How to Establish Internal Audit SOP Syllabus

Setiap organisasi mempunyai tujuan yang hendak dicapai.  Untuk mencapainya, organisasi membutuhkan berbagai macam operating system yang berisi berbagai  internal control system.  Begitu pula dengan Departemen Internal Audit, sebagai suatu unit yang independen, dalam menjalankan fungsi dan tanggungjawabnya,  menghadapi bermacam-macam risiko hambatan tergantung dari proses audit serta obyek audit yang dihadapainya.

Agar risiko–risiko hambatan tersebut dapat diatasi dengan kontrol-kontrol yang sesuai dan memadai didalam pelaksanaan audit operasional, finansial, sistem informatika, spesial proyek/fraud dan lain-lainnya, maka perlu disusun suatu kerangka risiko (risk framework) untuk memudahkan dalam meng-identifikasi semua jenis risiko yang ada.  Untuk itulah diperlukan suatu Standar Operating Procedures (SOP) yang comprehensive dan integrated.

Sesuai dengan perkembangan zaman dan tuntutan masa kini, SOP disusun berdasarkan “Risk Based Approach” yaitu Enterprise Risk Management (ERM) agar dapat digunakan pada berbagai macam unit operasi sebagai auditee atau obyek audit yang telah menerapkan manajemen risiko.
Selain itu SOP penyusunannya disesuaikan dengan The International Standards for Professional Practice of Internal Auditing dari The Institute of Internal Auditors, Orlando, USA, sehingga isinya dapat memenuhi Standard Practice proses audit serta Code of Ethics bagi auditor pelaksana secara professional.

• Memperoleh pengertian bagaimana cara menyusun Standard Operating Procedures (SOP) dengan tahapan proses audit sesuai dengan The International Standards Professional Practice of Internal Auditing dari The Institute of  Internal Auditors.
• Mengerti status, posisi dan keberadaan Departemen Internal Audit didalam struktur organisasi atau perusahaan.
• Menyusun Internal Audit Charter sebagai pernyataan fungsi dan tanggung-jawabnya didalam melakukan audit dilingkungan organisasi atau perusahaan.
• Melakukan sosialisasi fungsi keberadaan dan tanggung jawab Internal Audit dan memberikan informasi proses pelaksaan audit kepada semua unit operasi.
• Bagaimana menempatkan Departemen Internal Audit sebagai suatu fungsi yang independen dan strategis yang dapat memberikan nilai tambah bagi organisasi atau perusahaan dengan memfokuskan pada 4 tujuan utama:

  • Memastikan reliabilitas dan integritas atas informasi bisnis.
  • Menjaga aset organisasi atau perusahaan
  • Mempromosikan operasi yang efektif dan efisien
  • Memastikan bahwa semua kebijakan, hukum, SOP telah dipatuhi dan tujuan organisasi atau perusahaan telah tercapai.Menyusun Uraian Kerja (Job Descriptions) bagi semua anggota auditors didalam lingkungan Departemen Internal Audit.
• Melakukan penyesuaian dan memutahirkan SOP Internal audit dari masing-masing organisasi atau perusahaan dengan menggunakan Risk Based Approach, Risk Assessment, Control Self-assessment (CSA) COSO.

A. CORPORATE OPERATING POLICIES

B - OVERVIEW OF THE INTERNAL AUDITING DEPARTMENT

C - AUDIT PROCEDURES AND TECHNIQUES

D - STAFF QUALIFICATIONS AND DEVELOPMENT

E - AUDIT ADMINISTRATION

A. CORPORATE OPERATING POLICIES

• Policy Statement for Controlling the Operations of the Corporation and Subsidiaries
• Corporate Audit Policy
• The Institute of Internal Auditors
• Code of Ethics
• Standards for the Professional Practice of Internal Auditing
• Minutes Establishing the Audit Committee
• Reporting to the Audit Committee
• Audit Advisory Committees
• Executive Endorsement of the Internal Auditing Charter
• Summary of Essential Internal Controls
• Proper Business Practices
• Addendum to Proper Business Practices Policy - Annual Report Letter
• Foreign Corrupt Practices Act (Background and General Information, Corporate Policy, Internal Auditing Responsibilities)
• COSO: Internal Control - Integrated Framework

B - OVERVIEW OF THE INTERNAL AUDITING DEPARTMENT

• Mission Statement
• Continuing General Objectives
• Internal Audit Charter - Example I
• Internal Audit Charter - Example II
• Internal Audit Charter - Example III
• Quality Assurance and Improvement
• Audit Productivity Measurement: Auditors
• Audit Productivity Measurement: Auditors-in-Charge
• Audit Process Questionnaire (Audit Customer Survey)
• Internal Auditing Operating Policy
• Internal Auditing Operating Principles
• Reports for Management and the Audit Committee
• Objectivity
• Due Professional Care and Fraud
• Chief Audit Executive Responsibilities
• Audit Manager Responsibilities
• Auditor-in-Charge Responsibilities
  

C - AUDIT PROCEDURES AND TECHNIQUES

ANNUAL AUDIT PROGRAM

• Audit Risk Assessment/Annual Audit Planning - Example I
• Audit Risk Assessment/Annual Audit Planning - Example II
  

INDIVIDUAL AUDIT PROJECTS

• Project Assignment
• Project Assignment Form
• Budget Revision Form
• Project Time Budget
• Project Time Record
• Audit Objectives and Planning
• Audit Objectives and Planning Checklist
• Survey Techniques
• Preliminary Survey
• Flow Charting Documentation Standards
• Audit Program
• Opening Conference
• Evaluating Internal Control
• Attributes of a Well Developed Audit Finding
• Audit Finding Data Sheet
• Audit Work Papers
• Audit Work Paper Review
• Audit Work Paper Review Checklist
• Security and Control of Work Papers
• Exit Conference
• Exit Conference Summary Sheet
• Audit Reports
• Audit Report Traveler
• Audit Report Follow-up
• Project Checklist and Audit Considerations
• Post-audit Review Form
• Team Appraisals
• Reporting on Other Than Audit Assignments Communications

IT AUDITING

• Scope and Objectives of the Information System Auditing Group
• Data Center/Computer Operations Audits
• Applications Systems Audits
• Systems Development Audits
• Other Personal or Departmental Computing Environment Audit
• Responsibilities for Assigned Hardware/Software
• PC Equipment Custodian Agreement
• Backups

OTHER

• Auditor's right to a Third Opinion
• Illegal and Improper Activities
• Fraud/Irregularities/Investigations
  

D - STAFF QUALIFICATIONS AND DEVELOPMENT

POSITION DESCRIPTIONS

• Director of Internal Auditing/Chief Audit Executive
• Manager of Internal Auditing
• Senior Auditor
• Staff Auditor
• Information Technology Auditor
• Knowledge/Skill Levels for Information Systems Auditors: Level 1
• Knowledge/Skill Levels for Information Systems Auditors: Level 2
• Knowledge/Skill Levels for Information Systems Auditors: Level 3

INTERVIEWING

• Applicant Interviewing
• Telephone Evaluation Form - Human Resources
• Telephone Evaluation Form - Internal Auditing
• Interview Schedule
• Applicant Evaluation Report
• Interview Evaluation Sheet

ORIENTATION, DEVELOPMENT/TRAINING

• Orientation Program
• Determining Development/Training Needs
• Development/Training Appraisal Form
• Audit Staff Self Appraisal Form
• Preparing Individual Development/Training Plans
• Audit Staff Development/Training Plan Form
• Assessing Development/Training Progress
• External Development/Training Evaluations
• Staff Rotation Policy
• Professional Certification, Organizations, and Meetings
• Professional Organization Meetings/Seminar Report

PERFORMANCE APPRAISALS

• Performance Appraisal Templates
• Performance Appraisals - Example I
• Performance Appraisal Report
• Performance Appraisals - Example II
• Staff Performance Appraisal Form
• Performance Appraisals - Example III
• Performance Appraisal Form - Staff Auditor - Audit Assistant
• Senior Auditor Performance Appraisal Form
• Supervisor Performance Appraisal Form
• Manager Performance Appraisal Form

E - AUDIT ADMINISTRATION

• Personal Conduct and Independence
• Marketing the Internal Auditing Function: An Audit Customer's Introduction to Internal Auditing - Example I (Sample Copy)
• Marketing the Internal Auditing Function: An Audit Customer's Introduction to Internal Auditing - Example II (Sample Copy)
• Internal Auditor Duties Versus Line/Operational Duties
• Audit Schedule and Assignments
• Time Reports
• Time Report Form
• Quality Assurance Reviews - Internal Review
• Internal Review - CAE's Questionnaire
• Quality Program - Internal and External Assessments
• Level Two Quality Assurance Review Form
• Level Three Quality Assurance Reviews Form
• Audit Customer Survey
• Internal Audit - Audit Customer Survey - Example I
• Internal Audit - Audit Customer Survey - Example II
• Coordination with Independent Public Accountants
• Assistance to Independent Public Accountants
• Record Retention
• Library/Reference Materials
• Housekeeping

telah lebih dari 20 tahun berkarir dalam area internal audit, akuntansi dan IT.  Sampai ke posisi AVP, Internal Audit di suatu perusahaan nasional.  Ia telah berkarir dalam perusahaan manufacturing, oil and gas dan memiliki pengalaman bekerja di beberapa Negara di luar Indonesia, seperti Australia, Amerika, Perancis dan Filipina. 
Lulusan SI dan MBA dalam bidang Akuntansi ini juga aktif di IIA (Institute of Internal Auditors) yang menyebabkan ia diantaranya secara intensive terlibat di dalam pembuatan Standar Pelaksanaan Fungsi Audit Intern Bank.  Ia juga trainer dalam bidang Internal Audit untuk berbagai Perusahaan dan pembicara dalam berbagai seminar.