Evaluation of Internal Audit Role as a Governance, Risk and Compliance Partner, Trusted Advisor and Value Driver to Implement Strategy

Abstract

This study aims to evaluate the alignment of the scope of internal audit activities with the strategy of Indonesia’s Social Health Insurance Provider (BPJS Kesehatan). The perception of the added value provided by the internal audit is often described as hazy and enigmatic. Therefore, Eulerich and Lenz (2020) defined the internal audit role into three scopes: Governance, risk and compliance (GRC) partner, trusted advisor and value driver. This qualitative research uses a case study method by collecting internal organisational documents, questionnaire surveys and interviews. The results show that BPJS Kesehatan’s internal audit can act as both a GRC partner and a trusted advisor. However, its internal audit activity is not prepared and aligned with the implementation of the organisation’s strategy. The internal audit function is nevertheless moving towards aspects in which it may add more value to the success of the organisation’s strategy.