Yes. Like most professionals, members must adhere to a code of ethics as part of following The ICAI / IIA Standards. In addition, other professional certifications that practitioners may hold typically require adherence to a standard of ethics.
In addition to professional ethics requirements, the organization in which Internal Auditors are employed may have its own specific code of conduct, rules of behaviour and other ethical requirements that Internal Auditors need to be aware of, must comply with and may at times be responsible for validating compliance with.

The cost, focus and size of Internal Audit Function should be tailored to each company's individual needs. In addition, a company's written Internal Audit Charter, approved by the Audit Committee, will impact the amount of annual Internal Audit investment. The amount invested should depend on the level and complexity of risk a company faces, its industry profile and the responsibilities given to the Internal Audit Function.
Depending upon the strategy, risk and scope of Internal Audit work, it is not uncommon for cost to fluctuate based upon significant events or changes that expose an organization to additional risks.

A suggested set of guidelines for starting an Internal Audit function includes:

	Develop an Internal Audit Charter, with Audit Committee input and approval.
	Complete an initial risk assessment with Company management and Audit Committee involvement.
	Develop an Internal Audit plan responsive to the risk assessment.
	Determine staffing requirements and whether the department will be staffed internally, co-sourced or outsourced.
	Plan and execute Audit work called for in the Audit plan, including a system to monitor and follow up on Audit recommendations.
	Update the risk assessment for changing circumstances during the year.
	Continuously enhance and modify the Internal Audit function to meet changing needs of management and the Audit Committee.

Earlier, most company Internal Audit function were staffed primarily in-house with full-time, dedicated employees. This structure worked adequately and can still be effective today, but only if full-time Internal Auditors possess all the skills needed to address key business risks faced by the organization. If this is not the case, then the Internal Audit function places its employer company at risk by not being able to address adequately the key risks that it has been asked to audit.

As the concept of "core competency" gained more attention, companies evaluated many of their business functions and the potential for outsourcing them. Payroll, benefits, real estate, printing, informa­tion systems operation and maintenance, and even aspects of design or manufacturing, among other functions, were considered. Many companies found clear and tangible benefits, positive return on investment (ROI), and improved service levels as a result of outsourcing. In some cases, capital expenditures were reduced and the cost of these functions became more variable. Internal Audit functions were a part of this analysis, and several new Internal Audit outsourcing and co-sourcing organizations, including the large accounting firms, created new structures to provide such services.

Given the dynamic risk environment, it is unlikely that a majority of Internal Audit functions have the continu­ous in-house capability to adequately address every risk they and their organizations must face. Thus, contracting, partnering or working with outside organizations that can provide specialized resources improves an Internal Audit function's ability to address risks and meet customer expectations. Additionally, these co-sourcing arrangements often assist in the knowledge transfer process to in-house resources, raising the level of competency of the func­tion's full-time employees.

Benefits of outsourcing include :

	Quick start-up of the function and execution of work, including already-developed methodologies and audit tools provided by the outsourcing organization
	A variable-cost arrangement rather than a fixed-cost function
	Access to a greater number and wider range of resources
	Potentially greater objectivity and independence

Ultimately, deciding whether to outsource Internal Audit is not a matter of considering the general pros and cons. Instead, each company should ask:

	If we currently do not have an Internal Audit function, are we better off taking the time and effort to start our own in-house Internal Audit function? Or should we initially outsource it to gain quick start-up and access to a greater level of expertise and broader level of resources, and then monitor this decision and delivery model to ensure it is effective?
	If we already have an Internal Audit function, do we have the resources we need to effectively address all of the key risks we face and in which Internal Audit should be involved? Do we need to have all of these resources in-house all of the time? Might we be better off considering an arrangement to have one or more outside organizations assist us with addressing our risks?

There are many excellent Internal Audit functions consisting of primarily in-house, fully dedicated employee resources. What makes these functions most valuable, effective and appropriate, however, is recognition of their own limitations. Many large Internal Audit functions (more than 25 full-time employees) recognize that in today's complex business environment, it would be cost-prohibitive to have all of the right resources at hand all of the time. They also understand that various forms of co-sourcing arrangements have benefited them greatly along with the companies, management and audit committees they serve.

Like any function or process within an organization, appropriately developed performance measures help to drive results, performance, quality and continuous improvement. Internal Audit should also have its own set of perfor­mance measures or key performance indicators.

Example performance measures for Internal Audit could include :

Quality

	Customer/process-owner satisfaction scores from auditees
	Audit committee and management evaluation scores
	Performance evaluation scores on Internal Audit staff
	Control breakdowns/deficiencies in areas recently reviewed by Internal Audit
	Results of internal and independent quality assessment reviews

Cost

	Percentage of fully loaded Internal Audit cost as a percentage of company revenues and assets
	Actual cost per Internal Audit report and average
	Average cost per Internal Auditor
	Average cost per Internal Auditor
	Training cost and training cost per auditor
	Costs related to use of outside resources

Timeliness

	Report cycle time from completion of fieldwork to issuance and finalization of report
	Budgeted hours versus actual hours by individual audit
	Percentage of audits called for in the audit plan that are not yet complete
	Unresolved/incomplete recommendations from prior audit reports
	Average length of audit assignment in person hours or weeks
	Major risk areas not audited in the last year
	Aging/status of open, unresolved audit findings (especially those beyond their due date)

Other

	Degree of reliance on Internal Audit work by external auditor
	Percentage of assets, revenues, locations, business units, etc., covered by the Internal Audit plan

A good way to think about an integrated audit is that it encourages a holistic approach to the internal audit pro­cess. To fully incorporate integrated auditing into an internal audit approach, auditors must be able to understand and assess the risks the organization faces at the strategic, operational and tactical levels. They also need to know about corporate governance, risk management and control models. Internal audit functions should consider moving toward using this audit approach if they are not already doing so.

In the past, the term "integrated audit" was used to describe performing a single audit to address both automated and manual controls and related risks at the same time. These days, the term refers to audits of internal control that are integrated not just across the process and IT areas, but also across all three spheres of: financial reporting, regulatory compliance and operational effectiveness and efficiency.

Internal audit represents a valuable resource to management as it seeks to meet business objectives, especially as it relates to the objectives of internal control: efficiency and effectiveness of operations, reliability of financial reporting, compliance with applicable laws and regulations, and the safeguarding of assets.

Each company's Internal Audit function possesses unique individuals, skills and competencies, which management needs to understand and use effectively in helping meet its objectives. Internal Audit should not be a function for the exclusive use of the audit committee. An Internal Audit function, by its very nature, is a part of management's systems of internal control and thus should be an asset and tool for management.

While the charter of, need for and capability of each company's internal audit function vary, management may find the following suggestions helpful in determining how to best leverage internal audit resources to achieve strong, well-designed and effective risk management, internal control and corporate governance processes:

	Utilize Internal Audit resources as part of the company's enterprisewide risk assessment/management pro­cess to identify, source, measure, prioritize and develop a plan to address and manage the most significant business risks it faces in achieving its business objectives.
	Provide key input to the Internal Audit function in the development of the annual Internal Audit plan and changes to the plan during the year to focus limited resources on risks and areas of the greatest importance.
	Consider how the Internal Audit function might be used as a rotational management-training program for company employees. Also, consider how guest Auditor and short-term temporary assignments of employees can provide needed specialized skills to the function. Evaluate and discuss with Internal Audit the need to supplement its resource base and skill sets with outside resources.
	Support the function in connection with its key findings and its plan for process owners to make changes and improvements to internal controls and process issues and deficiencies.
	Visibly support and encourage the mission and efforts of the Internal Audit function with an appropriate "tone at the top."
	Work closely with the audit committee to help ensure the Internal Audit function remains objective and adds value to the organization.

Although the exact nature, charter, scope and reporting lines of Internal Audit may vary between companies, the Audit Committee plays a key role in supporting and overseeing aspects of an Internal Audit function's activities. While needing to ensure it does not assume day-to-day oversight activities on behalf of management or the Inter­nal Audit function, the Audit Committee generally should be involved in the following matters :

	Provide input and approve the written charter for the Internal Audit function, including periodic review and updating.
	Understand, discuss and approve the company's risk assessment and resulting Internal Audit plan. As appropriate, review, discuss and approve changes to the audit plan during the year.
	At least annually, evaluate the Internal Audit function in relation to meeting the needs of the company and the Audit Committee, including compliance with its written charter.
	Hold executive sessions with the company's Chief Audit Executive.
	Provide input and direction as to the appropriate escalation protocols for significant findings and issues.
	Review, discuss and approve the compensation of the Chief Audit Executive, any changes therein and the hiring or termi­nation of the Chief Audit Executive.
	Understand, discuss and approve the funding level for the Internal Audit function, and discuss its appropriateness and adequacy with management and the Chief Audit Executive.
	Review ongoing activities of the Internal Audit function, including its reports, and inquire as to any other matters that should be brought to the committee's attention.
	Direct the Internal Audit function, as necessary, to perform special reviews on behalf of management or the Audit Committee, including investigations of fraud or suspected fraud.
	Participate with Internal Audit to design and provide control, governance and ethics training to employees.

While the above listing is not intended to be all-inclusive, it provides reasonable overall guidance. Each Audit Committee should discuss, along with input from management, the role it should play in connection with the company's Internal Audit function.

Human Resource Management (HRM) is the function within an organization that focuses on recruitment of, management of, and providing direction for the people who work in the organization.

HRM deals with issues related to people such as compensation, hiring, performance management, organization development, safety, wellness, benefits, employee motivation, communication, administration, and training. HRM is also a strategic and comprehensive approach to managing people and the workplace culture and environment. Effective HRM enables employees to contribute effectively and productively to the overall company direction and the accomplishment of the organization's goals and objectives.

Human Resource Development (HRD) is the framework for helping employees to develop their personal and organizational skills, knowledge, and abilities. Human Resource Development includes such opportunities as employee training, employee career development, performance management, coaching, mentoring, succession planning and critical resource identification.

The focus is on developing the most superior workforce so that the organization and individual employees can accomplish their work goals while servicing customers.

It is not true. HR is about keeping a business legally compliant (the fines can be outrageous) and finding solutions that benefit the company and show appreciation for the employees. These solutions come in many forms - communications, benefits, compensation, strategy, coaching, etc.

Our HR programs will assist your company in several ways:

	Setting up clear expectation (for both the leader and the employee)
	Creating open communication between all in the company
	Creating consistency in dealing with issues
	Creating employees satisfaction
	Creating sense of belongingness

HR is not about the size of the company – all companies can benefit from HR expertise regardless of size. At UNI in particular we learn about you, your business, and your goals and tailor programs to guide you to success.

Our consulting team is equipped with the skills and expertise to provide you with valuable experience and perspective. If your company is facing challenges in taking key decisions, we can help you to clarify your mission or strategic vision, evaluate programs and services, and improve administrative or financial management to save time and money.

UNI HR solutions come with the following features

HR

Training	Performance	Competency	HRIS
Training needs	User defined appraisal processes	Skills & competencies	Employee database management
Training calendar	KRA & goal setting	Mapping of skills to positions	Organisation hierarchy
Training attendance and feedback	Multiple Rating scales	Skill & gap analysis	Position Administration
			Compensation & Benefits

Training	Performance	Competency	HRIS
Training needs	User defined appraisal processes	Skills & competencies	Employee database management
Training calendar	KRA & goal setting	Mapping of skills to positions	Organisation hierarchy
Training attendance and feedback	Multiple Rating scales	Skill & gap analysis	Position Administration
			Compensation & Benefits

Payroll

Payroll	Reimbursements	Flexible Benefits
Salary & Wages	Medical/ LTA/ Telephone/ Vehicle expenses	Non-monetory benefits
Provident Fund/Profession Tax/ESI	Entitlements & limits	Tax efficient salary
Full & Final Settlement	Claims & approval

Expenses

Travel	Expense
Entitlements	Eligibility
Travel expense claims	Expense claims
Workflow based approval	Allocation to project/cost center
	Workflow based approvals

Leave

Leave	Attendance
Leave policies	Biometric Attendance system
Credit, carry forward and availing rules	Multiple shift & rotation pattern definition
Regularisation of past month absence	Late & overtime rules
	Roistering (Muster maintenance)
	Workflow based approvals

COSO (Committee Of Sponsoring Organisations - of the Treadway Commission) defines ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
This definition reflects certain fundamental concepts of Enterprise Risk Management which are :

	A process, ongoing and flowing through an entity.
	Effected by people at every level of an organization.
	Applied in strategy-setting.
	Applied across the enterprise, at every level and unit.
	Designed to identify potential events affecting the entity and manage risk.
	Able to provide reasonable assurance to an entity's management and Board.
	Geared to the achievement of objectives in one or more separate but overlapping categories – it is “a means to an end, not an end in itself.”

Because the emphasis is on strategy-setting, ownership begins at the top of the organization with executive management and cascades downward into the organization to unit and functional managers. In addition, there is the Chief Risk Officer (or equivalent Executive) and there may also be one or more Risk Management Committees, depending on the nature and complexity of the risks and the need for cross functional and cross-unit coordination.

There are steps that any organization can take to implement ERM :

	Adopt a common risk language.
	Effected by people at every level of an organization.
	Perform a gap analysis of the current and desired capabilities around managing the critical risks.
	Articulate the risk management vision, goals and objectives.
	Advance the risk management capability of the organization for one or two critical risks.

While there are other possible steps, the above are an excellent beginning and provide a simplified view for getting started with ERM implementation. It is also important to inventorise what has already been done and to achieve visible early successes. The key is to keep the effort simple and focused by integrating the ERM related activities into the business strategy and plan.

All organizations face business risk, regardless of size. Organizations ignore risk at their own peril. No organization can afford to stand pat with its existing risk management capabilities; therefore, every organization should evaluate how it can improve its risk management. The COSO framework is useful for this purpose because its gives each organization a framework with criteria against which to compare its existing risk management capabilities.

The COSO framework applies to all organizations, large and small, public and private. The methods used to apply the components of the framework may vary depending on the organization's size, objectives, strategy, structure, culture, management style, risk profile, industry, competitive environment and financial wherewithal.

The framework encompasses, but does not replace, the Internal Control – Integrated Framework published by COSO in 1992.

As outlined by COSO, the framework provides eight components for use when evaluating ERM:

1	Internal environment: This component reflects an entity’s enterprise risk management philosophy, risk appetite, board oversight, commitment to ethical values, competence and development of people, and assignment of authority and responsibility. It encompasses the “tone at the top” of the enterprise and influences the organization’s governance process and the risk and control consciousness of its people.
2	Objective-setting: Management sets strategic objectives, which provide a context for operational, reporting and compliance objectives. Objectives are aligned with the entity's risk appetite, which drives risk tolerance levels for the entity, and are a precondition to event identification, risk assessment and risk response.
3	Event identification: Management identifies potential events that may positively or negatively affect an entity's ability to implement its strategy and achieve its objectives and performance goals. Potentially negative events represent risks that provide a context for assessing risk and alternative risk responses. Potentially positive events represent opportunities, which management channels back into the strategy and objective-setting processes.
4	Risk assessment: Management considers qualitative and quantitative methods to evaluate the likelihood and impact of potential events, individually or by category, which might affect the achievement of objectives over a given time horizon.
5	Risk response: Management considers alternative risk response options and their effect on risk likelihood and impact as well as the resulting costs versus benefits, with the goal of reducing residual risk to desired risk tolerances. Risk response planning drives policy development.
6	Control activities: Management implements policies and procedures throughout the organization, at all levels and in all functions, to help ensure that risk responses are properly executed.
7	Information and communication: The organization identifies, captures and communicates pertinent information from internal and external sources in a form and timeframe that enables personnel to carry out their responsibilities. Effective communication also flows down, across and up the organization. Reporting is vital to risk management and this component delivers it.
8	Monitoring: Ongoing activities and/or separate evaluations assess both the presence and functioning of enterprise risk management components and the quality of their performance over time.

The thought process underlying the above framework works in the following manner: For any given objective, such as operations, management must evaluate the eight components of ERM at the appropriate level, such as the entity or business unit level.

Most directors want answers from management to the following questions:

	What are your critical risks to the execution of the business model and strategy? How do you know?
	How are you managing the critical risks? Are the risks undertaken consistent with the organization's risk appetite? How do you know?
	When there are significant changes in the underlying risks the organization faces, are you informing the board in a timely manner?

If directors desire greater involvement in formulating strategy and assessing risk, they are likely to start by working with executive management to understand the enterprise's current strategic position as clearly as possible. 

Think of the COSO Enterprise Risk Management – Integrated Framework as an enhancement to the Internal Control – Integrated Framework. To the extent that elements of internal control are in place to prevent, deter or detect fraud, ERM is intended to enhance internal control in the management of all risks, including fraud risk.

Without ERM in place, management and directors face the prospect of not having sufficient processes in place that will provide them high confidence that their organization is identifying and managing all potentially significant risk

Team UNI don't just come in and tell people what to do. Our objective is to serve on the front lines, alongside the rest of the Management Team, taking full responsibility for our efforts and sharing responsibility for the success of the business, in a professional manner.

In short, Team UNI has the "ability to maximise operational efficiencies, unlock growth & empower transformative change."

Growing, financing, and operating a business is difficult, but having timely access to accurate market intelligence, a properly positioned product/service offering, an effective plan and competent help can make a huge difference.

While most companies probably understand what they need to do, many lack the dedicated planning staff required to sustain the kind of vigilance, discipline, and competent efforts necessary for achieving these results.

Since UNI offers Effective, Efficient and Affordable solutions, it would be advantageous for Companies to outsource such functions in their Organizations that are problematic or cumbersome to manage. We can serve as the strategic planner at all levels for our client companies, with a clear commitment and structured list of project milestones, deliverables, and timeframes for completing each assignment.

It is the process by which the lender assesses the credit worthiness of the borrower. In other words it is the assessment of the various risks that can impact on the repayment of loan.

Credit appraisal is required to access the credit risk and it aims at reducing the risk by applying and formulating precautionary measures. An individual's deemed available income and repaying capacity are the two primary factors that decide the eligibility for a loan. Our user-friendly "Calculator" is helping credit officers to decide on the loan eligibility of an individual or group.

This function will help you to build a strong backbone for your company. A healthy portfolio can be built by adopting the correct credit methodology.

In short, this function will help MFIs in determining "Will they get their money back?"

The user-friendly Credit Appraisal tools can help an organisation to calculate the eligibility of Individual or Group. Thus a skilled credit team can help in building a strong portfolio.

It revolves around character and capacity. It takes into account various factors like income of the applicants, number of dependents, monthly expenditure, health, repayment capacity, profession, number of years in the profession and other factors which affect credit rating of the borrower.

Credit Bureau is the repository of information which is pooled in from all Banks and lending Institutions operating in India.

A Credit Information Report (CIR) is a factual record of a borrower's credit payment history compiled from information received from different credit grantors. Its purpose is to help credit grantors make informed lending decisions - quickly and objectively).

Training is defined as a continuous learning process in which the employees will acquire knowledge, enhance professional skills and improve attitudes and behaviors to excel well on the job. The objectives of the UNI's training Services to identify the required training needs of an organization and fill the gap with a host of training methods for the welfare of the organization and employees as a whole.

A new employee typically receives training for their specific job functions. However, it is important to consider continuing to train an employee throughout his / her career. An organization invests its time, money and energy in training employees. By learning more skills, an employee can be more productive and assume additional responsibilities.

The benefits of continuous and ongoing training are myriad. A quick list of the most common benefits is given hereunder:

	Increased job satisfaction and morale
	Improved customer satisfaction
	Improved customer satisfaction
	Increased efficiencies in processes
	Increased knowledge of new technologies and methods
	Improved employee retention
	Increase in productivity

There are various positive impacts of training on human resources in any organization. A few of them are as under:

	Optimum Utilization of Human Resources - Training and Development helps in optimizing the utilization of human resource that further helps the employee to achieve the organizational goals as well as their individual goals.
	Development of Human Resources - Training and Development helps to provide an opportunity and broad structure for the development of human resources' technical and behavioral skills in an organization. It also helps the employees in attaining personal growth.
	Development of skills of employees - Training and Development helps in increasing the job knowledge and skills of employees at each level. It helps to expand the horizons of human intellect and an overall personality of the employees.
	Team spirit - Training and Development helps in inculcating the sense of team work, team spirit, and inter-team collaborations. It helps in inculcating the zeal to learn within the employees.

Effectiveness of the training can be evaluated through following methods :

	Obtain feedback from participants on relevancy, timeliness and accuracy.
	Identify changes in participant's behavior that can be attributed to the training activities.
	Conducts the post evaluation to ensure the satisfaction levels to refine the future training needs.
	Determine the business impact of your training program.
	Perceptive increase in Employee Morale.
	Lower Attrition rates.
	Inculcation of new ideas, knowledge and concept.
	Upgradation in Audit Scoring at the Branch / Unit level.

Following are the key issues to be addressed for a successful training program :

	Place (indoor/outdoor)
	Audio visual aids
	Relevant training materials
	Facilities
	Time schedule
	Non – visual aids
	Trainer

UNI helps in formulating a cost effective training schedule for developing competencies and skill sets of an individual. We communicate and design training needs based on what is expected out of training in a simple and professional manner.
UNI plays a pivotal role from start to end of the training that includes the following :

	Training plan
	Timing of different training sessions
	Choosing the relevant training methods
	Preparing the training materials and aids
	Conducting training sessions
	Evaluating the post training session

UNI possess following qualities in its training team :

	Methodical and well-planned
	Highly knowledgeable and competent enough
	Possess relevant industry experience
	Good in communication/presentation
	Practical to make the training session fruitful to the trainees