Tujuan – Penelitian ini bertujuan untuk menganalisis implementasi audit internal berbasis risiko dalam mengevaluasi manajemen risiko perguruan tinggi negeri badan hukum di PTN X.
Metode penelitian – Penelitian ini menggunakan metode kualitatif dengan pendekatan studi kasus. Data dikumpulkan melalui wawancara semi terstruktur, observasi langsung, dan analisis dokumen yang relevan. Teknik pengumpulan data ditujukan pada unit audit internal, auditee, unit manajemen risiko, komite audit, dan konsultan.
Temuan – Hasil penelitian menunjukkan bahwa PTN X telah menerapkan ISO 31000 manajemen risiko dan secara spesifik ISO 37001 Sistem Manajemen Antipenyuapan. Pelaksanaan manajemen risiko telah berjalan dengan baik yang ditandai dengan penyusunan register risiko oleh unit kerja sesuai dengan aktivitas operasionalnya dan PMR telah mengevaluasi isi register risiko tersebut sesuai dengan ketentuannya. Adapun kebijakan antipenyuapan di PTN X telah diperkuat dengan melengkapi dokumen dan prosedur sesuai persyaratan di standar ISO 37001. Sementara itu, SPI telah melaksanakan audit internal berbasis risiko melalui perencanaan audit menggunakan dokumen register risiko auditee. Sejauh ini efektivitas manajemen risiko dan audit internal berbasis risiko dilihat pada hasil audit sertifikasi ISO berupa opportunity for improvement, laporan kinerja PTN X 2024 yang menjelaskan pencapaian kinerja Zona Integritas, serta kesesuaian dokumen unit kerja dengan pedoman manajemen risiko PTN X dan standar audit internal IIA.
Implikasi – Temuan ini menegaskan pentingnya penggunaan teknologi mutakhir dalam proses pengelolaan aset tetap serta pengembangan pusat pelaksanaan Tridharma Perguruan Tinggi dan unit bisnis dalam mendukung optimalisasi sumber pendapatan non-APBN PTN X. Upaya tersebut perlu didukung dengan pelatihan staf yang berkelanjutan agar mereka semakin terampil dan berwawasan luas.
Orisinalitas – Penelitian ini menggunakan teori institusional dalam menjelaskan faktor pendorong PTN-BH menerapkan audit internal berbasis risiko. Temuannya mengungkapkan bahwa pelaksanaan audit internal berbasis risiko di PTN-BH cenderung bertujuan untuk melaksanakan regulasi pemerintah.

Purpose – This study aims to analyze the implementation of a risk-based internal audit in transmitting the management risk of state universities as legal entities at PTN X.
Research Methods – This study used a qualitative method with a case study approach. Data were collected through semi-structured interviews, direct observation, and analysis of relevant documents. The data collection techniques were aimed at the internal auditor unit, auditees, risk management units, audit committee and consultants.
Findings – The study results indicated that PTN X has implemented ISO 31000 risk management and specifically ISO 37001 Anti-Bribery Management System. The implementation of risk management has been running well, which was indicated by the preparation of a risk register by the work unit by its operational activities and risk management units has evaluated the contents of the risk register  by its provisions. The anti-bribery policy at PTN X has been strengthened by completing documents and procedures according to the requirements in the ISO 37001 standard. Meanwhile, SPI has carried out risk-based internal audits through audit planning using auditee risk register documents. So far, the effectiveness of risk management and risk-based internal audits could be seen in the results of the ISO certification audit in the form of opportunities for improvement, the 2024 PTN X performance report explaining the achievement of the Integrity Zone performance, and the conformity of work unit documents with PTN X's risk management guidelines and IIA internal audit standards.
Implications - This finding confirms the importance of using cutting-edge technology in the fixed asset management process and the development of the Tridharma Perguruan Tinggi implementation center and business units in supporting the optimization of non-APBN revenue sources of PTN X. These efforts need to be supported by ongoing staff training so that they become more skilled and knowledgeable.
Originality - This study uses institutional theory to explain the driving factors that motivate PTN-BH to implement risk-based internal audits. The findings reveal that the implementation of risk-based internal audits in PTN-BH tends to aim to implement government regulations.

Kata Kunci : audit internal berbasis risiko, manajemen risiko, ISO 37001, ISO 31000