SEKOLAH TINGGI AKUNTANSI

NEGARA

AUDIT INTERN PEMERINTAH

INTERNAL AUDIT
Ali Mugiono
Inspektorat Jenderal Kementerian Keuangan
Gedung Juanda II Lantai 7, Jl. Dr. Wahidin No. 1 Jakarta Telp. 021385 3855
+62818858716 - e-mail: alimugiono.itjen@gmail.com

AUDIT INTERN
PEMERINTAH

Internal Audit

alimugiono.itjen@gmail.com
Ruchyat
Auditing
Ruchyat Kokasih,
Kokasih,
Auditing Prinsip
Prinsip dan
dan Prosedur
Prosedur (1985):
(1985): Pemeriksaan
Pemeriksaan intern
intern
adalah
adalah serangkaian
serangkaian proses
proses dan
dan teknik
teknik yang
yang menjadi
menjadi saluran
saluran untuk
untuk meyakinkan
meyakinkan
manajemen
dengan
observasi
langsung
apakah
pengendalian
yang
manajemen dengan observasi langsung apakah pengendalian yang telah
telah ditetapkan
ditetapkan
manajemen
manajemen berjalan
berjalan baik
baik dan
dan efektif,
efektif, apakah
apakah pembukuan
pembukuan dan
dan laporan
laporan keuangan
keuangan telah
telah
menunjukkan
menunjukkan gambaran
gambaran aktivitas
aktivitas yang
yang sesungguhnya,
sesungguhnya, teliti
teliti dan
dan cepat
cepat serta
serta apakah
apakah
Institute
of
Internal
setiap
bagian/unit
benar-benar
Institute
of Internal
setiap
bagian/unit
benar-benar melaksanakan
melaksanakan kebijaksanaan,
kebijaksanaan, rencana
rencana dan
dan prosedur
prosedur
Audit,
1999:
yang
telah
ditetapkan.
Audit,
1999:
yang
telah
ditetapkan.

Internal
Internal auditing
auditing is
is an
an
independent,
independent,
objective
objective assurance
assurance
and
and consulting
consulting activity
activity
designed
designed to
to add
add value
value
and
and improve
improve an
an
organizations
organizations
operations.
operations. It
It helps
helps an
an
organization
organization accomplish
accomplish
its
its objectives
objectives by
by
bringing
bringing a
a systematic,
systematic,
disciplined
disciplined approach
approach to
to
evaluate
evaluate and
and improve
improve
the
the effectiveness
effectiveness of
of risk
risk
management,
management,
control,
control, and
and
governance

Assurance
and
Independent
Consulting
and Objective
activities
Evaluates Risk

Management,
Control, and
by systematic,
Governancediscipline

Add Value
and Improve
Operation

approach help
the
accomplishment
of objectives

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Internal Audit

Assurance vs Consulting activities

Assurance
Assurance Service
Service
an
an objective
objective examination
examination of
of
evidence
evidence to
to provide
provide an
an
independent
independent opinion
opinion or
or
conclusions
conclusions regarding
regarding the
the
subject
subject matter
matter of
of engagement,
engagement,
such
such as
as entity,
entity, operation,
operation,
system,
system, process,
process, or
or function.
function.
The
The nature
nature and
and scope
scope of
of the
the
engagement
engagement are
are determined
determined by
by
Internal
Internal auditor
auditor (assessor).
(assessor).
3parties
3parties involved:
involved: the
the person
person //
group
group directly
directly involved
involved with
with
the
the engagementsubject
engagementsubject matter
matter
(process
(process owner),
owner), the
the
person/group
person/group conductingthe
conductingthe
assessment
assessment (internal
(internal auditor),
auditor),
and
and the
the person/
person/ group
group using
using the
the
assessment (the user).

Consulting
Consulting Service
Service
an
an advisory
advisory activity
activity to
to provide
provide
objective
objective assistance
assistance or
or
recommendation
recommendation at
at the
the specific
specific
request
request of
of an
an engagement
engagement
client,
client, which
which are
are intended
intended to
to
add
add value
value and
and improve
improve an
an
organisations
organisations operations
operations
The
The nature
nature and
and scope
scope of
of
engagement
engagement are
are determined
determined by
by
both
both parties
parties internal
internal auditor
auditor
and
and the
the client.
client.
Only
Only 2
2 parties
parties are
are involved:
involved:
the
the person/group
person/group offering
offering the
the
advice
advice (internal
(internal auditor),
auditor), and
and
the
the person/group
person/group seeking
seeking and
and
receiving
receiving the
the advice
advice
(engagement
(engagement client).
client).

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Internal Audit

Independence and Objectivity

1100The
1100The internal
internal audit
audit activity
activity must
must be
be independent,
independent, and
and internal
internal auditors
auditors
must
be
1110Organizational
must
be objective
objective in
in performing
performing their
their work.
work.
1110Organizational
Independence
Independence
The
The chief
chief audit
audit executive
executive must
must
report
report to
to a
a level
level within
within the
the
organization
that
allows
organization that allows the
the
internal
internal audit
audit activity
activity to
to fulfill
fulfill
its
its responsibilities.
responsibilities. The
The chief
chief
audit
audit executive
executive must
must confirm
confirm
to
to the
the board,
board, at
at least
least annually,
annually,
the
organizational
the organizational
independence
of
1110A
1
independence
of the
the internal
internal
1110A
1
audit
activity.
The
internal
audit
audit
activity.
The
internal
audit activity
activity must
must
be
be free
free from
from interference
interference in
in
determining
the
scope
of
determining the scope of
internal
internal auditing,
auditing, performing
performing
work,
work, and
and communicating
communicating
results.
results.
1111Direct
1111Direct Interaction
Interaction with
with
the
the Board
Board
The
chief
The chief audit
audit executive
executive must
must
communicate
communicate and
and interact
interact
directly
directly with
with the
the board.
board.

1120Individual
1120Individual Objectivity
Objectivity
Internal
auditors
an
Internal
auditors must
must have
have
an impartial,
impartial, unbiased
unbiased
1130Impairment
to
Independence
or
1130Impairment
to
Independence
or
attitude
and
avoid
any
conflict
of
interest.
attitude
and
avoid
any
conflict
of
interest.
Objectivity
Objectivity
If
If independence
independence or
or objectivity
objectivity is
is impaired
impaired in
in
fact
fact or
or appearance,
appearance, the
the details
details of
of the
the
impairment
must
be
disclosed
to
appropriate
impairment must be disclosed to appropriate
parties.
parties. The
The nature
nature of
of the
the disclosure
disclosure will
will
depend
depend upon
upon the
the impairment.
impairment.
1130.A11130.A1- Internal
Internal auditors
auditors must
must refrain
refrain from
from
assessing
assessing specific
specific operations
operations for
for which
which they
they
were
previously
responsible.
Objectivity
were previously responsible. Objectivity is
is
presumed
presumed to
to be
be impaired
impaired if
if an
an internal
internal auditor
auditor
provides
provides assurance
assurance services
services for
for an
an activity
activity for
for
which
which the
the internal
internal auditor
auditor had
had responsibilty
responsibilty
within
the
previous
year.
within the previous year.
1130.A21130.A2- Assurance
Assurance engagements
engagements for
for fuction
fuction
over
over which
which the
the chief
chief audit
audit executive
executive has
has
responsibilty
responsibilty must
must be
be overseen
overseen by
by a
a party
party
outside
outside the
the internal
internal audit
audit activity.
activity.
1130.C1Internal
auditors
1130.C1- Internal auditors may
may provide
provide

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Purpose/Objectives:
Purpose/Objectives:
add
add value,
value, improve
improve cost
cost
controls,
controls, and
and solve
solve
problems,
problems, catalyst
catalyst for
for
change.
The
scope
change.
The
scope of
of internal
internal
auditing
auditing within
within an
an
organization
organization is
is broad
broad and
and
may
may involve
involve topics
topics such
such
as:
as:
the
the efficiency
efficiency of
of
operations,
operations,
the
the reliability
reliability of
of financial
financial
reporting,
reporting,
deterring
deterring and
and
investigating
investigating fraud,
fraud,
safeguarding
safeguarding assets,
assets, and
and
compliance
compliance with
with laws
laws
and
and regulations.
regulations. Internal
Internal
auditing
auditing frequently
frequently
involves
involves measuring
measuring
compliance
compliance with
with the
the

Internal Audit
Role:
Role:
Internal
Internal auditing
auditing activity
activity is
is primarily
primarily
directed
directed at
at improving
improving internal
internal control,
control,
but
but management
management is
is responsible
responsible for
for
internal
internal control.
control.
Internal
Internal auditing
auditing professional
professional
standards
standards require
require the
the function
function to
to
monitor
monitor and
and evaluate
evaluate the
the
effectiveness
effectiveness of
of the
the organization's
organization's
Risk
Risk management
management processes.
processes.
Internal
Internal auditing
auditing activity
activity as
as it
it relates
relates
to
to corporate
corporate governance
governance is
is generally
generally
informal,
informal, accomplished
accomplished primarily
primarily
through
through participation
participation in
in meetings
meetings and
and
discussions
discussions with
with members
members of
of the
the
Board
Board of
of Directors
Directors
Responsibilities:
Responsibilities:
Internal
Internal auditors
auditors are
are not
not responsible
responsible for
for
the
the execution
execution of
of company
company activities,
activities,
they
they advise
advise management
management and
and the
the
Board
Board of
of Directors
Directors (or
(or similar
similar oversight
oversight
body)
body) regarding
regarding how
how to
to better
better execute
execute
their
their responsibilities
responsibilities

AUDIT INTERN
PEMERINTAH

Role
Role in
in Internal
Internal Control:
Control:
alimugiono.itjen@gmail.com

Internal Audit

Improving
Improving internal
internal control.
control.
Internal
Internal control
control is
is defined
defined as
as a
a process,
process, effected
effected by
by an
an entity's
entity's board
board of
of directors,
directors,
management,
and
other
personnel,
designed
to
provide
reasonable
assurance
management, and other personnel, designed to provide reasonable assurance
regarding
regarding the
the achievement
achievement of
of objectives
objectives in
in the
the 3
3 internal
internal control
control categories:
categories:
Effectiveness
Effectiveness and
and efficiency
efficiency of
of operations,
operations, Reliability
Reliability of
of financial
financial reporting,
reporting, and
and
Compliance
Compliance with
with laws
laws and
and regulations.
regulations.
Management
Management is
is responsible
responsible for
for internal
internal control.
control. Managers
Managers establish
establish policies
policies and
and
processes
to
achieve
specific
objectives
in
each
of
these
categories.
processes to achieve specific objectives in each of these categories.
Internal
Internal auditors
auditors perform
perform audits
audits to
to evaluate
evaluate whether
whether the
the policies
policies and
and processes
processes
are
are designed
designed and
and operating
operating effectively
effectively and
and provide
provide recommendations
recommendations for
for
improvement.
improvement.

Role
Role in
in Risk
Risk management:
management:
Internal
Internal auditing
auditing professional
professional standards
standards require
require the
the function
function to
to monitor
monitor and
and
evaluate
evaluate the
the effectiveness
effectiveness of
of the
the organization's
organization's Risk
Risk management
management
processes.
processes. Risk
Risk management
management relates
relates to
to how
how an
an organization
organization sets
sets
objectives,
objectives, then
then identifies,
identifies, analyzes,
analyzes, and
and responds
responds to
to those
those risks
risks that
that could
could
potentially
potentially impact
impact its
its ability
ability to
to realize
realize its
its objectives.
objectives.
Role
Role in
in Corporate
Corporate Governance:
Governance:
A
A primary
primary focus
focus area
area of
of internal
internal auditing
auditing as
as it
it relates
relates to
to corporate
corporate governance
governance is
is
helping
helping the
the Audit
Audit Committee
Committee of
of the
the Board
Board of
of Directors
Directors (or
(or equivalent)
equivalent) perform
perform its
its
responsibilities
responsibilities effectively.
effectively.
Corporate
Corporate governance
governance is
is a
a combination
combination of
of processes
processes and
and organizational
organizational structures
structures
implemented
by
the
Board
of
Directors
to
inform,
direct,
manage,
and
monitor
implemented by the Board of Directors to inform, direct, manage, and monitor the
the
organization's
organization's resources,
resources, strategies
strategies and
and policies
policies towards
towards the
the achievement
achievement of
of the
the

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Internal Audit

Engagement
Engagement Process
Process (Steps)
(Steps)

Based
Based on
on a
a risk
risk assessment
assessment of
of the
the organization,
organization, internal
internal auditors,
auditors, management
management and
and
oversight
oversight Boards
Boards determine
determine where
where to
to focus
focus internal
internal auditing
auditing efforts.
efforts. Internal
Internal auditing
auditing
activity
is
generally
conducted
as
one
or
more
discrete
projects.
A
typical
internal
activity is generally conducted as one or more discrete projects. A typical internal
audit
audit project
project involves
involves the
the following
following steps:
steps:
1

Establish and communicate the scope and objectives for the

audit to appropriate management.

Develop an understanding of the business area under review. This

includes objectives, measurements, and key transaction types.
This involves review of documents and interviews. Flowcharts and
narratives may be created if necessary
Describe the key risks facing the business activities within the
scope of the audit.
Identify control procedures used to ensure each key risk and
transaction type is properly controlled and monitored
Develop and execute a risk-based sampling and testing approach
to determine whether the most important controls are operating as
intended
Report problems identified and negotiate action plans with
management to address the problems

Follow-up on reported findings at appropriate intervals. Internal

audit departments maintain a follow-up database for this purpose

3
4
5

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Internal Audit

Engagement
Engagement Report
Report

An
An audit
audit report
report may
may have
have an
an executive
executive summary;
summary; a
a body
body that
that includes
includes the
the
specific
specific issues
issues or
or findings
findings identified
identified and
and related
related recommendations
recommendations or
or action
action
plans;
plans; and
and appendix
appendix information
information such
such as
as detailed
detailed graphs
graphs and
and charts
charts or
or
process
process information.
information.
Each
Each audit
audit finding
finding within
within the
the body
body of
of the
the report
report may
may contain
contain five
five elements,
elements,
sometimes
Contain
sometimes called
called the
the "5
"5 C's":
C's":
Contain of
of the
the
Results
Conditi
Results
What is the particular problem identified?
Reliability
Reliability of
of Financial
Financial
on
What
is the standard that was not met? The
Criteri
standard may be a company policy or other
a
benchmark
Cause did the problem occur?
Why
What is the risk/negative outcome (or
Conseque
opportunity
foregone) because of the finding?
nce
Correct
What should management do about the finding?
ive
What have they agreed to do and by when?
Action

reporting
reporting
legal/regulatory
legal/regulatory
compliance
compliance
effectiveness
effectiveness (goals
(goals
were
met
or
standards
were met or standards
was
was achieved)
achieved)
efficiency
efficiency (i.e.,
(i.e.,
whether
whether the
the outputs
outputs
were
were generated
generated with
with
minimum
inputs)
minimum inputs)
Economy
Economy (i.e.,
(i.e.,
whether
whether the
the inputs
inputs
were
were used
used at
at the
the
cheapest
cost
cheapest cost omong
omong
alternatives
alternatives

AUDIT INTERN
PEMERINTAH

Internal Audit
Internal Audit VS External Audit

alimugiono.itjen@gmail.com

Aspek
Position & Role
Mission & Goals
Independency dan
Objectivity
Parties being serviced
Time Orientation
Fraud Detection &
Prevention
Continuity & Timing of
Evaluation
Materiality
Consideration
Scope of Evaluation
Risk Involvement

Internal Auditor

Eksternal Auditor

AUDIT INTERN
PEMERINTAH
alimugiono.itjen@gmail.com

Terima kasih

Tugas - 02
(Group)

1.

2.

3.

Dari mempelajari sejarah perkembangan peran dan fungsi

Internal Audit, jelaskan hal-hal apa saja yang berbeda dan
berkembang dalam perubahan masa-masa tersebut.
Lakukan analisis anda dimulai dengan memperbandingkan
tujuan, cara-cara, cakupan dan fokus audit. Selanjutnya
kembangkan kesimpulan yang bertumpu pada
pemahaman anda tentang bagaimana dan seberapa besar
Internal Audit dibutuhkan.
Jelaskan bagaimana peran Internal Audit dalam
melaksanakan tugas-tugas Assurance dan Consulting, apa
yang membedakannya, serta bagaimana menjamin
Independensi dan obyektivitas dalam melaksanakan
kedua peran tersebut.
Apa tujuan dan lingkup tanggungjawab Internal Audit dan
bagaimana hal itu bisa dilaksanakan, dalam kaitan
hubungannya dengan Internal Control, Risk Management,
dan Governance.