Exposure Draft of SIA 310, Reporting and Conformance with Standards on Internal Audit

editor7 15 Oct 2025 408 Views 0 comment Print CA, CS, CMA | News

SIA 310 provides guidance on reporting internal audit results and ensuring conformance with Standards on Internal Audit (SIAs). Internal audit reporting serves two key purposes: assignment-level reporting, which communicates audit objectives, scope, findings, and management responses after each engagement, and periodic reporting, summarizing results across engagements for oversight bodies. The standard emphasizes clear, objective, and evidence-based communication that highlights risks, control weaknesses, and root causes while recognizing effective practices. Reports must be factually accurate, include management responses and agreed-upon corrective actions, and document any unresolved disagreements between auditors and management. Effective reporting supports transparency, accountability, and informed decision-making while enhancing governance, risk management, and internal control frameworks.

Internal auditors are required to maintain professional skepticism, ethical conduct, and adherence to ICAI’s Code of Ethics throughout the reporting process. Reports should indicate compliance with applicable SIAs, summarize observations with supporting evidence, and provide actionable recommendations with responsible parties and timelines. Draft reports are circulated for management review, and final reports are issued within a reasonable timeframe. Documentation must include cross-references to audit work papers, management action plans, circulation records, and any dispute resolution correspondence, ensuring a structured, verifiable, and consistent reporting framework aligned with professional standards.

The Institute of Chartered Accountants of India

Standard on Internal Audit
(SIA) 310
Reporting and Conformance
with Standards on Internal
Audit

1. Introduction

1.1 Reporting the results of internal audit activities is a core responsibility of the internal audit function and a key driver of its value to stakeholders. Effective communication of internal audit outcomes enhances transparency, accountability, and informed decision-making. It facilitates oversight by management and those charged with governance, and supports continuous improvement in governance, risk management, and control processes.

Internal audit results are typically reported in two primary forms:

Assignment-Level Reporting: Following the completion of internal audit, an Internal Audit Report is issued, detailing the objectives, scope, key observations, and management responses. These reports are shared with the auditee and other relevant stakeholders as per terms of engagement.
Periodic Reporting: At the end of a planned period, a comprehensive report covering all the internal audit activities and reporting the key results to the highest oversight body is prepared by the Chief Internal Auditor (or the Engagement Partner, in the case of external service provider). These reports may include summaries of engagement-level findings, status of corrective actions, risk themes, and internal audit performance metrics.

1.2 Conformance to Standards on Internal Audit (SIAs) ensures that internal audits are conducted in a structured, consistent, and professional manner, aligning with best practices, ethical principles, and regulatory expectations. Compliance with SIAs enhances the credibility, effectiveness, and reliability of the internal audit function.

1.3 This Standard provides guidance on how internal auditors ensure conformance with applicable SIAs and integrate them into their audit methodologies, documentation, reporting, and professional conduct.

1.4 Scope : This Standard covers the principles, essential elements and reporting requirements relating to the engagement-level internal audit reports. It also provides the foundation for entity-wide periodic reporting or to reports providing formal assurance opinions which are addressed in Standard on Internal Audit (SIA) 330, “Issuing Assurance Reports” and Standard on Internal Audit (SIA) 340, “Special Purpose Reports”.

2. Effective Date

2.1 This Standard is applicable to internal audit engagements commencing on or after a date to be notified by the Council of the Institute.

3. Objectives

3.1 The objective of this standard is to ensure that the engagement-level internal audit reports are consistently drafted with the aim to :

Promote understanding of risks, root causes, controls, and governance issues.
Clearly communicate significant findings arising from audit procedures to the auditee.
Provide actionable recommendations and devise agreed-upon action plans in concurrence with management to enable timely and effective remediation.

Provide a foundation for formal assurance, where applicable, in accordance with the Internal Audit Charter and stakeholder expectations.

Establish a framework for ensuring conformance with Standards on Internal Audit (SIAs).

4. Requirements

4.1 Basis of the Report (Refer Para. A1)

The Internal Auditor shall ensure that Internal Audit Report:

Clearly articulates the audit scope, objectives, methodology, and period covered.
Summarizes significant observations, supported by analysis, evidence, and root cause assessments, focusing on material risks and control weaknesses. (Refer Para. A1)
Confirms conformance with applicable professional standards, including the Standards on Internal Audit issued by ICAI. (Refer Para. A2)

Details agreed-upon corrective actions, responsible persons for the same, implementation timelines, as part of a constructive and collaborative resolution process of the audit findings.
Indicates the nature and level of assurance, if applicable, in line with the engagement objectives and as pre-agreed with stakeholders.
Reflects balanced reporting, recognizing effective controls and positive practices alongside areas for improvement.
Documents instances where the internal auditor and management disagree on recommendations and/or action plans and notes such unresolved matters in the final report for escalation to the appropriate level of governance.

4.2 The Internal Auditor shall circulate a draft report for management review and feedback before final issuance to ensure factual accuracy and agreement on action plans. If internal auditors and management disagree about the recommendations and/or action plans and a resolution cannot be reached, the final observation must state both positions and the reasons for the disagreement.

4.3 The final report shall be issued within a reasonable timeframe of post- engagement and shall include the date of issuance.

4.4 Report Format and Content (Refer Para. A3)

The format and tone of the report should be fit for purpose and tailored to the audience, using professional judgment, while maintaining clarity and objectivity.

4.5 The Internal Auditor shall maintain Professional skepticism, and ethical judgement in line with the code of ethics issued by ICAI is exercised throughout the reporting process.

4.6 A Unique Identification Number (UDIN) may be generated and included as per ICAI guidelines.

*****

Application and Other Explanatory Material

A1. Basis of the Report (Refer Para. 4.1): Internal Audit Reports must be evidence-based, reflecting the audit procedures performed and findings supported by verifiable documentation. Observations may be prioritized based on risk significance and business impact.

The effective controls and practices followed may be acknowledged to promote a balanced perspective. Such inclusion should be based on relevance, materiality and agreement with management, in line with stakeholders’ expectations.

A2. Conformance with Standards on Internal Audit (Refer Para. 4.1): Internal auditors must ensure all engagements comply with Standards on Internal Audit as issued by the ICAI. Audit plans, execution, and reporting shall align with SIA requirements.

Internal Audit, report may explicitly state:

“The Internal Audit was conducted in accordance with Standards on Internal Audit issued by the Institute of Chartered Accountants of India.”

A3. Report Format and Content (Refer Para. 4.4): No standardized internal audit report format is mandated. The structure may vary depending on engagement complexity, stakeholder expectations, and reporting protocols. However, key elements such as executive summary, observations, risk materiality, impact, root cause, recommendations, and management response should typically be included.

I. Executive Summary

Purpose of the Audit: High-level objective of the audit assignment.
Scope & Coverage: Brief description of areas/functions audited.
Key Findings: Summary of significant issues or control gaps.
Overall Conclusion: Auditor’s assessment (e.g., Satisfactory, Needs Improvement).
Audit Opinion/Rating (if applicable): Risk rating of the control environment.

II. Detailed Observations

Each observation may include:

Observation Title/Number: For easy referencing.
Condition (What is): Description of the issue observed.
Criteria (What should be): Relevant standards, policies, procedures, or expectations.
Cause (Why it happened): Root cause analysis.
Effect/Impact (So what?): Risk or consequence of the control gap.
Risk Rating/Materiality: Classification (High, Medium, Low) based on severity, likelihood, and impact.

III. Recommendations

Actionable Suggestions: Specific, practical, and risk-based actions to mitigate the identified issue.
Priority Level: Based on urgency or risk rating.

IV. Management Response

Agreed Action Plan: Management’s proposed corrective action.
Responsible Person(s): Designated official(s) accountable for implementation.
Timeline: Target date for implementation of the recommendation.
Status (for follow-up reports): Implementation progress or closure status.

V. Appendices (if needed)

Audit Criteria: Referenced laws, regulations, or policies.
Methodology: Summary of procedures followed.
Documents Reviewed / Interviews Conducted.
Glossary of Terms or Abbreviations.

A4. Documentation: Internal audit documentation shall include:

Draft and final versions of the report, cross-referenced to working papers.
Any formal communication or dispute resolution correspondence related to findings or recommendations.
Management action plans with responsible persons and timelines.
Evidence of report circulation, discussions, and approvals.

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28

Enter your email Address

Exposure Draft of SIA 310, Reporting and Conformance with Standards on Internal Audit

Tags:

Join Taxguru’s Network for Latest updates on Income Tax, GST, Company Law, Corporate Laws and other related subjects.

Leave a Comment

Latest Posts

Violation of principles of natural justice and erroneous order cannot be reason to bypass alternative remedy

Trade Facilitation Measures within India’s Regulatory and Financial Framework

Tobacco Tax Overhaul 2026: GST Raised to 40% and RSP-Based Valuation Introduced

Open Garbage Bin & A Public Urinal In A Residential Area Violates Residents’ Right To Life: Delhi HC

Delhi HC Dismisses Reopening Based Solely on Audit Objection

GST Assessment Quashed as SCN Not Properly Served on Portal: Calcutta HC

Pre-Consultation Mandatory in Extended Limitation Cases for High-Value Excise/Service Tax Demands: Madras HC

Multiple GST SCNs Valid If Based on Distinct Discrepancies: Madras HC

Section 73, 74 & 74A: New Unified GST Demand Regime from FY 2024–25

GST’S effects on India’s federalism

Featured Posts

Open Garbage Bin & A Public Urinal In A Residential Area Violates Residents’ Right To Life: Delhi HC

Update on Advisory on Interest Collection and Related Enhancements in GSTR-3B

ITAT Deletes Section 68 Addition as AO Relied Solely on Generalized Penny Stock Report

Tax Audit under Income Tax Act 2025: Do You Know Physical Location & IP Address of Your Financial Data?

Income Tax Rule 205 Mandates Landlord Relationship Disclosure in HRA Claims

ROC Imposes Penalty for Delay in Filing DIR-12 After Company Secretary’s Resignation

Cash Deposits Cannot Be Treated as Unexplained Under Presumptive Tax Scheme: ITAT Kolkata

Mere Third-Party Excel Sheet Insufficient for Section 69 Addition: ITAT Chandigarh

200% Sec 270A Penalty Invalid for Failure to Specify Misreporting Limb: ITAT Delhi

200% Sec 270A Penalty Valid; Wrong VI-A deduction Misreporting; 270AA Immunity Denied

Popular Posts

Corporate Compliance Calendar for February 2026

Compliance Calendar for the Month of February 2026

Corporate Tax Rate Applicable for AY 2021-22, 2022-23, 2023-24, 2024-25, 2025-26 & 2026-27

February 2026 Tax Compliance Deadlines for Income Tax and GST

CAG: Empanelment of Chartered Accountant firms/LLPs for year 2026-2027

ICAI Empanelment to act as Observers at Examination Centres

180 Legal Compliances and Legal Updates for February 2026 in India

ICAI Revises CPE Rules: Seminar Hours Capped, Shorter Technical Sessions Allowed

Fast Track Merger under the Companies Act, 2013

Draft Income Tax Rules, 2026 – Major Changes in Employee Perquisites Valuation