Audit & Assurance :-

  • 1. Do Internal Auditors have to comply with any professional ethics requirements?
  • Yes. Like most professionals, members must adhere to a code of ethics as part of following The ICAI / IIA Standards. In addition, other professional certifications that practitioners may hold typically require adherence to a standard of ethics.
    In addition to professional ethics requirements, the organization in which Internal Auditors are employed may have its own specific code of conduct, rules of behaviour and other ethical requirements that Internal Auditors need to be aware of, must comply with and may at times be responsible for validating compliance with.
  • 2. How much should a Company spend on Internal Audit?
  • The cost, focus and size of Internal Audit Function should be tailored to each company's individual needs. In addition, a company's written Internal Audit Charter, approved by the Audit Committee, will impact the amount of annual Internal Audit investment. The amount invested should depend on the level and complexity of risk a company faces, its industry profile and the responsibilities given to the Internal Audit Function.
    Depending upon the strategy, risk and scope of Internal Audit work, it is not uncommon for cost to fluctuate based upon significant events or changes that expose an organization to additional risks.
  • 3. How do we start an Internal Audit Function?
  • A suggested set of guidelines for starting an Internal Audit function includes:

    Develop an Internal Audit Charter, with Audit Committee input and approval.
    Complete an initial risk assessment with Company management and Audit Committee involvement.
    Develop an Internal Audit plan responsive to the risk assessment.
    Determine staffing requirements and whether the department will be staffed internally, co-sourced or outsourced.
    Plan and execute Audit work called for in the Audit plan, including a system to monitor and follow up on Audit recommendations.
    Update the risk assessment for changing circumstances during the year.
    Continuously enhance and modify the Internal Audit function to meet changing needs of management and the Audit Committee.
  • 4. What are the pros and cons of outsourcing / co-sourcing Internal Audit?
  • Earlier, most company Internal Audit function were staffed primarily in-house with full-time, dedicated employees. This structure worked adequately and can still be effective today, but only if full-time Internal Auditors possess all the skills needed to address key business risks faced by the organization. If this is not the case, then the Internal Audit function places its employer company at risk by not being able to address adequately the key risks that it has been asked to audit.

    As the concept of "core competency" gained more attention, companies evaluated many of their business functions and the potential for outsourcing them. Payroll, benefits, real estate, printing, informa­tion systems operation and maintenance, and even aspects of design or manufacturing, among other functions, were considered. Many companies found clear and tangible benefits, positive return on investment (ROI), and improved service levels as a result of outsourcing. In some cases, capital expenditures were reduced and the cost of these functions became more variable. Internal Audit functions were a part of this analysis, and several new Internal Audit outsourcing and co-sourcing organizations, including the large accounting firms, created new structures to provide such services.

    Given the dynamic risk environment, it is unlikely that a majority of Internal Audit functions have the continu­ous in-house capability to adequately address every risk they and their organizations must face. Thus, contracting, partnering or working with outside organizations that can provide specialized resources improves an Internal Audit function's ability to address risks and meet customer expectations. Additionally, these co-sourcing arrangements often assist in the knowledge transfer process to in-house resources, raising the level of competency of the func­tion's full-time employees.

    Benefits of outsourcing include :
    Quick start-up of the function and execution of work, including already-developed methodologies and audit tools provided by the outsourcing organization
    A variable-cost arrangement rather than a fixed-cost function
    Access to a greater number and wider range of resources
    Potentially greater objectivity and independence

    Ultimately, deciding whether to outsource Internal Audit is not a matter of considering the general pros and cons. Instead, each company should ask:

    If we currently do not have an Internal Audit function, are we better off taking the time and effort to start our own in-house Internal Audit function? Or should we initially outsource it to gain quick start-up and access to a greater level of expertise and broader level of resources, and then monitor this decision and delivery model to ensure it is effective?
    If we already have an Internal Audit function, do we have the resources we need to effectively address all of the key risks we face and in which Internal Audit should be involved? Do we need to have all of these resources in-house all of the time? Might we be better off considering an arrangement to have one or more outside organizations assist us with addressing our risks?

    There are many excellent Internal Audit functions consisting of primarily in-house, fully dedicated employee resources. What makes these functions most valuable, effective and appropriate, however, is recognition of their own limitations. Many large Internal Audit functions (more than 25 full-time employees) recognize that in today's complex business environment, it would be cost-prohibitive to have all of the right resources at hand all of the time. They also understand that various forms of co-sourcing arrangements have benefited them greatly along with the companies, management and audit committees they serve.
  • 5. Are there specific performance measures for Internal Auditing?
  • Like any function or process within an organization, appropriately developed performance measures help to drive results, performance, quality and continuous improvement. Internal Audit should also have its own set of perfor­mance measures or key performance indicators.

    Example performance measures for Internal Audit could include :


    Customer/process-owner satisfaction scores from auditees
    Audit committee and management evaluation scores
    Performance evaluation scores on Internal Audit staff
    Control breakdowns/deficiencies in areas recently reviewed by Internal Audit
    Results of internal and independent quality assessment reviews


    Percentage of fully loaded Internal Audit cost as a percentage of company revenues and assets
    Actual cost per Internal Audit report and average
    Average cost per Internal Auditor
    Average cost per Internal Auditor
    Training cost and training cost per auditor
    Costs related to use of outside resources


    Report cycle time from completion of fieldwork to issuance and finalization of report
    Budgeted hours versus actual hours by individual audit
    Percentage of audits called for in the audit plan that are not yet complete
    Unresolved/incomplete recommendations from prior audit reports
    Average length of audit assignment in person hours or weeks
    Major risk areas not audited in the last year
    Aging/status of open, unresolved audit findings (especially those beyond their due date)


    Degree of reliance on Internal Audit work by external auditor
    Percentage of assets, revenues, locations, business units, etc., covered by the Internal Audit plan
  • 6. What is an Integrated Audit?
  • A good way to think about an integrated audit is that it encourages a holistic approach to the internal audit pro­cess. To fully incorporate integrated auditing into an internal audit approach, auditors must be able to understand and assess the risks the organization faces at the strategic, operational and tactical levels. They also need to know about corporate governance, risk management and control models. Internal audit functions should consider moving toward using this audit approach if they are not already doing so.

    In the past, the term "integrated audit" was used to describe performing a single audit to address both automated and manual controls and related risks at the same time. These days, the term refers to audits of internal control that are integrated not just across the process and IT areas, but also across all three spheres of: financial reporting, regulatory compliance and operational effectiveness and efficiency.
  • 7. How can management utilize Internal Audit most effectively?
  • Internal audit represents a valuable resource to management as it seeks to meet business objectives, especially as it relates to the objectives of internal control: efficiency and effectiveness of operations, reliability of financial reporting, compliance with applicable laws and regulations, and the safeguarding of assets.

    Each company's Internal Audit function possesses unique individuals, skills and competencies, which management needs to understand and use effectively in helping meet its objectives. Internal Audit should not be a function for the exclusive use of the audit committee. An Internal Audit function, by its very nature, is a part of management's systems of internal control and thus should be an asset and tool for management.

    While the charter of, need for and capability of each company's internal audit function vary, management may find the following suggestions helpful in determining how to best leverage internal audit resources to achieve strong, well-designed and effective risk management, internal control and corporate governance processes:

    Utilize Internal Audit resources as part of the company's enterprisewide risk assessment/management pro­cess to identify, source, measure, prioritize and develop a plan to address and manage the most significant business risks it faces in achieving its business objectives.
    Provide key input to the Internal Audit function in the development of the annual Internal Audit plan and changes to the plan during the year to focus limited resources on risks and areas of the greatest importance.
    Consider how the Internal Audit function might be used as a rotational management-training program for company employees. Also, consider how guest Auditor and short-term temporary assignments of employees can provide needed specialized skills to the function. Evaluate and discuss with Internal Audit the need to supplement its resource base and skill sets with outside resources.
    Support the function in connection with its key findings and its plan for process owners to make changes and improvements to internal controls and process issues and deficiencies.
    Visibly support and encourage the mission and efforts of the Internal Audit function with an appropriate "tone at the top."
    Work closely with the audit committee to help ensure the Internal Audit function remains objective and adds value to the organization.
  • 8. What is an Audit Committee's role with respect to an Internal Audit function?
  • Although the exact nature, charter, scope and reporting lines of Internal Audit may vary between companies, the Audit Committee plays a key role in supporting and overseeing aspects of an Internal Audit function's activities. While needing to ensure it does not assume day-to-day oversight activities on behalf of management or the Inter­nal Audit function, the Audit Committee generally should be involved in the following matters :
    Provide input and approve the written charter for the Internal Audit function, including periodic review and updating.
    Understand, discuss and approve the company's risk assessment and resulting Internal Audit plan. As appropriate, review, discuss and approve changes to the audit plan during the year.
    At least annually, evaluate the Internal Audit function in relation to meeting the needs of the company and the Audit Committee, including compliance with its written charter.
    Hold executive sessions with the company's Chief Audit Executive.
    Provide input and direction as to the appropriate escalation protocols for significant findings and issues.
    Review, discuss and approve the compensation of the Chief Audit Executive, any changes therein and the hiring or termi­nation of the Chief Audit Executive.
    Understand, discuss and approve the funding level for the Internal Audit function, and discuss its appropriateness and adequacy with management and the Chief Audit Executive.
    Review ongoing activities of the Internal Audit function, including its reports, and inquire as to any other matters that should be brought to the committee's attention.
    Direct the Internal Audit function, as necessary, to perform special reviews on behalf of management or the Audit Committee, including investigations of fraud or suspected fraud.
    Participate with Internal Audit to design and provide control, governance and ethics training to employees.
    While the above listing is not intended to be all-inclusive, it provides reasonable overall guidance. Each Audit Committee should discuss, along with input from management, the role it should play in connection with the company's Internal Audit function.

Human Resources Management :-
  • 1. What Is Human Resource Management (HRM)?
  • Human Resource Management (HRM) is the function within an organization that focuses on recruitment of, management of, and providing direction for the people who work in the organization.

    HRM deals with issues related to people such as compensation, hiring, performance management, organization development, safety, wellness, benefits, employee motivation, communication, administration, and training. HRM is also a strategic and comprehensive approach to managing people and the workplace culture and environment. Effective HRM enables employees to contribute effectively and productively to the overall company direction and the accomplishment of the organization's goals and objectives.
  • 2. What Is Human Resource Development (HRD)?
  • Human Resource Development (HRD) is the framework for helping employees to develop their personal and organizational skills, knowledge, and abilities. Human Resource Development includes such opportunities as employee training, employee career development, performance management, coaching, mentoring, succession planning and critical resource identification.

    The focus is on developing the most superior workforce so that the organization and individual employees can accomplish their work goals while servicing customers.
  • 3. Isn't HR just about policy and forms?
  • It is not true. HR is about keeping a business legally compliant (the fines can be outrageous) and finding solutions that benefit the company and show appreciation for the employees. These solutions come in many forms - communications, benefits, compensation, strategy, coaching, etc.
  • 4. How will UNI's HR programs help your company?
  • Our HR programs will assist your company in several ways:
    Setting up clear expectation (for both the leader and the employee)
    Creating open communication between all in the company
    Creating consistency in dealing with issues
    Creating employees satisfaction
    Creating sense of belongingness
  • 5. How can HR contribute to small sized companies and SMEs?
  • HR is not about the size of the company – all companies can benefit from HR expertise regardless of size. At UNI in particular we learn about you, your business, and your goals and tailor programs to guide you to success.

  • 6. How can you know whether UNI HR Consulting is right for your organization?
  • Our consulting team is equipped with the skills and expertise to provide you with valuable experience and perspective. If your company is facing challenges in taking key decisions, we can help you to clarify your mission or strategic vision, evaluate programs and services, and improve administrative or financial management to save time and money.
  • 7. What are the features a company should look for while procuring UNI's HR solutions?
  • UNI HR solutions come with the following features


    Training Performance Competency HRIS
    Training needs User defined appraisal processes Skills & competencies Employee database management
    Training calendar KRA & goal setting Mapping of skills to positions Organisation hierarchy
    Training attendance and feedback Multiple Rating scales Skill & gap analysis Position Administration
          Compensation & Benefits

    Training Performance Competency HRIS
    Training needs User defined appraisal processes Skills & competencies Employee database management
    Training calendar KRA & goal setting Mapping of skills to positions Organisation hierarchy
    Training attendance and feedback Multiple Rating scales Skill & gap analysis Position Administration
          Compensation & Benefits


    Payroll Reimbursements Flexible Benefits
    Salary & Wages Medical/ LTA/ Telephone/ Vehicle expenses Non-monetory benefits
    Provident Fund/Profession Tax/ESI Entitlements & limits Tax efficient salary
    Full & Final Settlement Claims & approval  


    Travel Expense
    Entitlements Eligibility
    Travel expense claims Expense claims
    Workflow based approval Allocation to project/cost center
      Workflow based approvals


    Leave Attendance
    Leave policies Biometric Attendance system
    Credit, carry forward and availing rules Multiple shift & rotation pattern definition
    Regularisation of past month absence Late & overtime rules
      Roistering (Muster maintenance)
      Workflow based approvals

Integrated Risk Management :-

  • 1.What is Enterprise Risk Management (ERM)?
  • COSO (Committee Of Sponsoring Organisations - of the Treadway Commission) defines ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
    This definition reflects certain fundamental concepts of Enterprise Risk Management which are :
    A process, ongoing and flowing through an entity.
    Effected by people at every level of an organization.
    Applied in strategy-setting.
    Applied across the enterprise, at every level and unit.
    Designed to identify potential events affecting the entity and manage risk.
    Able to provide reasonable assurance to an entity's management and Board.
    Geared to the achievement of objectives in one or more separate but overlapping categories – it is “a means to an end, not an end in itself.”
  • 2.Who is responsible for ERM?
  • Because the emphasis is on strategy-setting, ownership begins at the top of the organization with executive management and cascades downward into the organization to unit and functional managers. In addition, there is the Chief Risk Officer (or equivalent Executive) and there may also be one or more Risk Management Committees, depending on the nature and complexity of the risks and the need for cross functional and cross-unit coordination.
  • 3. What are the steps companies can take immediately to implement ERM?
  • There are steps that any organization can take to implement ERM :

    Adopt a common risk language.
    Effected by people at every level of an organization.
    Perform a gap analysis of the current and desired capabilities around managing the critical risks.
    Articulate the risk management vision, goals and objectives.
    Advance the risk management capability of the organization for one or two critical risks.

    While there are other possible steps, the above are an excellent beginning and provide a simplified view for getting started with ERM implementation. It is also important to inventorise what has already been done and to achieve visible early successes. The key is to keep the effort simple and focused by integrating the ERM related activities into the business strategy and plan.
  • 4. Is ERM applicable to smaller and less complex organizations?
  • All organizations face business risk, regardless of size. Organizations ignore risk at their own peril. No organization can afford to stand pat with its existing risk management capabilities; therefore, every organization should evaluate how it can improve its risk management. The COSO framework is useful for this purpose because its gives each organization a framework with criteria against which to compare its existing risk management capabilities.
  • 5. Are standards for implementing ERM different for private and public companies?
  • The COSO framework applies to all organizations, large and small, public and private. The methods used to apply the components of the framework may vary depending on the organization's size, objectives, strategy, structure, culture, management style, risk profile, industry, competitive environment and financial wherewithal.
  • 6. What is the COSO Enterprise Risk Management – Integrated Framework?
  • The framework encompasses, but does not replace, the Internal Control – Integrated Framework published by COSO in 1992.

    As outlined by COSO, the framework provides eight components for use when evaluating ERM:

    1 Internal environment: This component reflects an entity’s enterprise risk management philosophy, risk appetite, board oversight, commitment to ethical values, competence and development of people, and assignment of authority and responsibility. It encompasses the “tone at the top” of the enterprise and influences the organization’s governance process and the risk and control consciousness of its people.
    2 Objective-setting: Management sets strategic objectives, which provide a context for operational, reporting and compliance objectives. Objectives are aligned with the entity's risk appetite, which drives risk tolerance levels for the entity, and are a precondition to event identification, risk assessment and risk response.
    3 Event identification: Management identifies potential events that may positively or negatively affect an entity's ability to implement its strategy and achieve its objectives and performance goals. Potentially negative events represent risks that provide a context for assessing risk and alternative risk responses. Potentially positive events represent opportunities, which management channels back into the strategy and objective-setting processes.
    4 Risk assessment: Management considers qualitative and quantitative methods to evaluate the likelihood and impact of potential events, individually or by category, which might affect the achievement of objectives over a given time horizon.
    5 Risk response: Management considers alternative risk response options and their effect on risk likelihood and impact as well as the resulting costs versus benefits, with the goal of reducing residual risk to desired risk tolerances. Risk response planning drives policy development. 
    6 Control activities: Management implements policies and procedures throughout the organization, at all levels and in all functions, to help ensure that risk responses are properly executed.
    7 Information and communication: The organization identifies, captures and communicates pertinent information from internal and external sources in a form and timeframe that enables personnel to carry out their responsibilities. Effective communication also flows down, across and up the organization. Reporting is vital to risk management and this component delivers it.
    8 Monitoring: Ongoing activities and/or separate evaluations assess both the presence and functioning of enterprise risk management components and the quality of their performance over time.

    The thought process underlying the above framework works in the following manner: For any given objective, such as operations, management must evaluate the eight components of ERM at the appropriate level, such as the entity or business unit level.
  • 7. Why should directors be concerned about whether their companies implement ERM?
  • Most directors want answers from management to the following questions:

    What are your critical risks to the execution of the business model and strategy? How do you know?
    How are you managing the critical risks? Are the risks undertaken consistent with the organization's risk appetite? How do you know?
    When there are significant changes in the underlying risks the organization faces, are you informing the board in a timely manner?

    If directors desire greater involvement in formulating strategy and assessing risk, they are likely to start by working with executive management to understand the enterprise's current strategic position as clearly as possible. 
  • 8. Will implementation of the COSO Enterprise Risk Management – Integrated Framework prevent fraud?
  • Think of the COSO Enterprise Risk Management – Integrated Framework as an enhancement to the Internal Control – Integrated Framework. To the extent that elements of internal control are in place to prevent, deter or detect fraud, ERM is intended to enhance internal control in the management of all risks, including fraud risk.
  • 9. Are there risks associated with not having an ERM process in place and, if so, what are they?
  • Without ERM in place, management and directors face the prospect of not having sufficient processes in place that will provide them high confidence that their organization is identifying and managing all potentially significant risk

Operations Management :-

  • 1. How can UNI contribute?
  • Team UNI don't just come in and tell people what to do. Our objective is to serve on the front lines, alongside the rest of the Management Team, taking full responsibility for our efforts and sharing responsibility for the success of the business, in a professional manner.

    In short, Team UNI has the "ability to maximise operational efficiencies, unlock growth & empower transformative change."
  • 2. Why are UNI's services different?
  • Growing, financing, and operating a business is difficult, but having timely access to accurate market intelligence, a properly positioned product/service offering, an effective plan and competent help can make a huge difference.

    While most companies probably understand what they need to do, many lack the dedicated planning staff required to sustain the kind of vigilance, discipline, and competent efforts necessary for achieving these results.
  • 3. How can your Company get the UNI advantage?
  • Since UNI offers Effective, Efficient and Affordable solutions, it would be advantageous for Companies to outsource such functions in their Organizations that are problematic or cumbersome to manage. We can serve as the strategic planner at all levels for our client companies, with a clear commitment and structured list of project milestones, deliverables, and timeframes for completing each assignment.

Portfolio Assessment :-
  • 1. What is Credit assessment?
  • It is the process by which the lender assesses the credit worthiness of the borrower. In other words it is the assessment of the various risks that can impact on the repayment of loan.
  • 2. Why credit assessment of individual or group is required?
  • Credit appraisal is required to access the credit risk and it aims at reducing the risk by applying and formulating precautionary measures. An individual's deemed available income and repaying capacity are the two primary factors that decide the eligibility for a loan. Our user-friendly "Calculator" is helping credit officers to decide on the loan eligibility of an individual or group.
  • 3.Why is "Credit" regarded as one of the most important function?
  • This function will help you to build a strong backbone for your company. A healthy portfolio can be built by adopting the correct credit methodology.

    In short, this function will help MFIs in determining "Will they get their money back?"
  • 4. How to evaluate in determining "Will I get my money back?"
  • The user-friendly Credit Appraisal tools can help an organisation to calculate the eligibility of Individual or Group. Thus a skilled credit team can help in building a strong portfolio.

    It revolves around character and capacity. It takes into account various factors like income of the applicants, number of dependents, monthly expenditure, health, repayment capacity, profession, number of years in the profession and other factors which affect credit rating of the borrower.
  • 5. What is Credit Bureau?
  • Credit Bureau is the repository of information which is pooled in from all Banks and lending Institutions operating in India.
  • 6. How we are benefited from Credit Bureau?
  • A Credit Information Report (CIR) is a factual record of a borrower's credit payment history compiled from information received from different credit grantors. Its purpose is to help credit grantors make informed lending decisions - quickly and objectively).
  • 7. How many Credit Bureaus are currently operating in India?
  • www.experian.in - Experian Credit Information Co. of India Pvt. Ltd.
    www.equifax.com - Equifax Credit Information Services Pvt. Ltd.
    www.highmark.in - High Mark Credit Information Services Pvt. Ltd.
    www.cibil.com - Credit Information Bureau of India Limited.

Training & Development :-

  • 1. What is training? What are the objectives of UNI's Training Services?
  • Training is defined as a continuous learning process in which the employees will acquire knowledge, enhance professional skills and improve attitudes and behaviors to excel well on the job. The objectives of the UNI's training Services to identify the required training needs of an organization and fill the gap with a host of training methods for the welfare of the organization and employees as a whole.
  • 2. Why employees need training?
  • A new employee typically receives training for their specific job functions. However, it is important to consider continuing to train an employee throughout his / her career. An organization invests its time, money and energy in training employees. By learning more skills, an employee can be more productive and assume additional responsibilities.
  • 3. What are benefits from training?
  • The benefits of continuous and ongoing training are myriad. A quick list of the most common benefits is given hereunder:

    Increased job satisfaction and morale
    Improved customer satisfaction
    Improved customer satisfaction
    Increased efficiencies in processes
    Increased knowledge of new technologies and methods
    Improved employee retention
    Increase in productivity
  • 4. What is the impact of training on Human Resources?
  • There are various positive impacts of training on human resources in any organization. A few of them are as under:

    Optimum Utilization of Human Resources - Training and Development helps in optimizing the utilization of human resource that further helps the employee to achieve the organizational goals as well as their individual goals. 
    Development of Human Resources - Training and Development helps to provide an opportunity and broad structure for the development of human resources' technical and behavioral skills in an organization. It also helps the employees in attaining personal growth.  
    Development of skills of employees - Training and Development helps in increasing the job knowledge and skills of employees at each level. It helps to expand the horizons of human intellect and an overall personality of the employees. 
    Team spirit - Training and Development helps in inculcating the sense of team work, team spirit, and inter-team collaborations. It helps in inculcating the zeal to learn within the employees.
  • 5. How can you ensure the effectiveness of the training?
  • Effectiveness of the training can be evaluated through following methods :

    Obtain feedback from participants on relevancy, timeliness and accuracy.
    Identify changes in participant's behavior that can be attributed to the training activities.
    Conducts the post evaluation to ensure the satisfaction levels to refine the future training needs.     
    Determine the business impact of your training program.
    Perceptive increase in Employee Morale.
    Lower Attrition rates.
    Inculcation of new ideas, knowledge and concept.
    Upgradation in Audit Scoring at the Branch / Unit level.
  • 6. What are the key issues that should be addressed in the design, conduct, and evaluation of training programs?
  • Following are the key issues to be addressed for a successful training program :

    Place (indoor/outdoor)
    Audio visual aids
    Relevant training materials
    Time schedule
    Non – visual aids
  • 7. How UNI helps your company in defining training Strategy?
  • UNI helps in formulating a cost effective training schedule for developing competencies and skill sets of an individual. We communicate and design training needs based on what is expected out of training in a simple and professional manner.
    UNI plays a pivotal role from start to end of the training that includes the following :

    Training plan
    Timing of different training sessions
    Choosing the relevant training methods
    Preparing the training materials and aids
    Conducting training sessions
    Evaluating the post training session
  • 8. What qualities UNI possess in its training team?
  • UNI possess following qualities in its training team :

    Methodical and well-planned
    Highly knowledgeable and competent enough
    Possess relevant industry experience
    Good in communication/presentation
    Practical to make the training session fruitful to the trainees