Add to collection(s) Add to saved
  1. Business
  2. Accounting
  3. Managerial Accounting
Uploaded by Thao Nguyen

Internal Control1

advertisement 
Internal Controls
Corporate Governance
• The way companies are managed to create value, enforce
accountability and control, and mange risks.
• The system by which companies are directed and
managed. It influences how the objectives of the
company are set and achieved, how risk is monitored and
assessed and how performance is optimised
• Objectives
1. To ensure minority shareholders receive reliable information
about the value of firms and that a company’s managers and
large shareholders do not cheat them out of the value of their
investments
2. To motivate managers to maximise firm value instead of
pursuing personal objectives
Corporate Governance
• Not only relevant at the level of the individual
organization
• Has a close relationship to accounting and
accounting information systems
– Key part of the planning and monitoring of
organizational performance will rely on accounting
3
IT Governance
• Concerns with the way the organization uses IT
• Four main objectives
– Ensuring that the IT being used is consistent with the
organization’s goals and meet expectations
– Using IT to make the most of existing business
opportunities and benefits
– Ensuring the organization’s IT resources are used
responsibly
– Ensuring the organization has appropriate
management strategies and techniques for dealing
with IT-related risks
4
IT Governance
Five specific areas that need to be considered
by those with the responsibility of managing IT
– Adding value
– Managing risk
– Matching IT to strategy
– Measuring performance
– Managing resources
5
IT Governance Frameworks
• COBIT: Control Objectives for Information and
Related Information Technology
• COBIT outlines major IT stages
– Plan and organise
– Acquire and implement
– Deliver and support
– Monitor and evaluate
Internal Control
Internal control: the measures an organisation
employs to help attain the objectives of
efficient operations, reliable reporting and
compliance with relevant laws (provided by
COSO)
Internal Control
• Internal control is a process, effected by an entity’s
board of directors, management and other personnel,
designed to provide reasonable assurance regarding
the achievement of objectives in:
– Effectiveness and efficiency of operations
– Reliability of financial reporting
– Compliance with applicable laws and regulations
8
What Makes up an Internal Control System?
• Control environment: the attitude, emphasis and
awareness of an organization’s management towards
internal control and its operation with the
organization
• Risk assessment: the process of scanning the
organization and its environment for risks that could
inhibit the attainment of the organization’s goals
What Makes up an Internal Control System?
• Control activities: the responses by management
to the risks identified as part of the risk
management stage
• Information and communication
– Essential elements for satisfactory functioning
– Encompasses the design of the information system
• Monitoring: continually checking the control
system to ensure that the risks it addresses are
still relevant and the controls are operating
effectively
Identifying risks
COSO & COBIT
• COBIT: a specific framework that has been
developed for the control of information
technology within the organization
• COSO: internal control system framework
12
COSO & COBIT
ERM – Expanding COSO
• Enterprise risk model: a model that expands on
internal control, providing a more robust and
extensive focus on the broader subject of enterprise
risk management
• Eight components
–
–
–
–
–
–
–
–
Internal environment
Objective setting
Event identification
Risk assessment
Risk response
Control activities
Information and communication
Monitoring
Overview of Chapter 7
• Corporate governance was defined and
discussed in detail
• The importance of IT governance and an
appropriate framework was considered
• Internal control and an internal control system
were outlined
16
Related documents
v DESIGN IT GOVERNANCE FOR PLANNING AND ORGANIZING
v DESIGN IT GOVERNANCE FOR PLANNING AND ORGANIZING
Impact of Sarbanes Oxley Act-on Information Security Governance
Impact of Sarbanes Oxley Act-on Information Security Governance
C T and IT Governance Case Study: Jefferson Wells Ensures Effective... Sarbanes-Oxley Review
C T and IT Governance Case Study: Jefferson Wells Ensures Effective... Sarbanes-Oxley Review
EL PASO COUNTY COMMUNITY COLLEGE DISTRICT BOARD POLICY 2.01.01 DISTRICT GOVERNANCE
EL PASO COUNTY COMMUNITY COLLEGE DISTRICT BOARD POLICY 2.01.01 DISTRICT GOVERNANCE
26901321007 SAPTADEEP DASGUPTA CE(OE)701C (1)
26901321007 SAPTADEEP DASGUPTA CE(OE)701C (1)
Improving-Organizational-Performance-and-Governance
Improving-Organizational-Performance-and-Governance
1 COBIT-2019-Framework-Introduction-and-Methodology res eng 1118
1 COBIT-2019-Framework-Introduction-and-Methodology res eng 1118
COBIT-5 res eng 1012
COBIT-5 res eng 1012
Download
advertisement