Sie sind auf Seite 1von 11



Ali Mugiono
Inspektorat Jenderal Kementerian Keuangan
Gedung Juanda II Lantai 7, Jl. Dr. Wahidin No. 1 Jakarta – Telp. 021-385 3855
+62818858716 - e-mail:
Ruchyat Kokasih, “Auditing Prinsip dan Prosedur” (1985): Pemeriksaan intern adalah serangkaian proses
dan teknik yang menjadi saluran untuk meyakinkan manajemen dengan observasi langsung apakah
pengendalian yang telah ditetapkan manajemen berjalan baik dan efektif, apakah pembukuan dan laporan
keuangan telah menunjukkan gambaran aktivitas yang sesungguhnya, teliti dan cepat serta apakah setiap
bagian/unit benar-benar melaksanakan kebijaksanaan, rencana dan prosedur yang telah ditetapkan.

Institute of Internal Audit,

1999: Assurance and
Independent and
Internal auditing is an Consulting
independent, objective activities
assurance and consulting
activity designed to add value Evaluates Risk
and improve an organization’s Management,
operations. It helps an Control, and
organization accomplish its Governance
objectives by bringing a by systematic, discipline
systematic, disciplined Add Value and approach help the
approach to evaluate and
Improve Operation accomplishment of
improve the effectiveness of
risk management, control,
and governance processes.
Assurance vs Consulting activities

Assurance Service
Consulting Service
• an objective examination of evidence to
• an advisory activity to provide objective
provide an independent opinion or
assistance or recommendation at the
conclusions regarding the subject
specific request of an engagement
matter of engagement, such as entity,
client, which are intended to add value
operation, system, process, or function.
and improve an organisation’s
• The nature and scope of the
engagement are determined by
• The nature and scope of engagement
Internal auditor (assessor).
are determined by both parties internal
• 3 parties involved: the person / group
auditor and the client.
directly involved with the
• Only 2 parties are involved:
engagement subject matter (process
the person/group offering the advice
owner), the person/group
(internal auditor), and the
conducting the assessment (internal
person/group seeking and receiving
auditor), and the person/ group using
the advice (engagement client).
the assessment (the user).
Independence and Objectivity
1100–The internal audit activity must be independent, and internal auditors must be objective
in performing their work.
1110–Organizational Independence 1120–Individual Objectivity
The chief audit executive must report Internal auditors must have an impartial, unbiased attitude and
to a level within the organization that avoid any conflict of interest.
allows the internal audit activity to 1130–Impairment to Independence or Objectivity
fulfill its responsibilities. The chief If independence or objectivity is impaired in fact or
audit executive must confirm to the appearance, the details of the impairment must be
board, at least annually, the disclosed to appropriate parties. The nature of the
organizational independence of the disclosure will depend upon the impairment.
internal audit activity. 1130.A1- Internal auditors must refrain from assessing
specific operations for which they were previously
1110A 1
responsible. Objectivity is presumed to be impaired if an
The internal audit activity must be free
internal auditor provides assurance services for an activity
from interference in determining the
for which the internal auditor had responsibilty within the
scope of internal auditing, performing
previous year.
work, and communicating results.
1130.A2- Assurance engagements for fuction over which
1111–Direct Interaction with the the chief audit executive has responsibilty must be
Board overseen by a party outside the internal audit activity.
The chief audit executive must 1130.C1- Internal auditors may provide consulting services
communicate and interact directly with relating to operations for which they had previous
the board. responsibilties.

Purpose/Objectives: Role:
add value, improve cost controls, • Internal auditing activity is primarily directed at
and solve problems, catalyst for improving internal control, but management is
change. responsible for internal control.
• Internal auditing professional standards require
the function to monitor and evaluate the
The scope of internal auditing effectiveness of the organization's Risk
within an organization is broad management processes.
and may involve topics such as: • Internal auditing activity as it relates to
• the efficiency of operations, corporate governance is generally informal,
• the reliability of financial accomplished primarily through participation in
reporting, meetings and discussions with members of the
• deterring and investigating Board of Directors
• safeguarding assets, and
• compliance with laws and
Internal auditors are not responsible for the
regulations. Internal auditing
execution of company activities, they advise
frequently involves measuring
management and the Board of Directors (or
compliance with the entity's
similar oversight body) regarding how to better
policies and procedures.
execute their responsibilities
Role in Internal Control:
Improving internal control.
• Internal control is defined as a process, effected by an entity's board of directors, management, and
other personnel, designed to provide reasonable assurance regarding the achievement of objectives in
the 3 internal control categories: Effectiveness and efficiency of operations, Reliability of financial
reporting, and Compliance with laws and regulations.
• Management is responsible for internal control. Managers establish policies and processes to achieve
specific objectives in each of these categories.
• Internal auditors perform audits to evaluate whether the policies and processes are designed and
operating effectively and provide recommendations for improvement.

Role in Risk management:

Internal auditing professional standards require the function to monitor and evaluate the
effectiveness of the organization's Risk management processes. Risk management relates to
how an organization sets objectives, then identifies, analyzes, and responds to those risks that
could potentially impact its ability to realize its objectives.

Role in Corporate Governance:

A primary focus area of internal auditing as it relates to corporate governance is helping the Audit
Committee of the Board of Directors (or equivalent) perform its responsibilities effectively.
Corporate governance is a combination of processes and organizational structures implemented by the
Board of Directors to inform, direct, manage, and monitor the organization's resources, strategies and
policies towards the achievement of the organizations objectives.
Engagement Process (Steps)
Based on a risk assessment of the organization, internal auditors, management and oversight Boards
determine where to focus internal auditing efforts. Internal auditing activity is generally conducted as one
or more discrete projects. A typical internal audit project involves the following steps:

• Establish and communicate the scope and objectives for the audit to
1 appropriate management.

• Develop an understanding of the business area under review. This includes

2 objectives, measurements, and key transaction types. This involves review of
documents and interviews. Flowcharts and narratives may be created if necessary

• Describe the key risks facing the business activities within the scope of the audit.
• Identify control procedures used to ensure each key risk and transaction type is
4 properly controlled and monitored
• Develop and execute a risk-based sampling and testing approach to determine
5 whether the most important controls are operating as intended
• Report problems identified and negotiate action plans with management to
6 address the problems
• Follow-up on reported findings at appropriate intervals. Internal audit
7 departments maintain a follow-up database for this purpose
Engagement Report
An audit report may have an executive summary; a body that includes the specific issues or
findings identified and related recommendations or action plans; and appendix information
such as detailed graphs and charts or process information.
Each audit finding within the body of the report may contain five elements, sometimes called
the "5 C's":

Condition What is the particular problem identified? Contain of the Results

• Reliability of Financial
What is the standard that was not met? The reporting
Criteria standard may be a company policy or other • legal/regulatory compliance
benchmark • effectiveness (goals were
met or standards was
Cause Why did the problem occur? • efficiency (i.e., whether the
outputs were generated
What is the risk/negative outcome (or with minimum inputs)
Consequence opportunity foregone) because of the • Economy (i.e., whether the
finding? inputs were used at the
What should management do about the cheapest cost omong
Corrective alternatives
finding? What have they agreed to do and by
Action when?
alimugiono.itjen@gmail.comInternal Audit
Internal Audit VS External Audit
Aspek Internal Auditor Eksternal Auditor
Position & Role
Mission & Goals
Independency dan Objectivity
Parties being serviced
Time Orientation
Fraud Detection & Prevention
Continuity & Timing of
Materiality Consideration
Scope of Evaluation
Risk Involvement
Qualification & Proficiency

Terima kasih
1. Dari mempelajari sejarah perkembangan peran dan fungsi Internal Audit,
jelaskan hal-hal apa saja yang berbeda dan berkembang dalam
perubahan masa-masa tersebut. Lakukan analisis anda dimulai dengan
memperbandingkan tujuan, cara-cara, cakupan dan fokus audit.
Selanjutnya kembangkan kesimpulan yang bertumpu pada pemahaman
anda tentang bagaimana dan seberapa besar Internal Audit dibutuhkan.
2. Jelaskan bagaimana peran Internal Audit dalam melaksanakan tugas-
tugas Assurance dan Consulting, apa yang membedakannya, serta
bagaimana menjamin Independensi dan obyektivitas dalam
melaksanakan kedua peran tersebut.
3. Apa tujuan dan lingkup tanggungjawab Internal Audit dan bagaimana hal
itu bisa dilaksanakan, dalam kaitan hubungannya dengan Internal
Control, Risk Management, dan Governance.
4. Buatlah analisis yang membedakan Audit Internal dengan Audit