The In luence of COSO Organizational Framework Implementation on the Quality of Internal Control in Group of Companies Dani Prisma Mitra (DPM)

This study analyzed the perception of organization members of the group of company in Dani Prisma Mitra (DPM) about the influence of COSO organizational framework consisting of company ethical environments, risk management training and internal audit activities on the quality of internal control procedures. Population in this research is all employee in finance and non-finance department with the level of supervisor and upward at DPM. Hypothesis testing used multiple regression analysis with a discussion of contingency theory. Hypothesis testing concluded that company ethics environments and internal audit activities have the positive and significant influence on the quality of internal control procedure, while risk management activities have a positive but not significant effect on to the quality of internal control procedure.


INTRODUCTION
This study analyzed the perception of organization members of the group of company in Dani Prisma Mitra (DPM) about the in luence of COSO organizational framework consisting of company ethical environments, risk management trainings and internal audit activities on the quality of internal control procedures. Population in this research is all employee in inance and non-inance department with level of supervisor and upward at DPM. Hypothesis testing used multiple regression analysis with discussion of contingency theory. Hypothesis testing concluded that company ethics environments and internal audit activities have positive and signi icant in luence to the quality of internal control procedure, while risk management activities have positive but not signi icant effect on to the quality of internal control procedure.

BUSINESS STUDIES ipmi
The existence of the internal control in an organization is very important to support the survival and achievement of its mission. An organization needs internal control to provide greater assurance for the achievement of operational objectives, inancial reporting, and for purposes of compliance to laws or regulations. Internal controls help to ensure that the directions, policies, procedures and practices that are designed and approved by management and the board of commissioners are appropriate and functioning as expected (COSO, 2006). A general de inition of internal control is a process run by board of commissioners, management, and other personnel of the company designed to provide reasonable assurance for 3 (three) objectives namely (a) inancial reporting reliability, (b) effectiveness and ef iciency of operations; (c) compliance to applicable laws and regulations (COSO, 2006;PSA 69, 2011).
The Committee of Sponsors of Organizations of the Treadway Commission (COSO, 1994) provides Seeing the importance of the objective of achieving internal control within the framework of 3 (three) organizational factors of COSO, the authors propose a research proposal under the title The Implementation of Organizational Framework of the COSO on the Quality of Internal Control in Group of Companies Dani Prisma Mitra (DPM) by studying at the perceptions of the organization's members about the in luence of the company ethical environments, risk management trainings and internal audit activities on the quality of internal control procedures.

LITERATURE REVIEW Internal control
According to Anthony (2006) to achieve internal control objectives, management is responsible for organizing and maintaining internal activities in accordance with 5 ( ive) interrelated components and must be applied at all organizational levels starting at entity level to transaction or business process level. These ive components refer to the Internal Control Integrated Framework (COSO, 1992) as describe in the igure 1.
Control environment is the organizational and cultural structure established by management and workers to maintain the sustainability of organizational support for organizational effectiveness. Risk Assessment Management must identify internal and external risks that can prevent the organization from achieving its objectives. In identifying risks, management should consider the auditor's previous indings, internal (information and communication) and monitoring (monitoring). Furthermore, in January 2009, COSO issued Guidance on Monitoring of Internal Control Systems which provided a model for enterprise management to design and implement the internal control assessment program (Tsay, 2010).
The failures to implement internal controls occurring in the global and or national companies did not re lect that the company had not a series of internal control procedures in place to authorize the transactions. Thus, prevention from the failures of internal control function and to ensure the objectives of internal control can be achieved, it is necessary to implement the quality internal controls throughout the organization (APB, 1995). The quality of internal control procedures refers to the design of internal control policies and procedures within the organization and the level of compliance to the policies and procedures of internal control by all employees within the organization .
This research is based on research conducted by  under the title "Quality of Internal Control Procedures Antecedents and Moderating Effects on Organizational Justice and Employee Fraud". The selection of three organizational factors is based on the COSO's internal control system framework, that the organization's internal environment, risk assessment policy, activity monitoring can be clearly seen to be different elements of a larger system of management controls related to the quality of internal control procedures (COSO , 2004;Prasetyo, 2011). This study was different with research conducted by  where in this study not to include the in luence of moderation of organizational and fraud justice factors. Research conducted by , and Prasetya (2011) have con licting results with each other. The research was conducted in a group of company called DPM, a group of companies that have business in the national restaurant chain, plantation, hotels and pleasures, processing/logistic and manufacturing, so it was expected that the assessment of risk management and internal audit activities tend to be the same. Control activities include policies, procedures and mechanisms to achieve organizational goals. Communication Information should be communicated to relevant personnel at all levels of the organization. Information must be relevant, reliable and timely. Monitoring of the effectiveness of internal control should be undertaken in normal business. In addition, regular review, reconciliation or comparison of data should be included as part of routine tasks assigned to designated personnel. Periodic assessments should be integrated as part of continuous monitoring of management of internal controls.

Contingency Theory
Contingency theory argues that the design of the control system depends on the organizational setting context then contingency theory emerges as responses to the approaches the arguments that optimal control designs can be applied to all settings and irms. This universalistic approach is a natural extension of scienti ic management theory that says that there is an optimal system for designing operational processes in order to maximize ef iciency (Pock, 2007). Asel (2009) asserted the unique factors of each event or situation encountered will strongly in luence the design and implementation of Management Control System (MCS) in an organization. Furthermore, two organizations will not have the same internal control system unless the organization is identical (COSO, 1994). Therefore, the contingency approach to MCS then to identify the best design and implementation in the context of organizational uniqueness (Chenhall and Capman, 2009).
The organization shall apply adequate internal control systems to ensure that organizational activities are carried out in an effective and ef icient manner, the availability of information reliability and compliance to applicable laws and regulations. Internal Control System or MCS is a process by which managers ensure that resources are obtained and used effectively and ef iciently in order to achieve organizational goals (Antony in Asel, 2009) and have 2 (two) objectives of providing information which is useful for management and helps to assure appropriate employee behavior patterns to achieve organizational goals (Asel, 2009).

The Company's Environmental Ethics Effect on Quality of Internal Control Procedures
In the context of contingency theory, decision making by members of the organization is in luenced by individual factors and organizational factors. Individual factors (knowledge, values, attitudes and attention) interact with organizational factors (the in luence of co-workers and opportunities) in luence the dilemma of ethical or unethical decision making (Ferrel and Gresham, 1985).
Research conducted by  explained that in a more ethical environment, employees tended to follow company rules and regulations and it was viewed as morally acceptable. Elias (2004) concluded that public accountants working for companies with high ethical standards perceive earning management activities to be more unethical. While  proved that the company ethical environments had a positive effect on the quality of internal control procedures. Based on the above research, the irst hypothesis of this research are: H1: The corporate ethics environments positively affects the quality of internal control procedures

Effect of Risk Management Trainings on the Quality of Internal Control Procedures
The achievement of organizational goals is a continuous process so that the understanding of risk management must also always be updated. Therefore, risk management training for members of the organization was a very important element in risk management and should always be updated about the type of risk and design of internal controls because the organization was in a dynamic environment (Farrugia, 2002).
Risk management training also causes members of the organization could to map risk relationships between parts of the organization and the implications of internal control failures against the organization in general.  con irmed that risk management training positively in luences the quality of internal control procedures. Based on the above research, the second hypothesis of this study are: H2: Risk management trainings positively affects the quality of internal control procedures This approach made enterprise risk management training tailored to the context of operational and organizational needs. Kramer's (2003) research on risk management training to organizational members stated that members of organizations that were actively trained with risk management tend to be more accurate in identifying threats to the organization as a result of weakness or lack of internal control.

RESEARCH METHODS
This research type was hypothesis testing research (hypothesis testing). Hypothesis testing is a study that aims to test the hypothesis and generally is a study that explains the phenomenon in the form of relationships between variables. The type of data in this study were subject data in the form of opinions, attitudes, experiences or characteristics of a person H3: Internal audit activities have a positive effect on the quality of internal control procedures

Theoretical Framework and Formulation Hypotheses
The problem in this research was how know the perception of organization members to the company ethical environments in improving the quality of internal control. In addition, the risk management trainings will enable organizational members to recognize threats to the organization, as a result of weaknesses in the quality of internal control procedures, getting better and giving employees deep insight into the importance and the bene its of compliance with established procedures.
Internal audit activities cover the areas of inance and non-inance as well as inancial and noninancial procedures that will improve the quality of internal control procedures. The indings and recommendations of internal audit results on the weaknesses in the internal control system will be addressed by improvements to the procedures established so that ultimately will improve the quality of internal control procedures. The low of thought is described in the igure 2.

Effect of Internal Audit Activity on the Quality of Internal Control Procedures
The monitoring system used will be adjusted to the circumstances or the environment of the company. One form of supervision is the formation of an internal audit function that plans and conducts internal audits. The good and appropriate plan of internal audit program is expected to identify areas where control or supervision is not fully functioning, and the existence of systems and procedures are not clear. Fadzil et al. (2005) found that the management of the internal audit department, professional expertise, review and objectivity signi icantly affected the monitoring / supervision aspects of the internal control system.   In luence of independent variable to dependent variable in test on signi icance (α = 5%).

RESULTS AND DISCUSSION
DPM consists of 12 (twelve) companies engaged in different types of business. The names of companies in the study are deliberately abbreviated as part of research ethics. Then from each company selected respondents who come from the inancial and noninancial. Respondents from inance and noninancial division came from 2 (two) companies that contributed the largest sales and high operational or group of people who become the subject of research or respondents.

Research Variables 1. Risk Management Trainings
Farrugia (2002) stated that employee was a key element in risk management and something that required constant reassessment of the types of risks and controls as long as the organization operates in a dynamic environment. Employees who were actively trained in risk management recognize more threats to the organization more accurately, as a result of weak internal control (Kramer, 2003)

Internal Audit Activities
The Institute of Internal Auditors (IIA) (1999) provided a new de inition of internal auditing as an independent activity in setting goals and designing value added advisory activities and improving company operations. Thus, internal audits assist the organization in achieving its goals by a systematic and systematic approach to assessing and evaluating the effectiveness of risk management through control and governance processes. The measurement of this variable uses 13 (thirteen) items adapted from statements in the questionnaire concerning the Internal Global Practices Audit Benchmarking Questionnaire by Price Waterhouse Coopers (2004).

The Quality of Internal Control Procedures
According to the Professional Standards of Certi ied Public Accountant -Standar Profesional Akuntan Publik (SPAP), SA Section 319; paragraph 06, internal control is a process undertaken by board of commissioners, management, and other personnel entities designed to provide reasonable assurance about achievement of the following three classes of objectives: (a) reliability of inancial reporting, (b) effectiveness and ef iciency of operation, and (c) compliance with applicable laws and regulations. While the quality conception of internal control procedure refers to 2 (two) things were the quality of the internal accounting control design and the compliance of members of the organization to run the policies and procedures .
The measurement of this variable used 11 (eleven) questions adapted from a nation-wide over-control survey by CPA Australia (2003) and Harrer (2008).
Measurement of the answer of each question item using Likert scale 5 ( ive) points, namely: VS (Very Strong) rated 5, Answer Strong (Strong) rated 4, Answer N (Neutral) rated 3, Answer Weak (Weak) value 2, VW (Very Weak) is rated 1. complexity, while the remaining respondents only came from the inance department of 10 (ten) other companies. The statistical data of sample distribution as describe in the table 1.

The Company's Environmental Ethics Effect on Quality of Internal Control Procedures
Hypothesis test resulted that hypothesis I (H1) which stated that the company ethical environments positively affect the quality of internal control procedures was accepted. This research also supported by descriptive statistics of research variables. Descriptive statistics of research variables showed the mean value of internal research procedure quality of 38.5 with a standard deviation of 4.93, greater than the theoretical middle value 33. The actual value of the mean variable internal research quality variable of 38.5 means the mean value of each attribute is 3.52 (38.5 /11). The respondent's answer between neutral and half strong means that the respondents said the quality of internal control procedures that run in DPM tend to be strong.
Descriptive statistics of the research variables also showed the true mean value of the corporate ethical environments of 18.7 with the standard deviation of 2.45, and also greater than the theoretical middle value 15. The true mean value of the irm ethical environments is 18.7 means the mean value of each attribute is 3.74. Respondents' answer between neutral and close to agree means that the company ethical environments in DPM exempli ied by the ethical behavior of the company leadership goes well.
The study proved that a good corporate ethics environments applied and exempli ied by the company leadership will signi icantly improve the quality of internal control procedures. Elias (2004) mentioned that employees perceive implicit forms of institutionalizing ethics for example, leadership and organizational culture to be more effective than explicit forms such as codes of ethics to shape ethical behavior. Ethical and unethical decisionmaking will be in luenced by contingency factors that are individual factors and organizational factors (Ferrel and Gresham, 1985).

The Effect of Risk Management Training on Quality of Internal Control Procedures
The result of hypothesis test showed that hypothesis II (H2) which stated that risk management training has positive effect on quality of internal control procedure was rejected.
Descriptive statistics of research variables as in table 4.9 does not support the results of hypothesis testing statistically.
The descriptive statistics of the research variables igured that the mean value of a risk management training variable is 17.7 with a standard deviation of 2.99, greater than the theoretical middle value of 15. The real mean value of the risk management training variable is 17.7 means the mean value of each attribute is between 3.54 (17.7/5). This indicated that the respondents answered between close to neutral and half agree on the routine of risk The statistical calculation of t test showed that the hypothesis was rejected. The rejection can be seen in the comparison of the true mean value of 17.7 compared with the theoretical mean value of 15. The statistical comparison of the real value with the theoretical value is not signi icantly different which was shown at the sig value. (H0) was accepted or rejection on alternative hypothesis, in this case the alternative hypothesis was hypothesis 2. The null hypothesis (H0) says there was no difference between the real value and the value theoretical mean, while the alternative hypothesis explained that there was a difference between the real mean and the theoretical mean. Acceptance of the null hypothesis (H0) showed that risk management training performed would not signi icantly affect the quality of internal control procedures.
Based on contingency theory, risk management training should be tailored to contingency factors consisting of external environmental factors, technology, strategy and organizational size (Ferrel and Gresham, 1985). The results of this study concluded that considering these contingency factors in risk management training would not have a signi icant effect on the quality of internal control procedures

Effect of Internal Audit Activity on Quality of Internal Control Procedures
The hypothesis test result showed that hypothesis III (H3) that stated there was positive in luence between internal audit activity and quality of internal control procedure accepted. The results of this study were also supported by descriptive statistics of research variables. The mean value of internal audit activity variable is 46.2 with a standard deviation of 6.72 being greater than the theoretical core value of 39, which means that internal audit activity in DPM tends to be strong.
The mean value of internal audit activity variable is 46.2 means the mean value of each attribute is 3.55. This means that the respondent answered between neutral and half strong over the implementation of internal audit activities in the DPM. Contingency factor in internal audit activities was supervision system must be adjusted to company requirement. This study proved that the supervision system through internal audit activities performed positively affect the quality of internal control procedures.

CONCLUSION AND RECOMMENDATION
The result of statistical test of organizational member's perception about the in luence of company ethical environments, risk management trainings and internal audit activities on the quality of internal control procedures in DPM by using multiple regression can be summarized as follows: 1. The company ethical environments had a positive and signi icant in luence on the quality of internal control procedures. This means that a high corporate ethical environment would improve the quality of internal control procedures.
2. Risk management trainings had a positive but insigni icant effect on the quality of internal control procedures. This means that risk management training did not have a signi icant impact on improving the quality of internal control procedures.
3. Internal audit activities had a positive and signi icant in luence on the quality of internal control procedures. This means that high internal audit activities would improve the quality of internal control procedures.
Contribution this research to DPM is that the DPM' managements need to set the standard of corporate ethics values to support the achievement of the quality internal quality control procedures and prepare suf icient resources to support internal audit activities. In addition, because the risk management training did not effect on the quality of internal control procedures, it is necessary to do alternative activities such as supervision of risk management implementation in each company to support the achievement of corporate objectives.