Controls for Information Technology, Reporting and Evaluation

718 WordsNov 14, 20123 Pages
Running head: IT Controls Controls for Information Technology, Reporting and Evaluation Controls for Information Technology, Reporting and Evaluation Information technology (IT) controls are particular functions performed by employees and operating systems specifically designed to ensure business objectives and goals are met. Although IT controls are different than internal controls both are vital functions of an organization that are both reported and evaluated on a regular basis. IT control objectives are based on confidentiality, integrity, data available, and general management of IT functions of the organization. IT general and application controls are based on information technology environment, system operations, and…show more content…
There are five main components of internal controls that are recognized by Control Objectives for Information Technology (COBIT) that are required in financial reporting and disclosure objectives. These components consist of plan and organize, manage IT investments, acquire and implement, deliver and support, and monitor and evaluate (Raval & Fichadia, 2007). Because of the recent increased need for internal controls, it is imperative to make use of a framework structure that will create a design of useful controls for organizations as well as reporting obligations. COSO and COBIT are both increasingly internationally accepted as adequate techniques for IT controls and related risks in the assessment of required reporting. Evaluation Framework evaluation is based on IT controls that have a direct or indirect effect on the financial reporting. Annual reporting requires organizations to refer to the evaluation criteria applied to assess the effectiveness of the organization’s internal controls over financial reporting. Evaluations of internal controls, such as control activities, risk assessment, information and communication, monitoring, and control environment help reduce the possibility of fraud and crime. Control activities are a basic function of the organization transactions. Management must address the risks and ensure the risks are properly assessed. Organizations must
Open Document