Documente Academic
Documente Profesional
Documente Cultură
A process consisting of ongoing tasks and activitiesa means to an end, not an end in
itself
Effected by peoplenot merely about policy and procedure manuals, systems, and forms,
but about people and the actions they take at every level of an organization to affect
internal control
Adaptable to the entity structureflexible in application for the entire entity or for a
particular subsidiary, division, operating unit, or business process
Internal Control is part of the first line of defense because it is the responsibility of Operational
Management, which itself is accountable to Senior Management.
1.2 Objective
Operations ObjectivesThese pertain to effectiveness and efficiency of the entitys
operations, including operational and financial performance goals, and safeguarding
terms as set forth by regulators, recognized standard setters, or the entitys policies.
Compliance ObjectivesThese pertain to adherence to laws and regulations to which
the entity is subject.
COMPLIANCE
1.1 Definition
The term compliance describes the ability to act according to an order, set of rules or
request. In the context of financial services businesses compliance operates at two levels.
Level 1 - compliance with the external rules that are imposed upon an organisation as
a whole
Level 2 - compliance with internal systems of control that are imposed to achieve
compliance with the externally imposed rules.
Information security protects users valuable information both while in use and while it
is being stored.
1.2 Disadvantage
1.21 Disadvantage of Control
through collusion
External events beyond the organizations control
1.21 Disadvantage of Compliance
security.
Since technology is always changing nothing will ever be completely secure.
If a user misses one single area that should be protected the whole system could be
compromised.
It can be extremely complicated and users might not totally understand what they are
dealing with.
It can slow down productivity if a user is constantly having to enter passwords.
SUMBER
https://www.armor.com/resources/security-vs-compliance/ (diakses pada 27 September
2016)
https://www.investopedia.com/ (diakses pada 27 September 2016)
https://www.enablon.com/ (diakses pada 27 September 2016)
https://www.coso.org (diakses pada 27 September 2016)