L e a r n I n g o b j e c t I v e s



Download 1.2 Mb.
View original pdf
Page13/46
Date20.09.2021
Size1.2 Mb.
#57360
1   ...   9   10   11   12   13   14   15   16   ...   46
Accounting Information Systems 13th Chapter 7
Management
Governance
Direct
Management
Feedback
Plan
(APO)
Build
(BAI)
Run
(DSS)
Monitor
(MEA)
Monitor
Evaluate

PART II CONTROL AND AUDIT OF ACCOUNTING INFORMATION SYSTEMS
COSO’S INTERNAL CONTROL FRAMEWORK
The Committee of Sponsoring Organizations (COSO) consists of the American Accounting Association, the AICPA, the Institute of Internal Auditors, the Institute of Management Accountants, and the Financial Executives Institute. In 1992, COSO issued
Internal Control—Integrated Framework (IC), which is widely accepted as the authority on internal controls and is incorporated into policies, rules, and regulations used to control business activities.
In 2013, the IC framework was updated to better deal with current business processes and technological advancements. For example, in 1992, very few businesses used the Internet, sent email, or stored their data in the cloud. The revised IC framework also provides users with more precise guidance on how to implement and document the framework. Many new examples have been added to clarify framework concepts and make the framework easier to understand and use. The new IC framework keeps the five components of the original framework and adds 17 principles that build on and support the concepts. Each of the five components has at least two and up to five principles.
The five components and 17 principles of the updated IC framework are summarized in Table 7-1.
COSO’S ENTERPRISE RISK MANAGEMENT FRAMEWORK
To improve the risk management process, COSO developed a second control framework called Enterprise Risk Management—Integrated Framework (ERM). ERM is the process the board of directors and management use to set strategy, identify events that may affect the Committee of Sponsoring Organizations (COSO)
- A private- sector group consisting of the American Accounting Association, the AICPA, the Institute of Internal Auditors, the Institute of Management Accountants, and the Financial Executives Institute.
Internal Control—Integrated Framework (IC)
- A COSO framework that defines internal controls and provides guidance for evaluating and enhancing internal control systems.
Enterprise Risk Management Integrated Framework (ERMA COSO framework that improves the risk management process by expanding (adds three additional elements) COSO’s Internal
Control—Integrated.
FIGURE 7-2
COBIT 5 Process Reference Model
COBIT
®
5, figure 16. © 2012 ISACA
®
All rights reserved. Used by permission from ISACA.
EDM01 Ensure
Governance
Framework Setting and Maintenance
EDM02 Ensure
Benefits Delivery
EDM03 Ensure
Risk Optimization
EDM04 Ensure
Resource
Optimization
EDM05 Ensure
Stakeholder
Transparency

Download 1.2 Mb.

Share with your friends:
1   ...   9   10   11   12   13   14   15   16   ...   46




The database is protected by copyright ©ininet.org 2024
send message

    Main page