Last Friday, August 18, 2023, KAP Agus Ubaidillah dan Rekan team continued to carry out Technical Gathering on Friday (TGIF) activities for the 20th (twenty) time. 

KAP Agus Ubaidillah dan Rekan (TGS AU Partners) continues to be committed to carrying out TGIF activities with the aim of providing information and learning for all KAP Agus Ubaidillah dan Rekan employees. KAP Agus Ubaidillah and Partners are committed that this TGIF can continue to be developed to become a learning medium for the public.

TGIF speakers were presented by Anggara Aji Wijayanto and Harti Novika as Audit Associates of KAP Agus Ubaidillah dan Rekan (TGS AU Partners). The presentation material presented was about "Material Misstatement Risk Assessment (ISA 315)."

Five Key Components of an Internal Control Framework

Internal control is a process designed and implemented by an organization to ensure goal achievement, operational efficiency, financial reporting accuracy, and regulatory compliance. The components of internal control are often referred to as the "COSO Internal Control Framework" (Committee of Sponsoring Organizations of the Treadway Commission), which is a general guide to internal control.

Here are the five main components of the COSO internal control framework:

  1. Control Environment

The control environment refers to the organizational culture that creates the basis for the entire control system. Factors in the control environment include integrity and ethics, management's commitment to control, leadership style, organizational structure, and human resources policies and practices.

  1. Risk Assessment Process

Companies need to identify and assess risks that could affect the achievement of objectives. This involves identifying possible risks, measuring their impact and likelihood, and determining how to manage or respond to them.

  1. Control Activities

Control activities are concrete actions taken by the organization to reduce risks and ensure the achievement of objectives. Examples of control activities include operational procedures, division of responsibilities, verification and approval, performance monitoring, and information technology that supports controls.

  1. Information and Communication

Internal control requires the exchange of appropriate and relevant information throughout the organization. This includes effective communication about duties and responsibilities, performance measurement, and information about risks and controls.

  1. Monitoring of Controls

Companies need to continuously monitor the effectiveness of the internal control system. Monitoring can be done through internal or external reviews, audits, testing, and reporting on violations or weaknesses found.

The Importance of Auditors Understanding Risk of Material Misstatements (ISA 315)

The risk of material misstatements is a very important concept in conducting an audit. ISA 315 (International Standard on Auditing 315) is a standard that addresses how auditors should understand the risks associated with their client's financial statements. Here are some reasons why auditors need to understand the risk assessment of material misstatement in accordance with ISA 315:

  1. Effective audit planning: Understanding the risks of material misstatement helps auditors plan the audit more effectively. By assessing risks, auditors can identify areas of potentially higher risk and adjust audit planning to address those risks.

  2. Selection of relevant audit evidence: Risk assessment helps auditors determine the type and amount of audit evidence that needs to be collected. Areas of higher risk may require more audit evidence to ensure that the reported financial information is correct.

    Recommendad Article.

  3. Development of sufficient substantial tests: The risk assessment assists the auditor in planning appropriate substantial tests. Substantial tests are in-depth and intensive tests to test the trustworthiness and accuracy of financial information.

  4. Determining the effectiveness of internal controls: Auditors need to understand how internal controls work in reducing the risk of errors. By understanding risk assessment, auditors can assess whether internal controls are effective enough or whether further testing is needed.

  5. Assessment of overall audit risk: The risk assessment of material misstatement helps the auditor in combining information about risks relating to the environment and risks specific to the financial statements. This helps in the overall assessment of audit risk.

  6. Providing recommendations for improvement: By understanding the risks, the auditor can provide recommendations to management on improvements to controls or business processes to reduce the risk of errors.

  7. Reporting to interested parties: Understanding risks enables auditors to provide more informative and relevant reports to interested parties, such as management, boards of directors, and investors.


All the main components of the internal control framework are interconnected and support each other in building a solid internal control framework. Good internal controls help an organization achieve its objectives efficiently, avoid loss or abuse, and provide assurance to management and outside parties that operations are sound and reporting is accurate. 

In order to comply with ISA 315, auditors must have a solid understanding of the client's business environment, the internal controls in place, and the risks associated with material errors in the financial statements. All of this is important to ensure that the audit is performed properly and the resulting financial statements are accurate and reliable.

Recommendad Article.