AUD 3 BSA 3-2

April 5, 2021

Inteer Com is an Internet start-up company that offers business intelligence software and
consulting services to help companies with customer relationship management. The business is
quite new and has just recently completed a successful initial public offering (IPO). All of
management's energies have been consumed with growing the business and going public. As a
result, not much time has been devoted to internal control. The company uses state-of-the art
technologies to manage its business. These include an enterprise-wide information system,
electronic commerce, an intranet, and a knowledge management system. The CEO has recently
issued a directive to Tammy Lee, the CFO, to work with the company's auditor to see how they
should proceed in developing an internal control system that manages the company's IT risks. 

Required:
a. How might you use COSO, CobiT, ISO 9000, or Six Sigma to help in
constructing such an internal control system.

The five framework of COSO will help us to construct an effective internal control. It will be the
basis for making a sound internal control. These five components are the control environment,
risk assessment, control activities, information and communication and monitoring. These five
must be considered in making an internal control to attain the goals and objectives of the
company.
Cobit was designed to be a supportive tool for managers—and allows bridging the crucial gap
between technical issues, business risks, and control requirements. It ensures quality, control,
and reliability of information systems in an organization, which is also the most important aspect
of businesses implementing efficient internal control.
The measurement of good internal control system is sustained by complying with quality
standards. ISO 9000 assess the effectiveness of your organization’s quality management system
and your organization's overall performance. It is developed to help companies effectively
document the quality system elements needed to maintain an efficient quality system.
Six Sigma can be a powerful tool for internal control practices: business process management is
a systematic way to baseline and improve internal controls over quality financial reporting,
compliance and operations.
Using COSO, Cobit, ISO 9000 or six sigma will help the internal control system to become
effective and efficient and made to improve the internal control of a business or an organization.
It will be the basis to mitigate the risks that are likely occur in an organization.
b. After developing an internal control system to manage IT risks, Tammy Lee thinks it
might be a good idea to have the company's auditor conduct a Systems
Reliability Assurance engagement to test the controls. Explain the value this might
add.

The conduction of systems reliability assurance engagement is a good way to test the effectivity
and efficiency of internal control developed by the company. It will help to maintain or develop
the quality of the financial statement especially the control over financial reporting. It is
significant in order to lessen the risk of material misstatement.
The value that it might add when the auditor will conduct a systems reliability assurance
engagement will be high because it does not only claimed that risks are eliminated or reduced to
an acceptable level but also claimed that the information the systems will provide for the
company is reliable. It will give assurance as to reliability of the system in the company and in
managing the company's IT risk.

Group 4
Barribal, Sherwin Anne
Dantes, John Paul
Dumlao, Kathleen Dominique
Francisco, Kristine
Manaoat, Princess
Obispo, Mae Abegail
Orceo, Mhel Rose
Sumaoang, Judy Ann
Turato, Ella Mae
(All members contributed ideas and researches)