Hasil Pencarian  ::  Simpan CSV :: Kembali

"Perusahaan menggunakan teknologi informasi untuk berbagai hal khususnya meningkatkan efektifitas dan efisiensi, agar dapat meningkatkan daya saing. Namun investasi dalam teknologi informasi umumnya tidak murah, dan karena itu manajemen perlu memastikan bahwa sasaran penggunaan teknologi informasi tersebut dapat atau telah tercapai. IT audit merupakan salah satu cara untuk memberikan keyakinan mengenai hal ini.Selain jasa audit laporan keuangan, pada umumnya Kantor Akuntan Publik juga memberikan jasa-jasa lain, diantaranya adalah jasa IT Audit. Upaya pengembangan jasa- jasa lain dalam KAP ini sangat menarik untuk dicermati, karena jasa-jasa tersebut bukan merupakan bisnis inti dari KAP. Salah satu yang menarik untuk dicermati adalah upaya pengembangan jasa IT Audit pada KAP XYZ, dimana KAP XYZ sendiri mengalami pertumbuhan yang luar biasa yaitu mulai dari memiliki karyawan sekitar 100 orang di tahun 1992 menjadi sekitar 1.500 di tahun 2010, melalui berbagai proses, termasuk diantaranya merger.Penelitian dilakukan pada KAP XYZ, yang telah mengembangkan IT Audit Group dari sejak tahun 1996. Pendekatan penelitian adalah dengan mempelajari laporan-laporan IT Audit Group dan melakukan analisa terhadap berbagai kasus yang telah dihadapi, terkait dengan penugasan seperti Data Analysis, Computer Fraud, IT Governance dan Security Review. Disamping itu, dilakukan kajian mengenai teori Product Life Cycle terhadap pengembangan IT Audit Group atas dua jenis kelompok jasa IT Audit Group, yaitu internal dan eksternal. Ilustrasi analisa SWOT juga dipaparkan, sebagai pembahasan penyusunan rencana bisnis pengembangan IT Audit Group.Berdasarkan hasil analisa dapat disimpulkan bahwa perkembangan IT Audit Group di KAP XYZ sangat dipengaruhi oleh perkembangan KAP itu sendiri, yaitu merger, dan lahirnya regulasi-regulasi baru yang terkait dengan IT, termasuk diantaranya Sarbanes Oxley dan juga regulasi khusus mengenai IT yang dikeluarkan oleh Bank Indonesia. Namun demikian, seperti layaknya suatu produk, jasa IT Audit yang diberikan oleh IT Audit Group untuk kebutuhan internal, sebagai bagian dari audit laporan keuangan, pada akhirnya mengalami masa maturity. Pada fase ini, IT Audit Group diharapkan dapat melakukan terobosan-terobosan baru, dan khususnya mengembangkan lebih lanjut jasa IT audit kepada pihak eksternal. Analisa pengembangan IT Audit juga dilakukan dengan melihat aspek manusia (SDM), yang merupakan faktor terpenting dalam strategi pengembangan group IT Audit di KAP XYZ. Berdasarkan upaya pengembangan SDM IT Audit Group dan kasus-kasus yang dihadapi dapat diidentifikasi beberapa karakteristik keahlian yang perlu dimiliki oleh IT Audit Group. Karakteristik ini tidak hanya terkait dengan perlunya dibangun suatu kompetensi yang sesuai jenis jasa yang diberikan, melainkan juga aspek non-teknis lain misalnya kemampuan komunikasi dan kepemimpinan.

---

Company uses IT for many purposes, especially effectiveness and efficiency, to increase their level of competitiveness. The investment in IT is not cheap, and therefore management must assure that the initial objective of investing in IT can be achieved. IT Audit is one of the method to assist management to provide assurance of the success of their investment in IT.

Besides financial statements audit, Audit Firm also provides other services such as IT audit. Observing the firm practice to develop other services like this would bring up some valuable and unique insights, because they are not the core business of the Audit Firm. It is interested to understand the way this non-core service, IT Audit Group is being developed, along the way the Firm itself experiencing a significant growth from having employee of around 100 in 1992, to 1,500 in 2010, including through mergers.

The observation is made to KAP XYZ, which started the development of IT Audit Group in 1996. The research is based on analysing the reports and also analysis to various cases encountered in the assignments, such as Data Analysis, Computer Fraud, IT Governance dan Security Review. Additionally, further analysis is conducted using Product Life Cycle Theory and the two types of IT Audit Services in KAP XYZ (Internal and External). An illustration of the SWOT analysis is also explained as part of the discussion of formulating IT Audit Group business plan.

Based on the analysis, it can be concluded that the development of IT Audit Group in KAP XYZ is significantly influenced by the growth of the KAP itself, i.e. merger, and the introduction of new regulations relating to IT, including among others, Sarbanes Oxley and specific regulation such as those issued by Bank Indonesia. As like a product, however, the IT Audit Service that is provided to the internal, has entered its maturity phase. In this phase, the IT Audit Group is expected to come up with breakthrough and especially to further develop the potential of its special IT Audit Services, to the external.

An analysis of the development of IT Audit Group is also made through assessment of people aspect, which is one of the most important factor in the strategy of IT Audit Group. Based on the assessment and also dealing with various cases, we can identify some competency characteristics that must be possessed by the IT Audit Group. These characteristics are not only related to the importance of building up skills relating to types of assignment, but also those non-technical aspects such as communication skills and leadership."

"Penelitian ini bertujuan untuk menganalisis praktek dari auditor KAP XYZ dalam melakukan perencanaan dan prosedur audit untuk mendapatkan bukti audit serta memahami bagaimana auditor mengevaluasi bukti audit yang didapatkan dalam situasi audit jarak jauh karena pandemi Covid-19.. Latar belakang peneilitian ini dikarenakan perubahan cara atau lingkungan dari audit konvensional sebelum pandemi dan saat pandemi, yaitu auditor melakukan audit secara jarak jauh. Penelitian ini dilakukan dengan wawancara pada dua narasumber yang merupakan Assistant Manager pada KAP XYZ. Temuan dalam penelitian ini menunjukan bahwa tidak terdapat banyak perubahan dalam penerapan audit jarak jauh dengan audit konvensional sebelum pandemi Covid-19, namun auditor dari KAP XYZ menekankan bahwa auditor dalam perikatan audit jarak jauh, perlu meningkatkan profesional skeptisisme dan kemampuan analitis yang lebih dalam yang melakukan analisis terhadap bukti audit yang sudah didapatkan untuk menilai apakah bukti audit sudah cukup dan tepat.

---

This study aims to analyze the practice of KAP XYZ auditors in carrying out appropriate audit planning and procedures to obtain audit evidence from audit procedures and understand how auditors evaluate audit evidence obtained in remote audit situations due to pandemic Covid-19. The background of this research is due to changes in the method or environment from conventional audits before the pandemic and during the pandemic, where auditors conduct audits remotely. This research was conducted by interviewing two sources who are Assistant Managers at KAP XYZ. The findings in this study indicate that there are not many changes in the implementation of remote auditing with conventional audits before the Covid-19 pandemic, but the auditors from KAP XYZ emphasize that auditors in remote audit engagements need to increase professional skepticism and deeper analytical skills who perform analysis of the audit evidence that has been obtained to assess whether the audit evidence is sufficient and appropriate."

"Penelitian ini bertujuan untuk menganalisis atribut kualitas audit selama proses Initial Public Offering (IPO) bagi klien audit KAP XYZ. Berbeda dengan audit laporan keuangan umum, audit laporan keuangan untuk proses IPO memiliki fitur yang berbeda yaitu jauh lebih berisiko dan melibatkan berbagai masalah khusus serta berbagai pihak lainnya. Responden penelitian ini adalah auditor independen yang bertugas mengaudit pada saat persiapan IPO di KAP XYZ. KAP XYZ merupakan Kantor Akuntan Publik kecil di Jakarta, yang memiliki pengalaman mengaudit klien IPO sebanyak empat perusahaan. Pengumpulan data dilakukan melalui penyebaran kuesioner dan wawancara. Analisis dilakukan pada sepuluh (10) atribut yang diturunkan menjadi 24 pernyataan. Hasil analisis ini menunjukkan bahwa due care, keterlibatan komite audit, dan independensi merupakan tiga atribut terpenting dalam kontribusi bagi kualitas audit selama proses IPO. Untuk meningkatkan kualitas audit dalam proses IPO, KAP XYZ melakukan pembekalan bagi auditor melalui pelatihan, perolehan gelar profesi CPA, perekrutan tenaga ahli dalam industri khusus, dan pengimplementasian aplikasi yang user-friendly.

---

This study analyses attributes of audit quality during Initial Public Offering (IPO) process for KAP XYZ’s audit client. In contrast to general audit, audit for the IPO process have a different feature, which is much riskier and involves various special issues and various other parties. The respondents of this research were independent auditors in charge for audit during the IPO preparation at KAP XYZ. Data collection is carried out through the distribution of a questionnaire and interviews. The analysis was carried out on ten (10) attributes which were reduced to 24 statements. The results of this analysis indicate that due care, audit committee involvement, and independence are the three most important attributes in contributing to audit quality during the IPO process. To improve audit quality in the IPO process, KAP XYZ provides auditors with training, acquiring professional title such as CPA, recruitment of experts in specific industries, and implementation of user-friendly applications"

"Laporan magang ini akan menyajikan tentang bagaimana kebijakan akuntansi PT ABC INDONESIA terkait akun pendapatan mereka. Dalam laporan magang ini juga akan disajikan prosedur audit pendapatan pada PT ABC INDONESIA, serta akan dibandingkan dengan prosedur audit dalam teori. Adapun prosedur yang dilakukan KAP XYZ INDONESIA adalah sesuai dengan pedoman audit yang mereka miliki. Secara umum, semua prosedur yang dilakukan KAP XYZ INDONESIA telah sesuai dengan standar audit dalam teori.

---

This apprentice report will provide an overview of the accounting policies of PT ABC INDONESIA regarding their income accounts. In this apprentice report will also be presented income audit procedures at PT ABC INDONESIA, and will be compared with the audit procedures in theory. The procedures performed KAP XYZ INDONESIA is in accordance with the audit guidelines they have. In general, all procedures performed by KAP XYZ INDONESIA are in accordance with the audit standards in theory.Kata Kunci:Audit procedure, revenue, PSAK 23 revision 2014 "

"Pendekatan terbaru dari proses audit internal adalah dengan memasukkan konsep manajemen risiko ke dalam prose audit internal. Audit internal dituntut untuk mengerti analisis risiko yang akan berguna dalam proses pengambilan keputusan tentang apa yang akan dilakukan, berapa banyak waktu dan sumber daya yang dibutuhkan dari suatu kegiatan audit dan hal - hal penting yang perlu dilaporkan sehingga audit internal dapat memberikan nilai tambah bagi perusahaan. PT XYZ adalah salah satu perusahaan yang telah menerapkan proses audit internal berbasis risiko. Tujuan dari penelitian ini adalah untuk memperoleh gambaran tentang efektifitas peranan audit, proses manajemen risko serta proses audit internal berbasis risiko pada PT XYZ. Metode yang digunakan dalam penelitian ini adalah metode analisis deskriptif, dimana data diperoleh peneliti, dianalisis dan dibandingkan dengan beberapa teori yang ada. Berdasarkan hasil penelitian, peneliti menyimpulkan bahwa Departemen Audit Internal PT XYZ masih belum bekerja secara efektif. Proses pengendalian risiko di perusahaan di bagi kedalam tiga bagian dimana pengendalian risiko operasional perusahaan merupakan tanggung jawab dari pihak Audit Internal. Jika dilihat dari tiga garis pertahanan manajemen risiko, proses manajemen risiko yang diterapkan oleh perusahaan masih belum sesuai. Auditor terlibat dalam penyusunan perencanaan strategi dan proses manajemen risiko secara langsung. Hal ini membuat proses audit berbasis risiko belum berjalan optimal di dalam perusahaan. Namun, metode risk based internal audit yang dilakukan dapat membantu auditor untuk memfokuskan sumber daya yang dimiliki untuk area audit yang berisiko tinggi sehingga risiko tersebut dapat dikelola dengan baik. PT.XYZ memakai program dokumentasi audit berbasis risiko yang dapat membantu kinerja proses audit.

---

The latest approach of internal audit process is to include the concept of risk management into the internal audit process. Internal audit are required to understand risk analysis that would be useful in the decision making process about what to do, how much time and resources required of an audit activities and important things that need to be reported so that internal audit can add value to the company. PT. XYZ is one of the company that has implemented a risk based internal audit processes. The purpose of this research is to gain an overview of the role of audit effectiveness, process of risk management, and risk based internal audit process in PT XYZ. The method used in this study is a descriptive analysis, in which the researchers obtained data is analyzed and compared with several existing theories.

Based on the research, concluded that the Internal Audit Department at PT. XYZ still not working effectively. The process of risk management in the company is classified into three parts where the company's operational risk management is the responsibility of the Internal Audit. Based on The Three Lines of Defense in risk management, risk management process adopted by the company is still not appropriate. Auditors involved in the preparation of strategic planning and risk management processes directly. This makes the risk based audit process is not optimal in the company. However, methods of risk based internal audit can assist auditors to focus its resources on high-risk audit areas so that these risks can be managed properly. PT. XYZ using a risk based audit program documentation that can help the performance of the audit process."

"Pesatnya perkembangan proses audit menggunakan pendekatan data analytics menawarkan manfaat kompetitif yang signifikan bagi organisasi yang dapat memanfaatkan lingkungan berbasis data, termasuk kantor akuntan publik. Namun pada saat ini belum banyak kantor akuntan publik yang memanfaatkan data analytics. Penelitian ini bertujuan untuk mengevaluasi kesiapan implementasi data analytics dalam audit pada KAP DNA, salah satu kantor akuntan publik terbesar di dunia yang berafiliasi internasional. KAP DNA telah menginisiasi penggunaan data analytics mulai dari tahun 2016. Proses penelitian ini dilakukan dengan metode kualitatif dimana narasumber dipilih berdasarkan snowball sampling sejumlah 5 narasumber yang terdiri dari manajer senior, manajer, dan senior auditor. Alat ukur evaluasi kesiapan menggunakan kriteria Acatech indeks maturitas industri milik Schuh et al. (2017) yang telah dikembangkan di penelitian Gürdür et al. (2019). Kriteria tersebut terdiri dari kesiapan sumber daya, kesiapan sistem informasi, kesiapan budaya, dan kesiapan organisasi. Berdasarkan hasil penelitian, KAP DNA memiliki tingkat kesiapan menengah secara umum. Hal ini disebabkan oleh tantangan seperti kurangnya kemampuan auditor, kekurangan sumber daya manusia tim khusus data analytics, dan perangkat yang belum memadai. KAP DNA direkomendasikan untuk mempertimbangkan menambah pelatihan terkait data analytics kepada auditor di saat low season, merekrut karyawan tambahan di tim khusus data analytics, dan menyediakan perangkat yang memadai.

---

The rapid development of the audit process using a data analytics approach offers significant competitive advantages for organizations that can take advantage of a data-driven environment, including public accounting firms. However, currently not many public accounting firms are utilizing data analytics. This study aims to evaluate the readiness to implement data analytics in audits at KAP DNA, one of the world's largest public accounting firms with international affiliations. KAP DNA has initiated the use of data analytics starting in 2016. This research process was carried out using a qualitative method where the informants were selected based on snowball sampling of 5 sources consisting of senior managers, managers, and senior auditors. The measuring instrument for readiness evaluation uses the Acatech industrial maturity index criteria belonging to Schuh et al. (2017) which has been developed in the research of Gürdür et al. (2019). The criteria consist of resource readiness, information system readiness, cultural readiness, and organizational readiness. Based on the research results, KAP DNA has a medium level of readiness in general. This is due to challenges such as lack of auditor capabilities, lack of human resources for dedicated data analytics teams, and inadequate tools. KAP DNA is recommended to consider adding training related to data analytics to auditors during low season, recruiting additional employees in a dedicated data analytics team, and providing adequate tools."

"

Laporan Magang ini menganalisis kebijakan akuntansi Universitas XYZ atas akun pendapatan berdasarkan SAK ETAP. Laporan ini juga membahas prosedur audit dilakukan oleh KAP ABC atas akun pendapatan Universitas XYZ dengan menggunakan kerangka analisis berbasis International Standards on Auditing (ISA) terkait dengan prosedur audit. Berdasarkan analisis yang telah dilakukan, kebijakan akuntansi terkait pengakuan pendapatan Universitas XYZ telah sesuai dengan aturan yang terdapat pada SAK ETAP, namun pada praktiknya, pengakuan pendapatan tidak dilakukan sesuai dengan kebijakan akuntansi yang ada. Selain itu, prosedur audit yang dimiliki oleh KAP ABC telah sesuai dengan ISA. Namun, ditemukan perbedaan antara prosedur audit dengan implementasi yang dilakukan oleh tim audit KAP ABC.

 

---

The purpose of this internship report is to analyze University of XYZ’s accounting policy on revenue account according to SAK ETAP. This report also analyzes ABC public accounting firm’s audit procedure on University of XYZ’s revenue account with framework analysis based on International Standards on Auditing regarding audit procedure. Based on the analysis, University of XYZ’s accounting policies on revenue recognition has complied with SAK ETAP as the guide, however the practice on revenue recognition has not complied with the university’s policies. While, ABC’s audit procedure has complied with ISA, although there’s differences on the audit procedures and the implementation that has been done by ABC’s audit team.

 

"

"Information technology (IT) has been developing rapidly throughout the last decade. Many organizations have been using computerized information system in their operations and preparing the financial statement. Hence, in the computerized information system environment, the quality of information is being questioned since accurate and reliable information is crucial. in view of that, people then seek professional assurance towards information that is provided by a computerized system. In order to provide such assurance, accounting firms such as KAP XYZ provide the information system (IS) audit. The IS audit is conducted as part of the financial audit and it is crucial for financial audit since its outcome provides an assurance that the computerized information system has been designed and operated to produce reliable data. Thus, the employment of IS audit increases the level of assurance in the financial audit. The employment of IS audit influences the financial audit process. However, the influence is significant only in the financial audit engagement involving client with complex IT environment. In such case, IS audit procedures influence the financial audit procedures and cause a change in the flow of financial audit process. This thesis tries to link the role of financial and IS auditors in the audit engagement involving client with complex IT environment. The link is illustrated into process flowcharts which are derived from several sources such as from literature as well as from practitioner, that is, KAP XYZ, one of the big four accounting firms in Indonesia."

"PT XYZ adalah sebuah perusahaan yang bergerak dibidang teknologi keuangan. Didirikan pada tahun 2020, PT XYZ menghubungkan berbagai layanan yang disediakan oleh PT ABC sebagai induk perusahaan. Pengembangan perangkat lunak di PT XYZ dilakukan dengan menggunakan kerangka kerja Scrum. Dalam pelaksanaannya terjadi banyak keterlambatan penyelesaian Sprint, dimana dari 18 Sprint yang dijalankan pada tahun 2021, 10 diantaranya mengalami keterlambatan penyelesaian Sprint. Hasil identifikasi menunjukkan adanya masalah terkait dukungan organisasi dan kurangnya pemahaman terkait Scrum, yang mengindikasikan bahwa perusahaan dinilai belum siap mengimplementasikan Scrum. Penelitian ini bertujuan untuk menilai tingkat kesiapan organisasi dalam melakukan pengembangan perangkat lunak menggunakan kerangka kerja Scrum dan memberikan rekomendasi untuk meningkatkan kesiapan. Penelitian ini menggunakan Scrum Project Readiness Self-Assessment untuk menilai tingkat kesiapan organisasi terhadap pengembangan perangkat lunak menggunakan kerangka kerja Scrum. Dari hasil penelitian, didapatkan kesimpulan skor kesiapan organisasi dalam pengembangan perangkat lunak menggunakan kerangka kerja Scrum sebesar 67 dari maksimum 84. Organisasi dinyatakan siap dan dapat berhasil dalam mengimplementasikan Scrum, namun terdapat beberapa masalah yang harus diselesaikan untuk memastikan pengerjaan produk sesuai rencana. Masalah yang teridentifikasi yaitu pemahaman Scrum di organisasi masih kurang dan automation testing belum digunakan dalam instrumen pengujian. Berdasarkan masalah yang teridentifikasi, perusahaan direkomendasikan merekrut Scrum Master profesional untuk melatih organisasi dan menerapkan Test-Driven Development dalam melakukan pengembangan.

---

PT XYZ is a company engaged in financial technology. Established in 2020, PT XYZ connects various services provided by PT ABC as the parent company. Software development at PT XYZ is carried out using the Scrum framework. In its implementation, there are many delays in completing Sprints, where out of 18 Sprints carried out in 2021, 10 of them experienced Sprint completion delays. The results show that there are problems related to organizational support and a lack of understanding regarding Scrum, which indicates that the company is considered not ready to implement Scrum. This study aims to assess the level of organizational readiness in carrying out software development using the Scrum framework and provide recommendations to improve readiness. This study uses the Scrum Project Readiness Self-Assessment to assess the level of organizational readiness for software development using the Scrum framework. From the results of the study, the conclusion of the organizational readiness score in software development using the Scrum framework is 67 out of a maximum of 84. The organization is declared to be ready and can be successful in implementing Scrum, but there are several problems that must be resolved to ensure product work according to plan. The identified problems are that the understanding of Scrum in the organization is still lacking and automation testing has not been used in the testing instrument. Based on the problem, the company is recommended to recruit a professional Scrum Master to train the organization and apply Test-Driven Development in developing development."

"Keamanan informasi merupakan aspek penting dan didukung oleh laporan yang dikeluarkan oleh Internal Audit Foundation yang berjudul Risk in Focus 2024 Global Summary disebutkan bahwa risiko paling besar yang akan dihadapi di tahun 2024 adalah Cybersecurity and Data Security dengan skor 73% untuk rata-rata worldwide. Berdasarkan report yang dikeluarkan oleh International Business Machine (IBM) berjudul Cost of a Data Breach Report 2023 dibutuhkan waktu rata - rata 204 hari untuk mengetahui adanya kebocoran data yang dialami pada instansi atau organisasi terdampak, serta membutuhkan waktu 73 hari untuk menanggulangi kebocoran data tersebut. Dalam rangka mewujudkan digitalisasi tersebut dilakukan implementasi sistem Audit Management System (AMS) yang dapat mengakomodir proses audit mulai dari tahap Planning, Execution, dan Reporting serta proses tindak lanjut rekomendasi baik yang dihasilkan dari audit internal maupun audit eksternal. Penggunaan AMS tidak terlepas dari risiko, akses menuju AMS dapat dilakukan tanpa Virtual Private Network (VPN). Dalam penelitian ini dilakukan risk assessment berbasis standar ISO/IEC 27005:2022 dengan mengusulkan metode penghitungan konsekuensi berdasarkan klasifikasi data yang ada dalam sistem dan metode peghitungan kemungkinan berdasarkan proses bisnis yang memiliki dampak ke kerentanan sistem serta risiko yang perlu dimitigasi akan digunakan ISO/IEC 27002:2022 sebagai standar untuk mengantisipasi risiko yang terjadi. Hasil pemeriksaan risiko diketahui terdapat 24 risiko dengan 1 risiko level sangat tinggi, 3 risiko level tinggi, 8 risiko dengan level sedang, 11 risiko dengan level rendah, dan 1 risiko dengan level sangat rendah yang terdapat pada departemen audit internal XYZ.

---

Information security is an important aspect and supported by a report issued by the Internal Audit Foundation entitled Risk in Focus 2024 Global Summary. Biggest risk that will be faced in 2024 is Cybersecurity and Data Security with a score of 73% for the global average. Based on a report issued by International Business Machine (IBM) entitled Cost of a Data Breach Report 2023, takes an average of 204 days to find out about a data leak by an affected agency or organization, and takes 73 days to overcome the data leak. In order to realize this digitalization, an Audit Management System (AMS) system was implemented which can accommodate the audit process starting from the Planning, Execution and Reporting stages as well as follow-up process for recommendations process. Using AMS is not without risks, access to AMS can be done without a Virtual Private Network (VPN). In this research, a risk assessment was carried out based on the ISO/IEC 27005:2022 standard by proposing a method for calculating consequences based on the classification of data in the system and a method for calculating possibilities based on business processes that have an impact on system vulnerabilities and risks that need to be mitigated. ISO/IEC 27002:2022 will be used to anticipate risks. Results of the risk examination revealed that there were 24 risks with 1 very high level risk, 3 high level risks, 8 medium level risks, 11 low level risks, and 1 very low level risk in the XYZ internal audit department."