Académique Documents
Professionnel Documents
Culture Documents
and goals (Considine et al. 2012). The implementation of an effective internal control
system will lead to compliance with organisations policies and procedures ensuring
integrity, honesty, transparency and performance accountability, reflecting a solid
corporate governance (Rada 2004).
The board of directors of the organisation need to ensure information and
technology systems within the organistion are being implemented and used in order to
meet strategy standards and assist in achieving organisations goals (Considine et al.
2013, p. 298; Luciano & Testa 2011). Da Silva and Neto (2014) say the IT strategic
planning also must be developed in accordance with Corporate Governance and
relevant regulations.
IT managers should consider five specific areas to ensure good IT governance:
Luciano and Testa (2011) say that a framework to monitor specifically information
and technology controls is the COBIT (Control Objectives for Information and related
Technology), which has been proved very effective guiding IT governance in business.
The COBIT framework sets guidelines to evaluate if IT systems comply with IT risk
assessment and managers investments, and also ensures service quality for clients and
guide auditors performance.
Internal Control and Internal Audit
Internal Control is the set up of systems and procedures, essential at any
organisation, ensuring the companys objectives are being met effectively, efficiently in
compliance with relevant regulation and producing reliable reports (Considine et al.
2012, p. 305).
Internal controls can be divided into five components:
Validity checks
checks if an input given is an acceptable value
Completeness checks
checks if all required data are entered
Limit checks
checks if the value fits within an upper pre-determined limit
Range checks
checks pre-determined upper and lower limits
Reasonableness checks
check if input is within a reasonalble numeric range
(Considine et al. 2012, p. 355-6)
$10m bank error in your favour: man arrested, 2001, Sydney Morning Herald, viewed 8
April 2016, <http://www.smh.com.au/world/10m-bank-error-in-your-favour-man-arrested20110930-1l0u5.html>.
Benns, M, Hawkins, P & Watson, L 2009, Missing decimal points, now a familys missing
with millions, Sydney Morning Herald, viewed 5 April 2016,
<http://www.smh.com.au/world/missing-decimal-point-now-a-familys-missing-withmillions-20090523-biva.html>.
Cohen, A F & Brodsky, D M 2004, The US Sarbanes-Oxley Act of 2002: What
audit committees of non-US issuers need to know, International Journal of
Disclosure and Governance, vol. 1, no. 4, pp. 313-323, ProQuest, viewed 6
April 2016,
<http://search.proquest.com/pqrl/docview/196309437/fulltextPDF/4D361457
456344BCPQ/2?accountid=30802>.
Cohen, A.F. & Qaimmaqami, D.J. 2005, The US Sarbanes-Oxley Act of 2002:
Summary and update for non-US issuers, International Journal of Disclosure
and Governance, vol. 2, no. 1, pp. 81-106, ProQuest, viewed 6 April 2016,
<http://search.proquest.com/pqrl/docview/196308528/4D361457456344BCP
Q/4?accountid=30802>.
Considine, B, Parkes, A, Olesen, K, Blount, Y, Speer, D, 2012, Accounting information
systems, 4th ed, John Wiley & Sons Australia, Queensland.
Cunningham, L A 2004, The Appeal and Limits of Internal Controls to Fight
Fraud, Terrorism, Other Ills, Journal of Corporation Law, vol. 29, no. 2, pp.
267-336, ProQuest, viewed 7 April 2016,
<http://search.proquest.com/pqrl/docview/220810074/fulltext/92F1A76FDF6C
4835PQ/17?accountid=30802>.
da Silva, L.M. & Neto, J.S. 2014, "METHOD FOR MEASURING THE ALIGNMENT BETWEEN INFORMATION
TECHNOLOGY STRATEGIC PLANNING AND ACTIONS OF INFORMATION TECHNOLOGY
GOVERNANCE", Journal of Information Systems and Technology Management : JISTEM, vol. 11, no. 1,
pp. 131-152.http://search.proquest.com/pqrl/docview/1530083131/F96C745A2D424C72PQ/7?accountid=30802
Damianides, M. 2005, "SARBANES-OXLEY AND IT GOVERNANCE: NEW GUIDANCE ON IT CONTROL
AND COMPLIANCE", Information Systems Management, vol. 22, no. 1, pp. 77-85.
http://search.proquest.com/pqrl/docview/214122540/F96C745A2D424C72PQ/12?
accountid=30802
Elefterie, L, Ruse, E 2012, Inteligent strategies as a support for business process
auditing research directions, Economics, Management and Financial Markets, 7(4),
320-325, ProQuest, viewed 4 April 2016,
<http://search.proquest.com/docview/1326326835?accountid=30802>.
Etheridge, C.E. 2012, Audit 101: A Guide to Employee Benefit Plan Audits:
Internal Control, Journal of Pension Benefits, vol. 19, no. 4, pp. 67-70,
ProQuest, viewed 5 April 2016,
<http://search.proquest.com/pqrl/docview/1026800658/fulltextPDF/92F1A76F
DF6C4835PQ/9?accountid=30802>.
Luciano, E.M. & Testa, M.G. 2011, "CONTROLES DE GOVERNANA DE TECNOLOGIA DA INFORMAO
PARA A TERCEIRIZAO DE PROCESSOS DE NEGCIO: UMA PROPOSTA A PARTIR DO
COBIT/CONTROLS OF INFORMATION TECHNOLOGY MANAGEMENT FOR BUSINESS PROCESSES
OUTSOURCING BASED ON COBIT",Journal of Information Systems and Technology Management :
JISTEM, vol. 8, no. 1, pp. 237-262.
http://search.proquest.com/pqrl/docview/869739454/F96C745A2D424C72PQ/2?accountid=30802
http://search.proquest.com/pqrl/docview/1503137885/F96C745A2D424C72PQ/6?accountid=30802
Satava, D, Caldwell, C, Richards, L 2006, Ethics and the auditing culture: Rethinking
the foundation of accounting and auditing, Journal of Business Ethics, 64(3), 271-284,
ProQuest, viewed 4 April 2016, <doi:http://dx.doi.org/10.1007/s10551-005-0556-y>.
Xu, H, Jeretta, HN, Brown, N & Nord, GD 2002, Data quality issues in implementing an
ERP, Industrial Management & Data Systems, vol. 102, no. 1, pp. 47-58, ProQuest,
viewed 9 April 2016,
<http://search.proquest.com/pqrl/docview/234924773/6ECF7172B5E34C28PQ/3?
accountid=30802>.
Zecheru, V 2014, Internal Audit - Managerial Control Relation, Revista de
Management Comparat International, vol. 15, no. 1, pp. 106-114, ProQuest,
viewed 7 April 2016,
<http://search.proquest.com/pqrl/docview/1545872070/fulltext/92F1A76FDF6
C4835PQ/6?accountid=30802>.