<![CDATA[The Audit Management System (AMS) is utilized by the Internal Audit Function to manage audit processes in a structured, documented, efficient, and risk-aligned manner, aiming to provide added value to the organization. This system is supported by the Pentana Audit software, implemented across 22 entities, functioning as a secure platform that records the entire audit process in real-time. This study aims to identify gaps, analyze areas for improvement, assess potential financial and operational impacts, and provide recommendations and mitigation steps related to AMS management. The evaluation applies the COBIT 2019 and ISO 31000:2018 Risk Management frameworks, focusing on five Governance and Management Objectives from COBIT 2019: EDM03, APO12, APO14, DSS03, and MEA04. The novelty of this research lies in the dual-framework approach that systematically integrates COBIT and ISO standards to produce a strategic, risk aligned improvement roadmap. The specific focus on AMS within the Internal Audit context also contributes to strengthening governance and audit risk management. The findings indicate that AMS management has not yet reached full effectiveness, with 13 identified areas of improvement that may cause financial and operational impacts. Key issues include the lack of integration between the audit risk database and ERM, absence of automated notifications, no monitoring dashboard, inadequate data security policies, and suboptimal real-time utilization across entities. APO12 recorded the largest gap, primarily related to IT based audit risk management integration. Recommendations are categorized into three mitigation priorities using an action priority matrix: quick wins, important tasks, and other tasks, with phased implementation over three years.]]>
Copyrights © 2025
