Governance and Compliance Audit KASNEB Notes

Download Governance and Compliance Audit KASNEB Notes

CS Advanced Level Notes


This paper is intended to equip the candidate with knowledge, skills and attitudes that will enable him/her to effectively plan and conduct a governance and compliance audit.


A candidate who passes this paper should be able to:

  • Identify the objectives and scope of governance and compliance audits
  • Design and implement a governance and compliance audit strategy
  • Prepare and interpret various governance and compliance audit reports
  • Analyse the various checklists/work sheets for governance and compliance audits
  • Design self-evaluation tools
  • Draft audit report and audit opinion


Basic concepts and elements in auditing

  • Auditing
  • Assessment
  • Monitoring
  • Assurance engagement
  • Non-assurance engagement
  • Reasonable assurance
  • Limited assurance
  • Direct reporting engagement
  • Attestation engagement
  • Compilation engagements
  • Assurance reports
  • Direct reporting
  • Authorities and criteria
  • Assertions and audit
  • Internal audit
  • Statutory audit
  • Legal audits
  • Governance audit

Download Governance and Compliance Audit KASNEB Notes

Governance and compliance risks

  • Identifying, managing and monitoring governance and compliance risks
  • Impact of non-compliance: Legal impact, Business impact, Reputational impact
  • Role of ethics and compliance officers
  • Identify, prioritise, and assign accountability for managing existing or potential threats related to noncompliance or ethical misconduct
  • Identifying laws and regulations with which the organisation is required to comply in all jurisdictions where it conducts business, as well as critical organisational policies

Introduction to governance and compliance audit

  • General principles of governance of governance and compliance audit
  • The nature and purpose of governance audit
  • The nature and purpose of compliance audit
  • Types and timing of governance and compliance audits
  • Users of governance and compliance audit information and their respective needs
  • Qualities of good governance and compliance audit
  • The Challenges of governance and compliance Auditing
  • Governance and compliance audit in the digital era

Legal, regulatory and professional and ethical considerations

  • Legal requirements on governance and compliance audit for different types of legal entities
  • Codes of governance as issued by ICS and different industry regulators
  • Regulatory framework of governance and compliance audit industry regulators
  • Governance and compliance audit standards by ICS
  • Code of ethics for Certified Secretaries
  • Auditors’ authority, professional liability and legal responsibilities
  • Professional objectivity, professional skepticism and professional judgment
  • The role of ICS in governance and compliance auditing
  • Ethics & integrity as a compliance issue

Engagement and appointment

  • Designing terms of reference
  • Designing scope of work and request for proposal
  • Tendering and procuring audit services
  • Designing proposal
  • Qualification requirements
  • Negotiating fees amount, structure and timelines
  • Acceptance and professional appointments
  • Award and execution of contract
  • Inception report

Planning for a governance and compliance audit

  • Initial considerations for planning
  • Planning process with timelines
  • Materiality at planning stage
  • Determine audit objective and scope
  • Determine the key governance and compliance parameters
  • Determining the level of assurance
  • Identifying subject matter and criteria
  • Understanding the entity and its environment
  • Developing audit strategy
  • Assessing audit risk, threats and safeguards
  • Developing audit plan, programme and procedures
  • Preparation of audit working papers
  • Developing governance compliance matrix
  • Governance and compliance audit checklist
  • Quality control
  • The audit team

Download Governance and Compliance Audit KASNEB Notes

Documentation and Communication

  • Documentation in governance and compliance audit
  • Communication between auditor and client organisation

Conduct of governance and compliance audit

  • Inception meeting for clarification and/or understanding of key contact persons, scope, process, timelines, schedule, logistics, operating environment and areas of emphasis
  • Reviewing the compliance, governance and internal control systems
  • Group governance and compliance audits
  • Assessing compliance with the Constitution, applicable laws, rules, regulations, international treaties, international agreements, codes of conduct and internal policies
  • Coordination in the conduct of governance and compliance audit
  • Role of in-house corporate secretary, internal auditor, external auditor, legal auditor, audit committee, regulatory oversight bodies and other governance assurance functions
  • Process of governance and compliance audit
  • The governance and compliance audit cycle
  • Governance and compliance audit tools
  • Use of technology
  • Scoring methodology
  • Data analysis

Gathering audit evidence

  • Nature and sources of audit evidence
  • Types of audit evidence
  • Evidence gathering techniques
  • Data collection instruments
  • Document checklists/list of documents to be provided by client for review by the auditor
  • Literature review
  • Questionnaire/survey or confidential discussions with select members of the board and senior management using a structured format
  • Site visits
  • Limitations in gathering audit evidence
  • Types of audit tests
  • Audit sampling
  • Using the work of experts
  • Using reports of board evaluation and other internal governance assessments.
  • Methods and techniques of auditing high risk areas
  • Data analysis
  • Evaluating of evidence and forming conclusions

Download Governance and Compliance Audit KASNEB Notes

Reporting governance and compliance audit

  • Purpose and users of auditor’s report
  • Types, contents, elements and structures of auditors’ report
  • Governance and compliance audit opinion
  • Consequences of various audit reports and opinions
  • Reporting of suspected unlawful and/or unethical acts
  • Conclusions/opinions in governance and compliance audit
  • Reports to those charged with governance
  • Governance and compliance report on the annual report
  • Interim, final and abridged versions of governance and compliance reports
  • Submission, presentation and /or filing of audit report
  • Closure of the audit assignment
  • Audit follow up

Implementing audit recommendations

  • Implementation strategies
  • Formulating an action plan and compliance matrix
  • Role of the Board in implementing the action plan
  • Monitoring, evaluating, tracking progress and embedding recommendations/ decisions arising from the audit.

Post governance and compliance audit

  • Nature and scope of subsequent events
  • General guidelines on subsequent events

Peer review mechanism

  • Purpose, scope and types of peer review
  • Responsibilities of parties in peer review
  • Peer review mechanism stages
  • Quality management and assurance measures
  • Confidentiality requirements

Governance Awards in practice

  • The ICS Governance Awards, other regional governance awards
  • Parameters evaluated in the governance awards
  • Award evaluation tool and scoring
  • Governance Index

Download Governance and Compliance Audit KASNEB Notes

Sharing is Caring-Click to Share

Written by 

One thought on “Governance and Compliance Audit KASNEB Notes”

Leave a Reply

Your email address will not be published. Required fields are marked *