Wadah Menulis Mahasiswa

AN EMPIRICAL EXAMINATION OF COBIT AS AN INTERNAL CONTROL FRAMEWORK FOR INFORMATION TECHNOLOGY

July 18th, 2013 | by | in Review Jurnal | No Comments

Authors: Brad Tuttle, Scott D. Vandervelde

International Journal of Accounting Information Systems

on September 2007

 

Background Issues

CobiT is a framework for developing and evaluating information systems technology-intensive and it was originally intended for use by an organization’s management as a benchmarking tool consisting of the best practices related to IT controls. Since then and because of its strong control focus, both internal and external auditors have applied CobiT to financial statement audits as well as to operational and compliance audits. In regards to financial statement audits, AS2 mandates that management use a control framework in order to assess the effectiveness of internal controls over financial reporting. Despite the importance of using a sound conceptual model, no practitioner developed internal control framework, has undergone rigorous academic examination in the same manner that researchers routinely examine the conceptual models developed by other academics.

 

Research Objectives

The objective of the present study is to examine the internal consistency of CobiT’s conceptual model within an audit setting by investigating whether auditor perceptions of audit risk related to complexity, client importance, client attention, and process risk combine to represent IT process risk in the manner asserted by CobiT.

 

Research Methodology

This paper using a combination of data sources of survey and archival research methods when used in isolation.

 

Result and Discussion

They find that superimposing CobiT’s conceptual model onto audit relevant assessments made by a panel of highly experienced IT auditors confirms the internal consistency between the underlying constructs of CobiT. Furthermore, we find that CobiT’s conceptual model predicts auditor behavior in the field related to their seeking help and giving help as evidenced by their postings to a general IT audit listserv.

 

Conclusion

CobiT provides a means of classifying such control deficiencies and the results of this research demonstrate that these classifications relate to various aspects of audit risk. Furthermore, thet are only tested the core, basic structure of CobiT’s conceptual model. CobiT contains other testable constructs including a comprehensive and well-articulated maturity model for IT control. The maturity model enables management of a company to evaluate and determine where on the internal control quality spectrum their controls are currently located.

Ditulis Oleh

→ an 21 y/o magister of management information system to be, terrific dreamer, movie buff, book worm, music freak, happiness hunter and a life enjoyer

Lihat semua tulisan dari

Leave a Reply