Agenda
Waktu
Agenda
08.00 08.30
1. Introduction - opening
08:30 09:00
09:00 10:00
10:00 10:15
Coffee break
10:15 10.45
10.45 11.15
11.15-11.45
11.45 12.00
Penutup
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
2
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
3
B. Desain
1.5 bulan
Analisa Strategis
Stakeholders
Expectation
Regulasi/
Kebijakan
Situasi Sosial,
Ekonomi, &
Pasar
Industry
Benchmark
C. Konstruksi
3 bulan
1.5 bulan
Quick Wins
RJPP (as-is)
Keuangan
SCM
SDM
Design to-be
2 Proses Keuangan
Analisa Operasional
3
SCM
Keuangan
4
5
SDM
Model Operasi
& Struktur
Organisasi
2
Internal Audit
(Output)
Analisa
Kesenjangan
Proses SCM
Proses SDM
5 Struktur Organisasi
6
Framework IA
User
Requirement
dan Vendor
Selection
ERP
AMS
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
4
Hasil Keseluruhan
Level 5: Optimized
Secara ideal,
SPI Bulog 1
tahun ke depan
SPI Bulog
5
4
Level 4: Managed
SPI proaktif memberikan saran-saran perbaikan yang
bersifat antisipatif dan meningkatkan efisiensi.
SPI telah mengintegrasikan informasi dan rencana kerja
ke seluruh organisasi termasuk manajemen risiko,
kepatuhan, hukum,dll.
Level 3: Integrated
Level 2: Infrastructure
Tingkat kematangan SPI saat ini dibandingkan
dengan leading practices adalah berada diantara
level 1 initial dan 2 infrastructure.
SPI dalam 1 (satu) tahun kedepan seharusnya
sudah berada pada level 3 Integrated secara
ideal sejalan dengan operating model,
perkembangan bisnis dan risiko di masa depan.
2
1
Level 1: Initial
SPI fokus terutama pada review transaksi keuangan dan
perlindungan aset.
Praktik dan dan prosedur bersifat informal dan belum
konsisten dijalankan.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
5
5
4
Integrated
Infrastructure
Initial
1
0
Metodologi
Praktik-praktik
Kerja
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
Belum melakukan
IT audit
Belum ada AMS
Teknologi
November 2015
6
Tujuan Pelatihan
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
7
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
8
perusahaan.
Cara mengidentifikasi risiko
dapat dengan cara menjawab
pertanyaan sebagai berikut:
Bahaya/
Musibah
Hasil yang
tidak pasti
Kesempatan
Tidak
mencapai hasil
yang
diharapkan
Menggunakan
kesempatan secara
maksimal
Risiko
kerugian atau
terjadinya hal
yang buruk
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
9
Keuangan
Keselamatan
Hukum
Reputasi
Gangguan
operasi/
Peraturan
bisnis
Lingkungan
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
10
DAMPAK
KEMUNGKINAN TERJADI
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
11
DAMPAK
Contoh risiko
Kecelakaan
Kegagalan
Kerja
sistem
Pencurian Beras
Kemarau
Peraturan
Pelemahan
Panjang
Baru
Rupiah
Pembayaran
Kekurangan
Kerusakan
fiktif
Gudang
Beras
KEMUNGKINAN TERJADI
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
12
Mitigasi risiko
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
13
Mitigasi risiko
Risiko bisnis
Pengendalian internal
Pengendalian
Pengendalian Internal
Risiko bisnis
Awasi/monitor
Risiko bisnis
Pengendalian Internal
Risiko bisnis
Awasi/monitor
Pengendalian
Pengendalian Internal
Kebakaran Gudang
Risiko bisnis
Pengendalian Internal/
Asuransi
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
14
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
15
Risk Based Internal Audit (RBIA) adalah suatu pendekatan audit yang
fokus pada inherent risk organisasi, menguji seberapa baik pengelolaan risikorisiko utama organisasi telah dikelola oleh organisasi dalam suatu tingkat risk
appetite yang disepakati manajemen.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
16
PERAN
FUNGSI
Compliance
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
Assurance &
Business Advisory
November 2015
17
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
18
Ciri Utama
Pendekatan Internal
Audit
Level 3 Define
Level 4 Managed
Level 5 - Integrated
Level 1 - Traditional
Level 2 - Awareness
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
19
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
20
AUDIT
UNIVERSE
PERENCANAAN
PRIORITAS
AUDIT
PELAKSANAAN
PELAPORAN
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
RENCANA AUDIT
TAHUNAN
BERBASIS RISIKO
PEMANTAUAN
QUALITY ASSURANCE
LEVEL MIKRO
LEVEL MAKRO
November 2015
21
Click to edit Section Divider style 6 Apa itu Risk Based Audit?
coffee break
Transformasi
Perum
BULOG
Risk
BasedPractices
Internal Audit Training Workstream Internal Audit
BULOG
Training
Internal
Audit
Leading
PwC
November 2015
20
22
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
23
Proses bisnis
2. Struktur organisasi
3. Lokasi
4. Produk yang dijual/dihasilkan
5.
Dll.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
24
Ilustrasi
Bila kita harus memeriksa semua barang yang ada bagaimana kita akan
mendaftarkan dan mengelompokkan barang yang akan diperiksa ?
ey.com
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
25
Lokasi
Struktur Organisasi
Produk
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
26
Corporate
financial
Performa
nce
measure
ment
Business
develop
ment
ey.com
ey.com
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
27
PEMETAAN PROSES
BISNIS
AUDIT UNIVERSE
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
28
Perusahaan
Penjualan
Operasional
Aktiva tetap
Penagihan
Pencatatan penjualan
Monitoring A/R
Perencanaan pengadaan
Pemesanan barang
Pengadaan
Pemilihan supplier
Penerimaan barang
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
29
Accounting
Finance
Pajak
Perusahaan
Anggaran
Utang
Uang Muka
Aktiva tetap
Pabrik
Gudang
Operasional
Maintenance
Compliance
IT
K3
Pemesanan barang
Fungsi pendukung
Pengadaan
Pemilihan rekanan
SDM
Penerimaan barang
General Affairs
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
30
Auditable Unit
Proses di Korporat
A.1
[Auditable unit]
A.2
[Auditable unit]
A.3
[Auditable unit]
Proses Lintas
Fungsi
B.1
[Auditable unit]
B.2
[Auditable unit]
Departemen
C.1
[Business Unit]
C.1.1
[Auditable unit]
C.1.2
[Auditable unit]
Risiko
terkait
Rating
Risiko
Lingkungan
Pengendalian Internal
1, 3
Higher
Stronger
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
Kebutuhan Audit
Medium
November 2015
31
Beberapa proses bisnis mungkin lebih kompleks dibandingkan proses bisnis lainnya.
Internal Auditor harus dapat mengalokasikan waktu yang cukup untuk
mengidentifikasi proses bisnis tersebut.
Terkadang Internal Audit tidak mempunyai sumber daya yang cukup untuk
membangun Audit Universe.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
32
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
33
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
34
AUDIT
UNIVERSE
PERENCANAAN
PRIORITAS
AUDIT
PELAKSANAAN
PELAPORAN
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
RENCANA AUDIT
TAHUNAN
BERBASIS RISIKO
PEMANTAUAN
QUALITY ASSURANCE
LEVEL MIKRO
LEVEL MAKRO
November 2015
35
Sumber informasi dalam menentukan kriteria risiko ini dapat diambil dari opini
stakeholders, laporan keuangan, rencana kerja, Laporan Hasil Audit sebelumnya,
dan lainnya.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
36
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
37
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
38
November 2015
39
Score
Score
Score
Score
Nilai Total
Risiko
16 - 20
Tinggi
10 - 15
Sedang
4 9
Rendah
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
40
2)
3)
4)
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
41
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
42
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
43
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
44
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
45
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
46
AUDIT
UNIVERSE
PERENCANAAN
PRIORITAS
AUDIT
PELAKSANAAN
PELAPORAN
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
RENCANA AUDIT
TAHUNAN
BERBASIS RISIKO
PEMANTAUAN
QUALITY ASSURANCE
LEVEL MIKRO
LEVEL MAKRO
November 2015
47
Memastikan bahwa setiap personil Tim Audit mempunyai pemahaman yang baik
tentang proses bisnis yang diaudit, risiko, dan pengendalian yang terkait sebelum
dimulainya pelaksanaan penugasan audit (audit fieldwork),
Mengetahui risiko dan pengendalian penting yang terkait dengan proses bisnis yang
diaudit,
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
48
Mengatur alokasi sumber daya dan man-days untuk melakukan audit secara efektif,
Memandu secara detil langkah-langkah audit dan kedalaman pengujian audit agar
dapat memenuhi tujuan audit,
Membangun hubungan dan komunikasi yang baik dengan auditee melalui Surat
Penugasan Audit dan entrance meeting.
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
49
Deskripsi Risiko
Audit program
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
50
Transformasi Perum BULOG Risk Based Internal Audit Training Workstream Internal Audit
PwC
November 2015
51
Thank you!
This publication has been prepared for general guidance on matters of interest only, and does not constitute
professional advice. You should not act upon the information contained in this publication without obtaining
specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or
completeness of the information contained in this publication, and, to the extent permitted by law, KAP
Tanudiredja, Wibisana & Rekan, its members, employees and agents do not accept or assume any liability,
responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance
on the information contained in this publication or for any decision based on it.
2015 KAP Tanudiredja, Wibisana, Rintis & Rekan. All rights reserved. In this document, PwC refers to KAP
Tanudiredja Wibisana & Rekan which is a member firm of PricewaterhouseCoopers International Limited, each
member firm of which is a separate legal entity.