INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE

Detalhes bibliográficos
Autor(a) principal: Ettish, Abdou Ahmed
Data de Publicação: 2017
Outros Autores: El-Gazzar, Samir M., Jacob, Rudolph A.
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Journal of Information Systems and Technology Management (Online)
Texto Completo: https://www.revistas.usp.br/jistem/article/view/143734
Resumo: Abstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.
id USP-33_2fd84366f4df4a1980a88b2ad03897ee
oai_identifier_str oai:revistas.usp.br:article/143734
network_acronym_str USP-33
network_name_str Journal of Information Systems and Technology Management (Online)
repository_id_str
spelling INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCEIT GovernanceIT RisksIntegrated ITG FrameworkInternal ControlAbstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária2017-12-01info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfapplication/xmlhttps://www.revistas.usp.br/jistem/article/view/14373410.4301/s1807-17752017000300004Journal of Information Systems and Technology Management; v. 14 n. 3 (2017); 361-370Journal of Information Systems and Technology Management; Vol. 14 No. 3 (2017); 361-370Journal of Information Systems and Technology Management; Vol. 14 Núm. 3 (2017); 361-3701807-1775reponame:Journal of Information Systems and Technology Management (Online)instname:Universidade de São Paulo (USP)instacron:USPenghttps://www.revistas.usp.br/jistem/article/view/143734/138389https://www.revistas.usp.br/jistem/article/view/143734/148063Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)info:eu-repo/semantics/openAccessEttish, Abdou AhmedEl-Gazzar, Samir M.Jacob, Rudolph A.2018-02-23T12:20:01Zoai:revistas.usp.br:article/143734Revistahttp://www.scielo.br/scielo.php?script=sci_serial&pid=1807-1775&lng=pt&nrm=isoPUBhttps://old.scielo.br/oai/scielo-oai.php||jistem@usp.br1807-17751807-1775opendoar:2018-02-23T12:20:01Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)false
dc.title.none.fl_str_mv INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
title INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
spellingShingle INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
Ettish, Abdou Ahmed
IT Governance
IT Risks
Integrated ITG Framework
Internal Control
title_short INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
title_full INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
title_fullStr INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
title_full_unstemmed INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
title_sort INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
author Ettish, Abdou Ahmed
author_facet Ettish, Abdou Ahmed
El-Gazzar, Samir M.
Jacob, Rudolph A.
author_role author
author2 El-Gazzar, Samir M.
Jacob, Rudolph A.
author2_role author
author
dc.contributor.author.fl_str_mv Ettish, Abdou Ahmed
El-Gazzar, Samir M.
Jacob, Rudolph A.
dc.subject.por.fl_str_mv IT Governance
IT Risks
Integrated ITG Framework
Internal Control
topic IT Governance
IT Risks
Integrated ITG Framework
Internal Control
description Abstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.
publishDate 2017
dc.date.none.fl_str_mv 2017-12-01
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://www.revistas.usp.br/jistem/article/view/143734
10.4301/s1807-17752017000300004
url https://www.revistas.usp.br/jistem/article/view/143734
identifier_str_mv 10.4301/s1807-17752017000300004
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv https://www.revistas.usp.br/jistem/article/view/143734/138389
https://www.revistas.usp.br/jistem/article/view/143734/148063
dc.rights.driver.fl_str_mv Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
application/xml
dc.publisher.none.fl_str_mv TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária
publisher.none.fl_str_mv TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária
dc.source.none.fl_str_mv Journal of Information Systems and Technology Management; v. 14 n. 3 (2017); 361-370
Journal of Information Systems and Technology Management; Vol. 14 No. 3 (2017); 361-370
Journal of Information Systems and Technology Management; Vol. 14 Núm. 3 (2017); 361-370
1807-1775
reponame:Journal of Information Systems and Technology Management (Online)
instname:Universidade de São Paulo (USP)
instacron:USP
instname_str Universidade de São Paulo (USP)
instacron_str USP
institution USP
reponame_str Journal of Information Systems and Technology Management (Online)
collection Journal of Information Systems and Technology Management (Online)
repository.name.fl_str_mv Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)
repository.mail.fl_str_mv ||jistem@usp.br
_version_ 1800222953333325824

Registros relacionados