Prohibited to you are dead animals, blood, the flesh of swine, and that which has been
dedicated to other than Allah, and [those animals] killed by strangling or by a violent
blow or by a head-long fall or by the goring of horns, and those from which a wild animal
has eaten, except what you [are able to] slaughter [before its death], and those which are sacrificed on stone altars, Ö (Al-maíidah 5, 3)
THE ISLAMIC COMMUNITY OF SERBIA
HALAL AGENCY SERBIA
HAS Audit Policy and Procedures
HAS Audit Charter
The mission of the Halal Agency of Serbia (HAS) Audit Department is to provide independent and objective reviews and assessments of the business activities, operations, systems and internal accounting controls of HAS. The HAS Audit Department accomplishes its mission through the conduct of operational and performance Halal audits, selected as the result of a risk identification and assessment process. The resulting schedule of audits is reviewed and approved by the Operations Director and by the Audit Committee of the Board of Trustees/Directors (BOD) of HAS.
The HAS Audit Department conducts independent reviews and appraisals of the HAS procedures and operations. These reviews provide management with an independent appraisal of the various operations and systems of control. The reviews also help to ensure that HAS resources are used efficiently and effectively while helping the HAS achieve its mission, as directed by the OD and By the Board of Trustees. It is the intention of the Halal Audit Department to perform this service with professional care and with minimal disruption to HAS operations.
Responsibility and Authority
The Halal Audit function was established at the direction of the Board of Trustees and derives its authority directly from the Audit Committee. The Halal Audit Department reports administratively to the Operations Director and operationally to the Technical Director (QC Manager). The scope of Halal Auditís responsibility is defined within this policy. Halal Audit staff are authorized to conduct a comprehensive Halal Food Safety and GMP audit program within the HAS certified Clients and is responsible for keeping the Technical Director, Operations Director and BOD informed of unusual transactions or other matters of significance.
In order to maintain independence and objectivity, the Halal Audit function has no direct responsibility or any authority over the activities or operations that are subject to review, nor should Halal Audit develop or install procedures, prepare records or engage in activities that would normally be subject to review. However, Halal Auditor may be consulted when new systems or procedures are designed to ensure they adequately address internal controls.
Halal Audit is a service function organized and operated primarily for the purpose of conducting audits, in accordance with Shariah and International Halal standards. The evidential matter gathered from these audits forms the basis for furnishing opinions and other relevant information to impacted members of senior management and the Board of Trustees (BOD). Opinions and other information furnished may attest to the adequacy of internal control, the degree of compliance with established policies and procedures and/or their effectiveness and efficiency in achieving organizational objectives. The Halal Auditor may also recommend cost effective courses of action for management to consider in improving efficiencies that have been identified during an audit.
All information obtained during an internal audit is deemed confidential unless otherwise instructed. It is understood that certain items are confidential in nature and special arrangements may be required when examining and reporting on such items. Halal Auditor will handle all information obtained during a review in the same prudent manner as the original custodian of the information. Halal Auditor respects the value and ownership of information received and will not disclose information without appropriate authority unless there is a legal or professional obligation to do so.
Audit reports are considered highly confidential. They are distributed to the respective area HAS office team and the Technical Director, Certificate Decision Committee (CDC) as requested. Other individuals interested in the audit report may gain access by contacting the Operations Director or HAS office team; with the approval of the Technical Director.
HAS Audit staff is expected to remain prudent with all information obtained during the course of an audit.
When discussing matters pertaining to an audit or any other HAS matters, Audit staff must always remain discreet and be certain to limit those conversations exclusively to appropriate HAS personnel. HAS Audit staff has an obligation to never indiscreetly discuss any information obtained during the course of audit assignments, whether within or outside the HAS Code of Ethics. The Internal Audit staff shall subscribe to the Code of Ethics established by the Quran, Sunnah and Institute of Internal Auditors, as well as adhere to the policies set forth by the management of HAS.
In addition, the Halal Audit staff will uphold the following:
†††††† Establish trust and thus provide the basis for reliance on the judgment of Internal Audit. Remain tactful, honest, objective and credible in all relationships as a † representative of HAS.
†††††† Exhibit the highest level of professional objectivity in gathering, evaluating and communications information about the area under examination. Make ††††† balanced assessments of all the relevant circumstances and do not become unduly influenced by individual interests or by others in forming judgments.
†††††† Respect the value and ownership of information received. Do not disclose information without appropriate authority unless there is a legal or professional †††† obligation to do so.
†††††† Apply the knowledge, skills and experience required in the performance of internal auditing services and continually improve the proficiency, effectiveness †††† and quality of the services provided.
Standards of Conduct
Halal Audit will adhere to the following standards of conduct:
††† †††††† Preserve a commitment to carry out all responsibilities with an attitude of service toward HAS members while maintaining a sincere and dignified attitude.
††† †††††† Uphold a high standard of service and a commitment to quality in performing all projects and assignments.
††† †††††† Provide noteworthy examples which emphasize high ethical and moral standards.
††† †††††† Conduct business in a manner that reflects favourably on the HAS and the individual. Exercise skill, integrity, maturity and tact in all relations.
Scope of the Halal Audit Function
††† While carrying out their duties, the Audit staff is responsible for utilizing a systematic, disciplined approach to evaluating and improving the effectiveness of internal controls and should include the following:
∑ Developing and maintaining a comprehensive audit program necessary to ensure compliance with International Halal standards, policies and procedures necessary to safeguard HAS resources.
∑ Communicating the results of audits and reviews by preparing timely reports, including recommendations for modifications of management practices, fiscal policies and accounting procedures as warranted by audit findings.
∑ Establishing and maintaining a quality assurance program to evaluate the Internal Audit operations. This program should include the following: uniformity of work paper preparation, audit sampling, work paper review, report preparation and review, report communication and issuance and record retention.
Responsibility for Detection of Errors or Irregularities
††† The management of the HAS is responsible for establishing and maintaining controls to discourage perpetuation of fraud. Internal Audit is responsible for examining and evaluating the adequacy and effectiveness of those controls. Audit procedures alone are not designed to guarantee the detection of fraud. An error is an unintentional mistake in financial statements which includes mathematical or clerical mistakes in the underlying records and accounting data from which the financial statements or other reports are prepared, mistakes in the application of accounting principles and oversight or misinterpretation of facts that existed at the time the reports were prepared. An irregularity is an intentional distortion of financial statements or other reported data or the misappropriation of assets.
††† If the Technical Director, Halal Audit believes that a material error or an irregularity exists in an area under review or in any other area of the HAS, the implications of the error or irregularity and its disposition should be reviewed with the Operations Director.
††† As soon as it has been determined that an irregularity does exist, the Technical Director, Halal Audit will notify the Operations Director that an irregularity has been identified and the audit steps needed to determine the extent of the problem.
Services Provided by Halal Audit
Halal Auditís primary activity is the implementation of a program of regular audits of the HAS business operations, as outlined below. However, the complete range of services provided by Halal Audit may also include special projects and consultations as directed by the HAS BOD.
∑ Operational Audits
††† Operational audits consist of critical reviews of operating processes and procedures and internal controls that mitigate area specific risks. These audits examine ††††† †††††† the use of resources to determine if they are being used in the most effective and efficient manner to fulfil the HASís mission and objectives.
∑ Compliance Audits
††† These audits determine the degree to which areas within the HAS adhere to mandated Federal, State and HAS policies and practices. Other regulatory †† †††††† †††††† agencies are also included within compliance audits (e.g. Jakim, MUI, MUIS, Dubai Accreditation Centre, Gulf Accreditation Centre, etc.). †† †††††† †††††† †††††† Recommendations usually require improvements in processes and controls used to ensure compliance with regulations.
∑ Financial Audits
††† These audits review accounting and financial transactions to determine if commitments, authorizations and the receipt and disbursement of funds are properly and †††† accurately recorded and reported. This type of audit also determines if there are sufficient controls over cash and other assets and that there are adequate process ††† controls over the acquisition and use of resources. Unlike external financial audits, internal financial audits do not prepare or express professional opinions on the † financial statements fairness.
∑ Investigative audits
††† These audits are conducted to identify existing control weaknesses, assist in determining the amount of loss and recommending corrective measures to prevent ††† additional losses. Internal Audit will also work with outside agencies to determine if misconduct occurred at HAS. These types of investigations can encompass ††††† misuse of HAS funds or assets, fraud or potential conflicts of interest.
∑ Technology Audits
††† Technology audits are usually comprised of control reviews of disaster recovery plans, system back up procedures and the general security of data and of the ††††† physical plant. The purpose of these audits is to evaluate the accuracy, effectiveness and efficiency of the HASís electronic and information processing systems.
††† Professional proficiency is the responsibility of the individual auditor. The Technical Director will assign each audit to the individual who possess the necessary knowledge, skills and disciplines to conduct the audit properly. The Audit staff has a professional obligation to schedule and attend on-going professional education forums to ensure they maintain academic proficiency and to advance professionally. The Director, Halal Audit is responsible for providing appropriate audit supervision. Supervision is a continuing process, initiated with the planning process and concluding with the completion of the audit assignment. The Director, Halal Audit will document evidence of supervision and review on all audits. This may be accomplished by signing off on all work papers and audit documents.
Develop the Audit Plan
††† The Technical Director Halal Audit is responsible for developing a risk based Audit Plan that includes areas subject to regulatory review, each fiscal year. The Audit Plan is a written document showing specific audits or projects to be performed by the Audit Department. After review by the Operations Director, the Audit Plan is presented to the Audit, Finance Committee for approval. The development of the Audit Plan includes a review of the HASís risk assessment of the key processes. This is a process in which business process are identified and evaluated according to the goals of the HAS and the goals of the individual area. An assessment of the level of risk is conducted in cooperation with each member of the Executive Council, or their designee, and is updated periodically. The assessment includes a broad range of risks and associated controls. In addition, the Director, Internal Audit is responsible to identify and evaluate exposures to business risk and the controls designed by management to reduce those risks. When doing so, the following factors are considered:
a. Financial value
b. Public image
c. Process liquidity
d. Asset liquidity
e. Budget deviations
f. Regulatory guidelines.
Environmental Risk factors
a. Process stability
b. Recent audit history
c. Executive assessment
d. Political environment
e. Financial markets
f. Technology initiatives
††† The majority of audits are planned. However, that does not preclude HAS from conducting unplanned audits. Prior to any audit, the Technical Director, will discuss the engagement with management. The discussion will include the scope, purpose and estimated timeframe of the audit. As unplanned projects are required, they are included in the overall plan for the year. The annual Audit Plan will be submitted to the Operations Director and to the Audit, Finance Committee for review and approval. Any proposed changes to the approved Audit Plan will be presented to the Operations Director and to the Audit, Finance Committee at subsequent meetings.
Overview and Conduct of the Audit Process
Although every audit project is unique, the audit process is similar for most engagements and usually consists of nine stages. Through these stages the Auditor will determine ways to minimize risks and increase efficiencies within the area. Client involvement is critical at each stage of the audit process. An audit will result in a certain amount of time being diverted from area personnelís usual routine. One of the key objectives is to minimize this time and avoid disrupting on-going activities.
††† The Internal Audit Department will develop an audit plan based on a review of all pertinent information. Sources may include, but are not limited to: a risk † assessment, internal and external evaluations and management guidance.
††† The Internal Audit Department will schedule a meeting with the unit manager and the senior managers of the process to be audited. Identify the scope and objectives †††† of the audit, how long it is expected to last and what the responsibilities for all parties are in the audit process. Any factors that may impact the audit should be raised †††† at this time. Factors include vacations, fiscal year end reporting requirements, etc.
††† Testing will include interviews with the staff, review of procedures and manuals, compliance with the HAS policies and governmental laws and regulations and ††† assessing the adequacy of internal and external controls.
††† Keep the department that is undergoing the audit updated on the status of the audit on a regular basis especially if there are any findings. There may be instances ††††† where the findings can be addressed immediately.
††† The report draft will include the audit Scope and Objectives, Summary and Opinion, Findings and Audit Recommendations.
∑ Management Response:
††† Management will receive the audit draft to confirm the facts and respond to the Audit Recommendations. Their response should assign the responsibility and have a ††† specific target date of completion for the corrective actions. The time window for the Management Response is normally 21 calendar days.
††† The final version of the audit will be reviewed and all issues resolved by the Director, Internal Audit.
††† The report is then released to the audited department, the HAS office who will send to the Technical Director. It is also released to the Certificate Decision ††††† Committee (CDC) as part of the agenda at the periodic meetings as requested. The Audit report will be quality controlled and checked by HAS office staff.
††† The Audit Department will normally conduct a follow up on the Management Responses to the audit Findings and Recommendations within a reasonable time †††††† frame. This subsequent review will be discussed with the involved management and the comments published. The comments may also be released to the Audit, ††† Finance and Investment Committee as part of the agenda at the periodic meetings.
††† Evidential matter obtained during the course of fieldwork provides the documented basis for the auditorís opinions, observations and recommendations as expressed in the auditorís opinions, observations and recommendations as noted in the audit report. The HAS Audit Department is obligated by professional standards to act objectively, exercise due professional care and collect sufficient and relevant information to provide a sound basis for audit observations and recommendations. Auditors must obtain all evidence necessary for the effective completion of the audit.
††† The decision on how much evidence is enough and what type to seek requires the exercise of the auditorís judgment based on experience, education and intuition. A thorough knowledge of the concepts underlying audit evidence will help the auditor to improve the audit quality and efficiency of the process.
††† Standards for the Professional Practice of Internal Auditing require that work papers possess certain attributes to provide a sound basis for audit observations and
††† opinions and to be considered as evidential matter. These attributes are:
1. Sufficient information is factual and adequate so that a prudent, informed person would reach the same conclusions as the auditor
2. Information is reliable and the best attainable through use of appropriate audit techniques
3. Relevant information supports audit findings and recommendations and is consistent with the audit objectives for the audit.
4. Useful information helps the organization meet its goals. It also provides a reference for the preparer when called upon to answer questions.
Types of evidence.
If the evidence supports the basic test of sufficiency, competence and relevance, it may be used to support the auditorís findings. The following outlines the different types of evidence obtained during the course of an audit:
1. Physical evidence. Obtained through observation and inquiry
2. Testimonial evidence. Based on interviews and statements form involved persons
3. Documentary evidence Consists of legislation, reports, minutes, memoranda, contracts, extracts from accounting records, formal charts and specifications of documentation flows, systems design, operational and organizational structure
4. Analytical evidence
Secured by analysis of information collected by the auditor. Documentation of Evidential Matter Standards for the Professional Practice of Auditing requires that audit work papers reflect the details of the evidence upon which the auditor has relied. The Internal Auditor must maintain adequate documentation of the audit, including the basis and extent of planning, the work performed and the results and findings of the audit. This will allow the work papers to serve both as tools to aid the auditor in performing their work and as written evidence of the work done to support the auditorís report. Information included in work papers should be sufficient and relevant to provide a sound basis for audit findings and recommendations. In the process of collecting evidential matter, the auditor is required to perform audit testing to support all observations and opinions. During the performance of such testing, the auditor is not required to test the population in its entirety. Audit sampling may be employed. Audit sampling is performing an audit test on less than 100% of a population. In ďsamplingĒ, the auditor accepts the risk that some or all errors will not be found and the conclusions drawn (i.e. all transactions were proper and accurate) may be wrong. The type of sampling used and the number of items selected should be based on the auditors understanding of the relative risks and exposures of the areas audited.
Types of Samples
Statistical or probability sampling. Allows the auditor to stipulate, with a given level of confidence, the condition of a large population by reviewing only a percentage of the total items. Several sampling techniques are available to the auditor.
∑ Attribute sampling:
††† Used when the auditor has identified the expected frequency or occurrence of an event.
∑ Variable sampling:
††† Used when the auditor samples for values in a population which vary from item to item.
∑ Judgment sampling:
††† Used when it is not essential to have a precise determination of the probable condition of the universe, or where it is not possible, practical or necessary to use ††† statistical sampling.
∑ Product sampling:
††† HAS auditors may deem it necessary to collect/request collection of food production samples for testing to ensure halal compliance from an independent analytical ††††† or biological testing laboratory. This must be done in compliance with SOP-Sampling (Guidance for sampling R. of Serbia http://extwprlegs1.fao.org/docs/pdf/srb140944.pdf).
(Halal Agency Serbia)
Gospodar Jevremova 11
Republic of Serbia
Phone:+381 11 3035 285
Phone/Fax: +381 11 2622 428
Donít miss your opportunity to enter the Islamic Market, the most expanding market in world by getting Halal Certificate for your products!
According to The Economist, the global Islamic market was worth over $3.6 trillion in 2013, and the market is projected to be worth over $5 trillion by 2020.