Documente Academic
Documente Profesional
Documente Cultură
in
Accounting
Information System
Control
Pervasive Control Plans are those that relate to a multitude of control goals and
processes. Like the control environment, pervasive control plans influence the
effectiveness of the business process control plans. At the same time, general
controls/IT controls influence the effectiveness of application controls.
IT Resources
• Information. Data, in all their forms, that are input, processed, and output by
information systems.
Chief
Executive
officer
Security Steering
officer Committee
Figure 2 depicts the relationship of these four domains and lists the IT control
processes within each domain, for a total of 10 processes. Notice that the Monitor and
Evaluate domain provides feedback to the other three domains.
Plan and
Organize
Monitor Acquire
and and
Evaluate Impleme
nt
Deliver
and
Support
Domain Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
IT Control 1. Establish strategic 3. Identify automated 7. Deliver required IT 10. Monitor and
Processes vision for IT. solutions. services. evaluate the
2. Develop tactics to 4. Develop and acquire IT 8. Ensure security processes.
plan, communicate solutions. and continuous
and manage 5. Integrate IT solutions service.
realization of strategic into operational processes. 9. Provide support
vision. 6. Manage changes to service.
existing IT systems.
A control process could easily be, and often is, referred to as a “management
practice”. This latter terminology emphasizes management’s responsibility for control in
the organization and the practices or processes that will bring about achievement of an
organization’s objectives. Second, the prominence of “process” in this terminology
reminds us of the definition of control as a “process”. it is through a coordinated effort,
across all IT resources and all organizational units, that the objective =s of the
organization are achieved.