Phil Crosby once said that “If anything is certain, it is that change is certain. The world we are planning for today will not exist in this form tomorrow.” In the face of a constant changes, everyone, including the internal auditor, must always have an agile mindset and strive for a continuous improvement in both of methodology and tools that is supporting the “Agile Way of Auditing”.

We might witness that in the past one and half years, there are so many dramatic changes in our world that is affecting many aspects of our life, including our work as an internal auditor. Suddenly we must adapt our audit plan due to pandemic, we must change our audit techniques, and perhaps also changed the range of services to continuously providing the added value to our organization.

This is only the beginning. Other changes are certainly to happen in the future. Therefore, in this session, we will discuss the Agility Mindset, Methodology, and Tools that we need to develop our “Agile Way of Auditing” to cope with any changes coming to us ahead.

The internal audit department should continuously strive to be able to meet the increasingly high stakeholder’s expectation regarding the added value of the audit function, with often constrained resources (tight budgets, limited staff, and ever-changing competency demands). It can be difficult to see how it is possible to keep doing more and still provide the baseline assurances stakeholders expect.

Internal Audit department has to find more forward-looking ways of working to adapt to stakeholders’ changing needs. And that technology is a great enabler when fully embraced. But kick-starting an innovative audit culture can’t be easy. Because most internal audit departments work with tight resources, they have little spare time, money, or man power, so they can’t devote the necessary time and energy to be strategic and innovate. In this session, participant will gain insight into creating an internal audit strategy to be innovative and implement it as well as how to overcome the obstacles.

Business today is characterised by pandemic life aspect changes, complexity on increasing digital aspects and economic crisis. This is providing both challenges and opportunities for organisations and while being ready to respond is essential, it’s not easy. Internal Audit should emerge as a key means of giving boards and other stakeholders the confidence to deal with the demands of a dynamic business environment. Increasingly, stakeholders expect their Internal Audit function to ‘look deeper and see further’, acting as a lever for change supporting an organisation’s strategic agenda.

This panel discussion provides insights on Boards and stakeholders’ expectations on Internal Audit in the current and future environment from various aspects (process, technology, talent) and the most important thing, how Internal Audit can build more collaborative relationship with business stakeholders to focus on risks that matter, increasing internal audit’s effectiveness and value to the organization.

Stakeholders, particularly investors, are demanding more and more ESG (Environmental, Social and Governance) reporting because they want to understand the purpose and values of the business and its long term ESG commitments, and to see evidence of the business’s actions and performance in achieving their targets, documented through relevant ESG metrics. In order to respond to the changing demands and growing expectations of companies' financial and non-financial reporting, businesses need to assess their ESG risks and opportunities and developing robust and complete ESG disclosures.

In this session participants will gain insight into the application of ESG activity, reporting and assurance that enhance organizational value and sustainability and learn how internal audit can add substantial value to ESG activities and reporting.

In today’s technologically evolved business landscape and as organizations adopt new digital innovation, their risk of being targeted in cyber-attacks grows. That’s why it is critical that organizations have effective cyber security programs in place. One of key component to the success of these programs is the cyber security auditing. The internal audit department helps organizations identify gaps in their cyber security infrastructure as well as evaluate their compliance with various regulations and laws.

In this session, participants will get best practices to be used as a reference to prepare for a cybersecurity auditing, including overview of simulated cyber-attack against the computer system to check for exploitable vulnerabilities (penetration testing).

IT governance is a framework that provides a structure for organizations to ensure that IT investments support business objectives. In the big picture, IT governance is an integral part of overall enterprise governance. IT governance is part of GRC and GRC can cover more business risks beyond IT. To have an effective GRC, information and data are fundamental. Data is a very important asset for any organisation. Many important decisions are made based on data. Organisations generally look for benefits when harmonising data, but owing to external and internal factors, harmonisation isn’t an easy task. Data Optimisation cannot be done simply by implementing new software, it is instead an ongoing transformation process that needs to be managed and governed.

In this session, participants will get insight on IT Governance predominantly in data management and governance that will benefit in cost efficiency and data quality.

We are currently in an era where innovation runs so fast. This is what then brings changes in business processes. Rapid technological advances play a critical role in the changes that are currently taking place. This is not only happening in the private sector but also government sector. As a consequence, the government's internal audit function must be able to adapt to this new environment and is expected to increase the value for the organization and the government.

This session will provide views on the adaptations made by the government's internal auditors, especially the Inspectorate General (Itjen) of the Ministry of Finance in providing added value to answer the challenges and expectations of the main stakeholder, namely the Minister of Finance as the CFO of the Government of Indonesia which is increasingly complex. In addition, it will discuss innovations in government audits carried out by the Inspectorate General of the Ministry of Finance with changes in working methods and the use of digital technology advances such as the use of computer-assisted audit tools, big data analytics, strategic dashboards in the War Room, as well as the application of one data at the Ministry of Finance. Finance, where this is part of the adaptation carried out to answer the challenges faced.

We are now in the era where rapid innovation has uninterruptly challenged and gradually changed the landscape of the businesses. Technology advancement has indeed played critical role in realising these changes. As consequence, being an integral part of the business, internal audit function should adapt to this new environment in order to remain relevant. Therefore, IA function need to continuously transform and innovate itself to be able to provide value added to the business. The transformation should not solely depict as utilising new technology while executing the regular-existing tasks in the same manner. But even further, Internal Audit functions need to challenge the way they perform their work, to quickly adapt with the changes while ensuring to use the digital technology in leveraging their roles.

The session will elaborate on how will the next generation of Internal Auditing look like. How to manage the internal audit in the future? And what skills and competencies are required for internal auditor to keep up with the contionuously changing business landscape.

In a holding company or business group, the parent company usually determines the corporate governance structure, including the policies and functions of the internal audit within the business group down to the level of the subsidiary company. This is critical yet challenging, because within a large business group, a strong and integrated assurance function is needed to be able to provide an assessment of the adequacy and effectiveness of governance, risk management and internal control throughout the Business Group. However, one thing needs to be bear in mind that the parent and subsidiary companies are different and separate legal entities.

This session will discuss the role of Internal Audit in the Parent and Subsidiary Companies, how is their position and structure, how they can synergize with each other (joint audit, sharing knowledge, etc), and how to formulate audit resource planning (process, technology, talent) to effectively and efficiently carry out Internal Audit with the most optimal coverage alongside with its challenges and limitation in law and regulations.

The COVID-19 pandemic has impacted entire lives in some way, whether it’s changes in internal control caused by remote-working conditions or a decline in operations at the peak of the outbreak. As many businesses shifted to remote operations, the risk of fraud may have increased. Fraudsters may use this condition to conceal their actions. Internal Audit professional standard stated that Internal Audit should consider where fraud risk is present within the business and respond appropriately by auditing the controls (standard 2210.A.2), evaluating the potential for the occurrence of fraud and how the organization manages fraud risk (Standard 2120.A2) through risk assessment, and audit planning.

This session will provide insight regarding fraud risk during this uncertainty condition and equip participants with knowledge how to auditing emerging fraud that might occur.

Currently Internal auditors are increasingly expected to boost the value they bring to their organizations. Some auditors interested in utilize artificial intelligence (AI) to solve this challenge. AI, which leverages algorithms to identify and understand patterns and anomalies within data sets, can help internal auditors more efficiently identify areas of risk and execute many other tasks effectively. As internal audit continues to evolve into a next-gen function, the role of AI in audit should be clearly defined in strategic plans, and internal auditors should collaborate actively with others, including data scientists, business partners and IT to ensure that the internal audit team has access to the infrastructure, technology and expertise required to apply AI in the most appropriate areas.

This collaborative and strategic approach will assist internal audit to the innovative edge of the organization, positioning it as a high-value, trusted advisor and making the audit function an exciting and cutting-edge place to work.

Manage and storage data using the cloud has the advantage from connecting various devices to each other and operating at the same time. The hope of using cloud is the availability of unrestricted access and connectivity of every device. However, all this advantages also must consider the security of the data contained in it. Talking about data security is to ensure how to protect our data from unauthorized access. From here the organization must be able to map the associated risks and plan effective internal control in data security and cloud operations as intended.

Internal Auditors as assurance providers for organizations have challenges to ensure the implementation control of the cloud on organizational activities. The first thing is the auditors to be able to increase their competence in assurance on the cloud. Considering the key controls related to the cloud will develop an audit plan that can ensure the effective use of the cloud and data storage therein.