Regulation 19 — REGULATIONS_AUDIT
Original Rule Text
19. Right of access to Audit and Responsibilities of the auditable entity, (including Union and State Government) (Read with Regulation 8)
(1) Audit is conducted with reference to data, information and documents (includes accounts, vouchers, records etc) of the auditable entity. Audit’s access includes all data, information and documents, including electronic data and access to information systems of the auditable entity, as may be required and asked for by Audit. Audit’s access includes complete and timely access to confidential and sensitive data, information or documents, handling of which will be governed by Regulation 20.
(2) Audit may be conducted with reference to the data, information and documents,
(i) as may be available in the audit office and/or in the accounts office,
(ii) as may be accessed by or received in the audit office and/or in the accounts office,
(iii) in the office of the auditable entity or
(iv) at the site where the relevant records or data for audit are available or
(v) at such other place as may be decided by Audit.
(3) As given in Regulation 16, audit comprises elements of offsite/remote access/onsite audits combined with visits to auditable entity. In keeping with Comptroller and Auditor General’s authority to conduct audit, audit teams shall be, as determined necessary by Audit, deputed to the offices of the auditable entities from time to time. Audit teams are led by a team leader/supervisory officer.
(4) Audit may requisition basic records, data, information and documents, from the auditable entity, as soon as intimation for audit is given, to enable a systematic review and commence the audit assignment remotely by accessing such information ahead of visits to the auditable entity. In case information and data as requested cannot be made available in advance, the officer in charge at the auditable entity shall ensure that the basic records, data, information and documents as required in the requisition sent to him by the Audit, are kept ready before the arrival of the audit team.
Audit may even requisition basic records, data, information and documents for audit planning purposes, as deemed necessary.
(5) Any requisition, whether in advance or during the course of audit shall be made in writing or in recorded meetings and may be addressed to the persons in charge of various functions in the auditable entity or to the officer in charge of the auditable entity. (For the purposes of these Regulations, a communication/request by email shall always constitute a communication request in writing).
(6) It is the statutory obligation, of the officer-in-charge of the auditable entity, as per Section 18 of the Act, to comply with requests by Audit for data, information and documents, whether in advance or during the course of audit, within the specified time. The time within which data, information and documents are to be furnished to Audit, will be mentioned in the requisition. (Reasonable time is determined considering the nature and quantum of the data, information and documents requested by Audit and the urgency of the matter).
(7) The auditable entity will be responsible for ensuring completeness and reliability of data provided to Audit. (8) The auditable entity shall provide access to its information systems and data as requested by Audit, irrespective of the fact whether the systems are owned, maintained and operated by the auditable entity or by any other agency on behalf of the auditable entity. Such access maybe through interfacing the IT system of the audit office with the audited entity’s IT systems or establishing alternative equivalent methods of data access for the audit office.