Presentation is loading. Please wait.

Presentation is loading. Please wait.

SOX, COSO, COBIT Timeline

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SOX, COSO, COBIT Timeline"— Presentation transcript:

1 SOX, COSO, COBIT Timeline
Committee of Sponsoring Organizations of Treadway Commission (COSO)– 1985 Control Objectives for Information and Related Technology (COBIT) -1992 Sarbanes Oaxley Act (SOX) – 2002

2 COSO Corporate financial scandals lead to Treadway Commission (National Commission on Fraudulent Financial Reporting) James Treadway – past commissioner of SEC Five accounting organizations include Financial Executives International (FEI) American Accounting Association (AAA) American Institute of Certified Public Accountants (AICPA) Institute of Internal Auditors (IIA) Institute of Management Accountant (IMA)

3 COSO Control Objectives
Operations – Assuring that the company is operating effectively as a business and protecting the assets of the shareholders Financial reporting – Assuring that the financial statements of the company are produced in accordance with Generally Accepted Accounting Principles (GAAP) Compliance – Assuring that the company is in compliance with relevant laws and regulations, including SEC rules, health and safety laws, and tax laws.

4 COSO Control Components
Control environment (company culture) Risk Assessment Control procedures (control practices including corporate policies, procedural guidelines for each type of risk, etc.) Information and communication Monitoring

5 COBIT Information Systems Audit & Control Association (ISACA) issued COBIT (Control Objectives for Information and Related Technology) in 1996 Definitions of control closely paralleled COSO 34 IT processes Framework for IT governance and IT controls (i.e., governance and controls for IT processes) Focuses on information criteria (i.e., effectiveness, efficiency, confidentiality, integrity, availability, compliance, reliability)

6 COBIT Framework COBIT Definition of Internal Control
The policies, procedures, and organizational structures designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected. COBIT Supports IT governance IT is aligned with the business IT enables the business and maximizes benefits IT resources are used responsibly IT risks are managed appropriately

7 Benefits of COBIT Better alignment based upon a business focus
An understandable view of IT for management Clear ownership and responsibilities General acceptability with third parties and regulators Shared understanding among all stakeholders based on a common language Fulfillment of the COSO requirements for the IT control environment

8 COBIT Processes High-level control objective
Process descriptions describing process objectives Waterfall: process goals, metrics, practices Process maps to information criteria, IT resources, IT governance focus areas Detailed control objectives Management guidelines: RACI (Responsible, Accountable, Consulted and/or Informed) Maturity Model (across industry)

9 COBIT Process Domains : IT Activities
Plan and Organize (PO) Acquire and Implement (AI) Deliver and Support (DS) Monitor and Evaluate (MF)

10 IT Resources Applications Information Infrastructure People

11 Performance Measurement
IT goals and metrics that define what the business expects from IT and how to measure it Process goals and metrics that define what the IT process must deliver to support IT’s objectives and how to measure it Activity goals and metrics that establish what needs to happen inside the process to achieve the required performance and how to measure it

12 Other Frameworks ISO 2000 Information Technology Infrastructure Library (ITIL) – a framework of best practices to achieve efficiencies in IT service Management Global application Like COBIT, based on processes Best practices for service management

13 Components of ITIL SERVICE DELIVERY SERVICE SUPPORT
Capacity management Availability management Financial management for IT services Service-level management IT service continuity management SERVICE SUPPORT Incident management Problem management Configuration management Change management Release management Service desk function

14 COBIT and ITIL ITIL complements COBIT in the area of Delivery & Support Focuses on Clearly defining service levels Helps more accurate infrastructure sizing Provides discipline in internal or external sourcing of IT services Efficiency through standardized processes

Download ppt "SOX, COSO, COBIT Timeline"

Similar presentations

Internal Control Basic Concepts 2 Why do stores use cash registers? zTo safeguard assets zTo insure accuracy and reliability of accounting data zTo provide.

Internal Control Basic Concepts 2 Why do stores use cash registers? zTo safeguard assets zTo insure accuracy and reliability of accounting data zTo provide.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
TI BISNIS ITG using COBIT &

TI BISNIS ITG using COBIT &
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
IT Infrastructure Library ITIL vs COBIT. ANDRIAN EDUARD BANGGA IKHSAN BASKARA JOOVANNY PASUHUK RANGGA FAJARULLAH TEAM.

IT Infrastructure Library ITIL vs COBIT. ANDRIAN EDUARD BANGGA IKHSAN BASKARA JOOVANNY PASUHUK RANGGA FAJARULLAH TEAM.
By Collin Smith http://techinitiatives.blogspot.com COBIT Introduction By Collin Smith http://techinitiatives.blogspot.com.

By Collin Smith COBIT Introduction By Collin Smith
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
1 Pertemuan 6 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.

1 Pertemuan 6 Internal Control System Matakuliah:A0274/Pengelolaan Fungsi Audit Sistem Informasi Tahun: 2005 Versi: 1/1.
Operational Auditing--Fall 2010 1 Operational Auditing Fall 2010 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2010 Professor Bill O’Brien.
Operational Auditing--Fall 2009 1 Operational Auditing Fall 2009 Professor Bill O’Brien.

Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Similar presentations

Ads by Google