Saturday, February 15, 2020

Process and Tracking Control Research Paper Example | Topics and Well Written Essays - 1000 words

Process and Tracking Control - Research Paper Example However the evaluation of the internal controls involves mostly those that are related to information systems and entity as well as its environment (Singleton, Singleton & Bologna, 2006). It is normally operated by an IT auditor who understands COSO model and is able to apply it in financial auditing during the evaluation of internal controls. Elements of the COSO Model Control environment. It is a view of the internal controls from the perspective of the entity including the environment created for processes of business and controls internally and influences of this environment on whether it is able to maintain an effective internal control system. Ways in which control environment is evaluated with regard to risks associated with it include enforcement and communication of ethical values and integrity, commitment to competence, participation of people who are charged with governance, management’s style philosophy and assignment of authority and responsibility (Singleton, Sin gleton & Bologna, 2006). Risk assessment: It refers to the ability of an entity to asses risks properly and, for those risks that are major, mitigates them up to a level that is acceptable through the use of controls. Risks may be introduced through various ways including changing of the operating environment, new information systems, and employment of a modern information systems, rapid growth and pronouncement of new accounting. Information and communication: It involves communicating information on financial reporting accurately and in a timely manner to decision makers and managers. The various ways in which it can be evaluated in regard to the associated risks include systems that support identification, then capture then exchange information in a manner and time frame that will allow personnel to undertake their responsibilities, financial reporting information, internal communication, internal control information and external communication (Singleton, Singleton & Bologna, 200 6). Control activities: These refer to actual controls themselves. The evaluation of these control activities involves various ways including general controls, application controls and physical controls. Controls are evaluated at three levels which include: design effectiveness, operational effectiveness and implementation (Singleton, Singleton & Bologna, 2006). Monitoring: It refers to the ability of an entity to effectively monitor the controls since they operate on a daily basis, individually and also cooperate with other controls. Various ways in which monitored control effectiveness are evaluated include separate and ongoing evaluations concerning internal controls over financial reporting, deficiencies that are identified and reported, assessment of the quality of internal controls performance over a given period of time, putting procedures in place so as to adjust the control system as required and utilizing relevant information that is external or independent monitors (Singl eton, Singleton & Bologna, 2006). Control Objectives for Information and related Technology (COBIT) It was first issued by the IT Governance Institute, ITGI and Information systems Audit and Control Association, ISACA in the year 1998. It is regarded as de facto standard in IT Governance maturity assessment. A lot of knowledge is needed on this framework and therefore it makes it

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.