Guest Lecture on Risk Mapping and Internal Audit Techniques
On Friday, May 3, 2019, the Bachelor of Accounting Study Program of STIE Perbanas Surabaya held a guest lecture on the topic "Risk Mapping Techniques in Internal Audit". The speakers presented were also a Professor from the Satya Wacana Christian University in Salatiga, Prof. Dr. Intiyas Utami, SE., M.Sc., Ak., CA, CMA, QIA. This lecture was attended by dozens of accounting students, who wanted to explore the internal audit system.
The lecture aims to make students understand clearly about the audit functions related to operational activities. In addition, later they will be able to find out the determination of risk-based objectives and audit objectives that are adjusted to the type of risk, for example production activities or the purpose of auditing the packing section.
For two hours, Prof. Intiyas explains about internal audit, which is an independent assessment function that is made in an organization with the aim of testing and evaluating various activities within the organization. The types of internal audit or management audit, namely operational, compliance, and financial. Then, several roles of Internal Audit are supervising, consulting, and catalyst. "Discussion of operational audits and risk mapping practices in operational audits. The internal audit process in this case the operational audit has 3E Objectives, namely efficiency, economics, and effectiveness, "he explained.
In addition, it also provides exposure to risk mapping. The risk of the entity that the entity is willing to accept, without mitigation, prevention or control, is within the overall capacity limit. The threshold for risk in risk mapping can be accepted or tolerated so that companies that are hungry for risk may develop a high risk appetite. Conversely, companies that are "afraid" of risk will set a low level of risk appetite.
In the risk management cycle there are several stages, namely risk identification, risk measurement, risk mapping, risk management model, and the latest risk monitoring and control. "If we deepen the risk management cycle, there are steps in risk mapping, such as risk identification, followed by the application of criteria, existing controls, risk mapping, and the last steps in handling risks," he explained. (Della / Eko)