Skip to Main Content
Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL
book

Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

by Robert R. Moeller
February 2013
Intermediate to advanced content levelIntermediate to advanced
395 pages
13h 56m
English
Wiley
Content preview from Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

CHAPTER FOUR

IT Governance and COSO Internal Controls

THE NEED FOR STRONG AND EFFECTIVE INTERNAL CONTROLS is a key element of enterprise IT governance. The need to establish and then assess internal controls has been around since the early days of auditing and has also been an important concern going back to the very early days of information technology (IT) auditing. While there have been many definitions of internal controls in past years, a good general definition for IT governance is that internal control is a process, effected by an entity’s board of directors, management, and other personnel, and designed to provide reasonable assurance regarding the achievement of objectives in the effectiveness and efficiency of operations, the reliability of an enterprise’s financial reporting, and an enterprise’s IT systems and processes, all in compliance with laws and regulations. This definition is similar to the well-recognized definition established by the U.S. Committee of Sponsoring Organizations (COSO), an important internal controls guidance authority that we will be discussing further in this chapter.

Enterprise managers are responsible for implementing and managing internal control processes, while their auditors act as independent parties to both review and perform tests of these internal controls as well as to report to management and other parties whether they are adequate. These internal control reviewers consist of both internal and external auditors, with external auditors ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Geoff Harmer

Publisher Resources

ISBN: 9781118238936Purchase book