Evaluasi Efektivitas Pengelolaan Audit Management System (AMS) Menggunakan COBIT 2019 dan ISO 31000:2018 di Fungsi Internal Audit

Miharja, Indra Setya (2025) Evaluasi Efektivitas Pengelolaan Audit Management System (AMS) Menggunakan COBIT 2019 dan ISO 31000:2018 di Fungsi Internal Audit. Masters thesis, Institut Teknologi Sepuluh Nopember.

[thumbnail of 6032231052-Master_Thesis.pdf] Text
6032231052-Master_Thesis.pdf
Restricted to Repository staff only
Download (10MB) | Request a copy

Abstract

Audit Management System (AMS) merupakan sistem yang digunakan oleh Fungsi Internal Audit untuk mengelola seluruh proses audit secara terstruktur, efisien, terdokumentasi, dan selaras dengan risiko (risk-aligned), guna memberikan nilai tambah bagi perusahaan. Sistem ini didukung oleh software Pentana Audit yang telah diimplementasikan pada 22 entitas, berperan sebagai sistem pengamanan data (data security system) yang merekam secara real-time seluruh proses audit.
Penelitian ini bertujuan untuk mengidentifikasi gap serta menganalisis area of improvement, menilai potensi dampak finansial dan operasional, serta memberikan rekomendasi dan langkah mitigasi terkait pengelolaan AMS. Analisis dilakukan menggunakan COBIT 2019 dan ISO 31000:2018 Manajemen Risiko, dengan fokus pada 5 (lima) Governance and Management Objectives COBIT 2019: EDM03, APO12, APO14, DSS03, MEA04. Kebaruan penelitian terletak pada pendekatan dual framework yang menggabungkan COBIT 2019 dan ISO 31000:2018 secara komprehensif dan sistematis, menghasilkan peta perbaikan yang lebih strategis dan risk aligned. Fokus pada AMS di lingkungan Internal Audit juga memberikan perspektif baru dalam penguatan tata kelola dan manajemen risiko audit. Hasil evaluasi menunjukkan pengelolaan AMS belum sepenuhnya efektif. Terdapat 13 area of improvement yang berpotensi menimbulkan dampak operasional dan finansial, antara lain belum terintegrasinya database risiko audit dengan fungsi ERM, belum adanya sistem notifikasi otomatis, ketiadaan dashboard pemantauan, lemahnya kebijakan keamanan data, serta pemanfaatan AMS yang belum optimal secara real time di seluruh entitas. Management objective APO12 mencatatkan kesenjangan (gap) terbesar, terutama dalam integrasi manajemen risiko audit berbasis Teknologi Informasi. Rekomendasi disusun dalam tiga kategori prioritas mitigasi dengan menggunakan action priority matrix: quick wins, important tasks, dan other tasks, dengan timeline pelaksanaan hingga tiga tahun. Hasil penelitian ini diharapkan menjadi acuan implementatif bagi Fungsi Internal Audit dalam meningkatkan efektivitas pengelolaan AMS.
==================================================================================================================================
The Audit Management System (AMS) is a system used by the Internal Audit Function to manage the entire audit process in a structured, efficient, documented, and risk-aligned manner, to deliver added value to the company. This system is supported by the Pentana Audit software, which has been implemented across 22 entities and functions as a data security system that records the entire audit process in real time. This study aims to identify gaps, analyze areas of improvement, assess potential financial and operational impacts, and provide recommendations and mitigation steps related to AMS. The analysis adopts COBIT 2019 and ISO 31000:2018 Risk Management frameworks, focusing on 5 (five) selected governance and management objectives of COBIT 2019: EDM03, APO12, APO14, DSS03, and MEA04. The novelty of this research lies in the dual-framework approach, combining COBIT 2019 and ISO 31000:2018 in a comprehensive and systematic manner, resulting in a more strategic and risk-aligned improvement roadmap. Its focus on AMS within the Internal Audit environment also offers a new perspective in strengthening audit governance and risk management. The evaluation results indicate that AMS has not yet reached full effectiveness. 13 areas of improvement were identified, potentially causing operational and financial impacts, including the lack of integration between audit risk databases and the ERM function, the absence of automatic notification systems, lack of monitoring dashboards, weak data security policies, and suboptimal real-time AMS utilization across entities. The management objective APO12 recorded the most significant gap, particularly in the integration of IT-based audit risk management. The recommendations are categorized into three mitigation priority levels using an action priority matrix: quick wins, important tasks, and other tasks, with an implementation timeline of up to three years. The findings are expected to serve as a practical reference for the Internal Audit in enhancing AMS effectiveness.

Item Type: Thesis (Masters)
Uncontrolled Keywords: Efektivitas, Internal Audit, Audit Management System (AMS), COBIT2019, ISO 31000:2018 Manajemen Risiko
Subjects: T Technology > T Technology (General) > T58.5 Information technology. IT--Auditing
T Technology > T Technology (General) > T58.6 Management information systems
Divisions: Interdisciplinary School of Management and Technology (SIMT) > 61101-Master of Technology Management (MMT)
Depositing User: Indra Setya Miharja
Date Deposited: 17 Jul 2025 09:18
Last Modified: 17 Jul 2025 09:18
URI: http://repository.its.ac.id/id/eprint/119935

Actions (login required)

View Item View Item