Blogs


Configuring audit trails -Design of Architectural, Interior designing, and Design MEP functions

  The auditors usually examine the documents, computer files, and other records during an audit to determine the history of transactions and how these have been performed/handled by the company.Activities:An audit trail can be effectively implemented if prior coding schemes have been implemented for digitalization purposes.An approach for developing coding schemes is given in chapter 9 of my handbook, and  this article would focus only on configuring audit trails, The following 13 activities must be performed to configure the audit trail for the three design functions.1. Consolidate and provide users and IT equipment-related inputs to IT/ERP teams·      List of Designers (also called users here)and designer’s employee codes,·      User’s level·      User’s position·      List of vendors, customers, and other business associates who access the functional software·      User’s location, including remote location·      IT equipment /computer /workstation unique serial number assigned to users and their respective locations,·      Types /structure of audit reports required.·      List and types of documents for design /drawings (annex 22A & 23A in the handbook2. Refer to authorization profiles vis a vis following:·      Core design processes and activities (Refer to 1125 profiles given in annex 30A)·      Statutory processes and activities (Refer to 325 profiles shown in annex 30A)·      Configuration tables and fields (Refer to 95 profiles shown in annex 30A)·      Master data tables and fields (Refer to 280 profiles shown in annex 30A)·      supporting processes & associated activities such as Carrying out the risk assessment, assigning access rights, and all other supporting processes for design functions.The list of profiles, of course, can be expanded as required.3. In consultation with the Cross-functional team, the Internal Audit team, Finance, and Accounts teams propose features of “Audit Trail Software,” such as below, that need to be incorporated into the audit trail software.·      The username (Designer’s name) who accessed the system along with level, position, and design function·      The date and time when the system was accessed.·      The duration (hours, minutes, seconds) of each such access.·      The computer, terminal, machine, device name, and unique number are used for access.·      Particulars of the workflows/ core design processes, statutory processes configuration tables, master data tables, data tables, and documents that were accessed along with “fields” accessed. ·      changes, if any, that were made to the above-listed aspects·      The planned duration of keeping audit trailed data (days/months/years) per the company's IT policy.·      Triggering communications to Architects or interior designers, or MEP designers as applicable owners for initiating countermeasures 4. Configure the operating system (OS) of the ERP system by the IT team to include audit trail features.5. Alternately negotiate and procure “Audit Trail Software,” as per required features meeting the needs of all functions6. IT team to install “Audit Trail Software,” procured in the development server7. Test “Audit Trail Software,” pilot data of each respective function in the test server8. Obtain training from the IT team/ERP specialists for performing audit trails.9. Transfer “Audit Trail Software” to the live Production Server for generating audit trails.10. Perform audit and submit audit trail-related findings/reports to the Designer’s HOD.  The audit trail software must be configured to enable an audit trail of any of the following transactions performed (including changes made) during a specified period by any designer vis a vis the following numbers identified in the handbook and expandable as required. :§  Any of 225 Core design activities listed in chapters 1,2,3 of the handbook and annex 21A(2), 21A(3), 21A(4), at my website)§  Any of 56 statutory activities are applicable vis-a-vis 325 authorization profiles (chapter 4 of the handbook and annex 21B).§  Any field choices in 3 configuration tables vis a vis  (chapter 5 of the handbook and list of t configuration tables in annex 24E).§  Any fields in 6 master data tables (chapter 6 of the handbook and list of master data tables in annex 24E).§  Any fields in 38 types of core documents in annex 22A (such as design brief documents, submission drawings, good for construction drawings, and tender documents( listed in chapter 17 of the handbook)§  Any fields in 31 types of statutory documents in annex 23A (such as statutory records/returns, statutory applications, licenses, approvals, etc.)It is pertinent to mention that design activities may be performed using any design software, such as the one below. Still, interfacing between the design software and the IT/ERP package would be needed to track design activities.·      ETAB, STADD, Auto cad, Revit Architect (BIM),3D Studio Max, Photoshop, Idea spectrum, real-time landscape pro, NCH software dream plan, smart draw, pro modeling suit max, Autodesk 3D’s, Revit MEP, AutoCAD Electrical, Auto Cad HVAC,  Ansys, Quick allot, or and project management software or an ERP solution for Design functions 11. Analyse audit trail reports and provide comments to the Internal audit team.This includes analysing the following etc., to identify suspicious or unethical activities.·      Who inside the design function or outside the functions accessed the design software or its ERP solution and performed design activities?·      Or Who made design changes (including circular changes to designs and drawings)?·      How much was the time of access or duration, \·      When were the design systems accessed?12. Initiate countermeasures to detect and prevent unauthorized or/and unethical transactions and enable benefits such as the below.·      Quality of design and drawings·      Customer’s design requirements·      Meet statutory compliances·      Project cost savings·      Preventing funds leakages·      Design Process efficiency enhancement·      Accuracy in financial reporting13. Reviewing and recommending enhancement of “Audit Trail Software” features to improve design efficiency and quality and enable online auditing vis-a-vis each function. Handbook of the author A template illustrating the list of activities to be performed for configuring audit trails is included in chapter 8) in the author's handbook and titled” ETHICS in the real estate and hospitality industry, Volume 1- Architectural, Interior design, and MEP services. “  


Developing an internal audit checklist for 584 business activities in Building Design functions

How to develop an internal audit checklist vis a vis 584 business activities in Building Design functions- (57 checklist points illustrated ) In a typical, mid-size construction organisation, Architects, Interior & MEP designers perform at least 584 activities which are a combination of hardcore designing and +statutory +techno- commercial activities. The number of activities can grow considerably as the number of design packages increases based on the complexity of the project and the features of the building to be designed.The narration of 584 business activities (for developing internal audit checklists) can be seen by visiting https://www.ethicalprocesses.com:  and clicking, on the landing page -Book-Business Activities-Index- annexure number and then download the same. The landing page leads the readers to various annexures which have 818 business activities out of which 584 are unique to design functions and another 234 are common to all functions and summarised below paragraph.The checklists of 584 activities include 225 core design and +56 statutory activities  vis a vis the below design packages ·       Structure design ·       Building Architecture·       Façade·       External development areas ·       Landscape-softscape·       Interior designing·       External and internal electricals·       HVAC Further, the checklists of 584 ,(in addition to 225 core+56 statutory )include 303 activities related to the  following:·       developing configuration tables  + master data tables (21+15)·       Carrying out risk assessment vis a vis core  & statutory activities +Configuration tables & master data tables (123)·       Assigning access rights to core, statutory activities,and fields in configuration tables and master data tables (60)·        Budgeting, MIS/dashboard, and  developing KPI for design functions(27+24+33) A ready reckoner of internal audit checklists In the table below, a checklist of 57 internal audit activities (10% of 584) has been illustrated and balance checklists can be directly developed by  Internal audit teams directly based on the approach mentioned below. Considering the technical character of Design functions, it is proposed that the internal audit team should pursue secondment ie. temporarily taking on loan an Independent Architect or interior designer, or MEP designer (from any project different from the one being audited) to support internal audit team to perform the internal audit for best results. Alternatively, the technical part of checklists can also be outsourced to professional design firms. The 584 activities are captured in a Table enclosed at the end of this article.Internal auditors can get further inputs for enhancing checklists by reading blogs that have already been published on my website https://www.ethicalprocesses.com or listening to videos published on my YouTube channel reference given below. :https://m.youtube.com/channel/UCYQxIjcMIlQmpRrnRNi54CQ Customisation of checklistsFurther, the customisation of checklists of 584 activities mentioned in the handbook can be done based on the likely impact of each design/business activity vis a vis 10 aspects listed below (similar to those highlighted in blue color in 57 checklists)·       Profitability/Revenue·       Accuracy ·       Existence/inclusion·       Completeness·       Statutory compliance·       Validity/validation ·       Measurement·       Occurrence·       Timeliness·       Rights and obligations Therefore, internal auditors can add or delete the checklist of 584 activities applicable to the respective Architect or Interior or MEP design functions.Approach for developing Internal Audit checklists  ·       Forming a cross-functional team (CFT) comprising of conventional internal auditor+ experienced but independent professionals from each of the Architect, interior designing, and MEP functions, (preferably from different project teams which are to be audited) ·       Alternately hiring these temporarily from 3rd independent design firms to ensure objectivity·       Referring to the above proposed 57 checklists as ready reckoner or an SOP of 3 design functions and developing checklists to evolve the scope of design activities to be audited.·       From the “Risk Register” maintained, identifying the risk level of each design activity as High, Medium, or Low risks, and accordingly planning frequency (Yearly, monthly, etc) and allocating internal audit resources to conduct internal audits. ·       In case organisations have not developed the risk registers, CFT can take guidance from Risk templates given in annex 13E,14D,15D, and 16D in the book ·       These 584 numbers include only Electricals & HVAC packages and will certainly increase based on the additional number of MEP / other packages. ·        234 activities related to developing SOP(36), designing coding schemes(27), configuring user traceability (33)+ audit trail (39)+document management system(36 hard documents+36 soft documents)+ financial authority norms (27)  are additional and not included in the above 584 internal audit checklists as  such activities are common to other functions . Thus total activities performed are 818(584+234) as analysed above .The Way forward for performing the internal audit once Checklists are ready and internal auditors /resources identified   The methodology to perform business activities can vary considerably from one organisation to another depending on the types of design software and ERP being used, size & complexity of construction processes, organisation structure/hierarchy, and degree of computerisation or digitalisation.Once the internal audit scope/checklists have been developed, the Internal audit team can develop an audit calendar and carry out the internal audit as per the usual methodology in their respective organisations such as submitting draft reports, discussing findings with auditees, and obtaining feedback from designers regarding countermeasures, and circulating the final report to all concerned including HOD and top management/board sub-committee for reviewing internal audit findings. You can read more about the 584 activities that can become part of the Internal audit scope from my handbook ETHICS in the real estate and hospitality industry, Volume 1- Architectural, Interior design, and MEP services “and refer to the website.                                                                    Proposed ready reckoner table -57 internal audit checklists Sn Function wise -narration of Internal audit checklist-57 illustrations   The proposed internal auditor/s Source -for developing checklist-i.e. Book chapter no/Website 1 Designing of Architecture of buildings Whether there is evidence that Concept designs and schemes are based on design calculations of PCC/Reinforcements requirements based on a factor of safety/Earthquake zone etc. and using software like STADD or ETAB.? Independent Architect Chapter 1, website Annex 21A(2) 2 Designing of Interiors of buildings Whether strategic plans for interior design are drawn comprehensively? Independent Interior designer Chapter 2, Website Annex 21A(3) 3 Designing of MEP services for buildings Whether Strategic plans for design aligned with the company’s vision of profitability? Independent MEP designer Chapter 3, Website Annex 21A (4)   And so on a checklist of a total of 225 core activities (118+37+70 vis a vis design of architect, interior, and MEP respectively) to be prepared in continuation to serial no 1,2, & 3 above, directly by the Internal audit team members based on inputs from the website As above As above 4 Internal audit of statutory activities- Statutory Process: Meeting RERA Compliances whether the builder obtained sanctioned plans/statutory approvals before commencing construction & did the builder regularly/timely upload the prescribed approvals on the company’s website? Internal Auditor +Legal person Chapter:1,2,3 &4 +Annex 2.14,20B & 21B in handbook 5  Statutory Process: Complying with The RERA-Real Estate (Regulation & Development) Act 2016 Whether evidence exists that the builder published on web site of RERA authority, Project wise details w.r.t projects registered, units booked, units under construction, list of approvals taken & pending vis a vis below aspects? Frequency = Q (Quarterly)and A (annually). Reporting Periods: Q3, Q4, Q1, Q2, F.Y. Target date: form & dates as announced/amended by statutory authority As above As above   And so on a checklist of 65 statutory activities (46+9+10 vis a vis design of architect, interior, and MEP respectively) to be prepared (in continuation to serial no 4 & 5 above) directly by the Internal audit team members based on likely adverse impact due to statutory non-conformances and inputs from the handbook. As above As above 6 Internal audit of activities for developing configuration tables-All 3 design functions. Whether each of the 3 design teams Identified the key “Configuration Tables” given correctly? Internal Auditor + Independent Architect or interior designer or MEP designer Chapter 5 Annex 21C(website) 7 Whether each of the 3 design teams has Identified the “fields” for each configuration table appropriately and completely not skipped any? As above Chapter 5 Annex 1A,1F,1G (in the handbook)   And so on, a checklist of 21 activities @7/ each design function to be prepared (in continuation to serial no 6 &7 above) directly by the Internal audit team members based on inputs from the handbook. As above As above 8 Internal audit of activities for developing Master data tables-All 3 design functions. Whether each of the 3 design teams has Identified the key “Master data Tables” correctly? Internal Auditor + Independent Architect or interior designer or MEP designer Chapter 6 Annex 21D(website) 9 Whether each of the 3 design teams has Identified the “fields” for each “Master data table” accurately/appropriately and not skipped any important field? As above Chapter 6 Annex 1A,1F,1G in handbook   And so on, a checklist of 15 activities @5/ each design function to be prepared (in continuation to serial no 8,9 above) directly by the Internal audit team members based on inputs from the handbook. As above As above 10 Internal audit of activities for carrying out risk assessment at the ”Organisation level and  core Process and core activity” levels Whether Cross-cross-functional (CFT) have been formed/exist for developing a risk management framework and are appropriate in terms of representation, levels/positions of members vis a vis each design function? Internal Auditor + Independent Architect or interior designer or MEP designer Chapters 10, & 1,2,3 and Annex 13B on the website 11 Whether aspects (such as competition, economy, political, social, building design substitutes, Govt policies customer demands, business associates, and Outages) considered for carrying out “a risk assessment at the  “organisation level” comprehensive? As above As above 12 Whether the Template -design for classifying risks (at the Organisation level) as High, medium, or low, robust/comprehensive enough? As above Chapters 10 Annex 13C in handbook   And so on, a checklist of 42 activities @14/ each design function to be prepared (in continuation to serial no 10,11,12 above) directly by the Internal audit team members based on inputs from the handbook. As above As above 13 Internal audit of activities for carrying out risk assessment at the ”Statutory  Process and statutory activity” levels Whether parameters, such as those below, for identifying risk at statutory process/activity levels are Comprehensive and appropriate? ·       Organisation level risk assessed in annex 13B ·       Likely adverse impact due to non-compliance on Corporate Governance & organisation reputation   Internal auditor+ legal professional 10 & 1,2,3,4 Annex 14B on the website 14 Whether the Template -design for classifying risks (at the statutory level) as High, medium, or low, robust/comprehensive enough? As above 10 & 1,2,3,4 Annex 14C in the handbook   And so on, a checklist of 27 activities @9/ each design function to be prepared (in continuation to serial no 13,14, above) directly by the Internal audit team members based on inputs from the handbook. As above As above 15 Internal audit of activities for carrying out risk assessment at the ”Configuration table level and field choice  levels” Whether parameters, such as those below, for identifying risk at the Configuration table level level-comprehensive and appropriate?   ·       Likely adverse impact on cycle time /throughput time of process execution for which configuration table is relevant ·       Process (using specifically identified configuration table) not getting executed completely   Internal Auditor + Independent Architect or interior designer or MEP designer 10 & 1,2,3,5 Annex 15B on the website 16 Whether the Template -design for classifying risks at the Configuration table level (as High, medium, or low) robust/comprehensive enough? As above 10 & 1,2,3,5 Annex 15C is in the handbook 17 Whether aspects, such as those below, for identifying risk at the “field choice level” of the Configuration table comprehensive and appropriate? ·        Field choice pertains to /and is relevant to business areas that can impact Project sales revenue or project costs or statutory conformance or project design or project quality or financial reporting ·       Implication of unauthorised accessing of “Field choice” or carrying out unauthorised amendment in “Field choice.” A few examples of field choices are as below: ·       Configuration/specifications of construction area or unit or building ·       Consultation consultant’s fee rate computation ·       Contractor’s rate computation ·       Payment terms with the consultants ·       Payment terms with the contractors  and so on   As above 10 & 1,2,3,5 Annex 15B on the website 18 Whether the Template -design for classifying risks at the Field choice level (as High, medium, or low) robust/comprehensive enough? As above 10 & 1,2,3,5 Annex 15D and 1A,1F,1G in the handbook   And so on, a checklist of 27 activities @9/ each design function to be prepared (in continuation to serial no 1516,17,18 above) directly by the Internal audit team members based on inputs from the handbook. As above As above 19 Internal audit of activities for carrying out risk assessment at the ”Master data table level and field  levels” Whether aspects, such as those below, for identifying risk at Master table levels Comprehensive and appropriate? a)      Likely adverse impact on Sales revenue vis a vis field accessed from Master data table during any activity execution b)      Likely adverse impact on Project costs vis a vis field accessed from Master data table during any activity execution c)       Likely adverse impact on Package specifications or Project package design vis a vis field accessed from Master data table during any activity execution d)      Likely adverse impact on BOQ quality or construction quality vis a vis field accessed from Master data table during any activity execution e)       Likely adverse impact on Statutory conformance vis a vis field accessed from Master data table during any activity execution Internal Auditor + Independent Architect or interior designer or MEP designer 10 & 1,2,3,6 Annex 16B on the website 20 Whether the Template -design for classifying risks at the Master data table level (as High, medium, or low) robust/comprehensive enough? As above 10 & 1,2,3,6 Annex 16C in the handbook 21 Whether aspects, such as those below, for identifying risk at the “field level” of the Master data table comprehensive and appropriate? ·       Purpose or ingredients of the field in business activity in which the intended “Field “is used. ·       Consequences of populating field inaccurately vis a vis revenue or project costs or statutory conformance or project design or project Quality or financial reporting     Some examples of Ingredients of Field that can influence the classification of risks in “Field” as High are as below in the case of   ·       Design -Robustness & safety, non-robust design vis a vis statutory sanctioned drawing or & safety, not meeting customer requirement & saleability ·       Fee or rate -Paying higher amounts to the consultant ·       Scope of work - Reduction of the scope of work & consequent incomplete work or & higher costs due to reduction of the agreement amount           And so on  Some examples of Ingredients of Field that can influence the classification of risks in “Field” as “Medium” are as below in the case of ·       Terms in agreement- non-robust or & unfavorable own company  ·       Scope of works- Compromising resulting in higher project costs ·       Approved Consultant or Service provider name -Deliberate change, in collusion or otherwise to unapproved name, thus compromising on the quality of BOQ or quality of construction or & speed of construction      And so on Ingredients of Field that can influence the classification of risks in “Field” as Low are as below in the case of ·       Address ·       City ·       PIN code   And so on   As above 10 & 1,2,3,6 Annex 16D in the handbook 22 Whether the Template -design for classifying risks at the Field level (as High, medium, or low) robust/comprehensive enough? As above As above   And so on, a checklist of 27 activities @9/ each design function to be prepared (in continuation to serial no 19,20,21,22 above) directly by the Internal audit team members based on inputs from the handbook. As above As above 23 Internal audit of activities for assigning access rights to Core activities -(@5 nos/each design function)   Whether parameters for developing segregation of duties (S-O-D) been identified completely such as below as necessary for assigning access rights? 1. Function: 2. Process Code for assigning access rights (from Annex 26A on the website): 3. Name of the Core process for SOD development: 4. Code for the core process (from Annex 20A on the website):      5. Core Activity Code (from Annex 21A (2),21A (3),21A (4)  as relevant on website: 6. Activity Description: Risk Classification at Core activity level (from Annex 13E) in the handbook: Provision for capturing of following in columns: 7)Profile numbers for accessing this core Activity 8) Access rights for Creating/initiating, Editing/modifying, Deleting, Viewing, Approving   9) Function number & name (from annex 12 in the handbook) 10)Team Number & name (from annex 12 in the handbook) 11)Employee Level 12) Positions within each level ·       Lower level-workmen, staff, Junior/Assistant manager & so on ·       Middle level-Manager, Senior Manager-Sr. Mgr. & so on ·       Higher level-General managers-GM, Directors- Internal auditor +IT/ERP professional 11 & 1,2,3 And Annex 26B on the website 24 Whether the Template -design for S-O-D comprehensive to capture all parameters?   As above 11 & 1,2,3 And Annex 26C in the handbook 25 Whether software programming to populate the S-O-D template at annex 26C user-friendly, accurate /bug-free and robust, and scalable? As above As above 26 Whether S-O-D template at annex 26C populated objectively, correctly, and without any bias and not skewed in favor of some select position/ level only? As above As above 27 Whether periodic changes like employee transfers. Elevations, and new levels incorporated timely/promptly in the S-O-D before determining access rights? As above As above   And so on, a checklist of 15 activities @5/ each design function to be prepared (in continuation to serial no 23,24,25,26 27 above) directly by the Internal audit team members based on inputs from the handbook As above As above 28 Internal audit of activities for assigning access rights to Statutory activities -(@5 nos/each design function) Whether parameters for developing segregation of duties (S-O-D) have been identified completely (parameters identical/similar to those listed at serial no 23 above and hence not repeated) necessary for assigning access rights to statutory activities? Internal auditor +IT/ERP professional 11 & 1,2,3 And Annex 27B on the website 29 Whether the Template -design for S-O-D comprehensive to capture all parameters?   As above 11 & 1,2,3 And Annex 27C in the handbook 30 Whether software programming to populate the S-O-D template at annex 27C user-friendly, bugs-free /accurate, and scalable? As above As above 31 Whether S-O-D template at annex 27C populated objectively, correctly, and without any bias and not skewed in favor of some select position/ level only? As above As above 32 Whether periodic changes like employee transfers. Elevations, and new levels incorporated timely and promptly in the S-O-D before determining access rights? As above As above   And so on, a checklist of 15 activities @5/ each design function to be prepared (in continuation to serial no 28,29,30,31,32 above) directly by the Internal audit team members based on inputs from the handbook As above As above 33 Internal audit of activities for assigning access rights to Configuration tables and field choices -(@5 nos/each design function) Whether parameters for developing segregation of duties (S-O-D) have been identified completely (parameters identical/similar to those listed at serial no 23 above and hence not repeated) necessary for assigning access rights to configuration tables and field choices?   Internal auditor +IT/ERP professional 11 & 1,2,3 And Annex 28B on the website 34 Whether the Template -design for S-O-D comprehensive to capture all parameters?   As above 11 & 1,2,3 And Annex 28C in the handbook 35 Whether software programming to populate the S-O-D template at annex 28C user-friendly, accurate, bug-free and robust, and scalable? As above As above 36 Whether S-O-D template at annex 28C populated objectively, correctly, and without any bias? As above As above 37 Whether periodic changes like employee transfers. Elevations and new levels are incorporated timely/promptly in the S-O-D before determining access rights? As above As above   And so on, a checklist of 15 activities @5/ each design function to be prepared (in continuation to serial no 33,34,35,36,37 above) directly by the Internal audit team members based on inputs from the handbook As above As above 38 Internal audit of activities for assigning access rights to Configuration tables and field choices -(@5 nos/each design function)  Whether parameters for developing segregation of duties (S-O-D) have been identified completely (parameters identical/similar to those listed at serial no 23 above and hence not repeated) necessary for assigning access rights to master data tables and fields? Internal auditor +IT/ERP professional 11 & 1,2,3 And Annex 29B on the website 39 Whether the Template -design for S-O-D comprehensive to capture all parameters?   As above 11 & 1,2,3 And Annex 29C in the handbook 40 Whether software programming to populate the S-O-D template at annex 29C user-friendly and accurate/bugs-free and scalable? As above As above 41 Whether S-O-D template at annex 29C populated objectively, correctly, and without any bias? As above As above 42 Whether periodic changes like employee transfers. Elevations, and new levels incorporated timely/promptly in the S-O-D before determining access rights? As above As above   And so on, a checklist of 15 activities @5/ each design function to be prepared (in continuation to serial no 38,39,40,41,42 above) directly by the Internal audit team members based on inputs from the handbook As above As above 43 Internal audit of activities for developing budgets --(@9 nos/each design function)  Whether Cross-cross-functional (CFT) formed for developing Budgets appropriate /correct in terms of representation, levels/positions of members vis a vis each design function to decide the following aspects? ·       Designing structure/contents of Budget at Organisation level/Business unit level ·       Designing structure/contents of Budget at the Functional level ·       Deciding the frequency (like annual) at which the Budget must be prepared & reviewed, and released to identified users ·       Planning timelines by which the Budget must be released in advance of the budgeting period ·       Identifying Functional coordinators for making and releasing Budget ·       Determining recipients of Budget documents ·       Deciding periodicity for reviewing Budget And so on Internal Auditor + Independent Architect or interior designer or MEP designer Chapter 13 @ 1,2,3 Annex 35B on the website 44 Whether key assumptions, vis a vis below, for developing a budget appropriately, comprehensively and well supported with logic? ·       Competition ·       Economy ·       Political ·       Social ·        Building (Saleable area) substitute ·        Government policies ·        Customer demands ·       Investments ·       Market size Any other relevant to each function As above     As above 45 Whether key budget parameters, as relevant, such as below being incorporated /included in the respective budgets of Design of Architects, Interior designing, and MEP functions? ·       Sales Revenue Targets ·       Project costs ·       Profitability in local currency & foreign currency terms Targets vis a vis i)                    Ongoing projects ii)                  New projects during the budget period As above     As above 46 Whether common key budget parameters such as those below have been comprehensively included in the functional budgets? ·       HR organisation structure/manpower numbers & value -subfunction wise ·       Completion Timelines vis a vis each design package- based on design stages in each project ·       Technology up-gradation/Skill acquisition--subfunction wise ·       Investments to be made/Assets to be acquired -names, quantity, values, and timelines ·       Expenses - local currency & foreign currency other than direct BOQ/Contract costs/consultancy fees ·       Reimbursements in local currency & foreign currency   As above     As above 47 Whether Budgeting is done fairly, accurately, and objectively, keeping aside vested aspects?  As above     As above   And so on, a checklist of 27 activities @9/ each design function to be prepared (in continuation to serial no 43,44,45,46,47) directly by the Internal audit team members based on inputs from the handbook As above     As above 48 Internal audit of activities for developing MIS/Dashboard -DB --(@8 nos/each design function)  Whether Cross-cross-functional (CFT) is formed /exists for developing MIS/Dashboard and is appropriate in terms of representation, levels/positions of members vis a vis each design function to decide the following aspects?   ·       Designing structure/contents of MIS or DB at the Organisation level/Business unit level ·       Designing structure/contents of MIS or DB at the Functional level ·       Provision for incorporating Budgeted or targeted KPI (key performance indicator) values based on Annex 35B ·       Frequency (like monthly) for which MIS or DB must be prepared and released to identified users ·       Timelines by which MIS or DB must be released ·       Functional coordinators for making and releasing MIS or DB Recipients or persons who are to be given access to MIS or DB ·       Periodicity for reviewing MIS or DB Internal Auditor + Independent Architect or interior designer or MEP designer Chapter 14 & 1,2,3 annex 36B at website 49 Whether MIS incorporates KPI for each function vis a vis Core processes, supporting processes that can impact Organisation’s profitability, Revenue, market share, costs, end-customer satisfaction, and shareholder value? As above As above 50 Whether MIS actual values computed and captured accurately based on accessing business transactions through key processes/activities, Documents, Configuration tables, Master data tables, and Data tables by functional teams?   As above As above 51 Whether MIS/Dashboard values are reviewed monthly/periodically/timely vis a vis Budgets/KPI by HOD /CEO/MD?  As above As above   And so on, a checklist of 24 activities @8/ each design function to be prepared (in continuation to serial no 48,49,50,51) directly by the Internal audit team members based on inputs from the handbook As above As above 52 Internal audit of activities for developing KPI/Key performance indicators --(@11 nos/each design function)  Whether the design/structure of the KPI documents is based on input from the CEO/MD and includes important aspects such as below preferably in a tabular format. i)KPI description ii)Measure of accomplishment iii)UOM iv)% weightage v) Target vi) Actual vii) any other aspects   Internal Auditor + Independent Architect or interior designer or MEP designer Chapter 18& 1,2,3 Annex 42B, Website 53 Whether for each design function, important KPIs such as those below, that can influence organisation level performance/profitability have been captured in the KPI document?  ·       No projects to be designed ·       Timeliness of design activities ·       Meeting statutory compliances ·       Comprehensiveness & accuracy of design ·       Quality of design ·       Technical support to various project teams & contractors ·       Cost reduction     As above Chapter 18& 1,2,3 Annex  at Website vis a vis each function such as: 43A-For Architects 43B-For int. design 43C-For MEP 54 Whether KPIs have been appropriately & accurately converted into KRA Targets -Key result areas of functional team members separately and well documented? ·       Higher level- Directors-Dir, General managers-GM & so on as applicable ·       Middle level- Senior Manager-Sr. Mgr., Manager, & so on as applicable ·       Lower level-, Assist. manager/Junior Mgr., staff & workmen so on as applicable As above As above 55 Whether measurement and actual capturing of actuals against the KRA target accurate? As above As above 56 Whether a robust mechanism exists to review KRA target vs Actual accomplishments? As above As above 57 Whether Performance appraisal at different hierarchical levels done based on the occurrence of actual accomplishment of KRA? As above As above   And so on, a checklist of 33 activities @11/ each design function to be prepared (in continuation to serial no 52,53,54,55,56,57) directly by the Internal audit team members based on inputs from the handbook As above As above