Mammut Internal_Audit_Report May 31 2009

1

Emaar Industries & Investments (EII)Internal Audit

Mammut Building SystemsBalance Sheet & Internal Controls Review

Scope

EII Internal Audit conducted a review of Mammut Building Systems (MBS) operations pursuant to the 2008 Internal Audit Plan. The purposes of the review were:

Assessment of key internal controls over operations and compliance Review of Balance Sheet as at 30th September 2008 Assessment of internal controls over financial reporting

EII Internal Audit visited MBS office in Hamriyah Free Zone, Sharjah. The review was conducted during the months of October, November and December 2008.

EII Internal Audit procedures included interviews with MBS management and staff, walkthrough of key operational and financial reporting processes and transaction testing ona sample basis.

EII Internal Audit reviewed sample key processes including Entity Level Controls, Sales and Debtors Management, Customer Service, Estimation, Engineering, Production,Quality Assurance & Quality Control, Waste Management, Maintenance and Facilities Management, Procurement, Inventory Management, Shipping, Accounts and Finance,Capital Expenditure Decision, Human Resource Management and Information Technology and Systems.

EII Audit findings and recommendations were discussed with various personnel from MBS on an ongoing basis during the progress of the assignment. The findings were alsodiscussed with the MD. The list of key personnel is provided in Appendix 4.1. The audit report was further discussed with MBS Executive Committee and action plans havebeen drawn to remediate the control deficiencies and address the audit recommendations. A follow up audit will be conducted after 6 months of issuing the final draft of thereport.

Company Overview

Mammut Building Systems was established in 1997 to fulfill the demand for quality pre-engineered steel structure buildings and polyurethane sandwich panels and is now aleading player in the region for pre-engineered steel buildings. The financial results for the company for the last three years are summarized below:

Million AEDYear 2006 2007 2008

Revenue(AED)

243.18 317.75 332.41

Profit 18.85 14.22 17.21Profit

percentage toRevenue

8% 4% 5%

2

The company’s order book for the past three years stood as follows:

The growth in revenue, profitability and order book has been marginal. Further, as a result of our review we learnt that although efforts were made for system improvement in

terms of implementation of ORACLE ERP system and other related efforts, it did not bring in the desired improvement. Currently, there are systemic problems which need to

be addressed on an urgent basis. There are deficiencies in the design as well as in the operative effectiveness of controls. A lot of work needs to be done pertaining to Policies

& Procedures, Delegation of Authorities and defining Roles & Responsibilities with clarity. As of now, reporting mechanisms are inconsistent and processes are largely driven

by individuals. Keeping in mind the current economic scenario, it is the most opportune time for the company to bring in fundamental changes and to make the systems robust

enough to sustain the growth in the future. This report is an attempt to facilitate that process. Our key findings are summarized below:

Key Findings:

S. No. Areas Key Findings

1. Entity Level Controls

Although business plan has been prepared as per the management requirements and contains the desired elements, but certainaspects pertaining to assignment of roles and responsibilities, budget vs. actual analysis, etc have not been addressed.

The risks associated with effective financial reporting and achievement of business objectives, have not been assessed. Further,the company does not have a Business Continuity Plan.

A detailed Organization Structure, Authority Lines and Job Profiles are still to be defined completely. Further, mechanism toassess and monitor appropriate levels of resources for the key elements of the organisation is also not in place.

Employees may act in an unethical manner with legal, regulatory or reputational repercussions for themselves and/or companydue to the absence of Business Code of Conduct to instill integrity and ethics among the employees.

System access mechanism in terms of identification of financially critical systems and associated authorities and review of userprofiles are not defined.

Security management guidelines in terms of defined responsibilities for physical security of production and office assets,protection of financial data, pre-appointment screening of employees and protection of sensitive business information in not inplace.

Heath and safety measures like placing of emergency contact numbers and availability of employee health check ups have not

Million AED

Year 2006 2007 2008

Contract Value(AED)

613.68 602.18 653.88

3


been considered.

At the feasibility study stage of the capital expenditure decision there is no provision for the review for environmental impact ofthe capital project prior to approval

Record Retention Policy is not available on record covering both paper and electronic records.

Company does not have a Data Protection Policy or guidelines or equivalent, covering personal data whether relating toemployees, suppliers or customers.

2.Sales and Debtors

Management

Amendments to the Customer Master Database are not authorized due to the absence of a signatory list. The Customer MasterDatabase is not reviewed periodically and customer details are not complete.

A documented policy for discounts does not exist and a high percentage of debtors have balances outstanding for over 180 and360 days. The accounting system is underutilized as debtors ageing is still prepared manually in excel worksheet.

Delays were noted in the communication of Invoices to the Bank for negotiation largely because of the delay by the customer inthe approval of delivery note as mentioned in the Letter of Credit terms. No rack was kept of such delays in order to monitorand control such delays.

3.Customer Service,

Estimation, Engineering,Production and QA/QC

The Job Acceptance Form (JAF) was not approved properly and timely in some cases and in other cases the JAF could not belocated. The JAF was not always updated to reflect changes to the contract.

A documented policy for the approval of the Project Information Form (PIF) does not exist. The PIF was not signed-off by thepreparer and was not properly approved. Currently, the PIF is not integrated with the ERP system.

Guideline for describing the issuance, importance and interpretation of Raw Material List (RML) does not exist. The RML is abroad estimate based on approval drawings or drawings forwarded to the customer, which results in inefficiencies fromincreased manual effort in material requirement planning. In some cases, the RML was issued before the approval drawingswere approved by the customer.

In-house benchmarks for performance and cycle time for each department pertaining to various stages of engineering drawings,production and dispatch have not been established.

A mechanism to assess job wise throughput versus standard and to perform a comparison of job wise actual waste versusstandard waste does not exist. There is also no mechanism in place to perform machine wise efficiency analysis, work-in-process analysis and job wise margin monitoring.

The quality plan section of the PIF was not always populated resulting in confusion on which quality plan was to be followed.

4


Urgent Material Requests (UMR) is tracked manually instead of utilizing the ERP system. There is no mechanism in place totrack UMR costs as a whole and in some cases material issued to complete the UMR was not booked against that UMR in thesystem.

4. Waste ManagementThe company does not have a weight bridge on the premises and trucks carrying scrap material are sent elsewhere for beingweighed which may result in pilferage. Scrap is not stored in a demarcated area.

5.Maintenance and Facilities

Management

The C Works software implemented for maintenance management crashed about ten times. The system functionality ofgenerating detailed work order report has not been utilised in the past. Further, there were mismatches in the work order reportgenerated from the system and the physical work orders kept as an evidence of maintenance performed.

As a part of maintenance planning and analysis no budgets have been prepared for the maintenance department and recordscapturing machine-wise material and labor cost are not available. The preventive maintenance schedules have not beenimplemented properly and also contain errors.

The responsibilities for generation and approval of work orders pertaining to breakdown maintenance is not defined. Althoughthe work order is generated in the system, a copy of the same is not printed out, signed off and filled.

6. Procurement

There is an absence of documented criterion to select vendors and suppliers, there is no procurement policy, price comparisonrecords were manual, and costing is tentative. Further the there are about 460 vendors with which the company deals. Of thesetop twenty vendors fulfill 71% of total purchases and the balance 441 fulfill remaining 29%.

Currently the basis of evaluation of individual suppliers is subjective and not scientific. Further there is no defined periodicityfor the same supported by periodic visits to suppliers’ premises.

Currently, the authorities for raising purchase requisition for goods and services are not defined. The ORACLE ERP systemallows raising POs without purchase requisitions. Further, no periodic exercise is done to assess open POs and their systematicclosure.

It is not defined as to who will approve the payment requests without PO made by Finance Manager and MD. Proposedpayment lists are not generated before a payment run. There is no written policy for cheque access, storage and usage. Chequeissue log is also not maintained. Supplier reconciliation is not done on a periodic basis. Further, the ORACLE ERP system doesnot generated a creditors ageing report.

7. Inventory Management

A dedicated inventory management team does not exist. Stores are not centralized with a layout plan and are not mapped in theERP system. There is a lack of a well defined hygiene and staking norms. A perpetual inventory system and continuous stocktaking system has not been implemented. No evidence of adhering to the FIFO principle is available particularly in case ofmaterials having a shelf life. There is no mechanism in place for tracking unloading time and expired materials.

5


The ISO procedure does not specify guidelines for technical inspection and its periodicity. Rejected materials are neithertracked nor kept in a designated area. Rejected materials are not re-inspected before being returned to the supplier.

A well defined physical verification procedure does not exist. Guidelines are not available for the preparation of stockverification report, or for the verification, final authorization and approval of adjustments.

ABC classification of inventory is not performed and inventory levels have not been defined. The ERP system does notgenerate an inventory ageing report. Therefore, non-moving and slow-moving items cannot be identified and valued.

8. Shipping

There is no documented policy for transporter appointment, evaluation, and selection. Further, there has been over dependenceon one transporter found.

There is absence of a well documented procedure defining the parameters for the performance evaluation of the transporters.The existing procedure is not objective in nature.

Formal agreements between the company and the transporter, stating the terms and conditions of both the parties are not

present. As of now quotation / rate list sent by the transporter and approved by authorized signatory is considered as a contract.

The Loading report is not signed by the checker due to oversight. Proof of delivery is not obtained in certain cases due to

absence of authorized personnel of the customer at the client site. Destination-wise transit periods are not defined and formally

approved by both the parties in form of a contract.

A mechanism to monitor and control demurrage charges does not exist. Demurrage Charges for incoming materials have been

accounted for under two different heads instead of one. Further, freight Charges which could be clearly identified as demurrage

charges according to descriptions of transactions amounted to AED 0.12 million. This could be much more.

9. Accounts and Finance

A documented policy for the control of the chart of accounts does not exist and there is a lack of a standardized process foramending the chart of accounts. There is no delegation of authority for the approval of payments and most of the non-standardjournal entries lack proper supporting documentation.

Bank reconciliations are not prepared and reviewed on a periodic basis and the company accounts are updated based on thebank statements.

10.Capital Expenditure

Decision

A documented policy for Capital Budgeting does not exist and responsibility for this process is not assigned within thecompany. The review of budgeted vs. actual expenses and analysis of variances is not documented and the execution andcompletion of capital expenditure projects is not reviewed periodically in order to assess as to whether the desired benefit wasobtained.

An approved vendor list for capital purchases does not exist and quotations were not always obtained for capital expenditures.

6


In most of the cases, a NPV/IRR/Payback period analysis was not performed, capital expenditure requests and purchase orderscould not be located, and the purchase orders were not approved. Some assets were put to use but were not capitalized.

A documented policy for fixed assets does not exist. In some cases, fixed assets purchased were neither capitalized norrecorded in the Fixed Assets Register and their costs could not be tracked. Depreciation was calculated without taking intoaccount the relevant useful lives and usage of machines. Insurance was obtained based on the net book value of the fixed assetswhich may result in overspending.

11.Human Resource

Management

Currently, planning and budgeting is not done in the HR department. Although a projection of salaries and benefits / allowancesis done as a part of annual business plan for which there are no assumptions available on record, the same is not done inconjunction with the department. Although Future Process Model is available on record the same is yet to be implemented andas of now company is following the HR procedures set in 2006.

Alignment of the recruitment activity to the business plan can not be ascertained. A staffing plan neither is in place nor is the

staffing requirements monitored, including anticipated organizational changes. A detailed organization chart is not available on

record. Further, there were gaps in the documents maintained in employee personal files.

Overall workforce capability requirements are not assessed. Over-reliance on key individuals is not identified and succession

plans are not in place for key positions. Job descriptions along with key performance indicators are still to be defined for all

levels. A well defined training program has not been formulated.

There is absence of measurements of employee productivity and mechanism for renewal of visa and passport.

There is absence of grievance procedures, audit of disciplinary procedures, and other discipline regulating mechanisms.

12.Information Technology

and Systems

Although an IT policy exists at the group level, there was no evidence of extending the same policy to MBS. Disaster RecoveryPlan and Disaster Recovery Framework are in draft stage. Further, this is no defined and documented plan to assess and monitorthe physical and logical security of IT infrastructure.

It has been almost one year since the ORACLE ERP has gone live and AED 1.5 million of expenditure was spent on it.Nevertheless, it is still not stable and does not provide the desired support and results.

7

2 Detailed Observations & Recommendations

We have classified our observations into high, medium, low based on the following definition:

HighMatter noted constitutes an important control weakness where the potentialimpact is considered material for the business as a whole or any part of thebusiness and must be resolved.

MediumMatter noted constitutes an improvement to weakness in the current systemwhere some compensating controls exist but which are not as effective orefficient or where the potential impact is moderate.

LowNo matters noted that would indicate the current processes are notoperating effectively and efficiently as designed or where control weaknessis so minimal that potential impact if any is minor.

8

2.1. Entity Level Controls

Internal Audit Observations Management Response Management action planTimelines

1. Refinement of Business Performance Management

System

While reviewing the Business Performance Management system,

the following was noted:

Although a business plan is prepared containing management’s

profit forecast, balance sheet projections, operating cash flows

and SWOT analysis, the following elements were absent:

1. Assignment of Management responsibility for tracking

progress towards achievement of planned objectives and

goals.

2. Budgeted vs. actual analysis with root cause identification

for variances, competitor analysis and Key Performance

Indications (KPIs) to ensure all relevant issues are discussed

and addressed.

3. Setting of team and individual objectives within the

company which are aligned to and consistent with the

company's overall objectives as defined in the business plan.

4. Defining roles and responsibilities for the communication of

strategic plans within the company.

5. Long term or Medium term strategy outlining company

objectives.

Agreed 1.Will be added in the Budget 2010.

2. Already available in the MIS,however KPI will be considered infuture.

3Will be added in the Budget 2010.

4 Will be added

5. Already available in the plan.

30 September 2009

2. Absence of Risk Identification and Management Systemand BCP

While reviewing the Risk Management initiatives at MBS, the

following came to light:

Agreed Data disaster recovery planavailable which is a part of BCP,however, complete plan will befinalized as per EII guidelines andpresent to EXCOM.for approval.

30 September 2009

9


1. Risks pertaining to key processes having a direct impact on

effective financial reporting have not yet been identified.

2. Risks to the achievement of business objectives have not

been identified.

3. There are no evidences available on record of a crisis risk

assessment being performed to identify all crisis risks which

the business faces.

4. Business continuity analysis has not been carried out to

identify the minimum hardware, software and asset

requirements for all teams and functions.

5. A Business Continuity Plan (BCP) does not exists in order to

support the business, secure the necessary hardware,

software and assets to continue critical business processes

following a crisis or emergency situation (e.g. production,

sales order handling or financial reporting)

3. Weakness in Organization Structure

While assessing the basic framework and controls pertaining to

organization structure, following aspects were noted:

1. A detailed organization chart is not available on the records

as of now.

2. Roles and responsibilities of managers are not defined and

communicated to the relevant individuals.

3. A mechanism to assess and monitor appropriate levels of

resources to support key elements of the organizational viz.

finance, operations, IS, treasury, and human resources is not

in place.

4. A well defined statement of authority is not available on

record.

1. Agreed but available sinceOctober 2008.

2. Agreed.

3. Agreed.

4. Agreed

1. Organization chart isavailable.

2. HR will define the roles &responsibilities & forwardto all Managers.

3. HR will set themechanism.

4. DOA document isavailable at MammutGroup Level and will be

N.A

30 September 2009

30 September 2009

31 July 2009

10


5. Performance goals for individuals are not defined clearly

6. Job profiles are not available for all levels.

5. Agreed.

6. Agreed but available sinceNovember 2008.

implemented afterpresentation to EXCOMand approved by the BOD

5. HR will define the goals.

6. Job Profiles are available.

August 31,2009

4. Absence of Policy and Procedure Manuals andDelegation of Authority Matrix

There are three fundamental components of internal controlenvironment viz. policies and procedures frame work,delegation of authority including financial delegation andsegregation of duties in key functions.

Currently the company does not have well defined policyand procedures manual, delegation of authority matrix andprocess wise Segregation of Duty (DoA) rules.

DOA for business routine is established but the same is notdocumented and approved by the Board.

Agreed. DOA document is available atMammut Group Level and will beimplemented after presentation toEXCOM and approved by BOD.Job descriptions of key functionsavailable and already defined.

31 July 2009

5. Mechanism to Instill Integrity and Ethics

While assessing the mechanism to instill integrity and ethics

among the employees, the following was revealed:

1. Presently the company does not have a code of conduct

setting out required standards of integrity and ethical

behavior along with the employee signoff as a part of the

contract.

AgreedCode of conduct will beimplemented and circulated to allemployees.

July 31, 2009.

11


2. The Company does not have an appropriate channel like a

helpline for reporting ethical violations or any incidence of

fraud.

No evidences are available on record indicating allocation of

overall responsibility to specific members of senior management

for compliance with legislation and regulatory laws.

Agreed A committee will be formed toreport ethical violations etc.HR/Admin department isresponsible for compliance ofregulatory laws.

N.A

6. Identification and Access Control to Critical FinancialSystems

While reviewing the system access mechanism, the following

was observed:

1. Critical financial systems have not been identified. Critical

financial systems are those which directly influence the

recording, processing and reporting financial information

and statements.

2. The company does not have a well defined and documented

statement of authorities which may facilitate granting of

access to the said systems. Currently the same is done as per

the approval of the line manager.

3. There is no system of reviewing the user profile for

segregation of duties at the time of new, revised or

composite user profiles (within critical financial systems).

1. Disagreed, Critical financialsystems are defined (All ERP).

2. Agreed despite it is built up in tothe system yet the documentationis required.

3. Agreed , All users’ accesshandled by Support Desk withapproval from departmentmanager; however separaterequest form will be created forthe purpose.

N.A

Process is in place to bedocumented.

Separate request form will becreated

N.A

30 June 2009

Immediate

7. Security Management Guidelines

Following was observed pertaining to the key security

management aspects:

12


1. Responsibility for physical security of production/office

premises and adequate protection of assets and financial data

based on the risk environment in each of the facilities is not

defined clearly and also not assigned to a member of senior

management.

2. There is no system of pre-appointment screening of all

prospective employees, both permanent and temporary, who

are being considered for any positions in the company.

3. As of now there are no guidelines available on record for the

protection of sensitive business information (hardcopy,

electronic message, or voice communication) when

transmitted internally, externally, and at disposal.

1. Agreed

2. Agreed

3. Agreed

1. HR Manager with MD willdefine the guidelines.

2. HR & Admin will set theprocedure for screening.

3. HR/Admin Manager withMD will set the guidelines.

30th Sep 2009

July 31st -2009

Sept 30th -2009

8. Control Gaps in Health Management

While reviewing the occupational health and safety aspects, it

was revealed that, although the factory has a fulltime male nurse,

there is no activity in place to ensure regular health checkup of

the employees, specially the employees at the shop floor.

Disagreed, Employees alreadycovered under insurance. Workershave health card from Ministry ofHealth. However, thisrecommendation will be consideredonce company will be in a position toafford it.

N.A N.A

9. Environmental Review of Capital Projects

At the feasibility study stage of the capital expenditure decisionthere is no provision for the review for environmental impact ofthe capital project prior to approval.

AgreedGuidelines are available in ISO14000 and we will add this area inCAPEX approval form.

Immediate.

10. Record Retention Policy

Although record retention norms have been defined for most of

the functions as a part of ISO procedures, same has not been done

for Finance Department as yet. Further, there is no detailed

Agreed Entity level Policy for recordretention will be documented

31 July 2009

13


entity-level policy for record retention..

11. Absence of Data Protection Policy

Currently the company does not have a Data Protection Policy or

guidelines or equivalent covering personal data whether relating

to employees, suppliers or customers.

Agreed MD with Group IT Director willdefine the policy.

30 June 2009

14

2.2 Sales and Debtors Management


1. Customer Master Database

During the review of Customer Master Database, the following

observations were made:

1. Absence of signatory lists for additions and amendments to

customer master data.

2. Presence of invalid / irrelevant customer entries.

Name Code Status

Misc Clients 1119 Active

Do Not Use Ever 1561 Inactive



Dummy Customer 1602 Active

Do not Use2 1603 Inactive

Do not use 1644 Active

Do not use 1828 Inactive

Do Not 2657 Active

On a review of the active invalid accounts, it was revealed that three

accounts out of four, did not have any transactions during the period

1-Jan-08 to 31-Dec-08. One account (Code: 1119, Name: Misc

Clients), had 5 transactions during the same period. Details of the

transactions are given below:

The company was not able to provide supporting documents

justifying the transactions mentioned above.

1. Agreed

2. Agreed

1. Signatory list will be created.

2. Will be rectified.

August 31,2009

30 June 2009

15


3. Absence of periodic review of amendments to Customer Master

Database.

4. Incomplete details such as billing and shipping address in

Customer Master Database.

3. Agreed

4. Agreed.

3. Will set a process for periodicalreview.

4. Will complete as soon as possible.

2. Control Gaps in Discount Policy And Debtors AgeingAnalysis

It was observed that no documented discount policy exists outlining

the basis on which discounts are to be approved and awarded.

A review of the debtors ageing as on 30-Jun-08 revealed the

following:

1. Alfa Industrial Refrigeration (Code: 151044) is a debtor in the

books of accounts with an outstanding balance of AED 789,920.

After discussion with finance personnel it was revealed that, the

Letter of Credit for this customer had been obtained under the

joint bank account of Mammut Industries and MBS (Account

no.: 0800-012815-001) with Al Ahli Bank. Later, this account

was handed over to Mammut Industries as part of the

consolidation process in MBS after investment by Emaar

Industries and Investments. The payment had been received

from the customer in this account on 10-Apr-08 but inter-

company settlement has not taken place till now. This amount

will be settled against proposed dividend in the year 2008.

2. Although the Oracle has the facility to generate debtors ageing

report, but currently the same is prepared manually in an excel

workbook.

Disagreed, discount policydepends upon the area, marketsituation, jobs complexity, ordersize etc. It varies from case tocase which can not bestandardized.

1. Agreed

2. Agreed but Debtorsaging available sinceDecember 2008 whichneeds to be monitored.

1. Adjusted in December 2008.

2. Debtors’ aging will be monitoredon a regular basis.

N.A

Immediate

Immediate

16


3. 28.58% of the debtors have balance outstanding for more than

360 days and 52.23% of the debtors have outstanding balance

for more than 180 days. A summary of debtors aging is

mentioned below:

Age GroupsValue(AED)

PercentageCumulativ

ePercentage

0 - 90 DAYS26,298,73

633.32% -

91 - 180 DAYS11,402,29

814.45% 33.32%

180 - 360 DAYS18,666,02

723.65% 47.77%

ABOVE 360 DAYS22,552,34

028.58% 71.42%

TOTAL78,919,43

0100% 100%

4. Although a control over retention receivables is kept, debtors

ageing report is inclusive of retentions receivables. Due to this,

the report may be misleading and may not present a true picture

of the outstanding amount.

3&4. Agreed 3&4 . Above 360 balances of22,552,340 include provision for baddebts 12,981,242. Most of the salesare secured against documents. Thetotal outstanding is 15% of total sales.

Retentions part wherever applicablewill be maintained separately.However all efforts will be made toimprove the recovery from variouscustomers.

Immediate(DebtorAging)

31 July 2009(RetentionSeparation)

3. Control Gaps in the Invoicing Process

Most of the jobs undertaken by the company are covered by a Letter

of Credit (LC). Invoices are sent to the bank for negotiation on

completion of shipping of a phase of the project.

AgreedThe delays are under normal course ofbusiness. Mostly it is happening for exportbecause the time for sending material toother countries & getting signed deliverynote is required much more time as

Immediate

17


During the review of the invoicing activity for three jobs, it was

observed that invoices have not been communicated to the bank for

negotiations on time.

On the basis of the discussion with the treasury manager, it was

learnt that the delay was due to a clause in the Letter of Credit (LC)

agreement which allowed the raising of invoices against the LC only

after the customer signed the delivery note.

It is to be noted here that neither the date of signing the Delivery

Note or receipt of signed Delivery Note by the company has been

documented anywhere. Hence the cause of delays cannot be known.

compare to local sales. We track withcustomers regularly.We will try to reduce the time forsubmission of invoices.

4. Absence of Provisioning Policy for Receivables

No documented policy exists to make provisions for bad and

doubtful debts. Currently it is being done on the basis of discussions

with external auditors and has a very subjective basis.

Agreed. Provision policy will be defined anddocumented. Debtors will be reconciledperiodically.

15 August 2009

5. Absence of Debtors' Reconciliation

Debtors' reconciliation is not performed at all by the accounts

department. At the time of external audit, only confirmation letters

are sent to debtors. Also, treasury department and accounts

department maintain separate records for debtors which are

reconciled at the end of every month. Hence, an inter-department

reconciliation is carried out.

Agreed In future, Debtors records will bereconciled between two departments on amonthly basis.

15 August 2009

6. Absence of Documented Revenue Recognition Policy

During discussion with the finance personnel, it was revealed that a

documented revenue recognition policy does not exist in the

company.

Currently, revenue recognition is done on the basis of invoices

raised to customers. All the projects undertaken by the company are

Agreed. Revenue recognition policy will be defined& documented in accounting and financemanual.

15 August 2009

18


covered under LCs. When shipping for a segment of the project is

complete, a 'Shipping Completion Certificate' is issued by the

shipping department. On receiving the certificate, the accounts

department raises the invoice for the shipped material and

communicates the same to the bank for negotiation. Revenue is

booked on the date when the invoice is raised.

19

1.3 Customer Service, Estimation, Engineering, Production and QA/QC


1. Control Gaps in Creation and Approval of Job AcceptanceForm (JAF)

Job Acceptance Form (JAF) is created after the completion of

estimation process and contains important information regarding the

job such as total estimated tonnage, mark-up on the cost, final price to

be charged to the customer and payment conditions. This important

document is reviewed by the area office manager and approved by the

sales manager.

During a review of the creation and issuance of Job Acceptance Form

(JAF) for 16 selected jobs, following was revealed:

1. JAF was not signed by sales manager in 3 cases:

2. JAF was

not

available for job OM-1667 (EURO 23,353,974).

3. Date of approval of JAF by sales manager was not mentioned on

the document for job QA-2187 (Contract Price: 4,920,000 QAR)

and QA-1021 (Contract Price: 4,550,000 QAR).

4. The contract price for job QA-2187 was revised to QAR

4,450,000 from QAR 4,210,000 on 28-Apr-08 but the JAF has

Job

NumberJAF Date

Total Price

(AED)

AE3-2084 17-Jun-08 7,496,000

AE1-2334Not

Mentioned8,100,000

PK-2140 30-Aug-08 18,014,806

1. Agreed.

2. Disagreed with observation,document is available forinspections.

3. Agreed.

4. Agreed.

1. In future General sales managerwill sign all JAF.

N.A

Rectified.

Rectified.

31 July 2009

N.A

Immediate

Immediate

20


not been updated to reflect the change.

5. JAF for the job QA-1021 dated 7-Jul-05 has been changed /

updated manually using a pen and there are no evidences of

approval of the modification.

5. Agreed. Rectified.Immediate

2. Control gaps in Generation and Approval of ProjectInformation Form (PIF)

Project Information Form (PIF) is created for each job after it is

accepted and is used as an information repository for all the

departments regarding that project. It consists of two parts; General

Data Sheet (GDS) and BDS (Building Data Sheet). GDS contains all

the general information regarding the job such as, name of client, total

tonnage and payment terms. BDS contains technical information

about each building in the project.

During a review of PIF of 16 selected jobs, the following was

revealed:

1. PIF created for each job was neither signed off with date by the

customer service manager nor signed off by the person who

prepared it, for all the selected jobs. This leads to the conclusion

that the approval activity for the same is not in place, although it

was given to understand that the document is circulated through

e-mails to all the concerned people.

2. PIF of each job is designed separately in Microsoft Excel and is

not integrated with the Oracle system. After discussions, it was

learnt that the Oracle system itself is not capable of handling such

technical data.

1. Agreed

2.Agreed

1. In future CSD Supervisor/Managerwill sign all PIF.

2. As agreed with the businesstechnical data will be stored in theePIF(Develop by PRD). Generaldata is stored in Oracle.

30 june 2009

30 june 2009

21


3. Control Gaps in Creation and Issuance of Raw Material List(RML)

1. Currently, there is a practice of making a broad estimate of

material requirement based on approval drawings. This results

into a raw material list (RML) which according to customer

service is an indicative figure and is meant to give a broad idea of

material requirement with an aim to facilitate Material

Requirement Planning (MRP). However, the same is taken as a

basis for MRP by Production Planning Department. Further, a

detailed Bill of Material is generated after the detailing stage but

by that time MRP is already complete. Following is a comparison

of RML and BOM tonnage for 8 jobs:

Sr. No.Job

Number

RMLTonnage

(MT)

BOM Tonnage(MT)

Difference(MT)

1 2172 1669.002 1677.77 - 8.768

2 1414 4295.443 4483.141 -187.698

3 2084 1000.746 885.477 115.269

4 2005 326.594 316.032 10.562

5 2071 104.034 98.222 5.812

6 2187 405.047 429.194 -24.147

7 2140 2937.882 2658.496 279.386

8 1021 700.374 758.42 -58.046

2. In certain cases, Raw Material List was issued before the

approval drawings were approved by the customer:

It to be noted that Raw Material List is prepared based on theapproval drawings.

JobNumber

RML DateDate of Approval

Drawings

AE3-2084 8-Apr-08 16-Jun-08

QA-1021 28-Aug-05, 21-Aug-05 23-Oct-05

1. Disagreed, All the material shouldbe managed with RML since deliveryperiod of any raw material is morethan three months where as the jobdelivery after approval drawing isnormally 1 1/2 to 2 months. So RMLcan help at great extend in inventoryplanning. Ordering pattern for anystandard inventory items dependsmainly on historical consumption andforecasted consumption againstavailable stock and incomingmaterials. For non standard inventoryitems RML should reflect 100%requirement in order to avoid anyexcess or less material during jobexecution. In general wheneverrevisions are requested by thecustomer, the RML also must reflectthe revised material requirement. Newpolicy implemented restricting RMLsfor forecasting raw material

Agreed.

N.A

In future we will follow the standardpractice.

N.A

Immediate

22


4. Through-put and Production Efficiency

Currently the production efficiency analysis is done based on the

comparison of quantity of scrap generated versus the production on a

monthly basis and arriving at a percentage for the same and there are

no benchmark percentages established for comparison.

As of now, there is no system / method in place to assess job wise

throughput versus standard comparison of job wise actual waste

versus standard waste. There is also no method in place to perform a

machine wise efficiency analysis on an ongoing basis.

Agreed These reports will be available once SCIAwill be implemented.

30 September 2009

5. Job-wise WIP Valuation and Margin Monitoring

There is no mechanism in place to conduct a job wise WIP analysis

against estimates and consequential margin monitoring. As of now,

only an over all assessment of profitability can be made at the year

end. Further, as there is no job wise estimation verses actual

comparison, no assessment can be made about the accuracy of the

project cost estimation.

It was given to understand that an MRP system is under

implementation which will facilitate the tracking of job WIP valuation

and margin monitoring. Currently the company if tackling the

integration of the MRP with the ORACLE ERP system.

Agreed This can be possible once SCIA will beimplemented.

30 September 2009

6. Absence of Performance Monitoring of Key Departments

A cycle-time analysis of 6 closed jobs revealed a varied range of time

taken for approval of drawings, finalization of detailing, production

and shipping:

But, currently it can not be commented as to whether the turn around

Disagreed, since it depends upon theinternal & external factors whichinfluence the period from 1 month to6 month, The standard cycle time hasbeen defined is 8 weeks for Jobsranging from 250mt to 500mt and it

N.A N.A

23


time mentioned is efficient or otherwise. Due to the absence of

internal benchmarks pertaining to the turn-around time at each stage,

the reasonableness of the same commented above can not be

ascertained.

varies depending upon the job volume& complexity.

7. Control Gaps in Quality Assurance and Quality CheckProcesses

During a review of Quality Assurance and Quality Check process for16 jobs, following was revealed:

1. Point number 6 of PIF pertaining to quality plan to be followed

was not populated in 2 out of 8 cases. It was given to understand

that if the same is not populated then the standard QC plan is

followed. In one of the projects pertaining to Qatar Petroleum,

with job number QA-1021, it was learnt that because of lack of

clarity about quality plan to be applied, the standard QC plan was

followed. Later on, it came to light that radiography test was to

be performed as part of quality plan and the same was done later

at client site. It was given to understand the PIF did not mention

the quality plan. The same can not be confirmed as the PIF is not

preserved as the project was more than one year old.

2. While reviewing the implementation of the quality assurance

process for 15 projects out of a sample of 16, it was found that

quality steps have not been followed in case of 7 projects.

Agreed In future we will follow the process. 31 July 2009

8. Inefficient Tracking of ‘Urgent Material Requests’ and HighAssociated Costs

During our review of 16 jobs, it was observed that additional material

was dispatched to customers after requests were received from their

end. This was done in either of the following situations:

• Loss of material in transit

24


• Defective / low quality material

• Damage to material during assembly

After a request for additional requirement is received from customer,

a document called Urgent Material Request (UMR) is generated by

the customer service department.

1. Till 2007, before the implementation of ORACLE, the ALPHA

system did facilitate the tracking and cost assessment of UMRs

Following is the summary of claims settled between 2005 to

2007:

S. No. Year Claim settled (AED)1 2005 2,627,904.112 2006 1,816,098.173 2007 2,446,593.51

2. During our review of UMRs generated from Feb-08 to Oct-08, it

was revealed that, post implementation of ORACLE, as of now,

the system functionalities have not been utilized fully to track the

same. Further, the status of the active UMRs and the associated

cost is tracked manually using an excel worksheet. Hence, it is

not tracked on a real-time basis and is prone to clerical errors.

3. During our review of UMRs generated for 16 selected projects,

following was revealed:

3.1 According to UMR No. C-06-1021, dated 23-Jul-06 (Job

number QA-1021), customer rejected purloins sent by the

company. This was due to the fact that they had white stains

on the surface and steel was rusty. Results of the third party

tests carried out by “Qatar Industrial Laboratories” were

negative and stated that the quality did not meet the ISO

1. Agreed

2. Disagreed, Job trackingreport is available to trackUMR & cost.

3. Agreed.

1. Oracle is supporting to generate thisinformation just we need topopulate data.

2. N.A

3. Separate account will be created tomonitor the cost as well as reportwill be developed for monitoring.

31 August 2009

N.A

31 August 2009

25


1461:1999 standard.


number QA-1021), the length of the supplied stair tread was

wrong. It was stated that ‘It doesn’t fit the stringers’.

3.3 According to UMR dated 1-Mar-07 for job number QA-

1021, customer rejected the welding done on the material

and modifications were made by the company at the site.


number AE2-2005), Mammut erection team had to conduct

modifications at site because of engineering detailing error

for the closer trims for the roof monitor and wrong supplied

door lock device.

3.5 According to UMR No. C-01-2005, dated 22-Apr-08 (Job

number AE2-2005), customer rejected the connection bolts

received from supplier ‘Al Rashed Fasteners’, due to quality

issues with the material. It was stated that ‘Customer

encountered problem of excess galvanizing at the threaded

end of the bolts’.

Further, total UMR cost for each of the 16 selected projects

could not be ascertained. On the basis of discussions it was

learnt that, the material issued to complete the urgent

material request, was not booked against that UMR / job in

the system and there is no mechanism to track UMR cost as

a whole.

26

2.4 Waste Management

Internal Audit Observations Management Response Management Action Plan Timelines

1. Weighing Bridge and House Keeping

While reviewing the process of waste and scrap management, we

noted the following:

1. Currently the company does not have a weighing bridge in the

premises. Due to this, the truck full of scrap material is to be

sent out side for weighing.

2. Although separate areas have been demarcated to keep the scrap

and rejected material, rejected material was not segregated from

usable raw material in certain areas.

1. Agreed.

2. Disagreed, Demarcated areafor all type of Scrap area isplace in years and recordsare well maintained. OnlyHazardous wastedemarcation area recentlycreated for ISO 14001

1. CAPEX for weighingbridge already approvedand will be ordered andinstalled into the demarkedarea.

2. N.A

31 August 2009

N.A

27

2.5 Maintenance and Facilities Management


1. Maintenance Software Optimization

The maintenance management system namely “C Works” was

implemented by the company to facilitate the efficient management

of the maintenance function. It was observed that although it is a

single-user software, it has been used as a multi-user system in the

company. Following were observed:

1. Since implementation, the software has crashed about ten times,

the details pertaining to which are provided below:

Number*

Date ofSoftwareCrashing

1 18-Nov-07

2 4-Dec-07

3 12-Dec-07

4 5-Mar-08

5 27-Mar-08

6 3-Apr-08

7 17-Apr-08

8 5-May-08

9 16-Jul-08

10 10-Sep-08* The dates on which ITDepartment was notified ofthe breakdown

2. Neither the system functionality of generating a detailed work

order report has been utilised in the past nor has any analysis

been performed to assess the root causes of frequent break

downs.

1. Agreed

2. Disagreed, the system wasfunctional in generating thework orders but no hardcopy of the same wasgenerated to handover totechnicians. Technicianused the hard copy of PR

1. Initially, the cworks softwarehad a problem but now dailybackup is being taken as aroutine by IT department.

2. N.A

30 September 2009

N.A

28


3. The work order files pertaining to preventive and breakdown

maintenance were not available prior to July, 2008.

4. While comparing the system generated work orders for 74

machines with the work orders report generated by the “C

Works” system, pertaining to the period July 2008 to October

2008 , the following was noticed:

a. Work orders pertaining to seven machines generated by the

“C Works” system did not reflect in the work order report

generated by the same system.

b. Similarly, some of the work orders pertaining to 21

machines were reflected in the system generated report but

were not present in the work order files.

which was manual printedcopy. The root cause ofthe frequent breakdownwas also always carried outbut lacked documentaryupdating.

3. Disagreed, The work ordergeneration started when thec works software wasadopted but before thatmanual data wasmaintained.

4. Agreed In the initial stage of implementationsoftware had a testing problem butlater it was resolved andimplementation has been doneproperly

1. Daily back up is beingtaken up

2. The system does havethe permanent recordretention. The properevaluation would bedone once interface willbe developed betweenC work software andORACLE system.

Immediate

2. Maintenance Planning and Analysis

While reviewing the planning and analysis aspects of maintenance

function, the following was revealed:

1. Annual budget has not been prepared for maintenance

29


department. There were no documents available on records

evidencing capturing of machine-wise material and labour cost,

although down time is being captured since November 2007.

Further, there is no activity in place for adequate and accurate

reporting of cost and time related to maintenance.

2. History prior to November 2007 pertaining to preventive

maintenance, Machines breakdown maintenance and down time

is not available on record.

3. The preventive maintenance schedules have not been

implemented properly. Further, there are no documents

available on record evidencing periodic review of the same in

the light of breakdown history.

4. Preventive maintenance schedule included following errors:

4.1.The machine code was mentioned incorrectly in related

maintenance schedule

4.2 The frequency of maintenance was mentioned incorrectly

1. Agreed

2. Agreed

3. Partially agreed.

4. Agreed.

1. Cost centre wise budget will beprepared in future, howeveraccurate machine wise has beenresolved by updating the spareparts item categorization inoracle system.

2. Record is not available due tochange of system.

3. C WORKS was not available toretain the data. Preventivemaintenance schedule werebeing done properly but lackedrecording. It is now beingreviewed in weeklymaintenance co ordinationmeeting.

4. It has been reviewed andcorrected.

30 September 2009

3. Work Order Generation and Maintenance Execution

While reviewing the execution of maintenance jobs, following was

revealed:

1. The responsibilities for generation and approval of work orders

pertaining to breakdown maintenance is not defined. Although

the work order is generated in the system, a copy of the same is

not printed out, signed off and filled. It is to be noted that the “C

Works” software has crashed ten times in the recent past.

Further, there is no tracking and analysis done relating to

machine wise breakdown history.

1. Partially agreed. 1. The responsibility of workorder generation has beenassigned to three persons andpassword key has been issuedto them. The proper generationof work order s andimplementation is already ineffect. There is a machine

N.A

30


2. A single work order is prepared for many machines in the same

category (noted in case of welding machines).

3. Most of the preventive maintenance checklists were neither

signed off by the technician as a proof of job done nor were

they signed off by the supervisor as a proof of job supervision.

4. Some preventive maintenance checklists were not attached

along with their related work orders.

5. Machines were not maintained at all although they were

scheduled to be maintained (ex: hydraulic Jacks and Fl 15) -

6. For the last two and half years, maintenance cost has been as

2. Agreed.

3. Agreed.

4. Agreed.

5. Disagreed, Machines ofsmall nature (hand tools)requiring no attention bythe technician have beenlooked after by the userhimself hence no recordneeds be maintained.

failure analysis available fromthe system for tracking.

2. This practice of generation ofwork order for same kind ofmachine for the same schedulewas adopted to save thestationary but now it is stoppedand each machine has its ownwork order generated.

3. It is already implemented nowthe checklist is copied at theback side of work order and it iscrossed and signed by theassigned technician.

4. Checklist is now printedbackside of the work orders.Also there are check listavailable on the machine itselfto sign off the checks.

5. N.A

N.A

N.A

N.A

N.A

31


follows:

6.1 2006- AED 1 million (Apr 2006 to Mar 2007)

6.2 2007- AED 1.78 million (Apr2007 - Dec 2007)

6.3 2008- AED 0.82 million (Jan-Jun 2008)

An analysis of the maintenance record for the period 2007 to

October 2008 revealed the following:

1. Break down incidents for the most of the machines exceeds the

preventive maintenance performed. Break down cases were

66.7% of machines maintenance history.

2. Of the total breakdown cases, although action taken was

mentioned in 96% of the cases, the reasons for break down were

not provided in 78% cases.

6. Disagreed, Since eachmachine has many movingcomponents it is notpossible to attain 100%preventive maintenancecompletely especially whenmachines are very old.

Agreed

N.A

Record will be maintained.

N.A

31 July 2009

32

2.6 Procurement


1. Vendor Initial Evaluation, Development and Price Validation

While reviewing the process of initial evaluation, development of

vendors and their selection for purchase decision, following was

observed:

1. Based on the PO listing obtained from the ORACLE ERP system,

the company has dealt with about 461 vendors in the last one year

to whom a total of AED 621 million worth of POs have been

raised. Top twenty suppliers have about 71% of total business

amounting to AED 442 million and the remaining 441 suppliers

have 29% of total business amounting to 179 million.

2. Currently there are no guidelines available on record to facilitate

vendor initial identification from a financial and technical

perspective. Further there no defined parameters for conduct a

financial and technical evaluation to decide as to whether to do

business with the vendor.

3. New vendor master is created when business needs to be done

with that vendor. As such, there is no vendor registration process

to help build a vendor data base. A list of vendors was created in

2008 consisting of suppliers for steel, production accessories and

consumables. This is a compilation of the suppliers with whom the

company has been dealing in the past.

4. There is no detailed Purchase Policy available on record.

5. Currently the decision to select a supplier and place order on the

same is entirely discretionary and is in taken by the Purchase

Manager.

6. There exists a guideline which prescribes that for purchase of

single item valuing AED 5000, one quote needs to be invited. For

Agreed Purchase policy will be written and allaspects will be covered.

15 August 2009

33


purchase between AED 5000 to AED 10,000, two quotations

needs to be invites and for purchased above AED 10,000, three

quotes needs to be invited.

7. A manual price comparison is maintained by the Purchase

Manager, which also contains proposed and actual delivery dates

apart from the prices. It is maintained mainly for steel and bought

out items (sent along with various parts of the buliding and are

direct bought and not manufactured). Any counter bidding and

price negotiation is done entirely by the Purchase Manager.

8. Although market rates mobilized for various material and services

on a periodic basis to facilitate rate benchmarking, there is no

mechanism for developing internal costing to arrive at tentative

cost for purchase of material to facilitate negotiations.

2. Vendor Performance Evaluation

Currently a form does exist for assessing vendor performance across

ten parameters which are rated on point scale of 1 to 10. This rating is

done by the purchase manager based on his experience and dealing

with individual suppliers and actual performance data is not used to

carry out the evaluation. Hence the basis of evaluation is entirely

subjective and not scientific. Further there is no defined periodicity of

the performance evaluation exercise and there no plans to conduct

audit of suppliers’ facilities from a performance evaluation

perspective.

Disagreed, The selection/evaluation ofvendors is according to their reputations,quality of product, pricings, delivery etc.Most of the purchased from the steel millsdirectly instead from traders. All steel millsare internationally certified of their qualityplan.

N.A N.A

34


3. Requisition and Purchase Order Management

While reviewing the Purchase Requisition (PR) to Purchase Order

(PO) cycle, following came to light:

1. The authorities for raising purchase request for goods and services

are not clearly defined in terms of named individuals responsible.

2. Currently the system allows raising of POs without valid Purchase

Requisitions. An analysis of PO listing and PR to PO report for

2008 revealed that 1263 POs were raised without PR. The value of

these PO was AED 179.49 million which is 29% of sum of all PO

raised amounting to AED 620 million.

3. The purchase department does not check to ensure as to whether it

is reasonable for the company to purchase the goods /services.

4. Currently, there was no activity done to assess the number of open

PO and there systematic closure.

5. The ORACLE ERP system does not generate a report showing

pending PRs.

1. Agreed.

2. Agreed

3. Disagreed, Purchasing departmentis always cross check insisting ofrequired good s with theoriginator of PR & approvalauthority. There are severalexamples present on the recordasking suchquestions/clarifications from theoriginator of PR.

4. Agreed

5. Agreed.

1. Management will define the limitauthority & person designated forpurpose.

2. In most of cases all Pos issuedagainst PRs except certainurgencies but in future all Poswill be issued against PRs,

3. N.A

4. Open POs will be reviewed everyquarter.

5. Report will be generated.

31 July 2009

31 July 2009

N.A

30 June 2009

30 June 2009

4. Invoice Processing, Payment and Creditors Analysis

35


While reviewing the invoice processing and creditors analysis,


1. Currently all payment request without PO or Invoice is to be

approved by the MD and the Finance Manager. In case, such a

payment request is made by the MD or Finance Manager, it is not

defined as to who will approve the same

2. No proposed payment listings are prepared for each payment run

showing payee and amounts to be paid. There are no provisions

for the authorisation of the same by s Senior Manager. Currently,

it is based on requests received from purchase department,

individual experience and suppliers' follow up call.

3. Currently there is no written policy for cheque access, storage and

usage. Functionally the emirates bank cheque book is in the

custody of the Sr. Accountant who processes payments. The

remaining cheque books pertaining to twelve banks are in the

custody of treasury department. In the absence of the Sr.

Accountant, the same are kept in the custody of Finance Manager.

There is no segregation between the person issuing cheques and

the person keeping cheque books.

4. No cheque log is maintained detailing cheque numbers issued, the

first and last cheque number used for each payment run and

cheque numbers of cancelled or returned cheques.

5. The supplier statements are not obtained on a regular basis from

selected top suppliers, as agreed by the Procurement Head and the

same are not reconciled to the Accounts payable ledger balances.

1. Agreed

2. Agreed

3. Agreed

4. Agreed

5. Agreed

1. Procedure will be defined,however all payments pertainto Finance Manager or MD ofthe company signed by theGroup’s authorized banksignatories.

2. Finance department will startthe same procedure with thehelp of purchase department.

3. Policy will be defined &documented.

4. Finance will maintain logbook.

5. Reconciliation is preparedwith supplier on monthlybasis.

1. Immediate

2. 30 June 2009

3. 31 August 2009

4. 30 June 2009

5. Immediate.

36


6. No report is produced on a periodic basis to show all POs raised

using One Time Vendor accounts and sent to the relevant

managers for review. Further there is no process in place to review

the PO's raised on the one time vendor account to ensure that all

purchases are valid and any vendors that have been used more

than an agreed amount are entered onto the Vendor Master File.

7. Currently the ORACLE ERP system cannot generate a creditors

aging report.

6. Agreed

7. Agreed but now available

6. Report will be developed inERP(Oracle). As alreadymentioned all open Pos willbe reviewed quarterly.

7. Creditors aging is available inERP(Oracle) and need tocheck accuracy.

6. 31 August 2009

Immediate

5. Weakness in Vendor Management

A review of the vendor management process revealed that:

1. There is no documentary evidence available to substantiate howsuppliers were financially or technically evaluated and approvedprior to being added to the approved supplier list and used. Thereis no proof of any financial bid evaluation conducted.

2. There is no formal vendor code creation form used by thecompany. Hence, no documented approval process exists.

3. Approval procedure pertaining to the set up of new vendors in thesystem is not present.

4. Duplicate vendor codes are present in the vendor master whichposes the risk of duplicate/ unauthorized payments.

1. Disagreed, Almost all vendors’related to regular materialpurchased and most of areinternational reputed steel mills.

2. Agreed.

3. Agreed.

4. Agreed.

1. N.A

2. Procedure will be defined.

3. Procedure will be defined.

4. This is system error. We willrectify in future.

N.A

31 August 2009

31 August 2009

31 August 2009

37


5. 2 invalid entries exist in the vendor master.

6. Vendor evaluation is not performed

5. Agreed.

6. Disagreed, company follow ISOfor vendor evaluation

5. It will be rectified.

6. N.A

Immediate

N.A

6. Weaknesses in the Ordering Process

A sample of 14 invoices were selected during the period Jan-08 toDec08 and reviewed as per the ordering process present in thecompany. During the review it was observed that:

1. No quotations were invited in 1 case. (PO No.: 4171, Amount:175,740.60). A previously approved price list was used to place theorder.

2. Only 1 quotation was obtained in 4 cases.

3. In 2 cases, PO was not approved as per the authority matrix whichwas in effect from 3-Nov-08.

4. In 2 cases, duplicate POs were created. Old PO was created andapproval of Purchase Manager was obtained. But later, the PO detailswere changed and a new PO with the same PO number was created.Old PO was not stamped as 'Cancelled'. Approvals as per the authoritymatrix were obtained on the new POs.

1. Agreed but this is repeated orderfor standard stock paints fromapproved supplier

2. Agreed because only singlesupplier/source is available forthese items

3. Agreed, this was a transitionperiod from previous approvalhierarchy of Pos and newhierarchy of Pos otherwise systemcan not allow issuing PO withoutapproval of all authorities definedin the approval hierarchy.

4. Disagreed, these are only revisionfor original PO’s. We cannotcancel original PO. In case wecancel the original PO number fornew PO will be new.

1. Clarified.

2. Clarified.

3. Clarified.

4. N.A

N.A

N.A

Immediate

N.A

38


7. Control Gaps in Vendor Creation Process

During our review of vendor creation process, it was observed that:

1. Defined policies and procedures for the creation of vendors in thesystem do not exist. Currently, when a new supplier is selected forpurchase, purchase manager approves the quotation/ companyprofile of the vendor and the same is used to enter the new vendorin the system by the procurement personnel.

2. Many users in the company have access to create vendors in thesystem. A list of the users is provided below.

GTS Oracle Consultants - 4 users: These users are no longer withthe company. Their accounts remain in the system, but have beendeactivated.

Purchase Order Approver - 4 users: These users were initiallygiven this access before a specific MBS Purchase ApproversResponsibility had been set up in the system.

Purchase Requestor - 6 users: These users were initially given thisaccess before a specific MBS Purchase Requestor Responsibilityhad been set up in the system.

Purchase User - 4 users: These users belong to the PurchaseDepartment

Technical Support Team - 9 users: This access enables the ITteam to handle support queries and publish reports

Our discussion with IT personnel revealed that the responsibilitymatrix in place was designed, reviewed and agreed upon by the

1. Disagreed, New vendor is onlycreated whenever a new item orproduct is required otherwise weare already having our vendors forthe supply of standard materialwith specified specifications.Therefore creation of new vendorat the time of business is anecessity & Auditor’s point isinvalid.

2. Agreed

N.A

We will review this and take necessarysteps.

N.A

31 August 2009

39


business with the help and guidance of the Oracle implementationpartners (GTS) prior to the system going live and these business userswere set up within the system at that time. As of now, the ITDepartment has provided access to the users based on the requests andapprovals from the concerned Department Manager. Now, it is realizedthat a more formal procedure is required to control system accessrequests. This requirement has been addressed by the plannedimplementation of a change request procedure. The entire process forcreating/ changing users in the system has been defined, includingrequests, review and approval.

8. Purchase of Chemical from Group Company

During our discussion with Finance personnel, it was revealed that achemical was purchased from Mammut Iran (A Mammut GroupCompany) in Aug-08. Details of the purchase are as follows:

Date of Purchase Order: 21-Aug-08Chemical Purchased: BAYMER TRIAL PRODUCT - POLYOL27HB03Total Quantity: 150,000 KgsRate (per Kg): EURO 1.83 (AED 10.49)Total Amount (EURO): 274,500 (AED 1,573,549)

1. Early expiry of chemical:It was learnt that, usually the chemical expires after about oneyear of purchase. However, as on 31st December 2008, somechemical purchased from Mammut Iran was about to expire in themonths of Jan-09 and Feb-09. Refer to the table below for details:

ItemExpiryDate

Quantity(Kgs)

Supplier

POLYOL B3 Jan-09 31,000 Mammut Iran

POLYOL B3 Feb-09 32,000 Mammut Iran

Rest of the chemical was consumed during this period.

Although chemicals can be expired inJan/Feb 2009 purchased in year 2008 but itcan be used after expiry as per lab testreport. In addition, manufacturing dates isultra conservative to avoid any liability.

Clarified. N.A

40


The material was sent to the laboratory for testing, to find out if it canbe used even after the expiry date. The test results were positive andstated that even after expiry, the chemical can be used.

2. Purchase at market price:Even though the material purchased was expiring soon, it waspurchased at the market price rather than a discounted price. Referto the table below for comparison of rates with earlier purchasesmade for the same chemical :

Date SupplierPrice

(Per Kg)AED

26-Jan-08 Bayer Polymer 9.95

25-Mar-08 Bayer Polymer 9.95

25-Jun-08 Bayer Polymer 9.95

9. Hiring of Consultants Without the Approval of the Board

2 consultants, namely, Mr. Andre Collignon and Mr. Norbert Holtzem,had been appointed as external consultants to MBS for a period of 24months, starting from 1st October, 2008. As per the agreement dated30th September, 2008, both the consultants are paid a monthly sum ofEURO 15,100 and all operational expenses are reimbursed againstreceipts.

However, it is to be noted that, no approval from the Board or EII hasbeen obtained on this matter.

Also, the agreement between MBS and consultants does not specifythe objective of the assignment, scope of work and specificdeliverables to MBS.

The scope of work, deliverables and timingplan have been developed and issued toEXCOM.

The project was awarded by Mr.Bahzad. However EII team was ableto convince them to circulate theproposal, objectives, timelines forapproval

N.A

41

2.7 Inventory Management

Internal Audit Observations Management Response Management Action PlanTimelines

1. Material Receiving, Storage and House-keeping

While reviewing the material receiving, storage and house keeping

function, following was noted:

1. Currently, the Company does not have centralised stores. Raw

Materials are stored in an open yard, bought out items are

stored in an area in the plant and stores and spares are stored

at third location.

2. There is no tracking of unloading time from port-to-factory

and factory-to-port.

1. Disagreed, Due to different typeof operations which carries outin Mammut Building SystemFZC plant, various products,plant size and differentequipments which are requirefor handling of raw materials;decentralizing of stores wouldbe the best possible option, atthe same time there is acentralize control from materialcontroller supervisor ( Mr. JoseDias ) whom sits in PPDdepartment, basically all theinformation’s from differentstores flow in PPD and compileby Senior material controller indifferent type of format, socontrol is centralize.

2. Disagreed, As per discussionheld in our conference room anddocuments presented to youthere is a tracking report for allthe trucks and containers whichare entering and leaving MBSfactory at any given time, at thesame time when there is acongestion and unusuallyshipments from port all the team

1. N.A

2. N.A

N.A

N.A

42


3. There is no dedicated store in place with a layout plan and the

same being mapped in the ORACLE ERP system.

4. There are no defined stacking norms in terms of types of

stacks, number of pieces / boxes / items kept in a stack,

stacking hight etc. for various types of material.

members up to manager levelgets involve to ease up theoperation. In terms of offloading priority it goes withFIFO and type of materials, ifwe receive a container shipmentthere is a receiving date oncontainers and containers aregetting off loaded base of FIFO

3. Partially agreed

4. Partially agreed, As far as steelconcern number of pieces ineach bundle and bundling isdifferent from supplier tosupplier and practically it is notpossible to re bundling them, forbuy out items packing is subjectto supplier and shipment typewhich is different and thatdepends on suppliers and it hasto be forced by purchasing tosupplier, for sacking we fallowindustry practice which is varyfor each type of materials andmainly depends on volume ofmaterials which we receive inMBS plant, as we haveexplained to you all the prepainted Aluzinc materials can goup to 3 coils vertically on top of

3. There is a dedicated store inplace where as the lay outplan will be established andsame will be mapped withORACLE

4. N.A

30 September 2009

30 September 2009

43


5. The hygiene norms in terms of cleaning schedule, hygiene

standards to be maintained in the stores etc. for the stores are

not defined.

6. Although ORACLE ERP has been implemented, but the same

is not supported by a perpetual inventory system and

continuous stocking system, which is absolute essential in an

ERP environment.

each other, and for still hotrolled sections industry practiceis 3.5 meter which we arefallowing it.

5. Disagreed, _Cleaning ofinventory is carrying everyalternative week and procedurefor 5s inspection start on 2endMarch and we hold it everyMonday on entire plant, the restof procedure is under review tobe establish as standard policy,and it has shown to you on a daywhich we had a meeting, there isan enormous improvement in allthe area in terms of cleaning andarranging written procedure willbe establish in six months.

6. Agreed.

5. N.A

6. Objective of continuessystem will be achieved afterimplementation of SCIAsoftware.

N.A

30 September 2009

7. Control Gaps in Material Rejection

It was noted that, there are no guidelines to facilitate re-inspection

of rejected material to recover good material before it may be

returned to suppliers.

Agreed. Guidelines to facilitate re inspection ofrejected material to recover goodmaterial will be established with coordination of Purchasing, material andEngineering Dept.

.

31 August 2009

44


8. Physical Verification of Inventory

Although physical verification is done as a part of statutory audit

process every six months, currently the company does not have a

well defined physical verification procedure pertaining to

inventory on an ongoing basis. Further, there are no guidelines

available on record for the preparation of stock verification report,

their verification and final authorization and approval for effecting

adjustments.

Agreed Written procedures and guidelines willbe defined & established.

15 August 2009

9. Inventory Management and Optimization

While evaluating the inventory management and optimization,


1. Currently classification of inventory is not done. 1. Disagreed, Inventoryclassification in terms of type ofmaterials route to productionand consumption is defined, forexample HRCs, HR Plate, FlatBar, Galvanize materials, andPre painted materials.. etc, andsegmentation it has been set inthe system and reports areavailable for review, at the sametime physically materials havebeen separated base on the routeof production too, as anexamples materials are gettingutilized in main frame shop arestore in open material yard whileas materials for cold form are inlean to area.

1. N.A N.A

45


2. Inventory levels in terms of maximum level, minimum level

and re-order level have not been defined.

3. Currently the ORACLE ERP system does not generate an

inventory ageing report and in turn, non-moving and slow

moving items cannot be identified and valued.

2. Agreed.

3. Agreed but available from Jan-2009

2. We will implement in ERP

3. N.A

31 August 2009

N.A

10. Control Gaps in Material Consumption Booking

During our review of the material consumption booking, it was

revealed that since the manufacturing module of Oracle is not

implemented as of now, all raw material consumption booking is

done manually at the end of the month. At the end of each month,

production manager creates a 'Production Report' manually in an

excel sheet and sends it to Accounts Department. This report

contains the raw material items and quantities consumed during

the month. This report is used as a basis to book the consumption

in the system by the Accounts Department. The rates of raw

materials are obtained from the Oracle System itself.

Agreed This will be available once SCIA willbe implemented.

30 September 2009

11. Absence of Provisioning Policy for Inventory

Currently, the company does not have in place any provisioning

policy for inventory. An age-wise analysis of inventory currently

on hand is not carried out to ascertain the quantity of inventory

under different age brackets and compare the age on inventory

with the shelf-life. This results into non-tracking of obsolete and

un-usable inventory items.

Discussion with Finance Personnel revealed that, most of the raw

materials used by the company have very long shelf lives. Even, if

the steel is rusted, it can be used after re-blasting.

Agreed Inventory policy will be formalized 15 August 2009

46

2.8 Shipping


1. Control Gaps in Transporter Evaluation and Selection

Following was revealed during the review of Approved Transporters

List:

1. A procedure for appointment of transporter clearly defining the

parameters for attributes like rate, efficiency, timeliness etc. was

not available on record.

2. Transporter evaluation and justification for appointment is not

documented. Thus, appointment of the best transporter available

cannot be guaranteed.

3. There is an over dependence on a single transporter. Majority of

the dispatches are done through a sister concern namely Trans1.

Management has decided to give first preference to the sister

concern for all the domestic dispatches irrespective of the rates

charged. If, the sister concern is not able to fulfill the dispatch

requirements, alternative transporters are arranged for those

dispatches.

Agreed Complete document will beavailable cover all aspects ofrecommendations.

31 July 2009

2. Absence of Transporters Performance Evaluation

Discussion with the Shipping Manager revealed the following:

1. Absence of a well documented procedure defining the parameters

for the performance evaluation of the transporters.

2. An objective assessment of the performance of the approved

transporters is not carried out.

Agreed Procedure to be defined forperformance.

31 August 2009

3. Absence of Long-term Agreements with the Transporters

During a review of the selected transporters of the company, it was

revealed that formal agreements between the company and the

transporter, stating the terms and conditions of both the parties are not

present. Authorized signatory approves the quotation / rate list sent by

the transporter and this document is considered as a contract.

Agreed Formal agreement to be prepared. 31 July 2009

47


4. Control Gaps in Dispatch Monitoring

1. During a review of fifteen dispatches made during the period 1-

Nov-08 to 15-Nov-08, following was revealed:

1.1 Loading report is not signed by the material checker during

loading in all the cases. Loading report only contains the part

numbers and their respective quantities.

1.2 Proof of delivery was not obtained from the customer in six

cases.

Date Job No. DescriptionWeight(MT)

DN No.

01.11.2008 AE1-2020 PEB Materials 13.053 34955

02.11.2008 AE3-2129 Sheeting Materials 2.435 35004

08.11.2008 AE1-1795 PEB Materials 13.676 35167

09.11.2008 AE1-1526 PEB Materials 10.148 35204

12.11.2008 AE1-1526 Touch-up paint 0.028 35287

14.11.2008 AE1-2121 Sheeting Materials 6.318 35341

2. Destination-wise transit periods are not defined and formally

approved by both the parties in form of a contract.

1. Agreed

2. Agreed

1. Already implemented.Loading Foremen andSupervisors are signing theloading docs beforepreparing the packing list

2. Will be defined.

Immediate

31 July 2009

5. Lack of Control Over Demurrage Charges

During a review of financial accounts for the period Jan-08 to Nov-08

pertaining to demurrage charges, it was revealed that:

1. A mechanism to monitor and control demurrage charges does not

exist. Demurrage Charges for incoming materials have been

accounted for under two different heads of accounts namely,

Landed Cost Clearing Account – Freight and Freight Purchase.

2. Freight Charges which could be clearly identified as demurrage

charges according to descriptions of transactions amounted to

AED 121,498.This could be much more.

1. Agreed

2. Agreed

1. Mechanism will beestablished for demurragemonitoring.

2. Procedure needs to bedefined with the purchasedepartment to incorporatethe rate contract withtransporters

30 September 2009

30 September 2009

48

2.9 Accounts and Finance


1. Control gaps in Account Master Management

While reviewing the master data management pertaining to

Accounts, following was revealed:

1. Although there are named individuals responsible for creation,

deletion and modification of the chart of accounts, but there is

no documented policy for the same.

2. There is no standardized process of amending and updating

accounts, nor there is a process of identification in-active or

dormant accounts.

3. Currently all non-standard journal entries such as the adjusting

entries are entered by Finance Head himself and there is no

authority delegated to any of the staff to do so. Further, there are

no supporting documents for most of the reversal entries.

4. There is no delegation of authority defined for the approval of

payments limits. Generally all payments are approved by the

Accounts Manager except for some material payments.

1. Agreed

2. Agreed

3. Disagreed, all entries enteredby respective staff and notFinance Manager , howeverfor control purpose all entriesposted by Finance Manager.However supportingdocuments wherever missingwill be attached.

4. Disagreed, all approval forpayments done by Chiefaccountant and forward toFinance Manager for approvalwith chque/TT signatureFinance Manager singedcheques/TTs with MD of thecompany upto the limitsapproved by BOD.Cheques/TT more then thelimit forward to Group andEII for authorization.

1. Policy will bedocumented.

2. Procedure will bedefined.

3. N.A

4. N.A

Aug 31, 2009

Aug 31, 2009

N.A

N.A

49


2. Periodic Bank Reconciliation Statements Not Prepared

Currently, the company does not prepare bank reconciliations at all.

It was given to understand that by preparing a list of all post dated

and current dated checks and reconciling them with the bank

statements immediately after they have been cashed from the bank

the purpose is served. Further, the company updates its accounts

based on the bank statements.

When reviewing account # 133301-Cash Clearing Account, it was

noted that the System facilitates the option of recording Post Dated

Cheques, Current Dated Letter of Credit and Letter of Credit

payments separately , but all of them were recorded as Current

Dated Cheques which has resulted in a balance of AED 114,661,279

pending in Current Dated Cheques account.

Agreed., the main reason to useCDC account instead to haveBank account in GL that weissued future dated cheques inbulk instead to make CDC. AllPDCs incorporated into PDCaccount in GL instead to creditinto bank account in GL. Everymonth only cleared PDCsincorporated into bank bookwhich eventually match withBank statement. The rest of theitems reconciled and part ofbank reconciliation statementwhich is available fromDecember 2008.

Implemented Implemented

3. High Finance Costs

During our analysis of the financial statements for 2005, 2006 and

2007, it was revealed that profit margin has declined to 4% in 2006

from 8% in 2005. On further analysis of financial information and

discussions with finance personnel, it was observed that it was

mainly due to increase in finance costs in 2006. Interest on terms

loans increased from AED 1,832,195 in 2005 to AED 6,135,359 in

2006 which is more than a 230% increase from the previous year.

Interest on trust receipt loans and overdrafts increased from AED

823,597 in 2005 to AED 2,099,367 in 2006. Also, current portion of

bank overdrafts increased to AED 13,394,599 in 2006 from AED

136,233 in 2005

Agreed, Due to huge liabilitypayable to the bank in 2006 butafter EII taken over most of thebank’s liabilities paid from theconsideration received. Inaddition EIBOR rate was higherin the year 2006 if we compareyear 2008.

N.A N.A

50


Company obtained term loans in 2006 to meet its financing needs.

Details of the loans are given below:

1. A commercial loan of AED 15,325,761 repayable in 24 equal

installments of AED 765,324 each from Bank Melli Iran. This was

used to finance property purchases.


quarterly installments of AED 1,147,289 from Northstar. This was

used to finance machine purchase.


semi-yearly installments of AED 950,000 from Abu Dhabi

Commercial Bank. This was used to finance property purchases.

We understand that, this has resulted in increased financial cost in

2006, leading to a decline in profit margin for the year. Further, as of

now the properties purchased have been transferred to the group

company.

4. Exposure to Swap Transactions

During our analysis of the treasury function, it was observed that the

company entered into various interest rate swaps during the period

Apr-05 to Apr-08. Although the company has made a profit over all,

but the same is not the core activity of the company and amounts to

entering into transactions involving a lot of financial risk.

The reasons and methodologyalready discussed at EXCOMand Board level and approvedthe Exposure to SwapTransactions.

Approval has been sought fromboard

N.A

51

2.10. Capital Expenditure


1. Capital Budgeting – Policy and Procedures

Following was revealed pertaining to the Capital Budgeting activity

in the company:

1. There is no defined capital budgeting exercise done as a part of

Annual Budgeting Process. Further, there is no centralized

body that drives the capital expenditure decisions of the

company.

2. There is no documented process of allocating annual capital

budgets to various departments before the year starts.

3. There is no provision of periodic documented review of

budgeted vs. actual expenses and analysis of variances there

off..

4. There is no system of periodic review or monitoring of

execution of projects (only capital expenditures that require

1. Disagreed, Each HOD submits thebudget each year as par of annualbudgeting process. In addition, Budgetvs actual statement submits to EXCOMlevel for review. Since companypurchased only few assets except plantand machinery for expansion which isHOLD due to current economicconditions. MD is authorized to takedecision upto certain limits.

2. Disagreed, Capital budget submitted byeach department which is part ofannual budget and same approved andintimated to all HODs

3. Disagreed, Monthly MIS is availablefor review against budget and samediscussed in each and every EXCOM.

4. Agreed

N.A

N.A

N.A

In future all execution ofprojects will be doneperiodically.

N.A

N.A

N.A

31 July 2009

52


acquiring materials internally are not given internal Job

number, nor there is a system of periodic reporting of execution

of each project.

2. Capital Expenditure – Initiation and Approval

While reviewing a sample of sixteen capital expenditure decisions

amounting to AED 27,058,965 the following was revealed:

1. In two cases amounting to AED 99,824 no quotations were

obtained. In ten cases amounting to AED 25,923,775 only one

quotation was obtained.

2. The company does not have an approved vendors list for

capital purchases.

3. In fifteen cases amounting to AED 26,573,965 no

NPV/IRR/Payback period analysis was done. Further, there are

no guidelines available on record for performing the same.

1. Agreed

2. Disagreed since 95% capital purchasedrelated to plant and machinery and it isnot possible to prepare standard list ofvendors since it depends upon the specsand budget availability. The same hasbeen done during finalization ofpurchased plant and machinery forplant expansion where BOD approvalobtained after finalization of specs andvendors.

3. Agreed

1. In future allsupportingdocuments whereverpossible since sometime we need brandspecific product inwhich case threequotations are notpossible.

2. N.A

3. NPV/DCF/IRR willbe added in theCAPEX

1. Immediate.

N.A

July 31, 2009

53


4. As of now, there is no serial number control over CER.

Further, Capital Expenditure Requests (CER) were not found in

seven cases amounting to AED 6,305,243.

5. Purchase requests were not mentioned in three cases amounting

to AED 4,557,272 and purchase order was not found in one

case amounting to AED 77,437

6. In four cases amounting to AED 4,538,632 the purchase order

was not signed by the Finance Manager and General Manager.

7. In two cases amounting to AED 861,640, although the assets

were put to use but the same were not capitalized. In one case,

a purchased asset amounting to AED 3,797,760 was not

booked to the extent of part payment of AED 2,800,944 as

capital commitment and in another case although full payment

of AED 1,341,216 was made, but the asset was not recognized

in the books of accounts.

4. Agreed

5. Agreed

6. Agreed

7. Disagreed, company capitalizes assetsafter installation, internal satisfaction,performing all procedures i.e test andtrial etc. So just assets available in thefactory can not simply capitalizewithout following above steps.

4. CER will begenerated from ERPwith serial nos.

5. In future, all relevantdocuments will beattached.

6. Corrected, now noPO can submit fromthe ERP withoutapproving by FinanceManager & MD.

7. N.A

Aug 31, 2009

Immediate.

Immediate

N.A

3. Capital Expenditure – Fixed Asset Purchase andCapitalization

While reviewing the fixed asset purchases and capitalization the


1. In ten cases, the cost of the assets could not be tracked. 1. Agreed, These items are very old itemsand coming from old plant. The costsof these items are very minor. The costmight be considered as expenditure atthe time of purchase from old plant.

1. A proper costtracking system inplace

Immediate

54


2. Some Fixed assets that were purchased, but they were not

capitalized yet. (refer to annexure)

3. Some fixed assets that actually existed were not on the fixed

assets register.

4. Depreciation of all machines related to each category is

calculated on a lump sum basis for the whole category without

taking into account the relevant useful lives and usage of

various machines

5. Fixed assets insurance is prepared based on the net book value

of the fixed assets.

6. No information about the legal ownership of old fixed assets

obtained before 2007 are available on record.

2. Agreed,

3. Agreed

4. Disagreed, This is company policy oflast many years and it is notworthwhile to change the policy at thisstage where all machineries are veryold and overall value will not bematerial to consider for revision.

5. Disagreed, We are doing insurance onGross Value and not on net value.Policy is available for crossverification.

6. Agreed but it is difficult toidentify at this stage sincecompany maintained currentyear and last year record.

2. Now as a part ofCWIP since all meantfor plant expansionwhich is hold now asper directives fromthe BOD.

3. Physical verificationexercise will becarried out and willbe maintained FixedAssets Register.

4. N.A

5. N.A

6. In future, proper fileswill be maintained.

30 September 2009

30 September 2009

N.A

N.A

Immediate

55


4. Weak Control Over Fixed Assets Verification

We understand that, a physical verification of fixed assets is notcarried out by the company. Also, the assets do not have an 'AssetIdentification Code' due to which, they can not be easily identifiedand located. An exercise for bar-coding of fixed assets wasundertaken at a group level about one year back. However, theexercise was not completed and all the fixed assets were not bar-coded. According to a list of all bar-coded items generated from theIT System, a total of only 435 assets were coded. The list contains alimited number of Furniture items and computer hardware only.

Agreed,Fixed assets will be verified &code will be done.

30 September 2009

56

1.11. Human Resources and Payroll


1. No Annual HR Budget, Planning and Management

While reviewing the budgeting and planning aspect of HR function,


1. Currently, detailed planning and budgeting is not done in the

HR department. Although a projection of salaries and benefits /

allowances is done as a part of annual business plan for which

there are no assumptions available on record, the same is not

done in conjunction with the department as well. Further, it is

also not cascaded down to the department to facilitate the

formulation of a detailed budget and submission of the same

back to the management for deliberations, fine tuning and

approval.

2. Currently the company is following HR procedures set in the

year 2006. Although, the “Future Process Model” (dated July

07, 2008) for the HR Department is available and it was given

to understand that the same are approved at the group level, an

approved copy of the same was not available on record. Further,

the implementation of the same is still to be initiated by the

company.

1. We agreed with theobservation

Detailed manpower and cost to company reportsbased on current headcount and following yearprojections are prepared by HR in deliberations withvarious departments and provided to them for thepurpose of planning and budgeting. Assumptions onwhich the CTC is based are available with HR.A number of HR Policies and Procedures which areworking well have been incorporated in the BP 080as there is no need for changes. Where necessarychanges have been made in the Future ProcessModel.The Future Process Model (BP080) has already beenimplemented. The Oracle process is based on theBP080 which is running since 2008.HR Department objectives and KPIs are being set.HR Department budgets have already been preparedand submitted to Finance.Staffing requirement, forecasted expenditure and keylegislative requirements are all part of the budgetingprocess and have already been taken intoconsideration.KPIs for HR & Admin Manager, agreed by the GMare being finalized.HR Policies and procedures already exist. They arecontinuously updated on a need basis.The Policy Manual is available for DepartmentHeads. Employee Handbook is being prepared and isexpected to be ready for distribution to all employeesby September 2009

30 September 2009

2. Control Gaps in Recruitment Activity

57


While reviewing the recruitment aspect of HR function, following

was noted:

1. Alignment of the recruitment activity to the business plan can

not be ascertained as the same is not cascaded to the Head of the

HR Department.

2. A detailed updated organization chart highlighting all levels of

management down to the supervisory and workers level is not

available on record. Further, detailed job profiles / job

descriptions identifying key position requirements were not

developed for each designation.

3. Rejection letters are not issued to rejected candidates and no

track record of rejected employees is maintained.

4. A staffing plan neither is in place nor is the Staffing

requirements monitored, including anticipated organizational

change.

5. No documentary evidence was available on record for imparting

training in interview and selection techniques to line managers

involved in the recruitment process.

While reviewing the recruitment process of fifteen employees,


1. Manpower request form was not available for eleven

employees. Further, manpower request form was used by the

department head to inform the HR Department of recruitment of

three employees. Thus, the manpower recruitment form was not

used for its intended purpose.

1. Agreed

2. Available now.

3. Agreed

4. Agreed

5. Agreed

1. Disagreed, Allmanpower requestforms are available

1. HR Manager will prepare the annualrecruitment plan based on thebudgeted figures and initiate therecruitment process at the agreed time.

2. N.A

3. HR has started to prepare this letters.

4. HR Manager with General Managerwill start to prepare the plan.

5. HR Manager with general manger willdefine the guidelines.

N.A

30 September 2009

N.A

Immediate

30 September 2009

30 September 2009

N.A

58


2. Recruitment documents such as interview sheet were not

available for ten employees.

3. Educational certificates are not obtained for seven employees at

the time of recruitment and the same are still not available in

their personal files.

4. Documentation for background checks was not retained for all

fifteen employees.

5. Documentary evidence of employee orientation for nine

employees was not available on record.

6. Employee reporting form was not available on record for three

employees.

2. Agreed

3. Agreed

4. Agreed

5. Disagreed, Allemployee orientationforms are available

6. Disagreed, Allemployee reportingforms are available

In ture HR Manager will make sure thatrecruitments documents will be available for allemployees.

In future HR Manager will make sure thatEducational Certificates will be available for allemployees.

In future HR Manager will make sure thatdocuments for background check will beavailable for all employees.

N.A

Immediate

Immediate

Immediate

N.A

3. Control Gaps in Recruitment ActivityWhile reviewing the recruitment aspect of HR function, following was

noted:

1. Alignment of the recruitment activity to the business plan can

not be ascertained as the same is not cascaded to the Head of

the HR Department.

2. A detailed updated organization chart highlighting all levels

of management down to the supervisory and workers level is

not available on record. Further, detailed job profiles / job

descriptions identifying key position requirements were not

1. Agreed

2. Available now.

1. HR Manager will prepare the annualrecruitment plan based on thebudgeted figures and initiate therecruitment process at the agreed time.

2. N.A

30 September 2009

N.A

59


developed for each designation.

3. Rejection letters are not issued to rejected candidates and no

track record of rejected employees is maintained.

4. A staffing plan neither is in place nor is the Staffing

requirements monitored, including anticipated organizational

change.

5. No documentary evidence was available on record for

imparting training in interview and selection techniques to

line managers involved in the recruitment process.

While reviewing the recruitment process of fifteen employees, following

was revealed:

1. Manpower request form was not available for eleven

employees. Further, manpower request form was used by the

department head to inform the HR Department of recruitment

of three employees. Thus, the manpower recruitment form

was not used for its intended purpose.

2. Recruitment documents such as interview sheet were not

available for ten employees.

3. Educational certificates are not obtained for seven employees

at the time of recruitment and the same are still not available

in their personal files.

4. Documentation for background checks was not retained for

all fifteen employees.

5. Documentary evidence of employee orientation for nine

employees was not available on record.

3. Agreed

4. Agreed

5. Agreed

Disagreed, All manpowerrequest forms are available

Agreed

Agreed

Agreed

Disagreed All employeeorientation forms are available

3. HR has started to prepare this letters.

4. HR Manager with MD will start toprepare the plan.

5. HR Manager with MD will define theguidelines.

N.A

In future HR Manager will make sure thatrecruitments documents will be available for allemployees.

In future HR Manager will make sure thatEducational Certificates will be available for allemployees.

In future HR Manager will make sure thatdocuments for background check will beavailable for all employees.

Immediate

30 September 2009

30 September 2009

Immediate

Immediate

Immediate

60


6. Employee reporting form was not available on record for

three employees.

Disagreed, All employeereporting forms are available

N.A N.A

4 Control Gaps in Information Management Systems

Following gaps were observed in the information management

system of HR department:

1. Various parameters for measuring the capability and

effectiveness of various activities such as recruitment, training

and performance management are not in place.

2. Employee productivity measures have not been established. Due

to this, processes and systems to capture the data are not

available.

3. Delay in visa renewal processing is observed for one employee

during the review of visa renewal process for 16 employees.

Emp. # Employee NameVisa Expiry

DateApplication

DateGap

(Days)

13020VadakkedathVarghese

3-Oct-08 6-Oct-08 (3.00)

4. Delay in passport renewal process is observed for 3 employees

during the review of passport renewal process for 8 employees.

Emp. # Employee NamePPt Expiry

Date

PptWithdrawl

Date

Gap(Days)

13240Mohammad HaroonKhan

11-Nov-07 12-Nov-08 (367.00)

12435 Bilal Tariq Awan 24-Oct-08 26-Oct-08 (2.00)

12559Davis ChiriyanKandath Rappai

25-Sep-08 20-Oct-08 (25.00)

1. Agreed

2. Agreed

3. Disagreed, UAE law 30days grace period isavailable for renewal ofVISA. This is generalpractice in UAE.

4. Partly agreed

The process will be in place with Group HR.

The process will be in place with Group HR.

N.A

In future, HR/Admin will avoid such delay.

30 September 2009

30 September 2009

N.A

Immediate

61


6. Discipline Management

Implementation of disciplinary procedure of the company had the

following gaps:

1. No mechanism exists for employees to raise concerns about

their place of work and working relationships through a discrete

procedure either formally or informally.

2. No formal record exists for training provided to line managers

in application of disciplinary procedures.

3. No periodic audit of actions taken against the disciplinary

actions is conducted to ensure compliance with laid down

procedures.

1. Agreed

2. Agreed.

3. Agreed

1. HR will prepare the procedureand communicate to all.

2. The Disciplinary Procedures aredefined clearly in the BP 080.These are supported by a RuleBook specifying penalties to beapplied in various circumstancesand situations. These are availablewith all Managers and are beingstrictly implemented.

3. Monthly audits of Disciplinarypenalties to be carried out by HR.

15 august 2009

31 October 2009

30 September 2009

62

2.12 Information Technology


1. IT Policy, Disaster Recovery Plan and System Security

A review of the Information Technology framework revealed the

following:

1. Two documents viz. Disaster Recovery Plan and Disaster

Recovery Framework were available on record, but as of now,

both of them are at a draft stage and still to be finalised. This also

contains the back up plan.

2. Currently, there is no well defined, documented and approved plan

pertaining to assessment and monitoring the physical and logical

security of IT infrastructure in terms of periodic review of access

logs.

1. Agreed

2. Disagreed., Logical securityis inherent within theWindows and Linux serverenvironments. Logicalpasswords are defined atmultiple level, server ie.network 90 day passwordexpiry is in place for allusers. In addition to this allbusiness criticalapplications ie. ERP havethere ownapplication/database levelpasswords this is inherent inthe software application.

All servers are physically secureand kept in air conditioned ITserver room. The only peoplewho have access are the ITmanager and the IT Engineers.DR Plan will be updated toinclude details of Logical &Physical security

1. Restate rescue plan &framework will be presented &prepared to Board for approval

2. N.A

30 September 2009

N.A

63


2. ERP Implementation

While assessing the ERP implementation, following came to light:

1. The project was initiated in April 2007 and went live in January

2008 that is approximately nine months.

2. As the software was purchased at the group level, Mammut

Building Systems share of the cost was about AED 1.5 million

which is 42% of the total cost including the consultants’ fees.

3. It has been a year since the ORACLE ERP has gone live.

Following are some of the facts in this regard:

2.1 The June 2008 closing of the books of accounts for the

purpose of Statutory Audit has happened in Alpha (the old

legacy system) and not in ORACLE.

1. Agreed however note thatERP systems generally take anumber of years to mature. Amodular implementationapproach was taken for ERPimplementation at MBS. Thismeans that not all moduleswent live at the same time.Modules were phased in overa period of time due to datadependencies. It is notuncommon during the earlystages of a newimplementation for smallissues to exist.

2. Agreed. The half year Auditdid happen in Alpha, howeverwe are more than confidentthat the pertaining issues havebeen resolved and that OracleERP is functioning as requiredby the business.

3. Agreed but available fromJan-2009.

Agreed but available from Jan-2009.

N.A

N.A

N.A

N.A

64


2.2 Debtors ageing is done manually as the ORACLE is not

giving the desired report and is still under development. ERP

also does not support the generation of creditors ageing.

2.3 ORACLE ERP does not generate an inventory ageing report.

It was given to understand that the inventory coding is still to

be completed in the system.

2.4 There is no report generated by the system which can

facilitate the assessment of Purchase Requisition (PR) status

as to whether it is pending approval or approved but not

serviced, serviced but not closed and serviced and closed.

2.5 There is no pending PR and pending PR ageing report.

Further, there is no report showing the open POs and their

ageing.

2.6 Two PO listings were generated for analysis purposes,

namly, one from the purchase department ( 11270 listed

POs) and another from the IT department (10036 listed POs).

The PO listed in the report by purchase department were

Disagreed, Following reports areavailable :- Oracle standard Purchase

Requisition Status report- MBS PR to PO Status

reportMBS PR to DO tracking reportFollowing Open PO reports areavailable:- Standard Open PO

Report(by Buyer)- Standard Open PO

Report(by Cost Center)MBS PO Status Report

Partly agreed

Agreed

N.A

Pending PR report available, there isno standard PR ageing report, it willbe developed.

Reports needs to be revisited.

N.A

30 September 2009

30 June 2009

65


more than the PO listed in the report generated by IT

department by 1231.

2.7 The ERP system does not generate a Bank Reconciliation

Statement. In fact, MBS does not have the practice of

preparing Bank Reconciliation Statement at all.

2.8 The company has not opted for ORACLE Manufacturing.

Instead a new software SCIA has been bought at the cost of

AED 0.90 million for managing production and MRP.

Currently, the same is being integrated with ORACLE. Till

such time the whole MRP and production management is

performed manually. It was given to understand that the

decision to opt for SCIA instead of ORACLE Manufacturing

was taken by the top management, but there are no

documents available on record supporting the technical and

financial evaluation for supporting the decision.

2.9 Currently the material management department does not

utilise the MRV reports to manage material receipt.

2.10It was given to understand that before going live, parallel

runs with the legacy system were not performed to ensure

ERP stability.

Agreed

Agreed

Disagreed, Report is availableand has being utilized by PPD &Finance since module GO-Live.no additional reports have beenrequested

Agreed

Company will see the possibility togenerate bank reconciliationstatement from ERP since thisfacility may require additional costto the company.

Oracle Manufacturing has not beenfactored into the ERPimplementation as it was decidedthat SCIA would perform thisfunction better then Oracle.

N.A

This was a decision by the MD ofthe company.

N.A

66

Documents

Mammut Internal_Audit_Report May 31 2009