Lecture+_9A+-+Internal+Control+Issues+II

Lecture+_9A+-+Internal+Control+Issues+II - Click to edit...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Click to edit Master subtitle style 10/18/10 ACCOUNTING INFORMATION SYSTEMS INTERNAL CONTROL ISSUES II 10/18/10 Classifications of Internal Controls Internal controls are often classified as: General controls Those designed to make sure an organization’s control environment is stable and well managed. They apply to all sizes and types of systems. Examples: Security management controls . Application controls Prevent, detect, and correct transaction errors and fraud. 10/18/10 CONTROL FRAME WORKS q COSO’s Internal Control Framework • Developed by the Committee of Sponsoring Organizations (COSO) • Defines internal controls and provides guidance for evaluating and enhancing internal control systems • Widely accepted as the authority on internal controls • Focus on financial reporting processes q COSO’s Enterprise Risk Management Framework (ERM) • Expands on the elements of the internal control 10/18/10 Enterprise Risk Management Risk and control elements Internal environment Objective setting Event identification Risk assessment Risk response Control activities Information and communication Monitoring 10/18/10 The COBIT and Trust Service Framework q Achieving the organization’s business and governance objectives requires adequate controls over IT resources to ensure that information provided to management satisfied seven key criteria: Effectiveness Efficiency Confidentiality Integrity 10/18/10 q Those processes are grouped into four basic management activities, which COBIT refers to as domains: • Plan and Organize (PO) v ten important processes for properly planning and organizing an organization’s information systems. • Acquire and Implement (AI) v seven fundamental processes that pertain to the acquisition and implementation of technology solutions • Deliver and Support (DS) v 13 critical processes for effectively and efficiently delivering the The COBIT and Trust Service Framework 10/18/10 One basic function of an AIS is to provide information useful for decision making. In order to be useful, the useful for decision making....
View Full Document

This note was uploaded on 10/14/2010 for the course ACTG 3P97 taught by Professor Xiazhang during the Fall '10 term at Brock University.

Page1 / 25

Lecture+_9A+-+Internal+Control+Issues+II - Click to edit...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online