Group 4
Maureen Maudia - C1I016014
members : 1. Ilham Nuril - C1I016005
2. Nia Titaning - C1I016021
3. Selviana Ayu W - C1I016036
In this article, we will discuss the success of
audits with unique corporate environmental conditions, such as based on company
culture, selected audit technical standards and guidelines, governance,
information systems,
In this article, we will discuss the success of
audits with unique corporate environmental conditions, such as based on company
culture, selected audit technical standards and guidelines, governance,
information systems, vendors and others.
1. Poor audit planning Audit planning that is not
done well. This can result in audit failure
2. Ignoring changing risk Changes in risk can occur
internally such as changes in the company and externally such as changes in
market segmentation, changes in demand, vendors that already do not support
important products, etc.
3. Not thinking in terms of value added To achieve
added value must consider several things well. If it is not properly
considered, there is a possibility of the emergence of risks that have a
significant impact on the organization
4. Auditors are biased Consists of :
A. Negativity bias: pay more attention to negative
findings than positive findings
B. Overconfidence bias: based on the belief that
someone's answer or knowledge is always correct
5. Not working with the auditees It is important not
to forget that the audit is not an end in itself, but a process that has the
goal of adding value to the IS / IT provider, so that IS / IT operates
effectively and can support the operations of the organization.
6. Internal Control
7. Firm's Size
8. Auditor Fee
9. Auditor's Independence
10. Auditor's Reputation
11. Industry's Specialization
WHAT DOES SUCCESS LOOK LIKE TO THE VARIOUS
STAKEHOLDERS?
A. The
Internal Audit Perspective
The internal audit perspective is almost certain to
be based on six essential criteria. The audits are:
- The
availability of sufficiently up-to-date and
of good-enough-quality business risk assessments and related prioritized
and resourced mitigation plans
- The
availability of any self-assessments already conducted by the appropriate
functions, including metrics to support them
- The
availability of competent auditors with a mix of audit skills, experience and
soft skills leading to effective interactions with auditees
- The
agreement of the auditees to the scope, timing and timescales proposed
- The
process for validating the accuracy of the audit findings and the value added
by the report
- The
process for quantifying the estimated cost of any recommendations and the value
added by implementing them
The
Audited Party Perspective
Those being audited would be expected to support the
previously noted criteria and add the following:
• The audit
identifies domains of significant risk not previously recognized by the
auditees or their management.
• The audit identifies areas of cost-effective
improvements not previously identified by the auditees or their management.
• The audit report gives credit for initiatives and
actions identified and initiated by the auditees.
• The schedule for the audit and its related
activities does not result in significant disruption to the day-to-day work.
• There is
adequate coordination with other oversight bodies’ plans to avoid back-to-back
audits without a suitable break between them.
• The scope of the audit is maintained throughout
the process—no scope creep.
• The entry meeting sets out clear audit objectives,
a well defined scope and a method of work.
• The
auditors keep the auditees informed of their
progress and ensure that their findings are
accurate as the audit progresses
The
Audit Committee Perspective
The audit committee is
expected to support all the criteria previously noted and may be able to add:
·
audit strategy with a focus on
information assurance and information security that describes the specific
objectives for multi-year audit plans that are segmented into several areas.
·
enter the root cause analysis which
supports recommendations
·
confirmation from management in the
analysis audit that was previously not available and a description of actions
and options that have not been considered
·
statement of standards, guidelines,
tools, and metrics used in conducting audits
·
list of risk domains that cannot be
audited for contract or legal reasons
·
clear understanding of past audit
status, including those that have been completed and validated effectively by
the audit and which have not been completed and the reasons why they are valid
and justifiable
The
Management Perspective
audited organizational
functional managers until executives must be satisfied if the audit meets three
conditions:
1.
audits planned and carried out in
accordance with the needs of the organization
2.
actions recommended by the auditor to
management represent a good return on expenditure
3.
reduction of business risk from time to
time can be reduced by audit results and can be proven
Key of Successful Audit
1. Don’t Wait Until the Last Minute
2. Learn from Past Audits
3. Document all transactions throughout the year, and, for unusual transactions,
4. Perform Monthly or Quarterly Reconciliations
5. Consider Activity Changes
6. Develop a Timeline and Delegation
7. Ensure Key Team Members are Available
8. Once the Audit Starts, Relax
9. Evaluate Results
To have successful audit, it must begin with planning
1. Basic discussions with the client
2. Review of audit documentation
3. Ask about recent developments
4. Interim financial statements
5. Non-audit personnel
6. Staffing
7. Timing
8. Outside assistance
9. Pronouncements on accounting principles and audit guides should be read or reviewed to assist in the development of complete audit programs fitting the unique needs of client's business and industry
10. Scheduling with the client
Conclusion
Everyone wants a
successful audit. success can mean different things from the various parties
involved, therefore attention needs to be given to their criteria. the future
will explore many factors that might conspire to make success more difficult
than they should.
vendors and others. 
Tidak ada komentar:
Posting Komentar