Introduction

Every great audit begins with clarity.

Before a Company Secretary in Practice (PCS) opens a single register or checks a compliance record, they must first know — what exactly are they being asked to do, who’s appointing them, and under what terms.

That’s where CSAS-1 (Auditing Standard on Audit Engagement) comes into play.

Issued by the Institute of Company Secretaries of India (ICSI), CSAS-1 is the first and most fundamental standard among the four Auditing Standards (CSAS-1 to CSAS-4).

It sets the rules of engagement — ensuring both the auditor and the company are on the same page before the audit even begins.

This standard became mandatory for all audits accepted on or after 1 April 2021, and it has since become the foundation of every professional audit conducted by practising Company Secretaries.

Why ICSI Introduced CSAS-1

Before 2019, there was no uniform structure for how PCS should accept or conduct audits. Some professionals began audits based on verbal communication or email, while others maintained proper letters.

This inconsistency often led to confusion, disputes, and ethical risks.

To bring consistency, independence, and professionalism into audits conducted by PCS, ICSI introduced the Auditing Standards Board (ASB[1]) and released four core standards:

Standard	Focus
CSAS-1	Audit Engagement – defining terms and responsibilities
CSAS-2	Audit Process and Documentation – how the audit should be carried out
CSAS-3	Forming of Opinion – how to form and report an audit opinion
CSAS-4	Secretarial Audit – specific to Section 204 of the Companies Act, 2013

Among these, CSAS-1 is the starting point — it ensures that every audit engagement begins with clear written understanding between the auditor and the company.

In simple words, CSAS-1 = clarity before commencement.

Objective and Applicability

The main objective of CSAS-1 is to prescribe principles and procedures for accepting or continuing an audit engagement.

It ensures that before an audit begins:

1. The terms of appointment are well understood.
2. The scope of work is clearly defined.
3. Both parties (auditor and management) know their roles and limitations.

The standard applies to:

1. All statutory audits conducted by PCS (like Secretarial Audit under Section 204).
2. Other audits under various laws and regulations.
3. Voluntary audits (optional engagements), where the company appoints a PCS to perform compliance checks.

 Effective Date:

Mandatory for all audit engagements accepted on or after 1 April 2021 (recommendatory from 1 July 2019).

Key Definitions (Simplified)

To understand CSAS-1 better, let’s simplify a few important terms:

1. Auditor: A Company Secretary in Practice (PCS) under Section 2(2) of the Company Secretaries Act, 1980.
2. Auditee: The company or organization whose records and compliance are being audited.
3. Appointing Authority: The person or body authorized to appoint the auditor (for example, the Board or members).
4. Audit Engagement: The written understanding between the auditor and the appointing authority regarding the audit’s terms, scope, and responsibilities.
5. Predecessor Auditor: The previous PCS who carried out the same audit before the current one.
6. Management: Persons responsible for governance and compliance of the auditee.

Core Principles of Audit Engagement

CSAS-1 is based on the same ethical pillars that guide all professionals — Integrity, Objectivity, Independence, and Confidentiality.

1.  Integrity – The PCS must act honestly and transparently, free from bias or favouritism.
2.  Objectivity – Every decision must be based on facts, not on relationships or opinions.
3.  Independence – The auditor must be free from any interest that could influence their judgment.
4.  Confidentiality – Any information obtained during the audit must be kept confidential.

Together, these principles ensure that the audit engagement begins with trust and professionalism.

Step-by-Step Audit Engagement Process

Here’s how a PCS should follow CSAS-1 — step by step.

Step 1: Appointment of Auditor

The company or appointing authority should formally appoint the PCS through a resolution or engagement letter.

Step 2: Eligibility and Independence Check

The PCS must issue an eligibility certificate, confirming that they are qualified, independent, and not disqualified under any law.

Step 3: Acceptance through Audit Engagement Letter

The auditor and the appointing authority must agree on terms through a written Audit Engagement Letter — this is the most crucial step.

Step 4: Communication with Predecessor Auditor

If there was a previous auditor, the new PCS must communicate in writing before accepting the assignment (subject to confidentiality rules).

Step 5: Conflict of Interest Verification

The PCS must ensure no substantial conflict of interest exists. If any exists, it must be disclosed or the audit should be declined.

Step 6: Confirming Audit Limits

PCS must ensure they are not exceeding the maximum number of audits permitted under applicable regulations.

Step 7: Confidentiality & Documentation

The PCS must maintain confidentiality of all information obtained and preserve engagement records for future reference.

Audit Engagement Letter – What It Must Contain

The Audit Engagement Letter is the backbone of CSAS-1.

It defines everything — from scope to fees. Every PCS should draft it carefully and have it signed before starting the audit.

It should include:

1. Objective and scope of the audit.
2. Responsibilities of the auditor and management.
3. Applicable laws and reporting requirements.
4. Audit fees and reimbursement of expenses.
5. Timeline for audit completion and report submission.
6. Written representations required from management.
7. Confidentiality clause and limitation of liability (if any).
8. Details of the predecessor auditor, if applicable.

This letter acts as both a contract and a shield for the PCS — clearly setting expectations and responsibilities.

Conflict of Interest and Confidentiality

Under CSAS-1, an auditor must be independent in both appearance and mind.

A substantial conflict arises if:

1. The auditor or their relatives hold more than 2% shares or ₹50,000 worth of shares in the auditee.
2. The auditor is indebted to the auditee for more than ₹5,00,000.
3. The auditor was an employee of the auditee or its group companies within the last two years.

If any such conflict exists, the auditor must decline the audit.
If a minor or non-substantial conflict exists, it must be disclosed in writing to the appointing authority.

On confidentiality — all information obtained during the course of audit must remain protected.
Even after completion, the PCS is bound to maintain secrecy unless disclosure is required by law.

The PCS must also ensure assistants or staff working under them follow the same confidentiality discipline.

Change in Terms of Engagement

Sometimes, the appointing authority may request a change in scope or fees during the audit.

For example, the client may want to include additional compliance checks or shorten the timeline.

Under CSAS-1, such changes are allowed only if:

• They are mutually agreed upon; and
• A revised or supplementary engagement letter is signed and documented.

No verbal understanding or casual email counts — it must be in writing.

Practical Checklist for PCS

A simple 7-step CSAS-1 compliance checklist:

Step	Action
1	Verify eligibility and independence before accepting the assignment
2	Obtain appointment resolution or formal engagement letter
3	Communicate with predecessor auditor (if applicable)
4	Draft and sign Audit Engagement Letter
5	Disclose any conflict of interest
6	Maintain confidentiality arrangements
7	Keep records of appointment, letter, and related documents

Real-Life Example – How CSAS-1 Prevents Disputes

Suppose ABC Ltd. appoints M/s XYZ & Co., PCS, for Secretarial Audit.
The engagement letter states that the audit covers compliance under Section 204 only.

Halfway through, the management asks the PCS to also review labour law compliance — without changing fees.

Since the scope was clearly defined in the original engagement letter, the PCS can politely decline or accept it through a new engagement.

That’s how CSAS-1 protects auditors from scope creep and misunderstandings.

Common Mistakes to Avoid

• Starting audit work without a signed engagement letter.
• Ignoring communication with previous auditor.
• Not verifying independence or conflict of interest.
• Agreeing to oral changes in scope or fees.
• Failing to retain engagement records.

These small mistakes can lead to big professional consequences. CSAS-1 helps avoid all of them.

LawgicalSearch Insight – Why CSAS-1 Matters

CSAS-1 may look procedural, but it’s actually the most powerful safeguard for both PCS and client.

It ensures:

• Clarity of scope and responsibility.
• Independence of the auditor.
• Professional transparency and trust.
• Legal and ethical protection for the PCS.

In short, CSAS-1 converts professional uncertainty into professional clarity.

At LawgicalSearch, we call it “the audit handshake” — the point where trust begins, expectations align, and professionalism shines.

FAQs on CSAS-1

Q1. What is the main purpose of CSAS-1?
To define clear written terms of audit engagement between PCS and the appointing authority before starting the audit.

Q2. Is CSAS-1 mandatory for all audits?
Yes, it is mandatory for all audit engagements accepted on or after 1 April 2021.

Q3. Does it apply to voluntary audits?
Yes, voluntary audits can also follow CSAS-1, though it’s recommendatory.

Q4. What must be included in an Audit Engagement Letter?
Scope, objective, fees, responsibilities, reporting period, and management representations.

Q5. Can audit terms be changed mid-way?
Yes, but only through a written revised engagement letter.

Q6. What happens if conflict of interest exists?
If substantial, the PCS must decline the audit; if minor, disclose it in writing.

Q7. Why is confidentiality so important?
It maintains trust and ensures professional integrity. The duty continues even after the audit is completed.

Conclusion

CSAS-1 is more than a procedural standard — it’s the foundation of professional auditing discipline.
It ensures every PCS begins an audit ethically, transparently, and with documented clarity.

In simple words:

A strong engagement builds a strong audit.

If it’s not written, it’s not valid — and that’s the golden rule of CSAS-1.

Official References and Sources

1. https://taxguru.in/company-law/auditing-standard-audit-engagement-csas-1.html

---

[1] https://www.icsi.edu/auditing-standard/

Written by Mahboob Gaddi and Farman Ahmad | Founders, Lawgical Search