk

monitoring

5



13/38

Point of View

Continuous Auditing and Continuous Monitoring

TransformingIAandManagementMonitoringtocreatevalue

Theeconomiccrisisclearlydemonstratesthatchangesareoftenfastanddramatic,andthatthereisarealneedformanagementanddirectorstounderstandthevelocityofriskthespeedatwhichanemergingriskcanbemanifestedandhaveacatastrophic

impactonthebusiness.Inthisenvironment,management

shouldassessthecompanyscriticalalignments(strategy,

goals,risks,incentives,performancemeasuresandinternal

controls)onaregular,frequentbasis;annualorsemi-annual

assessmentsmaynotbeadequate.Manyhavebegunto

advancetheireffortsbyimplementingContinuousAuditing

(CA)andContinuousMonitoring(CM)disciplinesaroundtheir

organizationalprocesses,transactions,systems,and

controls.Leveragingproactive,technology-basedapplications

tomanageperformanceandkeyareasofriskandcontrolhasbecomeapracticalandnecessaryalternativetomeetthe

growingneedsoftheorganization.Together,CAandCMoffer

abroadrangeofbenefitsthatcanhelporganizationsadd

valueandimprovebusinessperformance.CA/CMcandeliver

regularinsightintothestatusofcontrolsandtransactions

acrosstheglobalenterprise,enhancingriskandcontroloversightcapabilitythroughmonitoringanddetection.

30% 54% 16%

35% 46% 19%

35% 43% 22%

0% 20% 40% 60% 80% 100%

Outsourced

Co-sourced

Inhouse

Very Good Average Poor

Use of technology / analytics in IA

Figure 6

13%

56%

28%

4%

0% 25% 50% 75%

Internal Audit department does not focus on

fraud risk

Internal Audit department is responsible for

regular assessment and monitoring of fraud risk

Internal audit department only conducts

investigations concerning frauds if

mandated by management

Others

The relationship between IA and fraud risk

Figure 5





14/38

ResponsestothesurveyindicatesthatamajorityofIAheadsarereportingto

management.WithIArolesbecomingincreasinglybroadbased,IAsreporting

relationshipanditscommunicationwiththeboard/auditcommitteeneedsto

improveinordertoprovideitwiththeindependenceitneeds.

Lessthanhalfofthesurveyrespondents(47percent)(seeFigure7)saidthatthe

ChiefAuditExecutives(CAE)shouldreporttotheAuditCommittee,therebyindicating

thatinmanyIndiancompanies,managementplaysakeyroleinoversightofthe

InternalAuditfunction.

TheInstituteofInternalAuditors(IIA)recommendsthattheCAEshouldfunctionally

reporttotheauditcommitteeandadministrativelytotheCEO*.

Whom should IA report to? the two schools of thought

OpinionsaredividedintermsofwhomIAshouldreporttointheorganization.There

arethosewhostatethatIAshouldreporttothebusinessheads(CEO,CFO,etc.)

withadottedlinetothechairoftheAuditCommittee.Othersareoftheopinionthat

IAshouldbemadeaccountablesolelytothechairoftheAuditCommittee.The

justificationforthelatteristhatIAsresponsibilitieshaveincreasedmanifoldand

henceIAneedsgreaterindependencetodischargeitsresponsibilities.Thereisalso

theviewthatmanyoftheareasinwhichIAprovidesassurance,fallwithintheCFO's

remit.ReportingtotheCFOcouldcompromiseIAsabilitytoobjectivelyreporton

seniormanagementactivitiestotheauditcommittee.Onewaytoovercomethis

problemisbyhavingtheCAEreporttotheCEO.

Point of View

Enhancing Independence of IA

TheheadofIAshouldhaveclearauthoritytocommunicatedirectlyandontheirinitiativetotheboardandmembersoftheAudit

Committee(AC).Forinstance,headofIAshouldmeetprivatelywiththeboard/ACwithoutthepresenceofmanagement.This

shouldreinforcetheindependenceanddirectnatureofthereportingrelationship

ThereportinglineshouldfacilitateopenanddirectcommunicationswiththeCEO,theseniorexecutivegroupandlinemanagement

Theboard/ACshouldhavethefinalauthoritytoreviewandapprovetheannualauditplan

Theboard/ACshouldalsoreviewtheperformanceoftheheadofIAandtheoverallinternalauditfunctionatleastonceayear,

andapprovethecompensationlevelsforheadofIA.

(*Source:InternalauditsroleineffectivecorporategovernanceKPMGinAustralia;IIAPracticeAdvisory1110-2:ChiefAuditExecutiveReportingLines,December2002)

Positioning

IAsindependence

7



15/38

ThosewhoareinfavorofIAreportingtothebusiness,statethatIAismerelyan

extensionofthebusiness,anditistaskedwiththeresponsibilityofmonitoringadequate

checksandbalancesoverbusinessactivities.MakingIA'sreportingprocessindependent

fromthebusinesscouldalsoresultinIAbeingconsideredasanoutsiderandtherefore

notbeingproperlyengagedbythebusinessinprocessandcontrolimprovement

initiatives.Besidestheabove,thereisalsothequestionastowhetherauditcommittees

areequippedtohandletheadditionalresponsibilitiesassociatedwiththeoversightofIA

(i.e.whetheranon-executivedirectorshouldbeaccountableforanexecutivefunction

unlessthereisanexecutivelayerinbetween)

GiventheprosandconsassociatedwithbothschoolsofthoughtandregardlessofIAs

reporting,IAsaccessibilitytotheauditcommitteeandcreatingtherightclimateforopen

andtransparentcommunicationbetweentheCAEandthechairoftheauditcommittee

isextremelyimportant.Inthiscontext,privatesessionsorexecutivesessionswhichare

facetofacemeetingsbetweentheauditcommitteechair

andtheCAE,supportedbyproperagendas,executive

summariesanddetailedfindingsreportareinvogue.Ata

minimum,executivesessionstakeplacepriortoeachaudit

committeemeeting.ThesemeetingsprovideboththeCAE

andtheauditcommitteechairwithanopportunitytoshare

eachothersconcernsandviewsonwhatisgoingoninthe

business.Inbetweenformalsessions,CAEsshouldalso

havetheflexibilityofraisingissuesinformallywiththeaudit

committeechairifthereisareallyburningissuethatsimply

cannotwaituntilthenextformalmeeting.

47%

18%17%

2%

17%

0%

25%

50%

75%

Audit Committee Chief Executive

Officer

Chief Financial

Officer

Legal / General

Counsel or Chief

Risk Officer

Other

Figure 7

Who should the Chief Audit Executive report to?




16/38

AmajorityoftheIndiancompaniesbelievethatthecurrentfinancialcrisishasnothad

amajorimpactonIAfundinganditsactivities.

Eightythreepercentoftherespondentshaveindicatedthattheircurrentbudgetsand

workforceareadequateinrelationtotheirrequirementsforIAcoverageand

executionoftheIAplan(seeFigure8).

Positioning

IAfunding

Yes, 83% No, 17%

0% 25% 50% 75% 100%

Figure 8

Is the budget and workforce available to IA sufficient

in providing adequate coverage?

9




17/38

1



18/38

People

Withitsincreasedfocusonvaluecreation,internal

auditwillneedtoacquirenewskillsbytrainingand

hiringnewtalent,orsourcingfromoutsideservice

providers.Newskillsthatmayberequiredinclude

strategicoperationalknowledge(supplychain,

sharedservicesoroutsourcing),cross-cultural

trainingforglobalorganizations,knowledgeof

emergingmarkets,riskmanagementand

evaluation,dataanalytics,fraud,andmore.

MichaelJ.Nolan,HeadIARCS,KPMGInUS

EdwardF.Smith,KPMGsAuditCommitteeInstitute

Source:FindingNewValueinInternalAudit,2008

11



19/38

IAstaffingandskillsetsareproficientingeneralauditingandtraditionaloversight

areassuchasfinancialreporting.Inareasrequiringspecialistskills,talentacquisition

andretentionposeasignificantchallenge.

IAskillsetsareconsideredverygoodtogoodinareassuchasfinancialreporting

andaccounting,internalauditstandards,operationalauditing,legalandregulatory

complianceandprocessimprovement.Incomplexandspecialistareassuchas

businesscontinuity,jointventure/licensing,environmental/sustainability,

engineeringandmergerandacquisitiontransactions,IAskillsetsrangefrom

averagetopoor(seeFigure10).TherelativeabsenceofIT,forensicspecialistsand

engineersisachallengethatIAfunctionsneedtoovercome.

LackofdefinedcompetencymodelsandlearningmapsforIAprofessionalsis

citedasthemainchallengeintermsofdevelopingIAskillsets.Thisindicatesthat

organizationsneedtoworktowardsmappingskillsrequiredtodelivereffectiveIA

engagementstotheskillsthatarepresentinthefunctionanddevelopa

frameworkforenhancingandre-toolingIAskillsets.Inadequateallocationoftime

toIAtraining,qualityofIAtrainingprogramsandabsenceofdefinedcareer

progressionareallcitedbyrespondentsastheotherreasonsforIAsinabilityto

developandretainspecialistskills(seeFigure11).

Sixtyninepercentofthesurveyrespondentsindicatedthattheydidnothavea

formalprogramtorotateprofessionalsinthebusinessthroughtheIAfunction

(seeFigure9).ThishighlightsthatthereisaneedtopositionIAjobsmore

positivelywithinorganizationsandIAcareerpathsneedtobeintegratedwiththe

widerorganizationalpeopleprocessesinordertoenhanceIAscompatibility,both

technicallyandculturally.

People

IAtalentmanagement

1



20/38

No

69%

Yes

31%

Wherequalityisgood/verygood

1Financialreportingand

accounting

2Compliancewithinternalaudit

standards

3 Operationalauditing

4Legalandregulatory

compliance

5 Processimprovement

Wherequalityisaverage

1 Informationsystems

2Useoftechnologyand

analytics

3Fraudpreventionand

detection

4 Enterpriseriskmanagement

5 Distribution/supplychain

Wherequalityispoor

1 JointVenture/Licensing

2 Environmental/Sustainability

3 Engineering

4Mergersandacquisitions

transactions

5 Businesscontinuityplanning

Quality of experience and technical skills in the Internal Audit function to provide coverage of

risk areas requiring specialist skills

Key challenges in developing the skills of your existing Internal Audit function?

Lack of defined competency models and learning maps 39%

34%

31%

25%

7%

24%

0% 25% 50%

Lack of appropriate training materials / programs

Lack of time to dedicate to training

Lack of defined career progression

Other

Not applicable

Figure 9

Figure 10

Figure 11

Existence of a formal program to rotate professionals

in the business through Internal Audit

13






21/38

Point of View

Overcoming the people challenge

ToattracttalentedpeopleinIA,thefirstthingthatneedstohappenistohaveastrongleaderatthehelm.

QualitiesthatanIAleadershouldpossess: Heorsheshouldbesomeonewhoisindependentminded,hasstronginter-personalskills,agoodunderstandingofbusiness

needsandtheabilitytobuildrelationshipsbothwithinandoutsidethefunction

ManyorganizationsarenowlookingtoCAEcandidateswhohavehandledseniorpositionsinbusinesseitherwithinoroutside

theorganization

PeopleskillsareconsideredveryimportantinthecontextoftheCAEbeingabletoattractgoodpeopleandalsobeingableto

developrelationsandwintheconfidenceofstakeholders.

GiventheimportanceoftheIAfunction,boththeauditcommitteechairmanandCEOshouldbeinvolvedintheselectionofthe

CAE.

Attracting the best people to IA some key aspects to consider BecauseIAjobsareconsideredresponsibilityoriented,itisimportanttoeffectivelycommunicateIAsimportanceandposition

IAjobsasopportunitiestogainanin-depthunderstandingofkeyorganizationalrisksandprocesses

CAEsshouldtakeapersonalinterestingroomingandmotivatingtalentedpeopleinIA.Enhancingskillsetsthroughperiodic

formalandinformaltrainingisakeystepthatCAEswillneedtogetinvolvedwith

AuditcommitteechairsintheWestareengagingwiththeirCAEstodiscussaboutIAskills,trainingprograms,careerdevelopment

andsuccessionplanning.ThesearemeasuresthatarebeingusedbytheauditcommitteestoevaluatetheperformanceoftheCAE

IAjobsshouldbepositionedasavitalstepincareerprogression.Overthelongerterm,IAsroleinsuccessionplanningwithin

theorganisationisimportanti.e.IAshoulddemonstratethatithashelpedgroomanddevelopbusinessleaders.

StaffrotationprogramsinvolvingrotationofbusinessmangerstotheIAfunctioncanplayanimportantroleinmeetingsomeofthe

challengesrelatingtodevelopmentofskills.Suchprogramsofferdualbenefitssuchas:

BusinessmanagershelpincreasetheIAfunctionsoverallknowledgeofbusinessoperations

Businessmanagersdevelopaholisticunderstandingoforganizationalprocessesandemergingrisksandshouldalsobeableto

applyIAdisciplinesaroundrisksandcontrolstobusinessoperations.

Todoathoroughjob,theteamshouldinclude

engineersandeconomistsapartfromthe

financialexperts

1



22/38

Completionofauditplanisachallengewithatleast25percentoftherespondents

completinglessthan80percentofthetheirauditplanoverthepasttwoyears.

IAfunctionsthathaveaco-sourcedmodelaregenerallybetteratexecutingover80

percentoftheauditplanascomparedtothosethathaveanoutsourced/in-house

model(seeFigure13).Areasonforthisisthataco-sourcedmodelcombinestheskill

setsofanoutsourcedproviderwiththeknowledgeofoperationsandcompany

processesofanin-houseIAfunction.AmongstthoseIAfunctionsthathavean

outsourcedmodel,surveyrespondentshaveindicatedthattimeandproject

managementarethekeychallengestocompletingtheauditplan.However,amongst

thoseIAfunctionsthathaveaco-sourced/in-housemodel,assignmentofresources

toprojectsnotpartoftheIAplanwascitedasthemainchallengeincompletingthe

auditplan(seeFigure14).Factorssuchasinadequatesupportfromauditeefunctions

andauditeenon-readinessarestillbeingcitedasconcernsbythesurveyrespondents

incompletingtheauditplan.ThisreinforcestheneedforbetterindependenceforIA

andfrequentinteractionsbetweentheCAEandCEO/boardandauditcommittee

chairshouldhelpalleviateinovercomingthesechallenges.

People

ExecutionoftheIAplan

27%

33%

22%

8%

4% 4%2%

26% 26%

18%

15%

7%

3%5%

0%

10%

20%

30%

40%

100% 90-99% 80-89% 70-79% 60-69% 50-59% Less than 50%

Prior Year % Two Years Ago %

Extent of audit plan completion over the past two years

Figure 12

15




23/38

32%

46%

22%

27%

52%

22%

0%

10%

20%

30%

40%

50%

60%

Outsourced Model Co-sourced Model Inhouse Model

Prior Year % Two Years Ago %

33%

23%

26%

28%

17%

15%

49%

44%

46%

50%

42%

41%

18%

34%

28%

22%

41%

45%

0% 25% 50% 75% 100%

Allocation of IA resources to projects not in IA plan

Workforce below the required levels

Difficulties in obtaining specialised skills

Issues related to managing time and IA projects

Inadequate support from auditee functions

Auditee non-readiness

Very Challenging Somewhat Challenging Minimal Challenge

Extent of audit plan completion over the past two years

Nature and degree of key challenges faced in completing the audit plan

Figure 13

Figure 14

1





24/38

Sourcingparametersthattakeaccountofstakeholderexpectations,theorganizational

cultureandtheriskprofileneedtobeclearlyidentifiedtoovercomeIAchallenges

relatingtoappropriateriskcoverage,adequacyofspecializedskillsandIAplan

execution.

Whilecompliance/regulatoryaspectsareexpectedtocontinuetooccupyIA

resourcesandpriorities,overthenextonetotwoyears,processimprovements

andfraudrisksarealsoareaswhichareexpectedtovieforIAresources(see

Figure15).TheAuditCommitteeJourneysurvey(Nov08-Feb09)conducted

jointlybyKPMGsAuditCommitteeInstitute(ACI)andtheNationalAssociationof

CorporateDirectors(NACD),whichincludedauditcommitteemembersfrom

Indiancompanieshashighlightedthatauditcommitteemembersareleast

confidentabouthowthecompanyisaddressingITrisk,fraudriskandother

significantrisksfacingthebusiness,andthe

waytheyaremonitored.Thefindingsofthis

globalsurveyalsoconfirmthatthereare

issuesaroundtheadequacyofspecialist

skillsincomplexareas.

Theneedforoperationalandtechnical

skillswithinIAcoupledwiththe

challengesfacedincompletingtheaudit

plansexplainswhyanoverwhelming

77percentofthesurveyrespondents

saidthattheyusedthirdpartyservice

providersforstaffingtheIAfunction

(seeFigure16).While30percentof

respondentshadcompletelyoutsourced

theirIAfunctions,anequalnumberhad

hiredexternalpartiesforobtaining

accesstospecializedITskillsandfor

achievingcompliancerequirements

(Clause49).

35%

38%

51%

40%

8%

57%

72%

22%

83%

4%

0% 30% 60% 90%

Major programs risk (IT,

construction, etc.)

Contract risk

Information security

IT risk

Mergers and acquisition risk

Fraud

Process Improvement

Tax risk

Compliance / Regulatory

Other

People

Sourcingchallenges

Allocation of IA time and resources over the next 1-2 years

Figure 15

17




25/38

Point of View

The changing IA landscape and its impact on sourcing?

Withpressuremountingtodelivermoreandinordertocometotermswithskill

gaps,internalauditisundoubtedlyatacrossroadsinitsevolution.

Theever-growingneedforspecialistresourcesmeansthatIAqualifiesasaprime

candidateforstrategicsourcing.Inaneconomicslowdown,whencost,efficiency,

andflexibilityareparamountcompaniesareincreasinglysourcingfunctionsoutside

theircorecompetenciesasawayofreducingcosts,freeingupcapital,achieving

greaterflexibilitytorespondtorapidlychangingbusinessconditions,andenhancing

theirabilitytofocusonwhattheydowell.

Inadditiontogainingaccesstostrategicskillsandhelpingmanagecosts,IAsourcing

arrangementsalsooffercompaniesaccesstoglobalresources,leading

methodologiesandpractices.

Itistypicallynotsoeasyfororganizationstoenterintotherightsourcing

arrangement.Executivesshouldbesuretocompletetheassessmentphasebeforemovingtotheselectionphase.Thefollowingaspectsshouldbeconsideredwhile

assessingtheprovidersofIA:

Accesstoresourceswiththerightspecializedskills

Culturalcompatibility

InternalAuditsourcingexperienceinsame/similarindustry

Knowledgesharingcapabilitiesrelatedtointernalauditandriskmanagement

Globalreachtothecountries/regionsthatalignwiththeorganization

Yes

77%

No

23%

AchievingleadingIA

capabilitiesrequiresa

significantlevelof

investmentinskilled

resources,methods,training,careerpaths

andtechnical

infrastructure.

Maintainingthose

capabilitiesrequiresa

sustainedlevelof

investmentinboth

goodandchallengingeconomictimes

Use of third-party service providers

by the IA function

Figure 16

1




26/38

Processes

Traditionally,IAinIndiawasasupplementtostatutory

audit,veryoftenpreemptingthetestsandchecksthey

wouldperformtohelpensureintegrityoffinancial

reporting.Howeveroverthepastdecade,thefocushas

broadenedtoincludeinternalcontrolsoveroperational

andsupportprocesseswhichmaynothaveany

implicationonfinancialreporting.Maturecompanieshave

beguntoadopta

risk-basedapproach,whereintheeffortoftheIAfunction

isfocusedonthemoresignificantandprobablerisks.

InternalAuditshouldbecapableofanticipatingemerging

risks,andtakingtheinitiativetoadjustauditplansand

activitiesaschangesinthebusiness,thecontrol

environment,andtheeconomicenvironmentoccur.

19



27/38

ThereisstillsomewaytogoinmakingIAplansriskbased.EvenwhereIAfunctions

dohavearisk-basedplan,IAneedstoovercomethechallengeofaligningitsrisk

assessmentswiththeenterprise-wideviewofrisks.

OnewouldhaveexpectedavastmajorityofIndiancompaniestohaveadopteda

riskapproachtoIA.However,32percentofsurveyrespondentsindicatedthat

theirIAfunctionsdonotperformariskassessment(seeFigure17).Thisindicates

thatthereisstillsomewaytogoinmakingIAplansriskbased.

Insomeways,thesurveyresultsactuallymirrortheviewsthatcametothefore

duringKPMGspolloncorporategovernanceinIndia(Dec08-Jan09)andthe

globalauditcommitteemembersurvey(TheAuditCommitteeJourney,Nov08-

Feb09)whichhighlightedthatthequalityofriskmanagementisakeyconcern.

Mostboardsarestrugglingtounderstandtheadequacyofmanagementsrisk

managementprocesses,thelinkageofstrategiestorisksandtheirorganizations

processestoidentifyandrespondtoemergingrisks.Thisisreflectedbythefact

thatstrategicrisksarecoveredinonly46percentofIAriskassessments(see

Figure20).

ManyIndiancompanieshaveimplementedriskmanagementandinternalcontrol

systemsinresponsetothemandatoryrequirementsunderClause49(Amended)

oftheSEBIlistingagreement.Itisprobablytruethatinanumberofcases,risk

assessmentsarecarriedoutwithacompliancemindset.InanumberofIndian

companies,thefrequencyofriskassessmentisannualandIAoftendrivesthe

riskassessmentprocessacrosstheorganization.DespiteIAriskassessments

seekingactivemanagementparticipationandhavinganenterprise-widecoverage,

62percentoftherespondentshaveindicatedthatIAriskassessmentsareonlysomewhatalignedtotheenterprisewideviewofrisks(seeFigure18).Thismis-

alignmentmaybeattributedtothefactthatriskthinkingisyettobefully

embeddedintheorganizationalprocessesleadingtoalackofclarityaroundrisk

ownership.IAlackingsufficientexperienceandknowledgeofkeybusinessrisks

hasfurthercontributedtothismis-alignment.

Processes

IAriskassessments

Veryoftenrisk

managementis

viewedasasenior

managementor

internalauditdomainandthisiswherethe

problemlies.The

challengeliesin

embeddingrisk

thinkingwithinthe

rankandfileofthe

organization

2



28/38

8%

54%

38%

Well aligned and strong interaction with proactive sharing of risk and control information

Somewhat aligned and some interaction and sharing of risk and control information on request

Not aligned and limited interaction with no sharing of risk and control information

85%

53%

68%

65%

23%

0% 30% 60% 90%

Enterprise-wide coverage

Input from other risk management

functions

Active participation by executive

management

Active participation by business unit

management

Active participation by external audit

46%

81%87%

90%

18%

0%

25%

50%

75%

100%

Strategic Financial

Reporting

Operational Compliance Others

Yes

68%

No

32%

Formal risk assessment performed

by the IA department

Extent of alignment of IA risk assessment with enterprise

wide view of risk

Figure 17

Participation in the risk assessment process Nature of risks covered by IAs risk assessment

Figure 19

Figure 20

Figure 18

21







29/38

Point of View

Is IA prepared for a paradigm shift in its objective?

Expectations from IA are changing

AuditcommitteesarenolongersatisfiedifIAmerelyprovidesassuranceonthe

effectivenessofinternalcontrolsbasedonanannualauditplanandriskassessment.

AuditcommitteestodayexpectIAfunctionstoevaluatetheeffectivenessofthe

enterprisewideriskmanagementprocessesandalsoexpectIAtobringinformation

tothemonemergingrisks.AuditcommitteesaremoreconcernedifIAperceptionsof

keyrisksarenotalignedwiththebusinessviewsresultinginthelackofaholistic

viewonkeyrisks.TheimportantquestionthoughisIsIApreparedforthischangein

itsobjective?

Making the transition

ToenableIAtotransitioneffectively,itisimportanttoembedriskthinkingandrisk

assessmentpracticeswithinbusinessunitsaspartofthebusinessplanningand

strategyprocess.OwnershipforriskmanagementshouldrestwithinthebusinessunitsandtheCEOshoulddrivethischangewithintheorganizationbyraisingthe

profileofriskmanagement.Transferringriskmanagementownershiptothebusiness

shouldresultingreaterclarityaroundrisksandfacilitateconvergenceofthetop-down

andbottomsupviewonrisks.ThiswouldalsoenableIAtoindependentlyevaluate

theeffectivenessofthemanagementsriskmanagementprocesses.

2



30/38

Point of View

The Institute of Chartered Accountants of Indias (ICAI) guide

on Risk Based Internal Audit (RBIA)

Asitsprimaryactivity,internalauditingshouldheadtowardspromotingrisk

managementinanorganizationandadoptaRiskBasedInternalAudit(RBIA)methodologythatprovidesanassuranceonthemanagementofrisksasagainstan

assuranceoncontrolprocessesundertraditionalmethodology.

Themeasuringyardstickformanagingrisksistheriskappetiteaslaiddownbythe

Board.Itmaybenotedthatonlythoseorganizationsthatarereasonably

risk maturedwouldbeauditableunderRBIAmethodology.

InRBIA,IAreviewsthemanagement'sriskassessmentprocesstoconcludewhether

torelyonitornot.Iftheriskassessmentisreliable,theinternalauditorconcludes

theauditplanasperthemanagementsriskassessment.

Certainfactorsthatinternalauditmayuseindeterminingriskmaturityaresetout

below:

Definedprocessestoidentifyandassessrisks

Riskresponsesareidentified,documentedandthereisclarityonownershipand

actions

Riskappetiteisdefinedatbothagross(inherent)andnet(residual)level

Managementhassetupprocessestomonitorcontrols/actions,reviewresults,

andreportonthemtotheBoardandexecutivemanagement

Thereareprocessesinplacetoidentifyandassessemergingrisksthatarisefrom

strategicchangesandupdatethemintheriskregisters

Managersprovideassuranceontheeffectivenessoftheirriskmanagement

Managersareassessedontheirriskmanagementperformance

Wheretheriskassessmentisnotreliable,internalauditcannotproceedunderthe

RBIAmethodology.Ithastoadopttraditionalinternalauditandcarryoutrisk

assessmentalongwithmanagementtoidentifysignificantriskstobeincludedinthe

auditplan.

Riskspertainingto

thecompanyare

identifiedbythe

managementby

adoptingaconsistententerprisewide

processandclassified

intocritical,high,

moderateandlow

categories.These

risksarethen

assessedperiodically

bytheconcerned

processownersand

reviewedbytherisk

management

committee.IAsroleis

tomonitorthecontrol

measuresand

mitigationplansthroughperiodic

evaluationofERM

23



31/38


32/38

14%

21%

40%

27%

48%

29%

29%

3%

0% 20% 40% 60%

Not applicable

Full ownership for the program

Full responsibility for testing of controls

Testing of high-risk controls only

Review of process documentation and

process owners

control testing completed by business

Internal control training for business

process owners

Implementation of control self

assessment

None

52%

54%

61%

57%

0% 25% 50% 75%

Providing assurance to CFO on

internal controls operation

Supporting internal audit efforts in

Controls testing

Embedding controls consciousness

within the organization

Providing a basis for management

to identify and deal with controlviolation and deficiencies

Point of View

A perspective on how globally many companies achieved sustainable compliance

CompanieslistedintheUSstockexchangesarerequiredtocomplywithSection404oftheSarbanesOxleyActof2002(SOX).In

theinitialyearsofcomplyingwiththisregulation(2005and2006),manyorganizationsincurredhugecostsastheydeployed

externalresourcesandre-directedtheirIAresourcestowardsSOXtesting.Infact,inmanycompanies,IAbecamemorefocused

onfinancialreportingrisksatthecostofoverlookingsomeoftheoperatingandstrategicrisks.

Someofthebiggestorganizationsrealizedveryquicklythatthismethodofachievingcompliancewasflawedandunsustainable.

Thistrendalsobroughtabouttherealizationthattooptimizecompliancecostsinthelongrun,itwasessentialtoembedcontrols

consciousnesswithinthebusinessandgraduallydecreasethedependenceonexternalandIAresources.Againstthisbackground,

manyorganizationssuccessfullyimplementedCSAandreducedtheircostsofcompliancetosustainablelevels.Thisalsomeantthatorganizationscouldre-directandre-toolIAresourcestofocusonthekeybusinessrisksthatmatter.

CSAoffersseveraladvantagestoanorganizationsuchas:

1.Achievingreductionincostsofcontrolandcompliancebyreducingadd-ontestingefforts

2.Aligningcontrolstestingeffortsandresourcestoriskprofile

3.Embeddingcontrolsconsciousnesswithinthebusiness

4.PrioritizingIAinvolvementincontrolstestingbyfocusingonkeycontrolsinhighriskareasandrelyingonbusinesstestingin

lowriskareas/lesscomplexareas

5.EnablingIAtofreeupresources,tofocusonprovidingrobustriskassurance.

Role of the IA function in helping the organization comply Internal

Control Regulations (SOX/ Clause 49, etc.)

Purpose of Control Self Assessment

Figure 22

Figure 23

25





33/38


34/38

74%

19%

6%0%

25%

50%

75%

Within the last year One to two years ago Over two years ago

60%

68%

81%

77%

39%

3%

0% 25% 50% 75%

Documenting expectations prior to audit

Focusing audit on the key business risks

Regular communications

during audit

Audit closing meeting to

measure achievement of expectations

Post audit survey

Other

No

39%Yes

61%

Is an independent review carried out prior to issu-

ing the Internal Audit report?

Figure 25

Indicate when the last external quality assessment

review was performed

Methods used by IA to ensure service delivery quality and auditee satisfaction

Figure 27

Figure 28

Yes

31%

No

69%

Does Internal Audit undergo an external quality

assessment review?

Figure 26

27


KPMGinIndiaandBSE'sInternalAuditSurvey2009 KPMGinIndiaandBSE'sInternalAuditSurvey2009




35/38

84%

46%

86%

38%

17%

46%

29%

11%

50%

60%

32%

3%

0% 25% 50% 75% 100%

Completed audits in comparison to the audit plan

Length of time for issuing audit reports

Significance of audit findings and recommendations

Length of time to resolve audit findings

Budget in comparison to actual hours per audit

Revenue enhancement, savings or

cost reductions identified

Results from auditee surveys

Results from other stakeholders surveys

Percentage of recommendations implemented

Process improvement recommendations

Support of key business initiatives

Other

Point of View

Levers for improving IA effectiveness

Meetingthechallengesinvolvedintheareaofauditqualityandenhancingauditefficiencyrequiresadoptionofqualitystandards

andperformancemeasures.Someimprovementleversinclude:

Developmentofstandardizedworkingpapers,documentationrequirementsandreportingformats

Ongoingsupervisionofauditsandotherprojectsandregularreviewofworkingpapers

Usageofsoftwaretoolsfordataanalysis,automationofauditdocumentation,issuetrackingandresolution

IndependentreviewofinternalauditreportsandtheirapprovalbyCAE

Surveyingorobtainingfeedbackfromstakeholdersoncompletionofauditandotherprojects

DefiningperformancemeasuresandtrackingandreportingofIAsperformanceagainstsuchmeasures.

Itiscrucialtoestablishawelldefinedqualityassuranceprogramthatincludesamixofinternalandexternalqualityassessmentsto

assessthequalityofIAsperformance,itsefficiencyandeffectivenessinmeetingtheneedsofitsstakeholders.

AccordingtotheIIA*,internalassessmentshouldbeperformedthroughongoingmonitoringofIAperformanceandperiodic

reviewsperformedthroughself-assessmentorbyotherpersonswithintheorganizationwithsufficientknowledgeofinternalaudit

practices.Externalassessmentsmustbeconductedatleastonceeveryfiveyearsbyaqualified,independentreviewerorreview

teamfromoutsidetheorganization.

Moreover,havingregularexecutivesessionsbetweentheauditcommitteeandtheCAE(orequivalent)canfacilitateafrankand

openendeddiscussionaboutconcernsandexpectationswhichinturncanalsoaidinarobustperformancemeasurementoftheIA

functionbytheauditcommittee.

Metrics used to measure Internal Audit effectiveness

Figure 29

2



*IIA-QualityAssessmentManual,5thedition


36/38

Clearlythereisscopeforenhancingcoverageofinternationaloperationsknowledge

oflocallawsandregulationsandemergingriskissuesposethebiggestchallengein

coverageofinternationaloperations.

While15percentoftherespondentsdidnotcoverinternationaloperationsintheir

auditplan,52percentoftherespondentsweresomewhatornotsatisfiedwith

theircoverageofinternationaloperations(seeFigure30)

Knowledgeoflocallaws/regulations(73percent),knowledgeofemergingrisk

issues(47percent)anduseofastandardizedmethodology(32percent)were

citedasthemajorchallengesfacedbyrespondentsinconductingauditsfor

internationaloperations(seeFigure31).

Processes

Internationaloperations

14%

43%

9%

18%

15%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45%

Highly satisfied

Somewhat satisfied

Not satisfied

No international operations

International operationsnot covered in audit plan

31%

16%

28%

32%

73%

47%

0%

20%

40%

60%

80% Language and culture

Use of standardized

methodology (quality

challenges)

Knowledge of local laws /

regulations

Knowledge of emerging risk

issues

Travel time and cost

Other

How satisfied are you with the risk coverage of international operations?

Major challenges faced in conducting audits for international operation.

Figure 30

Figure 31

29





37/38

KPMG in India

KPMGistheglobalnetworkofprofessionalservicesfirmswhoseaimistoturn

understandingofinformation,industries,andbusinesstrendsintovalue.

InIndiathefirmoperatesfromitsofficesinMumbai,Pune,Delhi,Kolkata,Chennai,

BangaloreandHyderabad,andoffersitsclientsafullrangeofservices,including

financialandbusinessadvisory,taxandregulatory,andriskadvisoryservices.

TheIndianmemberfirmsaffiliatedwithKPMGInternationalwereestablishedin

September1993.Asmembersofacohesivebusinessunittheyrespondtoaclient

serviceenvironmentbyleveragingtheresourcesofaglobalnetworkoffirms,

providingdetailedknowledgeoflocallaws,regulations,marketsandcompetition.We

provideservicestoover2,000internationalandnationalclients,inIndia.KPMGhas

officesinIndiainMumbai,Delhi,Bangalore,Chennai,Hyderabad,KolkataandPune.

ThefirmsinIndiahaveaccesstomorethan3000Indianandexpatriateprofessionals,

manyofwhomareinternationallytrained.Westrivetoproviderapid,performance-

based,industry-focusedandtechnology-enabledservices,whichreflectashared

knowledgeofglobalandlocalindustriesandourexperienceoftheIndianbusiness

environment.

Bombay Stock Exchange (BSE)

BombayStockExchangeistheoldeststockExchangeinAsiaandhasplayedapre-

eminentroleinthedevelopmentoftheIndiancapitalmarket.EarlieranAssociation

OfPersons(AOP),BSEisnowacorporatisedanddemutualisedentity,withtwo

leadingglobalExchanges,DeutscheBrseandSingaporeExchange,asitsstrategic

partners.

BSEprovidesanefficientandtransparentmarketfortradinginequity,debt

instrumentsandderivatives.Italsoprovidesahostofotherservicestocapital

marketparticipantsincludingriskmanagement,clearing,settlement,marketdata

servicesandtraining.Ithasaglobalreachwithcustomersaroundtheworldanda

nation-widepresence.BSEsystemsandprocessesaredesignedtosafeguard

marketintegrity,supportthegrowthofthemarketinIndia,andstimulateinnovation

andcompetitionacrossallmarketsegments.

Aboutthesponsors

3



38/38

in.kpmg.com

KPMG in India

Mumbai

KPMG House, Kamala Mills Compound

448, Senapati Bapat Marg,Lower Parel, Mumbai 400 013

Tel: +91 22 3989 6000

Fax: +91 22 3983 6000

Delhi

Building No. 10, 8th Floor

Tower B, DLF Cyber City

Phase ll, Gurgaon

Haryana 122 002

Tel: +91 0124 307 4000

Fax: +91 0124 307 4300

Pune

703, Godrej Castlemaine

Bund Garden

Pune - 411 001

Tel: +91 20 3058 5764/65

Fax: +91 20 3058 5775

Bangalore

Maruthi Info-Tech Centre

11-12/1, Inner Ring Road

Koramangala, Bangalore 560 071

Tel: +91 80 3980 6000

Fax: +91 80 3980 6999

ChennaiNo.10, Mahatma Gandhi Road

Nungambakkam

Chennai - 600034

Tel: +91 44 3914 5000

Fax: +91 44 3914 5999

Hyderabad

8-2-618/2

Reliance Humsafar, 4th FloorRoad No.11, Banjara Hills

Hyderabad - 500 034

Tel: +91 40 3046 5000

Fax: +91 40 3046 5299

Kolkata

Infinity Benchmark, Plot No. G-1

10th Floor, Block EP & GP, Sector V

Salt Lake City, Kolkata 700 091

Tel: +91 33 44034000

Fax: +91 33 44034199

Kochi

4/F, Palal Towers

M. G. Road, Ravipuram,

Kochi 682 016

Tel: +91 484 309 4120

Fax: +91 484 309 4121

KPMG Contacts

Neville M. Dumasia

Executive Director and

Head - Governance, Risk and Compliance ServicTel: +91 22 3983 6402

e-Mail: [email protected]

Romal Shetty

Executive Director

Governance, Risk and Compliance Services

Tel: +91 80 3065 4100


Raman Sobti

Executive Director


Tel: +91 124 407 3801


Raajeev Batra

Executive Director


Tel: +91 22 3983 6404


Documents

IA ResearchC Users Varun AppData Local Temp Nps34D6