Regulation 19 — Audit Regulations 2020

Audit Regulations 2020regulations-audit

19. Right of access to Audit and Responsibilities of the auditable entity, (including Union and State Government) (Read with Regulation 8)
(1) Audit is conducted with reference to data, information and documents (includes accounts, vouchers, records etc) of the auditable entity. Audit’s access includes all data, information and documents, including electronic data and access to information systems of the auditable entity, as may be required and asked for by Audit. Audit’s access includes complete and timely access to confidential and sensitive data, information or documents, handling of which will be governed by Regulation 20.
(2) Audit may be conducted with reference to the data, information and documents,
(i) as may be available in the audit office and/or in the accounts office,
(ii) as may be accessed by or received in the audit office and/or in the accounts office,
(iii) in the office of the auditable entity or
(iv) at the site where the relevant records or data for audit are available or
(v) at such other place as may be decided by Audit.
(3) As given in Regulation 16, audit comprises elements of offsite/remote access/onsite audits combined with visits to auditable entity. In keeping with Comptroller and Auditor General’s authority to conduct audit, audit teams shall be, as determined necessary by Audit, deputed to the offices of the auditable entities from time to time. Audit teams are led by a team leader/supervisory officer.
(4) Audit may requisition basic records, data, information and documents, from the auditable entity, as soon as intimation for audit is given, to enable a systematic review and commence the audit assignment remotely by accessing such information ahead of visits to the auditable entity. In case information and data as requested cannot be made available in advance, the officer in charge at the auditable entity shall ensure that the basic records, data,
Regulations on Audit and Accounts 2020 19
information and documents as required in the requisition sent to him by the Audit, are kept ready before the arrival of the audit team.
Audit may even requisition basic records, data, information and documents for audit planning purposes, as deemed necessary.
(5) Any requisition, whether in advance or during the course of audit shall be made in writing or in recorded meetings and may be addressed to the persons in charge of various functions in the auditable entity or to the officer in charge of the auditable entity. (For the purposes of these Regulations, a communication/request by email shall always constitute a communication request in writing).

What This Means

The auditable entity (any government office or body being audited) must provide complete and timely access to all data, information, documents, and IT systems that the CAG's audit team requires. Audit can be conducted at the audit office, accounts office, the entity's own office, or any relevant site. The entity must keep records ready before the audit team arrives and comply with all requisitions within the specified timeframe. Failure to provide access is a statutory violation under Section 18 of the DPC Act.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Key Points

1Auditable entities must provide complete access to all data, documents, and IT systems — including electronic data
2Audit requisitions must be complied with within the time specified; this is a statutory obligation
3Records can be requisitioned even before the audit team arrives, for planning purposes
4All requisitions must be in writing or recorded in meetings; emails count as written requests
5The entity is responsible for ensuring completeness and reliability of data provided to Audit

Practical Example

The AG (Audit) office sends a requisition letter to the District Collector's office requesting 3 years of expenditure records under the MGNREGA scheme, two weeks before the audit team is scheduled to arrive. The Collector's office must compile all files, vouchers, and digital records and keep them ready. If the office uses an NIC-maintained IT system for payments, it must also provide the audit team access to that system, even though a third party manages it.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Frequently Asked Questions

Can the auditable entity refuse access to confidential or sensitive documents?▼

No. Regulation 19(1) explicitly states that audit access includes confidential and sensitive data, though its handling will be governed by Regulation 20's confidentiality provisions.

What if the IT system is managed by a third-party vendor and not the government office directly?▼

Regulation 19(8) clarifies that the entity must provide access regardless of whether the systems are owned, maintained, or operated by the entity itself or by any other agency on its behalf.

What constitutes a valid audit requisition?▼

Any written communication or recorded meeting request. An email specifically qualifies as a written request under this regulation.

This explanation was generated with AI assistance for educational purposes. Always refer to the official gazette notification for authoritative text.

Regulation 19 — Audit Regulations 2020

Original Rule Text

What This Means

Key Points

Practical Example

Frequently Asked Questions

Related Rules