Professional Documents
Culture Documents
Pemeriksaan Internal Audit PDF
Pemeriksaan Internal Audit PDF
1. Addressee.
The communication should be addressed to the manager directly responsible for the unit being audited.
2. Objectives and scope of the planned audit.
The auditee should be clearly advised of the purpose of the planned internal audit and the areas it will cover.
3. Expected start date and planned duration of the audit.
4. Persons responsible for performing the review.
5. Advance preparation needs.
6. Engagement letter copies.
Internal Audit Field Survey
1. Organization.
The auditor should confirm that organization charts, whether online or on paper, are correct and include the
names of key personnel.
2. Manuals and directives.
Copies of applicable policy and procedure manuals, extracting data of interest for the audit workpapers.
3. Reports.
Relevant management reports and minutes of meetings covering areas appropriate to the audit – budgeting,
operations, cost studies, and personnel matters, and the results of any inspections or management reviews as
well as actions taken – should be analyzed.
4. Personal observations.
A tour or walk – through of the activity familiarizes internal auditor with the entity, its basic operation,
personnel, and space utilization.
5. Discussion with key personnel.
Discussion with key personnel in the area being audited help to determine known problems, the current results
of the unit’s operations, and any planned changes or reorganization.
The Audit Activity Structure and Strategy
Internal audit activities are divided into two or three segments.
Administrative
- Chief Audit Executive
- Audit assistant executive
- Personnel Director
- Support
- Policy and procedurs
- Information System Specialists
- Acturial specialist
- Report processing (editing, illustrations, audiovisual)
- Special staff coordinator (outsourcing and cosourcing)
- Tax specialists
- Service Staff
- Financial (budgeting, accounting, asset control)
- Payroll
- Travel
- Library (periodicals, books, information systems)
Operational Segment of the Audit Organization
Type of Audit Organization
Financial Organization X
Performance Organization Y
Compliance Organization Z
Function Geographically
Purchasing New York
Production Indonesia
Marketing Singapura
Legal
Product
Product A
Product B
Product C
Types of Auditing
Process Auditing
Many internal audit activities are auditing products, organizations, financial accounts, or geographical locations
of activity.
A structure where internal audit findings are bought to senior management’s attention.
There is a continuity of internal audit supervision. Advice and consultation relative to problems in the process.
The decentralization and downsizing produces audit reports issued promptly after the completion of field work.
Types of Auditing
A means of implementing less material findings relative to supporting activities at a lower level of support
management.
A cohesion between the internal audit staff and the process personnel developing into a unity of objective, the
well – being and productivity of the process.
The online audit operations would be ongoing and would audit continuously.
The artificial intelligence could also point to where the weak point in the controls existed and could even suggest
a probable malefactor.
Value Added Concept
Guidance resulting of several internal audit activities :
1. Become a catalyst for change.
2. Make auditing more collaborative.
3. Use self-assessment to buy in.
4. Bring business staff into auditing.
5. Concentrate business risk.
6. Aim to increase profits.
7. Attack problem areas, such as health-care costs.
8. Share technology with business units.
9. Align with customers.
10. Issue audit advisories company wide.
11. Conduct preventive auditing.
12. Reduce external auditor costs.
13. Place auditors in special assignments.
14. Get the audit report out fast.
15. Go back to basics.
Developing Audit Manuals
Audit manuals instruct staff auditors how audit operations should be carried out, provide for stability,
continuity, standards of acceptable performance, and the means of coordinating the efforts of people or units
within the auditing organization.
Provide some assurance that the auditing activity’s final product meets the executive ‘s standards.
The audit manuals are a mirror of the philosophy of the individual audit activity and its executive.
Grouping in Internal Audit Function
MiscellenousFunction
To provide answers to the complete
spectrum of day to day problems that
arise in the audit activity.
Technical Functions
The technical audit manual will guide the performance of an internal audit.
Preliminary reviews. Preliminary
Objectives of the Theory of the Scope of the
Provide guides on the discussions.
audit audit. audit.
matters to be Identify the levels of
Establish the audit Describe audit
considered in the initial management where
Establish the approach scope.
phase of audit : the preliminary
scope of the audit
review of prior discussions should
project so that an
working papers, the be held, the nature
audit program
research of internal of the assistance the
can be written.
auditing literature on auditors may offer to
the activity to be management, and
reviewed, and the the explanations
examination of they should make of
organization charts, the audit
correspondence, and objectives,
relevant organization approaches, and
reports and directives. programs.
Technical Functions
2. Internal auditors should be skilled in dealing with people and in communicating effectively.
3. The chief audit executive should establish suitable criteria of education and experience for filling internal
auditing positions, giving due consideration to scope of work and level of responsibility.
4. The internal auditing should establish suitable collectively possess the knowledge and skills essential to the
practice of the profession within the organization.
Audit Assignments
Factors should be considered in audit management :
Engagement Letter
To informs the auditee of when the
Addressee. Objectives & Scope of the
The communication should be
internal audit is scheduled, who planned audit.
addressed to the manager will be performing the review, and The auditee should be clearly
directly responsible for the why the audit has been planned advised of the purpose of the
unit being audited. (regularly scheduled audit, planned internal audit and
management or auditor committee the areas it will cover.
request, etc
Engagement letter copies.
Expected start date and Copies of the engagement
planned duration of the letter should be directed to
audit. appropriate persons in the
Understanding of the timing enterprise with a need to
of the audit. know.
3 4 Personal Observations.
Reports. A tour or walk – through of the activity
Relevant management reports and minutes of familiarizes internal auditors with the entity, its
meetings covering areas appropriate to the audit basic operations, personnel, and space
– budgeting, operations, cost studies, & utilization.
personnel matters & the results of any
5
inspection or management reviews should be
analyzed. Discussion with key personnel.
To help determine known problems, the
current results of the unit’s operations, and any
planned changes or reorganizations .
Developing and Preparing Audit Programs
New Evidence
Other Changes in
conditions
Reporting Preliminary Audit Findings to Management
Discuss to
The unit
supervisors directly Unit Management
responsible
Internal Auditing in A Big Data Environment
Riskk
Reviewing Systems and
Processes Big Data
In Internal
Control Issues
IT Applications
Enterprise Content Management (ECM)
ECM : the strategies, methods, and tools used to capture , manage, store, preserve , and deliver content and documents
related to enterprise processes (form of a paper document, an electronic file, a database print stream, bar code images,
even an e-mail.
Online
Video Channel Mobility
Archiving Optimization
Collaboration
6. ECM collaboration
a. Assess whether the installed ECM allows collaboration across multiple technologies, such as instant
messaging, whiteboards, social media, and others.
b. Assess whether goals have been established implementing collaboration techniques, such as better records
management, knowledge capture, and improved compliance.
ECM Internal Audit Review Procedures
7. ECM continuity issues
a. Determine that ECM processes have been closely integrated with enterprise continuity planning processes.
b. Determine that ECM continuity processes are tested at least annually and that processes are updated to the
plan with application changes.
Moeller.,R.R. Brink’s Modern Internal Auditing (2009),” John Wiley & Sons,Inc., Hoboken,New Jersey.