d. Better buy-in to planned corrective action. e. More efficient audit process. f. Risk assessment documentation of each department. With or without Control Self-Assessment CSA, external auditor had a very close relation with internal auditor during the audit process. Management can ask external auditor to review internal auditor work that had been planned for prior year and report their work quality. Through the Control Self-Assessment CSA these relation should be more tight and cooperative for the successful of general audit or financial statement audit in the client companies. To decide the influence of internal auditor works to audit process, external auditor should Considering competence and objectivity of internal auditor, and Evaluate the quality of internal auditor works Sawyer’s, 2003.

2. CSA Approaches

The three primary CSA approaches are facilitated team meetings also known as workshops, questionnaires, and management-produced analysis. Organizations often combine more than one approach to accommodate their own self-assessment. Facilitated team meeting gathers internal control information from work teams that may represent multiple levels of employee within the companies or organization. The facilitator is trained and had knowledge about internal control system design. The questionnaire approaches uses a survey instrument that offers opportunities for simple yesno or havehave not responses. Process owners use the survey results to assess their control structure. facilitated meeting or survey. Through this approach, management produces a staff study of the business process. The CSA specialist who may be an internal auditor combines the results of the study with information gathered from sources such as other managers and key personnel. By synthesizing this material, the CSA specialist develops an analysis that process owners can use in their CSA efforts. Research commissioned by The IIA Research Foundation shows that most organizations have selected the CSA workshop approach. The IIA recommends performing an analysis of the organization to determine how effectively it can accept and support candid participant response. If the culture is supportive, The IIA recommends facilitated team meetings. In the event a corporate culture does not support a participative CSA approach, questionnaire responses and internal control analysis can enhance the control environment. Internal auditing should be prepared to validate any internal control representations received.

3. CSA reporting

CSA is a method, develop to gain more deeper information of the companies. It can be done by internal auditor orand external auditor, but in this research more focussing in CSA done by internal audit. Based on the theory and literature review, there are two element included in the scope of CSA method that is hard control and soft control, both element of control can be found in all five components of COSO, for example see ”Internal Control Self-Assessment Form For FTA Grantees“ FTA, 2003, in appendice 5, that is related one and another. Those five components are a. Control environment, specifies the situation in the companies, that will influence people awareness of internal control or self control companies goal congruence, and form a basic about how risk should be handle c. Control activities, assisting policy and procedures assures that management command has been done d. Information and communication, identification, understanding, and transfer of inside information in aform and time framework making people can execute its responsibility e. Monitoring, process that assessing the quality of internal control performance at one time Auditors can effectively evaluate hard controls e.g., bank reconciliations, credit approvals by traditional auditing procedures such as reperformance, confirmations, inspections, and physical observation. These procedures are far less effective in evaluating critical soft controls such as management’s integrity and ethical values, management’s commitment to competence, or management’s philosophy and operating style Based on joseph and Engle statement, researcher concluded that hard control is the element that is influenced by actual and physical evidence, such as review of cash and bank, expense, credit approval, etc. Soft control is the element that is not depend on actual and physical evidence, but its more likely an environment quality that will effect to companies components performance, such as management integrity, conflict between employees orand management, management philosophy of operating style, communication between management and middle level employees, and many others. Based on the explanation on previous paragraph, CSA reporting should comply minimum requirement of those two elements, hard control and soft control, this will differs CSA report with common internal audit reporting. The form of CSA reporting it self is various among auditor, still it has a basic line and 2003 for internal audit report form of CSA in appendice 6.

4. Audit plan