Documente Academic
Documente Profesional
Documente Cultură
SYSTEM
ADHI ALFIAN
UNIVERSITAS PADJADJARAN
Bandung, 2017
THREATS, ERROR, FRAUD
• THREATS ??
• ERROR ??
• FRAUD ??
THREATS
• Unintentional/Error:
1. Accidents caused by human carelessness.
2. Innocent errors of omissions.
3. Lost or misplaced data.
• Intentional/Fraud:
1. Sabotage.
2. Computer fraud.
3. Embezzlement.
THE INCREASING OF IS THREATS
PRESSURE
OPPORTUNITY RATIONALIZATION
INTERNAL CONTROL DEFINITION
Events
Manage Risk
Negative Risk
MANAGEMENT CONTROL
Management control:
• An integral part of management responsibilities.
• Designed to reduce threats, irregularities, and achieve
organizational goals.
• Personnel-oriented and seeks to help employees attain
company goals.
INTERNAL CONTROL FORM
• Preventive, detective, and corrective controls.
• General and application controls.
• Input, processing, and output controls.
COSO’s INTERNAL CONTROL MODEL
CONTROL ENVIRONMENT
Governance of Enterprise IT
Evolution of scope
IT Governance
Val IT 2.0
(2008)
Management
Control
Risk IT
(2009)
Audit
COBIT1 COBIT2 COBIT3 COBIT4.0/4.1 COBIT 5