ความคิดเห็นต่อการปฏิบัติงานของผู้ตรวจสอบภายในต่อการจัดการความเสี่ยงของมหาวิทยาลัยเชียงใหม่

Nongram Apichai; duraya Sukthomya

Authors

Nongram Apichai -
duraya Sukthomya Faculty of Business Administration, Chiang Mai University, Thailand.

Keywords:

internal auditors, Chiang Mai University, risk, risk management

Abstract

This research aims to study opinions on operations of internal auditors towards enterprise risk management at Chiang Mai university and to provide guidelines for developing the work of internal auditors to manage risks effectively. The study sample consisted of 249 individuals, including 234 members of the risk management committee responsible for developing risk management plans through the Chiang Mai University Risk Management System (CMU-RM), calculated using the Taro Yamane formula, and 15 internal auditors from Chiang Mai University, selected through purposive sampling. Data was collected using questionnaires. The statistical methods used for data analysis included frequency, percentage, mean, standard deviation, analysis of variance (ANOVA), and pairwise comparison using Fisher’s Least-Significant Difference (LSD) at a statistical significance level of 0.05.

The data analysis revealed that different job positions and durations of work in risk management significantly affect the level of opinion regarding the qualifications of internal auditors according to the International Standards for the Professional Practice of Internal Auditing in risk management at a statistical significance level of 0.05. This is particularly true for knowledge of risk and basic information technology controls, as well as information technology audit techniques. Those holding the position of internal auditor and those with more than 7 years of experience in risk management have significantly lower levels of opinion than other groups. Additionally, differences in the level of opinion regarding the role of internal auditors in the university's risk management in terms of strategy and operations were found, especially in the areas of strategic risk management consulting and information system risk assessment. Internal auditors and those with more than 7 years of experience gave significantly lower levels of opinion than other groups. The research results reflect the limitations in the attitudes and skills of internal auditors, who may focus more on operations than strategic involvement. They also highlight the challenge of enhancing the information technology knowledge and capabilities of internal auditors to align with professional standards and continuously changing risks. The research suggests that internal auditors should be encouraged to understand the organization's strategic direction and develop information technology skills to improve risk management efficiency in accordance with international internal auditing professional standards.

References

Abu Saleem, K. A., & Zraqat, O. M. (2019). The effect of internal audit quality (IAQ) on enterprise risk management (ERM) in accordance to COSO framework. ResearchGate. Retrieved from https://www.researchgate.net/publication/332221482

Ahmed, R. R. (2021). The impact of internal audit on operational risk management in the light of the performance standard for the practice of internal auditing: A field study on a number of private banks in the city of Erbil. Retrieved from https://doi.org/10.26436/hjuoz.2021.9.4.765

Bonrath, D., & Eulerich, M. (2024). The role of internal audit functions in corporate fraud risk management. International Journal of Auditing, 28(1), 144–163. Retrieved from https://doi.org/10.1111/ijau.12342://doi.org/10.1111/ijau.12342

Chiang Mai University. (2024). Chiang Mai University risk management plan for the fiscal year 2024. Retrieved from https://stri.cmu.ac.th/files/risk/2567/แผนบริหารความเสี่ยงมหาวิทยาลัยเชียงใหม่.pdf

ElHaddad, A. A., ElHaddad, N. R., & Alfadhli, M. I. (2020). Internal audit and its role in risk management: Evidence – The Libyan universities. International Journal of Academic Research in Business and Social Sciences, 10(3), 1–15. Retrieved from https://doi.org/10.6007/IJARBSS/v10-i3/6860

Griffith, D. A. (2020). Internal audit and corporate governance: Strengthening accountability, risk management, and compliance. Auditing & Accounting Journal. Retrieved from https://auditingaccounting.com/internal-audit-and-corporate-governance-strengthening-accountability-risk-management- and-compliance

Ministry of Finance. (2018). Regulations of the Ministry of Finance on standards and practices for internal auditing in government agencies B.E. 2561 (2018). Retrieved March 10, 2024, from https://www.cgd.go.th/cs/internet/internet/สพต-ระเบียบ. html?page_locale=th_TH

Ministry of Finance. (2021). Guidelines for risk management in government agencies: Principles of enterprise risk management. Retrieved March 10, 2024, Retrieved from https://www.cgd.go.th/cs/internet/internet/สพต-ระเบียบhtml?page_locale=th_TH

Ministry of Higher Education, Science, Research and Innovation. (2019). Higher Education Act B.E. 2562 [พระราชบัญญัติการอุดมศึกษา พ.ศ. 2562]. Retrieved from https://www.mhesi.go.th/

Office of the Higher Education Commission. (2019). Guidelines for risk management in higher education institutions. Bangkok: OHEC.

Sari, A. M., & Khudri, T. M. Y. (2023). Evaluasi peran audit internal dalam manajemen risiko reputasi. Jurnal Ilmiah MEA (Manajemen, Ekonomi, & Akuntansi), 7(1), 1–10. Retrieved from https://journal.stiemb.ac.id/index.php/mea/article/view/3694

The Committee of Sponsoring Organizations of the Treadway Commission. (2017). Enterprise Risk Management – Integrating with Strategy and Performance. Retrieved March 10, 2024, from http://www.coso.org

The Institute of Internal Auditors. (2017). International professional practices framework (IPPF). Retrieved March 10, 2024, from https://www.theiia.org

The Institute of Internal Auditors. (2020). The IIA’s three lines model: An update of the three lines of defense. Retrieved from https://www.theiia.org/globalassets/site/about-us/advocacy/three-lines-model/three-lines-model-2020.pdf

The Institute of Internal Auditors. (2024). Global internal audit standards. https://www.theiia.org/en/standards/2024-global-internal-audit-standards

Wijaya, E., Pratiwi, G., Surya, D., Permata, H., & Wulandari, J. (2021). Audit methodology in facing financial risk: Perspectives from internal auditors. Golden Ratio of Auditing Research, 1(1), 45–53. Retrieved from https://doi.org/10.52970/grar.v1i1.365

Yamane, T. (1973). Statistics: An introductory analysis (3rd ed.). New York: Harper and Row.