Internal auditing practices and internal control system
Faudziah Hanim Fadzil Faculty of Accountancy, Universiti Utara Malaysia, Kedah, Malaysia
Hasnah Haron School of Management, Universiti Sains Malaysia, Penang, Malaysia, and
Muhamad Jantan Centre for Policy Research, Universiti Sains Malaysia, Penang, Malaysia Abstract Purpose – Two main objectives and they are: to determine whether the internal audit department of the companies listed in the Bursa Malaysia complies with the Standards for the Professional Practice of Internal Auditors IIA (2000); and, to determine whether compliance to SPPIA will affect the quality of the internal control system of the company. Design/methodology/approach – Two sets of questionnaires were used in the study. Internal auditing practices was measured by the items listed in the SPPIA and the internal control was measured by means of the statement on internal control: guidance for directors of public listed companies. The population used in this study was all the companies listed in the Bursa Malaysia in 2001. This study used both descriptive and inferential analyses. Findings – It was found that management of internal audit department, professional proficiency, objectivity and review significantly influence the monitoring aspect of the internal control system. Scope of work and performance of audit work significantly influences the information and communication aspect of the internal control system while performance of audit work, professional proficiency and objectivity significantly influence the control environment aspect of the internal control system. The study also shows that management of internal audit department, performance of audit work, audit program and audit reporting significantly influences the risk assessment aspect of the internal control system. Lastly, performance of audit work and audit reporting significantly influences the control activities aspect of the internal control system. Research limitations/implications – The research has contributed to the agency theory with respect to the bonding costs that management has to pay to the internal auditors for the best interest of the principals of the companies. Another important implication pertains to the extent of the internal auditing practices among internal auditors in Malaysian public listed companies. Research has also shown that the compliance with internal auditing practices partially influence certain aspects of the quality of the internal control system. Originality/value – This is the first empirical study that has linked the compliance of the internal auditing function to the SPPIA and its effect on the internal control system. Keywords Auditing, Auditing standards, Malaysia Paper type Research paper
Introduction Internal auditing has undergone dramatic changes that have expanded its scope in a way that allows it to make greater contributions to the organization it serves. Internal auditing is also performed in diverse legal and cultural environments; within organizations that vary in purpose, size, and structure; and also by persons within or outside the organization. Furthermore, the internal auditing profession also walks a tightrope between serving as amanagement consultant and an independent professional.A survey done by theMalaysian Institute of CorporateGovernance (MICG),The Institute of Internal Auditors Malaysia (IIAM) and Ernst and Young concluded that internal auditors are best placed to understand and appreciate the business processes of a company and they act as management consultant to reduce risks. Internal auditors also help run a company more efficiently and effectively to increase shareholders’ value. As this is the case, internal auditors need to be out in front, leading the business units with regards to the internal control system and also focusing on strategic business objectives. The internal auditors also need to establish themselves as vital cogs in their organizations, rather than as observers who watch from the periphery and wait for events to impact them (Sawyer and Vinten, 1996).
One issue that has emerged related to the internal auditing practices is; “what is a proper and sound measurement of the internal auditing practices?” Barrett (1986) notes, “effectiveness (of internal audit) can be described, but it is difficult to quantify and in the final analysis, effectiveness is determined by the perception of auditees”. In the company environment, management is the most important auditee of the internal audit department since effectiveness of the internal auditing practices can be described through the expectations of management with regard to the internal auditing practices. The management will expect the internal auditors to perform their internal auditing practices to a certain level that is complying with the Standards for the Professional Practice of Internal Auditors (SPPIA) (now known as the Professional Practice Framework (PPF)), since it can be easily described. Compliance with SPPIA is therefore an indication of the effectiveness of the Internal Audit Department. The auditing profession, both internal and external, has come under increasing scrutiny since the highly publicised collapse of energy trader, Enron (Vinten, 2003) in the USA last year. The uncovering of alleged irregularities at Technology Resources Industries Berhad (TRI) has highlighted the need for greater corporate governance in Malaysia. TRI had issued false invoices between 1998 and 1999, which amounts to MYR260 million (USD 68 million). According to Dato’ Samad Alias, the President of the Malaysian Institute of Accountants (MIA), “This could be the largest accounting fraud in Malaysian history”. The false invoices was discovered by Telekom Malaysia, who took control of the TRI in June 2002, after conducting several internal audits, when Arthur Andersen was TRI’s auditor. “We had to rely on the information prepared by the company’s accountants”, said Dato’ Abdul Samad, who was then head of the Andersen’s Malaysian office. If TRI was to restate 1998 and 1999 accounts, its net book value will reduce as much as MYR 198 million (Financial Times, 2002). The case has certainly shed a light on the importance of the role of internal auditors, which was only recognised and emphasised after irregularities were discovered. Internal auditors are often described as both a business partner and a policeman because of his work as a business partner with client management and also because he acts as an independent reviewer of management. As a business partner, the internal auditor is expected to provide expertise to assist an organization in meeting its objectives while as a policeman; an internal auditor is often thought of as an adversary looking for flaws. As such, the extent of the internal auditing practices plays an important factor on these roles. This study will provide empirical evidence whether compliance with internal auditing practices will lead to a better internal control system. The development of SPPIA SPPIA are the criteria by which the operations of an internal auditing department are evaluated and measured and intended to represent the internal auditing practices, as it should be. It is also meant to serve the entire profession of internal auditing, in all types of organisations where internal auditors are found. It was first developed in June 1978, at the Internal Auditors International Conference in San Francisco. The SPPIA comprise of five general standards of: (1) independence; (2) professional proficiency; (3) scope of work; (4) performance of audit work; and (5) management of the internal audit department. This framework allowed the future expansion of the internal auditing practices until the new framework was released in January 2002. A new framework, called PPF was released in January 2002[1] and it consisted of three sets of standards: attribute, performance, and implementation standards. The attribute standards address the attributes of organisations and individuals performing internal audit services while the performance standards describe the nature of internal audit services and provide quality criteria against which performance of these services
can be measured. The implementation standards on the other hand provide guidance applicable in specific types of engagements. However, this new framework is not utilised in this study because of the timing of its release. Internal control system. The internal control system plays an important role in the internal auditing practices since the internal auditors might be considered as being specialists in management control (Chambers et al., 1987). Internal auditing practices appraise the effectiveness of internal control systems, which is a definition of internal auditing and which also includes an appraisal of the actions by management to correct situations, which are at variance with planned outcomes. The definition of internal control systems reveals that it is not fundamentally different from management control, which has an essential component of control such as planning, organising, staffing and directing (Chambers et al., 1987). Senior management and the audit committee normally expect that the CAE will perform sufficient audit work and gather other available information during the year so as to form a judgement about the adequacy and effectiveness of the control processes. The CAE should then communicate that overall judgement about the organisation’s system of controls to the senior management and the audit committee. This is necessary since internal auditors play an intermediary role and assist in the discharge of the oversight function of audit committee. If the above internal audit function is not available, the management needs to apply other monitoring processes in order to assure itself and the board that the system of internal control system is functioning as intended. In these circumstances, the board of the company will need to assess whether such processes provide sufficient and objective assurance or regular review and appraisal of the adequacy and the integrity of the internal control systems in the company. Bursa Listing Requirements has established industry taskforce which formulated the “Statement on Internal Control: Guidance For Directors of Public Listed Companies” to fulfil the above circumstances.The aim of this guidance is to assist listed companies in making disclosures in their annual reports on the state of internal control, in compliance with the Listing Requirements of the KLSE. Pursuant to the requirements of the Code in relation to the Internal Audit Function, in May 2001, the Securities Commission appointed the IIAM to establish a separate industry taskforce to formulate these Guidelines to assist the board of public listed companies in effectively discharging their responsibilities in relation to establishing an Internal Audit Function. Risk assessment, control environment, control activities, information and communication and monitoring are five important characteristics in this guideline. The roles of internal auditors. In the revised statement of responsibilities of internal auditing issued by the Institute of Internal Auditors (IIA) (2000) as part of the standards framework, the section on objectives states: The objective of internal auditing is to assist all members of management in the effective discharge of their responsibilities by furnishing them with analyses, appraisals, recommendations and pertinent comments concerning the activities reviewed. The internal auditor is concerned with any phase of business activity where he can be of service to management. This involves going beyond accounting and financial records to obtain a full understanding of the operations under review (p. 3).
Sawyer and Vinten (1996) noted four benefits managers have gained from internal auditing assistance. These benefits were providing managers with the bases for judgement and action, helping managers by reporting weaknesses in control and performance and in recommending improvements, providing counsel to managers and boards of directors on the solutions of business problems, and supplying information that is timely, reliable and useful to all levels of management. Additionally, the statement sets forth the types of services that should be performed and the kinds of activities carried on by the internal audit function in attaining the overall objective. Internal auditors should first review and appraise the soundness and adequacy of the accounting, financial, and other operating controls, and promote effective controls at reasonable cost. Secondly, the internal auditors should ascertain the extent of compliance with established policies, plans, procedures, laws and
regulations, which could have a significant impact on the company’s operations. Then the internal auditors review the means of safeguarding assets and when appropriate, verify the existence of such assets and appraise the economy and efficiency with which resources are employed. Lastly, the internal auditors review operations or programs to ascertain whether results are consistent with established objectives and goals and whether the operations or programs are being carried out as planned. Reviewing and evaluating the adequacy and effectiveness of an organisation’s internal control system and the quality of performance in carrying out assigned responsibilities is representative of several primary core activities of internal audit work. The purpose of the review of the adequacy of the internal auditing is to ascertain whether the established system provides reasonable assurance that the organisation’s objectives and goals will be met efficiently and economically. Adequate control is considered to be present if administrative management has planned and organised in a manner, which provides reasonable assurance that the organisation’s objectives and goals will be achieved efficiently and economically. Reasonable assurance is provided when cost-effective actions are taken to restrict deviations, such as improper or illegal acts, to a tolerable level. The role of internal auditing in the review of effectiveness of the system of internal control is to ascertain whether the system is functioning as intended. Effective control is present when the administrative management directs the system in such as way as to provide reasonable assurance that the organisation’s objectives and goals will be achieved. The purpose of the review for quality of performance is to ascertain whether the organisation’s objectives and goals have been achieved. The primary objectives of an organisation’s system of internal control are to provide administrative management with reasonable assurance that financial information is accurate and reliable; the organisation complies with policies, plans, procedures, laws, regulations and contracts; assets are safeguarded against loss and theft; resources are used economically and efficiently; and established objectives and goals for operations or programs can be met. Internal auditing focuses on an evaluation of this system or framework of internal control. A second type of audit work that internal auditors are guided to perform is reviewing the accuracy and reliability of financial and operating information and the means used to identify, measure, classify and report such information. Information systems provide data for decision-making, control, and compliance with external requirement. Therefore, internal auditors should examine information systems and determine whether financial and operating records and reports contain accurate, reliable, timely, complete and useful information, and controls over record keeping and reporting are adequate and effective. The performance of reviews of the systems established to ensure compliance with policies, plans, procedures, laws, regulations and contracts represents a third element of audit activity described by the standards. Administrative management is responsible for establishing the systems designed to ensure compliance with such requirements as laws, rules, regulations, policies and procedures. The internal auditors role is to determine whether the systems designed by management are adequate and effective and whether the activities audited are complying with the appropriate requirements. Further, as described by the standards, the internal auditor’s role includes providing appraisals with recommendations regarding administration management established objectives and goals for operations and programs. Research framework and methodology The main source of data is annual reports of Malaysian public listed companies. Data collected from the firm’s report were used to examine the existence of internal audit in the firms and if any, the functions of the internal auditors. Corporate annual reports were used because it is seen to be the main form of company communication (Zeghal and Ahmed, 1990; Unerman, 2000) and also they were widely available (Buhr, 1998;
Gray et al., 1995; Unerman, 2000). Research framework This study focuses on two variables: internal auditing practices and quality of the internal control system. The theoretical framework is as follows: Figure 1 model proposed is based on the postulate in the agency theory where the principal will incur the agency cost in order for them to observe the agent’s action. The relationship between principals and agents is that the principals will incur monitoring expenditures while the agents incur bonding costs to ensure that the work of looking after the wealth of the principals is done (Adams, 1994). The cost of internal audit is an example of this bonding costs. Sherer and Kent (1983) perceived internal auditing to be “a bonding cost borne by the senior manager to satisfy the demands for accountability made by external participants especially shareholders”. Not internal audit professionals argue that an effective audit function will correlate with an organisation’s success in meeting management objectives and whether the internal control system is functioning as intended. Research hypotheses The research hypotheses will examine the compliance of the internal auditing practices to the quality of the internal control system. There are 45 sub-hypotheses relating the internal auditing practices to internal control system. H1. The better the compliance of internal audit department to the standards of internal auditing practices, the higher the quality of the internal control system. H1a. relates monitoring of the internal control quality with the nine components of the internal auditing practices. H1a1. The better the management of the internal audit department of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a2. The greater the scope of work of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a3. The higher the performance of audit work of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a4. The higher professional proficiency of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a5. The higher the independence of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a6. The higher the objectivity of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a7. The better the audit reviews of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a8. The better the audit programs of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1a9. The better the audit reporting of the internal auditing practices, the higher the monitoring of the quality of the internal control system. H1b. relates information and communication of the internal control quality with the nine components of the internal auditing practices. H1b1. The better the management of the internal audit department of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b2. The greater the scope of work of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b3. The better the performance of audit work of the internal auditing practices, the better the information and communication of the quality of the internal control system.
H1b4. The higher the professional proficiency of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b5. The higher the independence of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b6. The higher the objectivity of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b7. The better the audit reviews of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b8. The better the audit programs of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1b9. The better the audit reporting of the internal auditing practices, the better the information and communication of the quality of the internal control system. H1c. relates control environment of the internal control quality with the nine components of the internal auditing practices. H1c1. The better the management of the internal audit department of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c2. The greater the scope of work of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c3. The higher the performance of audit work of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c4. The higher the professional proficiency of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c5. The higher the independence of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c6. The higher the objectivity of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c7. The better the audit reviews of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c8. The better the audit programs of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1c9. The better the audit reporting of the internal auditing practices, the higher the control environment of the quality of the internal control system. H1d. relates risk assessment of the internal control quality with the nine components of the internal auditing practices. H1d1. The better the management of the internal audit department of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d2. The greater the scope of work of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d3. The higher the performance of audit work of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d4. The higher the professional proficiency of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d5. The higher the independence of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d6. The higher the objectivity of the internal auditing practices, the higher the risk assessment of the quality of the internal control system.
H1d7. The better the audit reviews of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d8. The better the audit programs of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1d9. The better the audit reporting of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. H1e relates control activities of the internal control quality with the nine components of the internal auditing practices. H1e1. The better the management of the internal audit department of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e2. The greater the scope of work of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e3. The higher the performance of audit work of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e4. The higher the professional proficiency of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e5. The higher the independence of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e6. The higher the objectivity of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e7. The better the audit reviews of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e8. The better the audit programs of the internal auditing practices, the higher the control activities of the quality of the internal control system. H1e9. The better the audit reporting of the internal auditing practices, the higher the control activities of the quality of the internal control system. Internal auditing practices and the quality of internal control system Independence and objectivity is seen as an important attribute to the quality of internal audit function (IIA, 2000; Bethea, 1992; Traver, 1991; Farbo, 1985; Clark et al., 1980; Glazer and Jaenicke, 1980). If internal auditors are not independent and objective, they are of little value to those who demand their service (Clark et al., 1980; Elliot and Willingham, 1980; Ward and Robertson, 1980; Williams, 1978). The internal audit department must be granted the license to carry out its responsibilities freely and objectively and also their judgements reached must be unbiased. Most internal audit professionals argue that an effective internal audit function unequivocally correlates with an organisation’s success in meeting management objectives and whether the internal control system is functioning as intended. Research design The basic research design utilised for this study was a survey design. The collection of primary data was accomplished through the use of a mail survey instrument (questionnaire). Data collected from the questionnaire is divided into two components: (1) the measurement of the internal auditing practices was sent to the CAE/Head of Internal Auditing Department; and (2) questionnaire on the measurement of the quality of internal control system was sent to the audit committee. Sample and method of data analysis All the companies (812 companies) listed in the Bursa Malaysia in year 2001 were used as the population in this study. The year of 2001 was chosen due to the availability of the data and the current status of the data. This study used both descriptive and inferential analyses. Descriptive analysis is used to determine if Bursa Malaysia listed companies comply with the standards in their internal audit practices while the inferential analyses (multiple regression analyses) were used to test the hypotheses. The variables have met the assumptions of
multiple regression analysis. Factor analysis was run on the internal auditing practices variable and the internal control system. As a result, the internal auditing practices variables have been broken up into nine components instead of the present five[2]. The components of the internal controls system remains the same. Analysis and findings Table I shows information on sampling and return rates of the questionnaires sent to the internal auditors and the audit committees of the Bursa Malaysia listed companies. Of the 812 questionnaires mailed, 654 subjects were contacted but only 250 responses from both internal auditors and audit committees were received resulting in a response rate of 38.23 per cent. Certain demographic information was gathered from each subject. While the data was not collected to address a specific research question, it provides an insight into the subjects and may assist in interpreting results of the analysis. The demographic variables are: current position, qualification, professional accounting and/or auditing qualification, name of external auditors, establishment of the internal audit department and number of employees of the internal audit department. Summaries of the demographic data collected from the internal auditors are shown in Table II and the audit committees in Table III. Descriptive analysis The extent of internal auditing practices. Table IV shows the mean results of the extent of the internal auditing practices items. From the results, independence is a highly rated Questionnaires mailed 812 Undelivered 158 Subjects contacted 654 No. of responses 250 Responses rates (250/654) 38.23 (per cent) Demographic Characteristics Frequency Percent Current position Manager of the IAD 178 71.2 Senior auditor 17 6.8 Others 55 22.0 Qualification (excluding professional) First degree in 106 42.4 Post graduate 88 35.2 Diploma 22 8.8 Certificate 5 2.0 Others 29 11.6 Professional accounting/auditing qualification Professional qualifications (CPA Aust., CACA, ACCA, MICPA[2], CIMA) 174 69.6 No professional qualifications 76 30.4 Type of business of the company under KLSE listing Trading Industrial products 49 45 19.6 18.0 Consumer products 40 16.0 Properties 37 14.8 Finance 30 12.0 Construction 20 8.0 Plantation 12 4.8 Technology 5 2.0 Hotels 4 1.6 Mining 3 1.2 Trust 3 1.2 Infrastructure 2 0.8 External auditor of the company “Big 4” audit firms 166 66.4 Others 84 33.6
Existence of internal audit department Existence 231 92.4 Non-existence 19 7.6 Number of employees of the internal audit department Five employees Six to ten employees 144 54 57.6 21.6 . 10 employees 42 16.8 Outsourced 10 4.0 Table II. Summary of demographic data on respondents from internal auditors Demographic Characteristics Frequency Per cent Current position Manager 88 35.2 Director 59 23.6 Audit committee 57 22.8 Senior 6 2.4 Others 40 16.0 Qualification First degree 82 32.8 Post graduate 34 13.6 Diploma 6 2.4 Certificate 4 1.6 Others 124 49.6
item of internal auditing practices from the perspective of the internal auditors with a mean of 4.46 while the least rated items is professional proficiency with a mean of 3.88. The analysis of the results also reveals that, of the 50 internal auditing practices items, there are 35 items having a score between 4.00 and 5.00 and 15 items between 3.00 and 4.00. Items having scores ranging from 4.00 to 5.00 are strongly compliant with IIA (2000, 2001). The extent of existence of the quality of the internal control system. Table V shows the means of the components of the internal control system. From the results, the risk assessment component of internal control system is a highly rated item with a mean of 4.29 while information and communication is the least rated item with a mean of 4.12. An analysis of the results also reveal that, of the 25 items stated, there are 23 items having a score between 4.00 and 5.00. This suggests that the respondents consider the 23 items identified earlier exist in their internal control systems. This is because items having scores between 4.00 and 5.00 are perceived to be very important in this study. Hypotheses testing. Several methods of analyses were utilised to test these alternative hypotheses. The analyses used to test the hypotheses include descriptive and statistical analysis. The hypotheses sought to test for a significance difference of nine variables of internal auditing practices and five variables of internal control system. Hypotheses. H1a. The better the management of the internal audit department of the internal auditing practices, the greater the scope of work of the internal auditing practices, the higher the performance of audit work of the internal auditing practices, the higher professional proficiency of the internal auditing practices, the higher the independence of the internal auditing practices, the higher the objectivity of the internal auditing practices, the better the audit reviews of the internal auditing practices, the better the audit programs of the internal auditing practices, the better the audit reporting of the internal auditing practices, the higher the monitoring of the quality of the internal control system.
Rank Item Mean Standard deviation 1 Independence 4.46 0.59 2 Scope of audit work 4.22 0.49 3 Audit reporting 4.17 0.54 4 Audit programs 4.12 0.57 5 Management of IAD 4.12 0.53 6 Performance of audit work 4.11 0.62 7 Audit reviews 4.11 0.68 8 Objectivity 4.04 0.60 9 Professional proficiency 3.88 0.57 Rank Item Mean Standard deviation 1 Risk assessment 4.29 0.51 2 Control activities 4.28 0.45 3 Monitoring 4.15 0.61 4 Control environment 4.14 0.59 5 Information and communication 4.12 0.46
Table VI shows, the model is significant ðF ¼ 2:502Þ (sig. F ¼ 0:009Þ: However, the model only explained 8.6 per cent of the variation in monitoring. Internal auditing practices of significant influence in their order of impact are management of internal audit department ðbeta ¼ 0:327; p # 0:05Þ (sig. F ¼ 0:013Þ; professional proficiency ðbeta ¼ 20:197; p # 0:05Þ (sig. F ¼ 0:024Þ; objectivity ðbeta ¼ 20:146; p # 0:01Þ and audit reviews ðBeta ¼ 20:174; p # 0:05Þ (sig. F ¼ 0:038Þ: The following Table VI summarises the results. Thus, there is evidence to support that management of internal audit department of the internal auditing practices positively influences the monitoring aspect of internal control system while professional proficiency, objectivity and audit reviews of the internal auditing practices negatively influence the monitoring aspect of internal control system. Therefore, only H1a1 is accepted while H1a2 to H1a9 are rejected. H1b. The better the management of the internal audit department of the internal auditing practices, the greater the scope of work of the internal auditing practices, the higher the performance of audit work of the internal auditing practices, the higher professional proficiency of the internal auditing practices, the higher the independence of the internal auditing practices, the higher the objectivity of the internal auditing practices, the better the audit reviews of the internal auditing practices, the better the audit programs of the internal auditing practices, the better the audit reporting of the internal auditing practices, the better the information and communication of the quality of the internal control system. Table VII summarises the results. Table VII suggests that the model is significant ðF ¼ 1:752Þ (sig. F ¼ 0:078; p # 0:01Þ: However, the model only explained 6.2 per cent of the variation in information and communication. Internal auditing practices of significant influence in their order of impact are scope of audit work ðbeta ¼ 20:212; p # 0:05Þ (sig. F ¼ 0:031Þ and performance of audit work ðbeta ¼ 0:207; p # 0:05Þ (sig. F ¼ 0:021Þ: The results suggested that scope of audit work of the internal auditing practices negatively influence the information and communication aspect of internal control system while performance of audit work of the internal auditing practices positively Internal auditing practices Beta t Sig. Constant 10.672 0.000 Management of IAD 0.327 2.515 0.013 * * Scope of audit work 20.084 20.866 0.388 Performance of audit work 0.126 1.433 0.153 Professional proficiency 20.197 22.264 0.024 * * Independence 20.009 20.122 0.903 Objectivity 20.146 21.765 0.079 * Audit reviews 20.174 22.092 0.038 * * Audit programs 20.020 20.223 0.824 Audit reporting 0.131 1.453 0.148
Notes: Dependent variable: monitoring; *at 0.01 significant level; * *at 0.05 significant level; R 2: 0.086; F: 2.502 Internal auditing practices Beta t Sig. Constant 16.009 0.000 Management of IAD 0.058 0.437 0.662 Scope of audit work 20.212 22.175 0.031 * * Performance of audit work 0.207 2.321 0.021 * * Professional proficiency 20.065 20.738 0.461 Independence 0.020 0.251 0.802 Objectivity 0.015 0.184 0.854 Audit reviews 20.118 21.399 0.163 Audit programs 20.026 20.296 0.768 Audit reporting 20.023 20.251 0.802 Notes:Dependent variable: information and communication; * * at 0.05 significant level;R 2: 0.062; F:1.752
influence the information and communication aspect of internal control system. Therefore, only H1b3 is accepted while the rest of the hypotheses are rejected. H1c. The better the management of the internal audit department of the internal auditing practices, the greater the scope of work of the internal auditing practices, the higher the performance of audit work of the internal auditing practices, the higher professional proficiency of the internal auditing practices, the higher the independence of the internal auditing practices, the higher the objectivity of the internal auditing practices, the better the audit reviews of the internal auditing practices, the better the audit programs of the internal auditing practices, the better the audit reporting of the internal auditing practices, the higher the control environment of the quality of the internal control system. Table VIII summarizes the result. Table VIII suggests that the model is significant ðF ¼ 3:470Þ (sig. F ¼ 0:000; p # 0:05Þ: However, the model only explained 11.8 per cent of the variation in control environment. Internal auditing practices of significant influence in their order of Internal auditing practices Beta t Sig. Constant 16.009 0.000 Management of IAD 0.058 0.437 0.662 Scope of audit work 20.212 22.175 0.031 * * Performance of audit work 0.207 2.321 0.021 * * Professional proficiency 20.065 20.738 0.461 Independence 0.020 0.251 0.802 Objectivity 0.015 0.184 0.854 Audit reviews 20.118 21.399 0.163 Audit programs 20.026 20.296 0.768 Audit reporting 20.023 20.251 0.802 Notes:Dependent variable: information and communication; * * at 0.05 significant level;R 2: 0.062; F:1.752 Table VII. Results of H1b Internal auditing practices Beta t Sig. Constant 11.820 0.000 Management of IAD 0.169 1.336 0.183 Scope of audit work 0.015 0.162 0.871 Performance of audit work 0.315 3.671 0.000 * * Professional proficiency 20.266 23.087 0.002 * * Independence 0.086 1.117 0.265 Objectivity 20.249 23.093 0.002 * * Audit reviews 0.058 0.699 0.485 Audit programs 0.040 0.469 0.640 Audit reporting 20.110 21.257 0.210 Notes: Dependent variable: control environment; * * at 0.05 significant level; R 2: 0.118; F: 3.470
impact are performance of audit work ðbeta ¼ 0:315; p # 0:05Þ (sig. F ¼ 0:000Þ; professional proficiency ðbeta ¼ 20:266; p # 0:05Þ (sig.F ¼ 0:002Þ and objectivity ðbeta ¼ 20:249; p # 0:05Þ (sig. F ¼ 0:002Þ:
Therefore, the results show that performance of audit work positively influences the control environment aspect of internal control system while professional proficiency and objectivity of the internal auditing practices negatively influence the control environment aspect of internal control system and therefore the null hypothesis is accepted. Therefore, H1c3 is accepted while H1c1 to H1c2 and H1c4 to H1c9 are rejected. H1d. The better the management of the internal audit department of the internal auditing practices, the greater the scope of work of the internal auditing practices, the higher the performance of audit work of the internal auditing practices, the higher professional proficiency of the internal auditing practices, the higher the independence of the internal auditing practices, the higher the objectivity of the internal auditing practices, the better the audit reviews of the internal auditing practices, the better the audit programs of the internal auditing practices, the better the audit reporting of the internal auditing practices, the higher the risk assessment of the quality of the internal control system. Table IX summarises the results. Table IX suggested that the model is significant ðF ¼ 2:983Þ (sig. F ¼ 0:002; p # 0:05Þ: However, the model only explained 10.1 per cent of the variation in risk assessment. Internal auditing practices of significant influence in their order of impact are management of internal audit department ðbeta ¼ 20:254; p # 0:05Þ (sig. F ¼ 0:049Þ; performance of audit work ðbeta ¼ 0:193; p # 0:05Þ (sig.F ¼ 0:027Þ; audit program ðbeta ¼ 0:211; p # 0:05Þ (sig.F ¼ 0:016Þ and audit reporting ðbeta ¼ 0:238; p # 0:05Þ (sig. F ¼ 0:008Þ: Therefore, the results show that management of internal audit department negatively influence the risk assessment aspect of internal control system while performance of audit work, audit program and audit reporting of the internal audit Internal auditing practices Beta t Sig. Constant 11.395 0.000 Management of IAD 20.254 21.975 0.049 * * Scope of audit work 20.157 21.640 0.102 Performance of audit work 0.193 2.218 0.027 * * Professional proficiency 20.121 21.411 0.160 Independence 0.071 0.932 0.352 Objectivity 0.045 0.554 0.580 Audit reviews 0.015 0.184 0.855 Audit programs 0.211 2.438 0.016 * * Audit reports 0.238 2.655 0.008 * * Notes: Dependent variable: risk assessment; * * at 0.05 significant level; R 2: 0.101; F: 2.983
practices positively influence the risk assessment aspect of internal control system. H1d3, H1d8 and H1d9 are accepted while the rest are rejected. H1e. The better the management of the internal audit department of the internal auditing practices, the greater the scope of work of the internal auditing practices, the higher the performance of audit work of the internal auditing practices, the higher professional proficiency of the internal auditing practices, the higher the independence of the internal auditing practices, the higher the objectivity of the internal auditing practices, the better the audit reviews of the internal auditing practices, the better the audit programs of the internal auditing practices, the better the audit reporting of the internal auditing practices, the higher the control activities of the quality of the internal control system. Table X suggested that the model is significant ðF ¼ 1:734Þ (sig. F ¼ 0:082; p # 0:01Þ: However, the model only explained 6.1 per cent of the variation in control activities. Internal auditing practices of significant influence in their order of impact are performance of audit work ðbeta ¼ 0:176; p # 0:05Þ (sig. F ¼ 0:049Þ and audit reporting ðbeta ¼ 0:175; p # 0:01Þ (sig. F ¼ 0:057Þ: The results support the hypothesis that both performance of audit work and audit
reporting of the internal audit practices positively influence the control activities aspect of quality of the internal control system. Therefore, H1e3 and H1e9, which positively influence the control activities of the quality of the internal control systems are accepted while the rest of the hypotheses are rejected. Summary of results. The management of internal audit department of internal auditing practices positively influences the monitoring aspect of the quality of the internal control system but it is negatively influenced by the professional proficiency, objectivity and audit review of the internal auditing practices. Information and communication aspect of the quality of the internal control system is negatively influenced by scope of work of the internal auditing practices but is positively influenced by performance of audit work of the internal auditing practices. Internal auditing practices Beta t Sig. Constant 14.046 0.000 Management of IAD 20.098 20.748 0.455 Scope of audit work 20.136 21.399 0.163 Performance of audit work 0.176 1.979 0.049 * * Professional proficiency 20.049 20.560 0.576 Independence 0.123 1.576 0.116 Objectivity 20.063 20.751 0.453 Audit reviews 0.043 0.507 0.613 Audit programs 20.078 20.876 0.382 Audit reporting 0.175 1.915 0.057 * Notes: Dependent variable: control activities; *at 0.01 significant level; * *at 0.05 significant level; R 2: 0.061; F: 1.734
The control environment aspect of the quality internal control system is positively influenced by performance of audit work of the internal auditing practices while it is negatively influenced by professional proficiency and objectivity of the internal auditing practices. The risk assessment aspect of the quality of the internal control system is negatively influenced by management of internal audit department of the internal auditing practices but is positively influenced by performance of audit work, audit program and audit reporting of the internal auditing practices. The control activities aspect of the quality of the internal control system is positively influenced by performance of audit work and audit reporting of the internal auditing practices. Discussion and conclusion This study examined the extent of the internal auditing practices by the internal audit department and the effects of the practices have on the quality of the internal control system. Analyses were done from the Internal Audit Practice Scale and Internal Control System Scale that were sent to all internal auditors and audit committees of the Malaysian Public Listed Companies for the year 2001. The extent of the internal auditing practices One of the major findings in this study is the extent of internal auditing practices in Malaysian Public Listed Companies. The five variables were derived from the IIA (2000), which were: independence and objectivity, professional proficiency, scope of work, performance of audit work and management of the internal auditing department. However, this study suggest that the internal auditing practices should comprise of nine functions instead of only five functions as suggested by the IIA (2000). The functions suggested are as follows: management of internal audit department, performance of audit work, independence, audit reviews, audit reporting, scope of audit work, professional proficiency, objectivity and audit programs. The four new functions are objectivity (separated from independence), audit reviews, audit programs and audit reporting. Comparison was also made between the variables of this study and IIA (2001). Under IIA (2001), the standards consists of ten variables: purpose, authority, and responsibility; independence and objectivity; proficiency and due professional care; quality assurance and improvement program; managing the internal audit activity;
nature of audit work; engagement planning; performing the engagement; communicating results; monitoring progress; and management’s acceptance of risks. The difference between this study’s variables and IIA (2001) is the additional of five new audit functions that is the monitoring progress; communicating results; engagement planning; purpose, authority and responsibility; and management’s acceptance of risks. Comparison with the findings of this study and the IIA (2001) were also made. There are only two new functions of the internal auditing practices in the IIA (2001): purpose, authority and responsibility, and management’s acceptance of risks. The rests of the internal auditing practices functions in this study are consistent to the IIA (2000, 2001). Table XI shows the summary of comparisons of the extent of the internal auditing practices. SPPIA (2000) This study (2001) PPF (2002) Independence and objectivity Independence Independence and objectivity Professional proficiency Objectivity Proficiency and due professional care Scope of work Professional proficiency Nature of audit work Performance of audit work Scope of work Performing the engagement Management of internal audit department Performance of audit work Managing the internal audit activity Management of internal audit department Monitoring progress Audit reviews Communicating results Audit reporting Engagement planning Audit programs Purpose, authority and responsibility Management’s acceptance of Risks
Internal auditing practices and the quality of the internal control system This study also examines the influence of internal auditing practices and the quality of internal control system. It is shown that only the monitoring aspect of the quality of internal control system positively influenced by the management of the internal audit department. However, it is negatively influenced by the professional proficiency, objectivity and audit review of the internal auditing practices. By managing the department, the work performed by the internal audit department has been implemented in the past and the work schedules have taken into consideration the goal of the internal audit department and also the general purposes of company management. Therefore this will positively influence the monitoring of the internal control system since this will have an effective impact on the monitoring process and also reports on illegal acts are properly monitored. However, this study suggests that professional proficiency such as adequate knowledge, professional membership, certification, and training in electronic data processing (EDP) system lead to lower monitoring of the quality of the internal control system. This is because when the internal auditors have all the above-mentioned criteria, it would imply that they are competent to do the work and therefore lower monitoring of the quality of the internal control system is needed since the internal auditors have a clear understanding of the internal control system. This is also true for objectivity and audit reviews of the internal auditing practices on the monitoring of the quality of the internal control system. Objectivity involves the unbiased attitude and avoidance of conflict of interest by the internal auditors while audit reviews are efficiently conducted in respect to the necessary audit operations. Therefore, internal auditors need lower monitoring of the quality of the internal control system since the entire necessary audit operations has been well conducted. This study also suggests that scope of work of the internal auditing practices
negatively influences the information and communication aspect of the quality of the internal control system while the performance of audit work of the internal auditing practices positively influences the information and communication aspect of the quality of the internal control system. Scope of work of the internal auditing practices involves reviewing the system to ensure compliance with procedures, policies, laws and regulation and planning of the work and there is also better coordination between external and internal auditors. This means that if there is better scope of work of the internal auditing practices, this will lead to lesser control procedures of computer information system and lesser assessment of information needed on the quality of the internal control system. The internal auditors follow all the necessary procedures in doing the audit work and therefore lesser information and communication of the quality of the internal control system is needed. However, the better the performance of audit work, the greater is the information and communication since in performing the audit work, the internal auditors need to identify, analyse, evaluate and record sufficient information to achieve the engagement objectives. This study also perceived that the performance of audit work of the internal auditing practices positively influences the control environment aspect of the quality of the internal control system while professional proficiency and objectivity of the internal auditing practices negatively influences the control environment aspect of the quality of the internal control system. Performance of audit work plays a great impact on the control environment of the quality of the internal control system. Therefore, the better the performance of the audit work, the greater is the control environment on the quality of the internal control system. In performing the audit work, the internal auditors have been trained and are competent to do the audit work. Consequently, they are able to identify and analyse the necessary records to achieve the audit objective. This will have a positive impact on the control environment of the quality of the internal control systems since the senior management will demonstrate a higher climate of trust with better performance of the audit work. This study also suggests that management of internal audit department of the internal auditing practices negatively influences the risk assessment aspect of the quality of the internal control system. However, the performance of audit work, audit program and audit reporting of the internal auditing practices positively influences the risk assessment aspect of the quality of the internal control system. Since the work performed by the internal audit department has been implemented in the past and the work schedules take into consideration the goals of internal audit department, therefore, this will lead to lower risk assessment of the quality of the internal control system. This is because; the necessary proper procedures are already applied in managing the internal audit department. However, the better the performance of audit work, audit program and audit reporting of the internal auditing practices lead to better risk assessment. In performing the audit work, the internal auditors will identify better risk management framework and risk management policy and also better procedures should be installed in monitoring the applications of policies and procedures of the organisation. This is also true for audit programs and audit reporting. The better the audit program and audit reporting, the installation of the procedures and application of policies in assessing the risk of the organisation will further improve. Performance of audit work and audit reporting of the internal auditing practices positively influence the control activities aspect of the quality of the internal control system. With trained and competent internal audit staff and better evaluation to achieve the engagement objectives, this will lead to better control activities of the quality of the internal control system. In this case, higher board of director’s approval on the audit work performed is achieved and the internal auditors would diligently investigate the variances. There are also improved recommendations made by the internal audit department through audit reporting.
Implications of the study The logical question at this juncture is: what do the results of this study imply? In other words, how does the research contribute to theory building, provide guidance to the internal auditors and serve as input for the next SPPIA? These questions are addressed as follows: Theoretical implications The first theoretical implication is that this study has contributed to the agency theory and internal audit paradigm where this study supported how the agency theory provide more meaningful research in the internal audit discipline based on the premise monitoring expenditure incurred by the principal and the agent. This study also explains the existence of agency theory postulated and its influence on the extent of internal auditing practices in Malaysian public listed companies and its effect on the firm’s internal control system. Practical implications An important finding of this research pertains to the extent of the internal auditing practices among internal auditors in Malaysian public listed companies. The first practical implications refer to changing of internal auditing practices functions from five to nine. The standard setter such as the IIA has the important role to revise the PPF or the SPPIA based on this study. The IIA (2000) basically described the criteria by which the operations of an internal auditing department are evaluated and measured and they are intended to represent the practice of internal auditing, as it should be. This includes independence and objectivity, professional proficiency, scope of work, performance of audit work and management of internal audit department. The study implied that the IIA should include nine factors in building up the SPPIA, that is independence, scope of work, audit reporting, audit programs, management of internal audit department, performance of audit work, audit reviews, objectivity and professional proficiency since these factors revealed that CAEs placed much importance on above factors. The assistance of internal auditing practices benefit managers in providing bases for judgement and action, helping managers by reporting weaknesses in control and performance, providing counsel to managers and board of directors on the solutions of business problems and supplying information that is timely, reliable and useful to all levels of management. Therefore, compliance to the SPPIA is very important to internal auditors in the extent of the internal auditing practices and IIA must play its role in representing the practice of internal auditing, as it should be. Another implication is that all the variables in this study is consistent with the IIA (2001). The rationale behind the extent of the internal audit practices is that it provides opportunity for the Chief Audit Executives or internal auditors to get the management’s undivided attention to the extent of internal auditing practices on the quality of the internal control system. Reporting significant audit results and recommendations give Chief Audit Executives an avenue for presenting their internal audit practices to the president and other top management team members. The reasonable and meaningful findings and recommendations contained in the audit report are symbols of their contribution, which result in improvements to the organisation as a whole. Further, Chief Audit Executives might have perceived more importance to the ability to provide independent reviews to the president or other top management team members. Again, in order to comply with the SPPIA, Chief Audit Executives believe that their departments should be independent, have bigger scope of audit work, better management of internal audit department, higher performance of audit work, better application of auditing standards to audit work, professional and proficient in internal audit practices. The results show that the five functions of the quality of the internal control system are as per Committee of Sponsoring Organizations (COSO) standard. Currently, Malaysian approved auditing standards have incorporated this and also adopted
the statement on internal control: guidance for directors of public listed companies (MIA, 2001). Internal auditing department also should be seen to conduct their work effectively and have trained staff. Limitations of the study This study provides empirical evidence that the internal auditing practices of the public listed companies in Malaysia comply with the IIA (2000) and statistically influence the quality of the internal control systems. This may be due to the auditing standards enforced by the IIA (Malaysia) and MIA. This study, however, has its limitations. Of 250 public listed companies included in this study, it is only representative of 38.23 per cent of public listed companies for the year 2001. Consequently, the results may not be generalisable to the population of internal auditors as a whole. Furthermore, the extent of the internal auditing practices is only limited to the IIA (2000). Internal auditors typically work as a team in its normal internal audit practices. This study is limited as only individuals who are Chief Audit Executives were examined. The dynamics of group interaction were not considered. However, the Chief Audit Executives represent the internal audit department suggesting that the study of this individual is the logical first step. This study assumed that auditors are of the same calibre across firms for each designation. However, this may not be a valid assumption since years of experience of the internal auditors are not included in the study. Conclusion While the results in this study are by no means conclusive, it is hope that this study has contributed to the research done in the extent of the internal auditing practices. This study has also provided some evidence on the extent of the internal auditing practices and the influence it has on the internal control system. Notes 1. Please refer to www.theiia.org/iia for detail explanation of IIA (2001). 2. MICPA – Malaysian Institute of Certified Public Accountants.
Praktik audit internal dan sistem kontrol internal Faudziah Hanim Fadzil Fakultas Akuntansi, Universiti Utara Malaysia, Kedah, Malaysia Hasnah Haron Sekolah Manajemen, Universiti Sains Malaysia, Penang, Malaysia, dan Muhamad Jantan Pusat Penelitian Kebijakan, Universiti Sains Malaysia, Penang, Malaysia Abstrak Tujuan - Dua tujuan utama dan mereka adalah: untuk menentukan apakah departemen audit internal PT perusahaan yang terdaftar di Bursa Malaysia mematuhi Standar untuk Praktik Profesional Auditor Internal IIA (2000); dan, untuk menentukan apakah kepatuhan terhadap SPPIA akan memengaruhi kualitas dari sistem pengendalian internal perusahaan. Desain / metodologi / pendekatan - Dua set kuesioner digunakan dalam penelitian ini. Intern praktik audit diukur dengan item-item yang tercantum dalam SPPIA dan kontrol internalnya diukur dengan menggunakan pernyataan tentang kontrol internal: pedoman untuk direktur publik terdaftar perusahaan. Populasi yang digunakan dalam penelitian ini adalah semua perusahaan yang terdaftar di Bursa Malaysia di 2001. Penelitian ini menggunakan analisis deskriptif dan inferensial. Temuan - Ditemukan bahwa manajemen departemen audit internal, kecakapan profesional, obyektivitas dan tinjauan secara signifikan mempengaruhi aspek pemantauan sistem kontrol internal. Lingkup pekerjaan dan kinerja pekerjaan audit secara signifikan mempengaruhi informasi dan aspek komunikasi dari sistem kontrol internal sementara kinerja pekerjaan audit, profesional kecakapan dan obyektivitas secara signifikan mempengaruhi aspek lingkungan kontrol internal sistem pengaturan. Penelitian ini juga menunjukkan bahwa manajemen departemen audit internal, kinerja PT pekerjaan audit, program audit dan pelaporan audit secara signifikan mempengaruhi aspek penilaian risiko dari sistem kontrol internal. Terakhir, kinerja pekerjaan audit dan pelaporan audit secara signifikan
mempengaruhi aspek aktivitas kontrol dari sistem kontrol internal. Batasan / implikasi penelitian - Penelitian ini telah berkontribusi pada teori agensi dengan sehubungan dengan biaya ikatan yang harus dibayarkan manajemen kepada auditor internal untuk kepentingan terbaik para pelaku perusahaan. Implikasi penting lainnya berkaitan dengan tingkat internal praktik audit di antara auditor internal di perusahaan publik Malaysia. Penelitian juga menunjukkan bahwa kepatuhan dengan praktik audit internal secara parsial memengaruhi aspek tertentu dari kualitas sistem kontrol internal. Orisinalitas / nilai - Ini adalah studi empiris pertama yang mengaitkan kepatuhan internal fungsi audit untuk SPPIA dan pengaruhnya terhadap sistem kontrol internal. Kata kunci Audit, Standar audit, Malaysia Jenis kertas Kertas penelitian pengantar Audit internal telah mengalami perubahan dramatis yang telah memperluas cakupannya yang memungkinkannya memberikan kontribusi lebih besar kepada organisasi yang dilayaninya. Audit internal juga dilakukan dalam lingkungan hukum dan budaya yang beragam; dalam organisasi itu beragam tujuan, ukuran, dan struktur; dan juga oleh orang di dalam atau di luar organisasi. Selain itu, profesi audit internal juga berjalan di atas tali antara melayani sebagai konsultan manajemen dan profesional. Sebuah survei independen dilakukan oleh Institute of Corporate Governance Manila (MICG), The Institute of Internal Auditor Malaysia (IIAM) dan Ernst and Young menyimpulkan bahwa auditor internal adalah yang terbaik ditempatkan untuk memahami dan menghargai proses bisnis perusahaan dan mereka bertindak sebagai konsultan manajemen untuk mengurangi risiko. Auditor internal juga membantu menjalankan perusahaan lebih banyak secara efisien dan efektif untuk meningkatkan nilai pemegang saham. Karena ini masalahnya, auditor internal harus berada di depan, memimpin bisnis unit berkaitan dengan sistem pengendalian internal dan juga berfokus pada strategis tujuan bisnis. Auditor internal juga perlu memantapkan diri mereka sebagai vital roda gigi dalam organisasi mereka, bukan sebagai pengamat yang menonton dari pinggiran dan
menunggu peristiwa berdampak pada mereka (Sawyer dan Vinten, 1996). Salah satu masalah yang muncul terkait praktik audit internal adalah; “Apa itu pengukuran yang tepat dan sehat dari praktik audit internal? "Barrett (1986) mencatat, “efektivitas (audit internal) dapat diuraikan, tetapi sulit untuk diukur dan dalam analisis akhir, efektivitas ditentukan oleh persepsi pihak yang diaudit ”. Dalam lingkungan perusahaan, manajemen adalah pihak yang diaudit yang paling penting departemen audit internal karena efektivitas praktik audit internal dapat dijelaskan melalui harapan manajemen berkaitan dengan audit internal praktik. Manajemen akan mengharapkan auditor internal untuk melakukan internal mereka praktik audit ke tingkat tertentu yang sesuai dengan Standar untuk Praktik Profesional Auditor Internal (SPPIA) (sekarang dikenal sebagai Profesional Kerangka Kerja Praktek (PPF)), karena dapat dengan mudah dijelaskan ed. Kepatuhan dengan SPPIA adalah oleh karena itu indikasi efektivitas Departemen Audit Internal. Profesi audit, baik internal maupun eksternal, mengalami peningkatan pengawasan sejak jatuhnya pedagang energi yang dipublikasikan, Enron (Vinten, 2003) di Amerika Serikat tahun lalu. Mengungkap dugaan penyimpangan di Sumber Daya Teknologi Industries Berhad (TRI) telah menyoroti perlunya tata kelola perusahaan yang lebih besar di Indonesia Malaysia. TRI telah mengeluarkan faktur palsu antara tahun 1998 dan 1999, yang jumlahnya mencapai MYR260 juta (USD 68 juta). Menurut Dato 'Samad Alias, Presiden the Institut Akuntan Malaysia (MIA), “Ini bisa menjadi penipuan akuntansi terbesar dalam sejarah Malaysia ”. Faktur palsu ditemukan oleh Telekom Malaysia, yang mengambil alih TRI pada Juni 2002, setelah melakukan beberapa audit internal, ketika Arthur Andersen adalah auditor TRI. “Kami harus mengandalkan informasi yang disiapkan oleh akuntan perusahaan ”, kata Dato 'Abdul Samad, yang saat itu menjabat sebagai kepala bagian Kantor Andersen di Malaysia. Jika TRI akan menyajikan kembali akun tahun 1998 dan 1999, bukunya bersih nilai akan berkurang sebanyak MYR 198 juta (Financial Times, 2002). Kasusnya sudah tentu menjelaskan tentang pentingnya peran auditor internal, yang hanya
diakui dan ditekankan setelah penyimpangan ditemukan. Auditor internal sering digambarkan sebagai mitra bisnis dan polisi karena pekerjaannya sebagai mitra bisnis dengan manajemen klien dan juga karena dia bertindak sebagai peninjau independen manajemen. Sebagai mitra bisnis, internal Auditor diharapkan memberikan keahlian untuk membantu organisasi dalam memenuhi nya tujuan sementara sebagai polisi; auditor internal sering dianggap sebagai musuh mencari kekurangan. Dengan demikian, tingkat praktik audit internal memainkan faktor penting pada peran ini. Studi ini akan memberikan bukti empiris apakah kepatuhan dengan praktik audit internal akan mengarah pada sistem kontrol internal yang lebih baik. Pengembangan SPPIA SPPIA adalah kriteria di mana operasi departemen audit internal dievaluasi dan diukur serta dimaksudkan untuk mewakili praktik audit internal, sebagaimana adanya seharusnya. Ini juga dimaksudkan untuk melayani seluruh profesi audit internal, dalam semua jenis organisasi di mana auditor internal ditemukan. Ini pertama kali dikembangkan pada Juni 1978, pada Konferensi Internasional Auditor Internal di San Francisco. SPPIA terdiri dari lima standar umum: (1) kemerdekaan; (2) kemahiran profesional; (3) ruang lingkup pekerjaan; (4) kinerja pekerjaan audit; dan (5) manajemen departemen audit internal. Kerangka kerja ini memungkinkan perluasan praktik audit internal di masa depan hingga kerangka kerja baru dirilis pada Januari 2002. Kerangka kerja baru, yang disebut PPF dirilis pada Januari 2002 [1] dan terdiri dari tiga set standar: atribut, kinerja, dan standar implementasi. Itu standar atribut membahas atribut organisasi dan individu yang melakukan jasa audit internal sedangkan standar kinerja menggambarkan sifat internal mengaudit layanan dan memberikan kriteria kualitas terhadap kinerja layanan ini
bisa diukur. Standar implementasi di sisi lain memberikan panduan berlaku untuk jenis keterlibatan tertentu. Namun, kerangka kerja baru ini tidak digunakan dalam penelitian ini karena waktu rilisnya. Sistem kontrol internal. Sistem kontrol internal memainkan peran penting dalam praktik audit internal karena auditor internal mungkin dianggap sebagai spesialis dalam kontrol manajemen (Chambers et al., 1987). Praktik audit internal menilai efektivitas sistem kontrol internal, yang merupakan definisi internal audit dan yang juga mencakup penilaian tindakan oleh manajemen untuk dikoreksi situasi, yang berbeda dengan hasil yang direncanakan. Definisi internal sistem kontrol mengungkapkan bahwa itu tidak berbeda secara fundamental dari manajemen kontrol, yang memiliki komponen penting kontrol seperti perencanaan, pengorganisasian, kepegawaian dan pengarahan (Chambers et al., 1987). Manajemen senior dan audit Komite biasanya berharap bahwa CAE akan melakukan pekerjaan audit yang cukup dan mengumpulkan informasi lain yang tersedia sepanjang tahun untuk membentuk penilaian tentang kecukupan dan efektivitas proses kontrol. CAE seharusnya mengomunikasikan penilaian keseluruhan tentang sistem kontrol organisasi ke manajemen senior dan komite audit. Ini perlu sejak internal auditor memainkan peran perantara dan membantu pelaksanaan fungsi pengawasan komite audit. Jika fungsi audit internal di atas tidak tersedia, maka manajemen perlu menerapkan proses pemantauan lainnya untuk memastikan dirinya dan pihaknya papan bahwa sistem sistem kontrol internal berfungsi sebagaimana dimaksud. Dalam hal ini keadaan, dewan perusahaan akan perlu menilai apakah proses tersebut memberikan jaminan yang memadai dan obyektif atau tinjauan dan penilaian berkala atas kecukupan dan integritas sistem kontrol internal di perusahaan. Persyaratan Pencatatan Bursa telah membentuk gugus tugas industri yang merumuskan "Pernyataan tentang Pengendalian Internal: Bimbingan Untuk Direktur Perusahaan Terbuka" untuk memenuhi keadaan di atas. Tujuan pedoman ini adalah untuk membantu perusahaan yang terdaftar di membuat pengungkapan dalam laporan tahunan mereka tentang keadaan pengendalian internal, sesuai kepatuhan
dengan Persyaratan Pencatatan KLSE. Sesuai dengan persyaratan Kode Etik dalam terkait dengan Fungsi Audit Internal, pada Mei 2001, Komisi Sekuritas menunjuk IIAM untuk membentuk gugus tugas industri yang terpisah untuk merumuskannya Pedoman untuk membantu dewan perusahaan publik dalam melaksanakan secara efektif tanggung jawab terkait dengan penetapan Fungsi Audit Internal. Tugas beresiko, mengendalikan lingkungan, mengendalikan kegiatan, informasi dan komunikasi dan pemantauan adalah lima karakteristik penting dalam pedoman ini. Peran auditor internal. Dalam pernyataan tanggung jawab internal direvisi audit yang dikeluarkan oleh Institute of Internal Auditor (IIA) (2000) sebagai bagian dari kerangka kerja standar, bagian tentang tujuan menyatakan: Tujuan audit internal adalah untuk membantu semua anggota manajemen secara efektif pelepasan tanggung jawab mereka dengan melengkapi mereka dengan analisis, penilaian, rekomendasi dan komentar terkait tentang kegiatan yang ditinjau. Internal Auditor prihatin dengan setiap fase kegiatan bisnis di mana ia dapat melayani pengelolaan. Ini melibatkan melampaui catatan akuntansi dan keuangan untuk mendapatkan penuh pemahaman tentang operasi yang sedang ditinjau (hal. 3). Sawyer dan Vinten (1996) mencatat empat manfaat yang diperoleh manajer dari internal bantuan audit. Manfaat-manfaat ini memberi para manajer pangkalan penilaian dan tindakan, membantu manajer dengan melaporkan kelemahan dalam kontrol dan kinerja dan dalam merekomendasikan perbaikan, memberikan nasihat kepada manajer dan dewan direksi tentang solusi masalah bisnis, dan menyediakan informasi yang tepat waktu, andal, dan bermanfaat untuk semua tingkatan manajemen. Selain itu, pernyataan tersebut menetapkan jenis layanan yang harus dilakukan dan jenis kegiatan yang dilakukan oleh fungsi audit internal dalam mencapai Tujuan keseluruhan. Auditor internal harus terlebih dahulu meninjau dan menilai kesehatan dan kecukupan akuntansi, keuangan, dan kontrol operasi lainnya, dan mempromosikan kontrol yang efektif dengan biaya yang masuk akal. Kedua, auditor internal harus memastikan sejauh mana kepatuhan terhadap kebijakan, rencana, prosedur, hukum yang berlaku dan
peraturan, yang dapat memiliki dampak signifikan pada operasi perusahaan. Kemudian auditor internal meninjau cara menjaga aset dan jika perlu, memverifikasi keberadaan aset tersebut dan menilai ekonomi dan efisiensi yang dengannya sumber daya digunakan. Terakhir, auditor internal meninjau operasi atau program untuk memastikan apakah hasilnya konsisten dengan tujuan dan sasaran yang ditetapkan dan apakah operasi atau program sedang dilaksanakan sesuai rencana. Meninjau dan mengevaluasi kecukupan dan efektivitas organisasi sistem pengendalian internal dan kualitas kinerja dalam melaksanakan tugas yang ditugaskan tanggung jawab merupakan perwakilan dari beberapa kegiatan inti utama audit internal kerja. Tujuan dari tinjauan kecukupan audit internal adalah untuk memastikan apakah sistem yang ada memberikan jaminan yang masuk akal bahwa organisasi itu tujuan dan sasaran akan tercapai secara efisien dan ekonomis. Kontrol yang memadai dianggap ada jika manajemen administratif memiliki terencana dan terorganisir dengan cara, yang memberikan jaminan yang masuk akal bahwa tujuan dan sasaran organisasi akan tercapai secara efisien dan ekonomis. Jaminan yang wajar diberikan ketika tindakan hemat biaya diambil untuk membatasi penyimpangan, seperti tindakan yang tidak pantas atau ilegal, ke tingkat yang dapat ditoleransi. Peran audit internal dalam peninjauan efektivitas sistem internal kontrol adalah untuk memastikan apakah sistem berfungsi sebagaimana dimaksud. Kontrol yang efektif hadir ketika manajemen administrasi mengarahkan sistem sedemikian rupa untuk memberikan jaminan yang masuk akal bahwa tujuan dan sasaran organisasi akan tercapai tercapai. Tujuan review untuk kualitas kinerja adalah untuk memastikan apakah tujuan dan sasaran organisasi telah tercapai. Tujuan utama dari sistem pengendalian internal organisasi adalah untuk menyediakan manajemen administrasi dengan jaminan yang wajar bahwa informasi keuangan akurat dan andal; organisasi mematuhi kebijakan, rencana, prosedur, hukum, peraturan dan kontrak; aset dilindungi terhadap kehilangan dan pencurian; kembali sumber adalah digunakan secara ekonomis dan efisien; dan menetapkan sasaran dan sasaran untuk operasi
atau program dapat dipenuhi. Audit internal berfokus pada evaluasi sistem ini atau kerangka kerja pengendalian internal. Tipe kedua pekerjaan audit yang dipandu oleh auditor internal adalah meninjau keakuratan dan keandalan informasi keuangan dan operasi dan sarana yang digunakan untuk mengidentifikasi, mengukur, mengklasifikasikan, dan melaporkan informasi tersebut. Informasi sistem menyediakan data untuk pengambilan keputusan, kontrol, dan kepatuhan dengan eksternal kebutuhan. Oleh karena itu, auditor internal harus memeriksa sistem informasi dan menentukan apakah catatan dan laporan keuangan dan operasi berisi akurat, informasi yang andal, tepat waktu, lengkap dan bermanfaat, dan kontrol atas pencatatan dan pelaporan memadai dan efektif. Kinerja tinjauan sistem yang dibuat untuk memastikan kepatuhan kebijakan, rencana, prosedur, hukum, peraturan, dan kontrak merupakan elemen ketiga aktivitas audit yang dijelaskan oleh standar. Manajemen administrasi adalah bertanggung jawab untuk membangun sistem yang dirancang untuk memastikan kepatuhan terhadap hal tersebut persyaratan sebagai undang-undang, aturan, peraturan, kebijakan, dan prosedur. Auditor internal perannya adalah untuk menentukan apakah sistem yang dirancang oleh manajemen memadai dan efektif dan apakah kegiatan yang diaudit telah sesuai dengan yang sesuai Persyaratan. Selanjutnya, seperti yang dijelaskan oleh standar, peran auditor internal mencakup penyediaan penilaian dengan rekomendasi mengenai manajemen administrasi didirikan tujuan dan sasaran untuk operasi dan program. Kerangka kerja dan metodologi penelitian Sumber utama data adalah laporan tahunan perusahaan publik Malaysia. Data dikumpulkan dari laporan perusahaan digunakan untuk memeriksa keberadaan audit internal di perusahaan dan jika ada, fungsi auditor internal. Laporan tahunan perusahaan digunakan karena dipandang sebagai bentuk utama komunikasi perusahaan (Zeghal dan Ahmed, 1990; Unerman, 2000) dan juga mereka banyak tersedia (Buhr, 1998;
Gray et al., 1995; Unerman, 2000). Kerangka Penelitian Studi ini berfokus pada dua variabel: praktik audit internal dan kualitas sistem kontrol internal. Kerangka teoritis adalah sebagai berikut: Gambar 1 model yang diusulkan didasarkan pada postulat dalam teori agensi di mana kepala sekolah akan dikenakan biaya agensi agar mereka dapat mengamati tindakan agen. Hubungan antara pelaku dan agen adalah bahwa para pelaku akan menanggung memantau pengeluaran sementara agen mengeluarkan biaya ikatan untuk memastikan bahwa pekerjaan menjaga kekayaan para pelaku dilakukan (Adams, 1994). Biaya internal audit adalah contoh dari biaya ikatan ini. Sherer dan Kent (1983) dianggap internal mengaudit menjadi “biaya ikatan yang ditanggung oleh manajer senior untuk memenuhi permintaan akuntabilitas yang dibuat oleh peserta eksternal terutama pemegang saham ”. Bukan internal profesional audit berpendapat bahwa fungsi audit yang efektif akan berkorelasi dengan keberhasilan organisasi dalam memenuhi tujuan manajemen dan apakah internal sistem kontrol berfungsi sebagaimana dimaksud. Hipotesis penelitian Hipotesis penelitian akan menguji kepatuhan praktik audit internal dengan kualitas sistem kontrol internal. Ada 45 sub-hipotesis yang berkaitan dengan praktik audit internal ke sistem kontrol internal. H1. Semakin baik kepatuhan departemen audit internal terhadap standar praktik audit internal, semakin tinggi kualitas kontrol internal sistem. H1a. menghubungkan pemantauan kualitas kontrol internal dengan sembilan komponen praktik audit internal. H1a1. Semakin baik manajemen departemen audit internal praktik audit, semakin tinggi pemantauan kualitas internal sistem pengaturan. H1a2. Semakin besar ruang lingkup kerja praktik audit internal, semakin tinggi
pemantauan kualitas sistem kontrol internal. H1a3. Semakin tinggi kinerja pekerjaan audit dari praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a4. Kemahiran profesional yang lebih tinggi dari praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a5. Semakin tinggi independensi praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a6. Semakin tinggi obyektivitas praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a7. Semakin baik ulasan audit dari praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a8. Semakin baik program audit dari praktik audit internal, semakin tinggi pemantauan kualitas sistem kontrol internal. H1a9. Semakin baik pelaporan audit dari praktik audit internal, semakin tinggi Mo nitoring kualitas sistem kontrol internal. H1b. menghubungkan informasi dan komunikasi kualitas pengendalian internal dengan sembilan komponen praktik audit internal. H1b1. Semakin baik manajemen departemen audit internal praktik audit, semakin baik informasi dan komunikasi kualitas sistem kontrol internal. H1b2. Semakin besar ruang lingkup kerja praktik audit internal, semakin baik informasi dan komunikasi kualitas pengendalian internal sistem. H1b3. Semakin baik kinerja pekerjaan audit dari praktik audit internal, semakin baik informasi dan komunikasi kualitas internal sistem pengaturan. H1b4. Semakin tinggi kemahiran profesional dari praktik audit internal, semakin baik informasi dan komunikasi kualitas internal
sistem pengaturan. H1b5. Semakin tinggi independensi praktik audit internal, semakin baik informasi dan komunikasi kualitas pengendalian internal sistem. H1b6. Semakin tinggi obyektivitas praktik audit internal, semakin baik informasi dan komunikasi kualitas pengendalian internal sistem. H1b7. Semakin baik ulasan audit dari praktik audit internal, semakin baik informasi dan komunikasi kualitas pengendalian internal sistem. H1b8. Semakin baik program audit dari praktik audit internal, semakin baik informasi dan komunikasi kualitas sistem pengendalian internal. H1b9. Semakin baik pelaporan audit dari praktik audit internal, semakin baik informasi dan komunikasi kualitas sistem pengendalian internal. H1c. menghubungkan lingkungan kontrol kualitas kontrol internal dengan sembilan komponen praktik audit internal. H1c1. Semakin baik manajemen departemen audit internal praktik audit, semakin tinggi lingkungan kontrol kualitas sistem kontrol internal. H1c2. Semakin besar ruang lingkup kerja praktik audit internal, semakin tinggi lingkungan kontrol kualitas sistem kontrol internal. H1c3. Semakin tinggi kinerja pekerjaan audit dari praktik audit internal, semakin tinggi lingkungan kontrol dari kualitas kontrol internal sistem. H1c4. Semakin tinggi kemahiran profesional dari praktik audit internal, maka semakin tinggi lingkungan kontrol kualitas sistem kontrol internal. H1c5. Semakin tinggi independensi praktik audit internal, semakin tinggi lingkungan pengendalian kualitas sistem kontrol internal.
H1c6. Semakin tinggi obyektivitas praktik audit internal, semakin tinggi lingkungan pengendalian kualitas sistem kontrol internal. H1c7. Semakin baik ulasan audit dari praktik audit internal, semakin tinggi lingkungan pengendalian kualitas sistem kontrol internal. H1c8. Semakin baik program audit dari praktik audit internal, semakin tinggi lingkungan kontrol kualitas sistem kontrol internal. H1c9. Semakin baik pelaporan audit dari praktik audit internal, semakin tinggi lingkungan kontrol kualitas sistem kontrol internal. H1d. menghubungkan penilaian risiko kualitas pengendalian internal dengan sembilan komponen praktik audit internal. H1d1. Semakin baik manajemen departemen audit internal praktik audit, semakin tinggi penilaian risiko kualitas sistem kontrol internal. H1d2. Semakin besar ruang lingkup kerja praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1d3. Semakin tinggi kinerja pekerjaan audit dari praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1d4. Semakin tinggi kemahiran profesional audit internal praktik, semakin tinggi penilaian risiko kualitas internal sistem pengaturan. H1d5. Semakin tinggi independensi praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1d6. Semakin tinggi obyektivitas praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1d7. Semakin baik ulasan audit dari praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1d8. Semakin baik program audit dari praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal.
H1d9. Semakin baik pelaporan audit dari praktik audit internal, semakin tinggi penilaian risiko kualitas sistem pengendalian internal. H1e mengaitkan aktivitas kontrol dengan kualitas kontrol internal dengan sembilan komponen praktik audit internal. H1e1. Semakin baik manajemen departemen audit internal Audit praktik, semakin tinggi kegiatan pengendalian kualitas sistem kontrol internal. H1e2. Semakin besar ruang lingkup kerja praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e3. Semakin tinggi kinerja pekerjaan audit dari audit internal praktik, semakin tinggi kegiatan pengendalian kualitas internal sistem pengaturan. H1e4. Semakin tinggi kemahiran profesional dari praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e5. Semakin tinggi independensi praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e6. Semakin tinggi obyektivitas praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e7. Semakin baik ulasan audit dari praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e8. Semakin baik program audit dari praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. H1e9. Semakin baik pelaporan audit dari praktik audit internal, semakin tinggi kegiatan pengendalian kualitas sistem pengendalian internal. Praktik audit internal dan kualitas sistem kontrol internal Independensi dan obyektivitas dipandang sebagai atribut penting untuk kualitas internal fungsi audit (IIA, 2000; Bethea, 1992; Traver, 1991; Farbo, 1985; Clark et al., 1980; Glazer dan Jaenicke, 1980). Jika auditor internal tidak independen dan objektif, mereka
tidak ada nilainya bagi mereka yang menuntut layanan mereka (Clark et al., 1980; Elliot dan Willingham, 1980; Ward dan Robertson, 1980; Williams, 1978). Audit internal departemen harus diberikan lisensi untuk melaksanakan tanggung jawabnya secara bebas dan secara objektif dan juga penilaian mereka yang dicapai harus tidak memihak. Sebagian besar profesional audit internal berpendapat bahwa fungsi audit internal yang efektif berkorelasi tegas dengan keberhasilan organisasi dalam manajemen pertemuan tujuan dan apakah sistem kontrol internal berfungsi sebagaimana dimaksud. Desain penelitian Desain penelitian dasar yang digunakan untuk penelitian ini adalah desain survei. Koleksi data primer dicapai melalui penggunaan instrumen survei surat (daftar pertanyaan). Data yang dikumpulkan dari kuesioner dibagi menjadi dua komponen: (1) pengukuran praktik audit internal dikirim ke CAE / Kepala PT Departemen Audit Internal; dan (2) kuesioner tentang pengukuran kualitas sistem pengendalian internal itu dikirim ke komite audit. Sampel dan metode analisis data Semua perusahaan (812 perusahaan) yang terdaftar di Bursa Malaysia pada tahun 2001 digunakan sebagai populasi dalam penelitian ini. Tahun 2001 dipilih karena ketersediaan data dan status data saat ini. Penelitian ini menggunakan analisis deskriptif dan inferensial. Analisis deskriptif adalah digunakan untuk menentukan apakah perusahaan yang terdaftar di Bursa Malaysia memenuhi standar dalam praktik audit internal mereka sedangkan analisis inferensial (regresi berganda analisis) digunakan untuk menguji hipotesis. Variabel telah memenuhi asumsi analisis regresi berganda. Analisis faktor dijalankan pada variabel praktik audit internal dan internal sistem pengaturan. Akibatnya, variabel praktik audit internal telah rusak naik menjadi sembilan komponen, bukan lima sekarang [2]. Komponen internal sistem kontrol tetap sama.
Analisis dan temuan Tabel I menunjukkan informasi tentang pengambilan sampel dan tingkat pengembalian kuesioner yang dikirim auditor internal dan komite audit dari perusahaan yang terdaftar di Bursa Malaysia. Dari 812 kuesioner yang dikirimkan, 654 subjek dihubungi tetapi hanya 250 tanggapan baik dari auditor internal dan komite audit diterima menghasilkan tanggapan tingkat 38,23 persen. Informasi demografis tertentu dikumpulkan dari setiap subjek. Sedangkan datanya tidak dikumpulkan untuk menjawab pertanyaan penelitian tertentu, ini memberikan wawasan tentang subyek dan dapat membantu dalam menafsirkan hasil analisis. Demografis variabel adalah: posisi saat ini, kualifikasi, akuntansi profesional dan / atau audit kualifikasi, nama auditor eksternal, pembentukan departemen audit internal dan jumlah karyawan departemen audit internal. Ringkasan data demografis yang dikumpulkan dari auditor internal ditampilkan pada Tabel II dan komite audit pada Tabel III. Analisis deskriptif Luasnya praktik audit internal. Tabel IV menunjukkan hasil rata-rata luasnya dari item praktik audit internal. Dari hasil, independensi adalah yang berperingkat tinggi Kuesioner dikirimkan 812 Tidak terkirim 158 Subjek yang dihubungi 654 Jumlah tanggapan 250 Tingkat tanggapan (250/654) 38,23 (persen) Karakteristik Demografis, Fre Persen kuensi Posisi manajer saat ini dari IAD 178 71.2 Auditor senior 17 6.8 Lainnya 55 22.0 Kualifikasi (tidak termasuk profesional) Gelar pertama di 106 42.4 Pasca sarjana 88 35.2
Diploma 22 8.8 Sertifikat 5 2.0 Lainnya 29 11.6 Akuntansi / audit profesional kualifikasi Kualifikasi profesional (CPA Aust., CACA, ACCA, MICPA [2], CIMA) 174 69.6 Tidak ada kualifikasi profesional 76 30.4 Jenis usaha perusahaan dalam daftar KLSE Perdagangan Produk industri 49 45 19.6 18.0 Produk konsumen 40 16.0 Properti 37 14.8 Keuangan 30 12.0 Konstruksi 20 8.0 Perkebunan 12 4.8 Teknologi 5 2.0 Hotel 4 1.6 Penambangan 3 1.2 Kepercayaan 3 1.2 Infrastruktur 2 0.8 Auditor eksternal perusahaan "Big 4" perusahaan audit 166 66.4 Lainnya 84 33.6
Keberadaan departemen audit internal Keberadaan 231 92.4 Ketidakberadaan 19 7.6 Jumlah karyawan internal departemen audit Lima karyawan Enam hingga sepuluh karyawan 144 54 57.6 21.6 . 10 karyawan 42 16,8 Pengalihdayaan 10 4.0 Tabel II. Ringkasan dari data demografis aktif responden dari internal auditor Karakteristik Demografis Frekuensi Persen Manajer posisi saat ini 88 35.2 Direktur 59 23.6 Komite audit 57 22.8 Senior 6 2.4 Lainnya 40 16.0 Kualifikasi Tingkat pertama 82 32.8 Pasca sarjana 34 13.6 Diploma 6 2.4 Sertifikat 4 1.6 Lainnya 124 49.6
item praktik audit internal dari perspektif auditor internal dengan a rata-rata 4,46 sedangkan item yang paling tidak dinilai adalah kemahiran profesional dengan rata-rata 3,88. Analisis hasil juga mengungkapkan bahwa, dari 50 praktik audit internal item, ada 35 item yang memiliki skor antara 4,00 dan 5,00 dan 15 item di antaranya 3,00 dan 4,00. Item yang memiliki skor mulai dari 4,00 hingga 5,00 sangat sesuai dengan IIA (2000, 2001). Tingkat keberadaan kualitas sistem kontrol internal. Tabel V menunjukkan sarana dari komponen sistem kontrol internal. Dari hasil, risikonya komponen penilaian sistem pengendalian internal adalah item yang berperingkat tinggi dengan rata-rata 4,29 sementara informasi dan komunikasi adalah item dengan peringkat paling tidak dengan rata-rata dari 4.12. Analisis hasil juga mengungkapkan bahwa, dari 25 item yang dinyatakan, ada 23 item memiliki skor antara 4,00 dan 5,00. Ini menunjukkan bahwa pertimbangan responden 23 item yang diidentifikasi sebelumnya ada dalam sistem kontrol internal mereka. Hal ini karena item yang memiliki skor antara 4,00 dan 5,00 dianggap sangat penting dalam hal ini belajar. Pengujian hipotesis. Beberapa metode analisis digunakan untuk menguji alternatif ini hipotesis. Analisis yang digunakan untuk menguji hipotesis meliputi deskriptif dan statistik analisis. Hipotesis berusaha untuk menguji perbedaan signifikansi dari sembilan variabel praktik audit internal dan lima variabel sistem kontrol internal. Hipotesis. H1a. Semakin baik manajemen departemen audit internal praktik audit, semakin besar ruang lingkup pekerjaan audit internal praktik, semakin tinggi kinerja pekerjaan audit dari audit internal praktik, semakin tinggi kemahiran profesional dari praktik audit internal, semakin tinggi independensi praktik audit internal, semakin tinggi objektivitas praktik audit internal, semakin baik ulasan audit praktik audit internal, semakin baik program audit internal
praktik audit, semakin baik pelaporan audit dari audit internal praktik, semakin tinggi pemantauan kualitas sistem kontrol internal. Item Peringkat Berarti Deviasi standar 1 Kemandirian 4,46 0,59 2 Lingkup pekerjaan audit 4.22 0.49 3 Pelaporan audit 4.17 0.54 4 program Audit 4.12 0,57 5 Manajemen IAD 4.12 0.53 6 Kinerja pekerjaan audit 4.11 0.62 7 Ulasan audit 4.11 0.68 8 Objektivitas 4.04 0.60 9 Kemahiran profesional 3.88 0.57 Item Peringkat Berarti Deviasi standar 1 Penilaian risiko 4,29 0,51 2 Mengontrol kegiatan 4.28 0.45 3 Pemantauan 4.15 0.61 4 Lingkungan kontrol 4.14 0.59 5 Informasi dan komunikasi 4.12 0.46 Tabel VI menunjukkan, modelnya signifikan ðF ¼ 2: 502Þ (sig. F ¼ 0: 009Þ: Namun, model hanya menjelaskan 8,6 persen variasi dalam pemantauan. Audit internal praktik pengaruh signifikan dalam urutan dampaknya adalah manajemen internal departemen audit ðbeta ¼ 0: 327; p # 0: 05Þ (sig. F ¼ 0: 013Þ; kemahiran profesional ðbeta ¼ 20: 197; p # 0: 05Þ (sig. F ¼ 0: 024Þ; objektivitas ðbeta ¼ 20: 146; p # 0: 01Þ dan ulasan audit ðBeta ¼ 20: 174; p # 0: 05Þ (sig. F ¼ 0: 038Þ: Tabel VI berikut merangkum hasilnya. Dengan demikian, ada bukti yang mendukung bahwa manajemen departemen audit internal PT praktik-praktik audit internal secara positif mempengaruhi aspek pemantauan internal sistem kontrol sementara kemahiran profesional, obyektivitas dan ulasan audit
praktik audit internal secara negatif mempengaruhi aspek pemantauan internal sistem pengaturan. Karena itu, hanya H1a1 yang diterima sementara H1a2 hingga H1a9 ditolak. H1b. Semakin baik manajemen magang al departemen audit internal praktik audit, semakin besar ruang lingkup pekerjaan audit internal praktik, semakin tinggi kinerja pekerjaan audit internal praktik audit, semakin tinggi kemampuan profesional internal praktik audit, semakin tinggi independensi audit internal praktik, semakin tinggi obyektivitas praktik audit internal, maka lebih baik ulasan audit dari praktik audit internal, semakin baik program audit dari praktik audit internal, semakin baik audit pelaporan praktik audit internal, semakin baik informasi dan komunikasi kualitas sistem kontrol internal. Tabel VII merangkum hasilnya. Tabel VII menunjukkan bahwa model ini signifikan ðF ¼ 1: 752Þ (sig. F ¼ 0: 078; p # 0: 01Þ: Namun, model hanya menjelaskan 6,2 persen dari variasi informasi dan komunikasi. Praktik audit internal berpengaruh signifikan dalam urutan mereka dampaknya adalah ruang lingkup pekerjaan audit ðbeta ¼ 20: 212; p # 0: 05Þ (sig. F ¼ 0: 031Þ dan kinerja pekerjaan audit ðbeta ¼ 0: 207; p # 0: 05Þ (sig. F ¼ 0: 021Þ: Hasil penelitian menunjukkan bahwa ruang lingkup pekerjaan audit praktik audit internal secara negatif mempengaruhi aspek informasi dan komunikasi dari pengendalian internal sistem sementara kinerja pekerjaan audit praktik audit internal positif Praktik audit internal Beta t Sig. Konstan 10.672 0.000 Manajemen IAD 0.327 2.515 0.013 * * Lingkup pekerjaan audit 20.084 20.866 0.388 Kinerja pekerjaan audit 0,126 1,433 0,153 Kemahiran profesional 20.197 22.264 0.024 * * Kemerdekaan 20.009 20.122 0.903
Objektivitas 20.146 21.765 0.079 * Ulasan audit 20.174 22.092 0,038 * * Program audit 20.020 20.223 0.824 Pelaporan audit 0.131 1.453 0.148 Catatan: Variabel dependen: pemantauan; * pada tingkat signifikan 0,01; * * pada tingkat signifikan 0,05; R 2: 0,086; F: 2.502 Praktik audit internal Beta t Sig. Constant 16.009 0.000 Manajemen IAD 0,058 0,437 0,662 Lingkup pekerjaan audit 20.212 22.175 0.031 * * Kinerja pekerjaan audit 0,207 2,321 0,021 * * Kemahiran profesional 20.065 20.738 0.461 Kemerdekaan 0,020 0,251 0,802 Objektivitas 0,015 0,184 0,854 Ulasan audit 20.118 21.399 0,163 Program audit 20.026 20.296 0.768 Pelaporan audit 20.023 20.251 0.802 Catatan: Variabel dependen: informasi dan komunikasi; * * pada tingkat signifikan 0,05; R 2: 0,062; F: 1.752 mempengaruhi aspek informasi dan komunikasi dari sistem pengendalian internal. Karena itu, hanya H1b3 yang diterima sementara sisa hipotesis ditolak. H1c. Semakin baik manajemen departemen audit internal praktik audit, semakin besar ruang lingkup pekerjaan audit internal praktik, semakin tinggi kinerja pekerjaan audit internal praktik audit, semakin tinggi kemampuan profesional internal praktik audit, semakin tinggi independensi audit internal praktik, semakin tinggi obyektivitas praktik audit internal, maka lebih baik ulasan audit dari praktik audit internal, semakin baik
program audit dari praktik audit internal, semakin baik audit pelaporan praktik audit internal, semakin tinggi kontrolnya lingkungan kualitas sistem kontrol internal. Tabel VIII merangkum hasilnya. Tabel VIII menunjukkan bahwa model ini signifikan ðF ¼ 3: 470Þ (sig. F ¼ 0: 000; p # 0: 05Þ: Namun, model hanya menjelaskan 11,8 persen dari variasi kontrol lingkungan Hidup. Praktik audit internal berpengaruh signifikan dalam urutan mereka Praktik audit internal Beta t Sig. Constant 16.009 0.000 Manajemen IAD 0,058 0,437 0,662 Lingkup pekerjaan audit 20.212 22.175 0.031 * * Kinerja pekerjaan audit 0,207 2,321 0,021 * * Kemahiran profesional 20.065 20.738 0.461 Kemerdekaan 0,020 0,251 0,802 Objektivitas 0,015 0,184 0,854 Ulasan audit 20.118 21.399 0,163 Program audit 20.026 20.296 0.768 Pelaporan audit 20.023 20.251 0.802 Catatan: Variabel dependen: informasi dan komunikasi; * * pada tingkat signifikan 0,05; R 2: 0,062; F: 1.752 Tabel VII. Hasil H1b Praktik audit internal Beta t Sig. Konstan 11.820 0.000 Manajemen IAD 0.169 1.336 0.183 Lingkup pekerjaan audit 0,015 0,162 0,871 Kinerja pekerjaan audit 0.315 3.671 0.000 * * Kemahiran profesional 20.266 23.087 0,002 * * Kemerdekaan 0,086 1,117 0,265
Objektivitas 20.249 23.093 0,002 * * Ulasan audit 0,058 0,699 0,485 Program audit 0,040 0,469 0,640 Pelaporan audit 20.110 21.257 0.210 Catatan: Variabel dependen: lingkungan kontrol; * * pada tingkat signifikan 0,05; R 2: 0.118; F: 3.470 dampaknya adalah kinerja pekerjaan audit ðbeta ¼ 0: 315; p # 0: 05Þ (sig. F ¼ 0: 000Þ; kemahiran profesional ðbeta ¼ 20: 266; p # 0: 05Þ (sig.F ¼ 0: 002Þ dan objektivitas ðbeta ¼ 20: 249; p # 0: 05Þ (sig. F ¼ 0: 002Þ: Oleh karena itu, hasilnya menunjukkan bahwa kinerja pekerjaan audit secara positif mempengaruhi mengendalikan aspek lingkungan dari sistem kontrol internal sementara kemahiran profesional dan objectiv praktik audit internal berpengaruh negatif terhadap kontrol aspek lingkungan dari sistem pengendalian internal dan oleh karena itu hipotesis nolnya adalah diterima. Oleh karena itu, H1c3 diterima sedangkan H1c1 ke H1c2 dan H1c4 ke H1c9 adalah ditolak. H1d. Semakin baik manajemen departemen audit internal praktik audit, semakin besar ruang lingkup pekerjaan audit internal praktik, semakin tinggi kinerja pekerjaan audit internal praktik audit, semakin tinggi kemampuan profesional internal praktik audit, semakin tinggi independensi audit internal praktik, semakin tinggi obyektivitas praktik audit internal, maka lebih baik ulasan audit dari praktik audit internal, semakin baik program audit dari praktik audit internal, semakin baik audit pelaporan praktik audit internal, semakin tinggi penilaian risiko dari kualitas sistem kontrol internal. Tabel IX merangkum hasilnya. Tabel IX menunjukkan bahwa model ini signifikan ðF ¼ 2: 983Þ (sig. F ¼ 0: 002; p # 0: 05Þ: Namun, model tersebut hanya menjelaskan 10,1 persen dari variasi risiko penilaian. Praktik audit internal berpengaruh signifikan dalam urutan mereka
dampaknya adalah manajemen departemen audit internal ðbeta ¼ 20: 254; p # 0: 05Þ (sig. F ¼ 0: 049Þ; kinerja pekerjaan audit ðbeta ¼ 0: 193; p # 0: 05Þ (sig.F ¼ 0: 027Þ; program audit ðbeta ¼ 0: 211; p # 0: 05Þ (sig.F ¼ 0: 016Þ dan pelaporan audit etabeta ¼ 0: 238; p # 0: 05Þ (sig. F ¼ 0: 008Þ: Oleh karena itu, hasilnya menunjukkan bahwa manajemen departemen audit internal secara negatif mempengaruhi aspek penilaian risiko dari sistem pengendalian internal sementara kinerja pekerjaan audit, program audit, dan pelaporan audit audit internal Praktik audit internal Beta t Sig. Konstan 11.395 0.000 Manajemen IAD 20.254 21.975 0.049 * * Lingkup pekerjaan audit 20.157 21.640 0.102 Kinerja pekerjaan audit 0.193 2.218 0,027 * * Kemahiran profesional 20.121 21.411 0.160 Kemerdekaan 0,071 0,932 0,352 Objektivitas 0,045 0,554 0,580 Ulasan audit 0,015 0,184 0,855 Program audit 0,211 2,438 0,016 * * Laporan audit 0,238 2,655 0,008 * * Catatan: Variabel dependen: penilaian risiko; * * pada tingkat signifikan 0,05; R 2: 0.101; F: 2.983 praktik positif mempengaruhi aspek penilaian risiko dari sistem pengendalian internal. H1d3, H1d8 dan H1d9 diterima sementara sisanya ditolak. H1e. Semakin baik manajemen departemen audit internal praktik audit, semakin besar ruang lingkup pekerjaan audit internal praktik, semakin tinggi kinerja pekerjaan audit dari audit internal praktik, semakin tinggi kemahiran profesional dari praktik audit internal, semakin tinggi independensi praktik audit internal, semakin tinggi objektivitas praktik audit internal, semakin baik ulasan audit praktik audit internal, semakin baik program audit internal
praktik audit, semakin baik pelaporan audit dari audit internal praktik, semakin tinggi kegiatan pengendalian kualitas pengendalian internal sistem. Tabel X menunjukkan bahwa model ini signifikan ðF ¼ 1: 734Þ (sig. F ¼ 0: 082; p # 0: 01Þ: Namun, model tersebut hanya menjelaskan 6,1 persen variasi dalam kegiatan kontrol. Praktik audit internal yang berpengaruh signifikan dalam urutan dampaknya adalah kinerja pekerjaan audit ðbeta ¼ 0: 176; p # 0: 05Þ (sig. F ¼ 0: 049Þ dan audit melaporkan etabeta ¼ 0: 175; p # 0: 01Þ (sig. F ¼ 0: 057Þ: Hasil tersebut mendukung hipotesis bahwa baik kinerja pekerjaan maupun audit pelaporan praktik audit internal secara positif mempengaruhi aspek aktivitas pengendalian kualitas sistem kontrol internal. Karena itu, H1e3 dan H1e9, yang positif mempengaruhi kegiatan pengendalian kualitas sistem pengendalian internal tersebut diterima sementara sisa hipotesis ditolak. Ringkasan hasil. Manajemen departemen audit internal praktik audit secara positif mempengaruhi aspek pemantauan kualitas sistem kontrol internal tetapi dipengaruhi secara negatif oleh kemahiran profesional, objektifitas dan tinjauan audit atas praktik audit internal. Aspek informasi dan komunikasi dari kualitas sistem pengendalian internal adalah dipengaruhi secara negatif oleh ruang lingkup pekerjaan praktik audit internal tetapi positif dipengaruhi oleh kinerja pekerjaan audit dari praktik audit internal. Praktik audit internal Beta t Sig. Konstan 14.046 0.000 Manajemen IAD 20.098 20.748 0.455 Lingkup pekerjaan audit 20.136 21.399 0.163 Kinerja pekerjaan audit 0.176 1.979 0.049 * * Kemahiran profesional 20.049 20.560 0.576 Kemerdekaan 0.123 1.576 0.116 Objektivitas 20.063 20.751 0.453
Ulasan audit 0,043 0,507 0,613 Program audit 20.078 20.876 0,382 Pelaporan audit 0.175 1.915 0,057 * Catatan: Variabel dependen: aktivitas kontrol; * pada tingkat signifikan 0,01; * * pada tingkat signifikan 0,05; R 2: 0,061; F: 1.734 Aspek lingkungan kontrol dari sistem kontrol internal kualitas adalah positif dipengaruhi oleh kinerja pekerjaan audit dari praktik audit internal saat ini secara negatif dipengaruhi oleh kemahiran profesional dan objektivitas internal praktik audit. Aspek penilaian risiko kualitas sistem pengendalian internal adalah dipengaruhi secara negatif oleh manajemen departemen audit internal praktik audit tetapi secara positif dipengaruhi oleh kinerja pekerjaan audit, audit pelaporan program dan audit praktik audit internal. Aspek kegiatan pengendalian kualitas sistem pengendalian internal adalah positif dipengaruhi oleh kinerja pekerjaan audit dan pelaporan audit internal praktik audit. Diskusi dan kesimpulan Penelitian ini menguji sejauh mana praktik audit internal oleh audit internal departemen dan efek praktik terhadap kualitas kontrol internal sistem. Analisis dilakukan dari Skala Praktik Audit Internal dan Kontrol Internal Skala Sistem yang dikirim ke semua auditor internal dan komite audit Perusahaan Publik Malaysia untuk tahun 2001. Luasnya praktik audit internal Salah satu temuan utama dalam penelitian ini adalah sejauh mana praktik audit internal di Indonesia Perusahaan Publik Malaysia. Kelima variabel tersebut berasal dari IIA (2000), yaitu: kemandirian dan obyektivitas, kemahiran profesional, ruang lingkup pekerjaan, kinerja pekerjaan audit dan manajemen departemen audit internal.
Namun, penelitian ini menunjukkan bahwa praktik audit internal harus terdiri dari sembilan fungsi, bukan hanya lima fungsi seperti yang disarankan oleh IIA (2000). Itu fungsi yang disarankan adalah sebagai berikut: manajemen departemen audit internal, kinerja pekerjaan audit, independensi, tinjauan audit, pelaporan audit, ruang lingkup audit pekerjaan, kemahiran profesional, objektivitas dan program audit. Keempat fungsi baru adalah objektivitas (terpisah dari independensi), ulasan audit, program audit dan audit pelaporan. Perbandingan juga dibuat antara variabel penelitian ini dan IIA (2001). Di bawah IIA (2001), standar terdiri dari sepuluh variabel: tujuan, otoritas, dan tanggung jawab; kemandirian dan obyektivitas; kemahiran dan perawatan profesional karena; jaminan kualitas dan program peningkatan; mengelola kegiatan audit internal; sifat pekerjaan audit; perencanaan keterlibatan; melakukan pertunangan; mengkomunikasikan hasil; memantau kemajuan; dan penerimaan risiko oleh manajemen. Perbedaan antara variabel penelitian ini dan IIA (2001) adalah tambahan dari lima fungsi audit baru yaitu pemantauan kemajuan; mengkomunikasikan hasil; perencanaan keterlibatan; tujuan, wewenang dan tanggung jawab; dan manajemen penerimaan risiko. Perbandingan dengan temuan penelitian ini dan IIA (2001) juga dibuat. Hanya ada dua fungsi baru dari praktik audit internal dalam IIA (2001): tujuan, wewenang dan tanggung jawab, dan penerimaan risiko oleh manajemen. Itu sisa-sisa fungsi praktik audit internal dalam penelitian ini konsisten dengan IIA (2000, 2001). Tabel XI menunjukkan ringkasan perbandingan tingkat internal praktik audit. SPPIA (2000) Studi ini (2001) PPF (2002) Kemandirian dan obyektivitas Kemerdekaan dan obyektivitas Kemahiran profesional. Objektivitas dan kemampuan perawatan profesional Lingkup pekerjaan Kecakapan profesional Sifat pekerjaan audit
Kinerja pekerjaan audit Lingkup pekerjaan Melakukan perikatan Manajemen audit internal departemen Kinerja pekerjaan audit. Mengelola audit internal aktivitas Manajemen audit internal departemen Memantau kemajuan Tinjauan audit Mengkomunikasikan hasil Pelaporan audit Perencanaan perikatan Program audit Tujuan, wewenang dan tanggung jawab Penerimaan manajemen atas Risiko Praktik audit internal dan kualitas sistem kontrol internal Studi ini juga menguji pengaruh praktik audit internal dan kualitas sistem kontrol internal. Terlihat bahwa hanya aspek pemantauan kualitas sistem pengendalian internal dipengaruhi secara positif oleh manajemen audit internal departemen. Namun, itu dipengaruhi secara negatif oleh kemahiran profesional, objektifitas dan tinjauan audit atas praktik audit internal. Dengan mengelola departemen, pekerjaan yang dilakukan oleh departemen audit internal telah dilaksanakan di masa lalu dan jadwal kerja telah mempertimbangkan tujuan internal departemen audit dan juga tujuan umum manajemen perusahaan. Karena itu ini akan secara positif mempengaruhi pemantauan sistem kontrol internal karena ini akan memiliki dampak yang efektif pada proses pemantauan dan juga melaporkan tindakan ilegal tersebut dimonitor dengan baik. Namun, penelitian ini menunjukkan bahwa kemampuan profesional seperti pengetahuan yang memadai, keanggotaan profesional, sertifikasi, dan tra ining dalam elektronik
sistem pemrosesan data (EDP) menyebabkan pemantauan kualitas internal yang lebih rendah sistem pengaturan. Ini karena ketika auditor internal memiliki semua yang disebutkan di atas kriteria, itu akan menyiratkan bahwa mereka kompeten untuk melakukan pekerjaan dan karena itu lebih rendah pemantauan kualitas sistem pengendalian internal diperlukan sejak internal auditor memiliki pemahaman yang jelas tentang sistem kontrol internal. Ini juga berlaku untuk obyektivitas dan ulasan audit dari praktik audit internal pada pemantauan kualitas sistem kontrol internal. Objektivitas melibatkan sikap yang tidak bias dan penghindaran konflik kepentingan oleh auditor internal sementara tinjauan audit dilakukan efisien dilakukan sehubungan dengan operasi audit yang diperlukan. Karena itu, internal auditor perlu pemantauan yang lebih rendah dari kualitas sistem pengendalian internal sejak seluruh operasi audit yang diperlukan telah dilakukan dengan baik. Penelitian ini juga menyarankan bahwa ruang lingkup kerja praktik audit internal secara negatif mempengaruhi aspek informasi dan komunikasi dari kualitas sistem pengendalian internal sedangkan kinerja pekerjaan audit dari audit internal praktik positif mempengaruhi aspek informasi dan komunikasi kualitas sistem kontrol internal. Lingkup pekerjaan praktik audit internal melibatkan peninjauan sistem untuk memastikan kepatuhan dengan prosedur, kebijakan, hukum dan regulasi dan perencanaan pekerjaan dan juga ada koordinasi yang lebih baik antara auditor eksternal dan internal. Ini berarti bahwa jika ada ruang lingkup kerja yang lebih baik praktik audit internal, ini akan menyebabkan prosedur kontrol komputer yang lebih rendah sistem informasi dan penilaian informasi yang lebih rendah diperlukan pada kualitas sistem kontrol internal. Auditor internal mengikuti semua prosedur yang diperlukan di Indonesia melakukan pekerjaan audit dan oleh karena itu informasi dan komunikasi yang kurang dari diperlukan kualitas sistem kontrol internal. Namun, semakin baik kinerjanya pekerjaan audit, semakin besar informasi dan komunikasi sejak dalam melakukan pekerjaan audit, auditor internal perlu mengidentifikasi, menganalisis, mengevaluasi dan mencatat informasi yang cukup untuk mencapai tujuan keterlibatan. Penelitian ini juga mempersepsikan bahwa kinerja audit internal
praktik audit secara positif mempengaruhi aspek lingkungan kontrol kualitas sistem kontrol internal sementara kemahiran profesional dan objektivitas praktik audit internal berpengaruh negatif terhadap aspek lingkungan kontrol kualitas sistem kontrol internal. Kinerja pekerjaan audit memainkan dampak besar pada lingkungan kontrol kualitas sistem kontrol internal. Oleh karena itu, semakin baik kinerja pekerjaan audit, semakin besar lingkungan kontrol pada kualitas sistem kontrol internal. Dalam melakukan pekerjaan audit, internal auditor telah dilatih dan kompeten untuk melakukan pekerjaan audit. Akibatnya, mereka mampu mengidentifikasi dan menganalisis catatan yang diperlukan untuk mencapai tujuan audit. Ini akan memiliki dampak positif pada lingkungan kontrol kualitas sistem kontrol internal karena manajemen senior akan menunjukkan yang lebih tinggi iklim kepercayaan dengan kinerja pekerjaan audit yang lebih baik. Penelitian ini juga menyarankan agar manajemen departemen audit internal PT praktik audit internal secara negatif mempengaruhi aspek penilaian risiko kualitas sistem kontrol internal. Namun, kinerja pekerjaan audit, audit pelaporan program dan audit praktik audit internal secara positif mempengaruhi aspek penilaian risiko kualitas sistem pengendalian internal. Sejak bekerja dilakukan oleh departemen audit internal telah diterapkan di masa lalu dan jadwal kerja dengan mempertimbangkan tujuan departemen audit internal, oleh karena itu, ini akan mengarah pada penilaian risiko yang lebih rendah dari kualitas pengendalian internal sistem. Hal ini karena; prosedur yang tepat yang diperlukan sudah diterapkan di mengelola departemen audit internal. Namun, semakin baik kinerja audit pekerjaan, program audit dan pelaporan audit dari praktik audit internal mengarah ke penilaian risiko yang lebih baik. Dalam melakukan pekerjaan audit, auditor internal akan mengidentifikasi kerangka kerja manajemen risiko dan kebijakan manajemen risiko yang lebih baik dan juga lebih baik prosedur harus dipasang dalam memonitor aplikasi kebijakan dan prosedur organisasi. Ini juga berlaku untuk program audit dan audit pelaporan. Semakin baik program audit dan pelaporan audit, pemasangan
prosedur dan penerapan kebijakan dalam menilai risiko organisasi akan lebih meningkatkan. Kinerja pekerjaan audit dan pelaporan audit praktik audit internal secara positif mempengaruhi aspek kegiatan pengendalian kualitas pengendalian internal sistem. Dengan internal yang terlatih dan kompeten a udit staf dan evaluasi yang lebih baik untuk mencapai tujuan keterlibatan, ini akan mengarah pada kegiatan kontrol yang lebih baik kualitas sistem kontrol internal. Dalam hal ini, persetujuan dewan direksi yang lebih tinggi pada pekerjaan audit yang dilakukan tercapai dan auditor internal akan rajin menyelidiki varians. Ada juga peningkatan rekomendasi yang dibuat oleh departemen audit internal melalui pelaporan audit. Implikasi penelitian Pertanyaan logis pada saat ini adalah: apa yang disiratkan oleh hasil penelitian ini? Di lain kata-kata, bagaimana penelitian berkontribusi pada pembangunan teori, memberikan panduan untuk auditor internal dan berfungsi sebagai masukan untuk SPPIA berikutnya? Pertanyaan-pertanyaan ini ditanggapi sebagai berikut: Implikasi teoritis Implikasi teoritis pertama adalah bahwa penelitian ini telah berkontribusi pada teori agensi dan paradigma audit internal dimana penelitian ini mendukung bagaimana teori keagenan memberikan penelitian yang lebih bermakna dalam disiplin audit internal berdasarkan pada premis memantau pengeluaran yang dikeluarkan oleh kepala sekolah dan agen. Penelitian ini juga menjelaskan keberadaan teori agensi yang didalilkan dan pengaruhnya terhadap tingkat praktik audit internal pada perusahaan publik Malaysia dan pengaruhnya terhadap sistem kontrol internal perusahaan. Implikasi praktis Temuan penting dari penelitian ini berkaitan dengan tingkat audit internal praktik di antara auditor internal di perusahaan publik Malaysia. Pertama implikasi praktis mengacu pada perubahan fungsi praktik audit internal dari lima hingga sembilan. Setter standar seperti IIA memiliki peran penting untuk merevisi
PPF atau SPPIA berdasarkan penelitian ini. IIA (2000) pada dasarnya menggambarkan kriteria dimana operasi departemen audit internal dievaluasi dan diukur dan mereka dimaksudkan untuk mewakili praktik audit internal, sebagaimana adanya seharusnya. Ini termasuk independensi dan objektivitas, kemahiran profesional, ruang lingkup pekerjaan, kinerja pekerjaan audit dan manajemen departemen audit internal. Studi ini menyiratkan bahwa IIA harus mencakup sembilan faktor dalam membangun SPPIA, yaitu independensi, ruang lingkup pekerjaan, pelaporan audit, program audit, manajemen PT departemen audit internal, kinerja pekerjaan audit, ulasan audit, objektivitas dan kemahiran profesional karena faktor-faktor ini mengungkapkan bahwa CAE menempatkan banyak hal pentingnya faktor-faktor di atas. Bantuan praktik audit internal bermanfaat manajer dalam memberikan dasar untuk penilaian dan tindakan, membantu manajer dengan melaporkan kelemahan dalam kontrol dan kinerja, memberikan nasihat kepada manajer dan dewan direktur pada solusi masalah bisnis dan menyediakan informasi yang ada tepat waktu, dapat diandalkan dan bermanfaat untuk semua tingkatan manajemen. Oleh karena itu, kepatuhan terhadap SPPIA sangat penting bagi auditor internal dalam hal audit internal praktik dan IIA harus memainkan perannya dalam mewakili praktik audit internal, seperti harus. Implikasi lain adalah bahwa semua variabel dalam penelitian ini konsisten dengan IIA (2001). Dasar pemikiran di balik praktik audit internal adalah apa yang disediakannya peluang bagi Kepala Eksekutif Audit atau auditor internal untuk mendapatkan perhatian penuh manajemen terhadap tingkat praktik audit internal pada kualitas sistem kontrol internal. Melaporkan hasil audit yang signifikan dan rekomendasi memberi Ketua Eksekutif Audit jalan untuk mempresentasikan internal mereka praktik audit kepada presiden dan anggota tim manajemen puncak lainnya. Itu temuan dan rekomendasi yang masuk akal dan bermakna yang terkandung dalam audit laporan adalah simbol kontribusi mereka, yang menghasilkan perbaikan pada organisasi secara keseluruhan.
Lebih lanjut, Kepala Eksekutif Audit mungkin merasa lebih penting bagi kemampuan untuk memberikan ulasan independen kepada presiden atau tim manajemen puncak lainnya anggota Sekali lagi, untuk mematuhi SPPIA, Kepala Eksekutif Audit percaya bahwa departemen mereka harus independen, memiliki ruang lingkup pekerjaan audit yang lebih besar, lebih baik manajemen departemen audit internal, kinerja audit yang lebih tinggi, lebih baik penerapan standar audit untuk mengaudit pekerjaan, profesional dan mahir dalam internal praktik audit. Hasil penelitian menunjukkan bahwa lima fungsi kualitas sistem kontrol internal sesuai dengan standar Komite Organisasi Sponsoring (COSO). Saat ini, Standar audit yang disetujui Malaysia telah memasukkan ini dan juga diadopsi pernyataan tentang pengendalian internal: panduan untuk direktur perusahaan publik (MIA, 2001). Departemen audit internal juga harus terlihat melakukan pekerjaan mereka efektif dan memiliki staf yang terlatih. Keterbatasan penelitian Penelitian ini memberikan bukti empiris bahwa praktik audit internal PT perusahaan publik di Malaysia mematuhi IIA (2000) dan secara statistik mempengaruhi kualitas sistem kontrol internal. Ini mungkin karena audit iting standar yang diberlakukan oleh IIA (Malaysia) dan MIA. Namun studi ini memiliki keterbatasan. Dari 250 perusahaan publik yang termasuk dalam studi ini, hanya mewakili 38,23 persen dari perusahaan publik untuk tahun 2001. Akibatnya, hasilnya mungkin tidak dapat digeneralisasikan untuk populasi auditor internal secara keseluruhan. Selanjutnya, sejauh mana praktik audit internal hanya terbatas pada IIA (2000). Auditor internal biasanya bekerja sebagai tim dalam praktik audit internal normal. Penelitian ini terbatas karena hanya individu yang merupakan Kepala Eksekutif Audit diperiksa. Dinamika interaksi kelompok tidak dipertimbangkan. Namun demikian Kepala Eksekutif Audit mewakili departemen audit internal yang menyarankan hal itu mempelajari individu ini adalah langkah pertama yang logis.
Studi ini mengasumsikan bahwa auditor memiliki kaliber yang sama di perusahaan untuk masing-masing penunjukan. Namun, ini mungkin bukan asumsi yang valid karena pengalaman bertahun-tahun auditor internal tidak termasuk dalam penelitian ini. Kesimpulan Sementara hasil dalam penelitian ini sama sekali tidak konklusif, itu adalah harapan bahwa penelitian ini memiliki berkontribusi pada penelitian yang dilakukan dalam praktik audit internal. Studi ini juga telah memberikan beberapa bukti tentang tingkat audit internal praktik dan pengaruhnya terhadap sistem kontrol internal. Catatan 1. Silakan merujuk ke www.theiia.org/iia untuk penjelasan detail IIA (2001). 2. MICPA - Institut Akuntan Publik Bersertifikat Malaysia.