INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE
Autor(a) principal: | |
---|---|
Data de Publicação: | 2017 |
Outros Autores: | , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Journal of Information Systems and Technology Management (Online) |
Texto Completo: | https://www.revistas.usp.br/jistem/article/view/143734 |
Resumo: | Abstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework. |
id |
USP-33_2fd84366f4df4a1980a88b2ad03897ee |
---|---|
oai_identifier_str |
oai:revistas.usp.br:article/143734 |
network_acronym_str |
USP-33 |
network_name_str |
Journal of Information Systems and Technology Management (Online) |
repository_id_str |
|
spelling |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCEIT GovernanceIT RisksIntegrated ITG FrameworkInternal ControlAbstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária2017-12-01info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfapplication/xmlhttps://www.revistas.usp.br/jistem/article/view/14373410.4301/s1807-17752017000300004Journal of Information Systems and Technology Management; v. 14 n. 3 (2017); 361-370Journal of Information Systems and Technology Management; Vol. 14 No. 3 (2017); 361-370Journal of Information Systems and Technology Management; Vol. 14 Núm. 3 (2017); 361-3701807-1775reponame:Journal of Information Systems and Technology Management (Online)instname:Universidade de São Paulo (USP)instacron:USPenghttps://www.revistas.usp.br/jistem/article/view/143734/138389https://www.revistas.usp.br/jistem/article/view/143734/148063Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online)info:eu-repo/semantics/openAccessEttish, Abdou AhmedEl-Gazzar, Samir M.Jacob, Rudolph A.2018-02-23T12:20:01Zoai:revistas.usp.br:article/143734Revistahttp://www.scielo.br/scielo.php?script=sci_serial&pid=1807-1775&lng=pt&nrm=isoPUBhttps://old.scielo.br/oai/scielo-oai.php||jistem@usp.br1807-17751807-1775opendoar:2018-02-23T12:20:01Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP)false |
dc.title.none.fl_str_mv |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
title |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
spellingShingle |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE Ettish, Abdou Ahmed IT Governance IT Risks Integrated ITG Framework Internal Control |
title_short |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
title_full |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
title_fullStr |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
title_full_unstemmed |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
title_sort |
INTEGRATING INTERNAL CONTROL FRAMEWORKS FOR EFFECTIVE CORPORATE INFORMATION TECHNOLOGY GOVERNANCE |
author |
Ettish, Abdou Ahmed |
author_facet |
Ettish, Abdou Ahmed El-Gazzar, Samir M. Jacob, Rudolph A. |
author_role |
author |
author2 |
El-Gazzar, Samir M. Jacob, Rudolph A. |
author2_role |
author author |
dc.contributor.author.fl_str_mv |
Ettish, Abdou Ahmed El-Gazzar, Samir M. Jacob, Rudolph A. |
dc.subject.por.fl_str_mv |
IT Governance IT Risks Integrated ITG Framework Internal Control |
topic |
IT Governance IT Risks Integrated ITG Framework Internal Control |
description |
Abstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework. |
publishDate |
2017 |
dc.date.none.fl_str_mv |
2017-12-01 |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article info:eu-repo/semantics/publishedVersion |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://www.revistas.usp.br/jistem/article/view/143734 10.4301/s1807-17752017000300004 |
url |
https://www.revistas.usp.br/jistem/article/view/143734 |
identifier_str_mv |
10.4301/s1807-17752017000300004 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
https://www.revistas.usp.br/jistem/article/view/143734/138389 https://www.revistas.usp.br/jistem/article/view/143734/148063 |
dc.rights.driver.fl_str_mv |
Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online) info:eu-repo/semantics/openAccess |
rights_invalid_str_mv |
Copyright (c) 2018 JISTEM - Journal of Information Systems and Technology Management (Online) |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf application/xml |
dc.publisher.none.fl_str_mv |
TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária |
publisher.none.fl_str_mv |
TECSI - FEA - Universidade de São Paulo. Faculdade de Economia, Administração, Contabilidade e Atuária |
dc.source.none.fl_str_mv |
Journal of Information Systems and Technology Management; v. 14 n. 3 (2017); 361-370 Journal of Information Systems and Technology Management; Vol. 14 No. 3 (2017); 361-370 Journal of Information Systems and Technology Management; Vol. 14 Núm. 3 (2017); 361-370 1807-1775 reponame:Journal of Information Systems and Technology Management (Online) instname:Universidade de São Paulo (USP) instacron:USP |
instname_str |
Universidade de São Paulo (USP) |
instacron_str |
USP |
institution |
USP |
reponame_str |
Journal of Information Systems and Technology Management (Online) |
collection |
Journal of Information Systems and Technology Management (Online) |
repository.name.fl_str_mv |
Journal of Information Systems and Technology Management (Online) - Universidade de São Paulo (USP) |
repository.mail.fl_str_mv |
||jistem@usp.br |
_version_ |
1809284037186945024 |