Ch07-IM7ed - Chapter Seven Controlling Information Systems:...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Chapter Seven Controlling Information Systems: Introduction to Internal Control LEARNING OBJECTIVES Summarize the eight elements of COSO’s Enterprise Risk Management—Integrated Framework. Understand that management employs internal control systems as part of organizational and IT governance initiatives. Describe how internal control systems assist organizations to achieve objectives and respond to risks. Describe fraud, computer fraud, and computer abuse. Enumerate control goals for operations and information processes. Describe the major categories of control plans. KEY TERMS INTRODUCED IN CHAPTER SEVEN organizational governance Enterprise Risk Management (ERM) risk process internal control fraud computer crime computer virus control environment control goals effectiveness efficiency security of resources input validity input completeness input accuracy update completeness update accuracy control plans pervasive control plans general controls IT general controls business process control plans application controls preventive control plans detective control plans corrective control plans CHAPTER SYNOPSIS Can an organization operate without good governance processes? Yes, but the chances of positive outcomes are much greater with governance processes that select objectives, establish processes to achieve the objectives, and monitor progress. Can these processes work toward achieving objectives without controls? Perhaps—but the odds are not very good! In this chapter, as well as Chapters 8 and 9, we make the case that controlling business processes is a critically important element of organization governance and enterprise risk management. Controls provide reasonable assurance that objectives are achieved and that responses to risks are carried out. ENTERPRISE SYSTEMS
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
These chapters should provide you with a solid foundation for the later study of the controls for specific business processes that are covered in Chapters 10 through 15. We place a controls icon at the head of this synopsis to emphasize that the content of this chapter is almost entirely about controls. In this chapter we consider the importance of controls in organizations that are tightly integrated internally, such as with enterprise systems , or have multiple connections to its environment, such as E-Business architectures. Managers of these organizations must be confident that each component of the organization performs as expected, otherwise chaos will prevail and business partnerships will fail. In particular, organizations engaged in E-Business must have internal control processes in place to reduce the possibilities of fraud and other disruptive events, and to ensure compliance with applicable laws and regulations. For example, when engaged in Internet-based commerce, the organization may need to ensure the security of its own database, as well as the security of communication networks it operates in conjunction with trading partners; also, E-Business firms might have to comply with
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 8

Ch07-IM7ed - Chapter Seven Controlling Information Systems:...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online