AUD 3 BSA 3-2

April 5, 2021
Group members:
John Paul Dantes
Kathleen Dominique Dumalo
Mhel Rose Orceo
Princess Manaoat
Ella Mae Turato
Mae Abegail Obispo
Sherwin Baribal
Kristine Francisco

The answers obtained are formed through gathering of information and brainstorming
of the whole team. Hence, we are able to come up cohesive responses.

Inteer Com is an Internet start-up company that offers business intelligence software and
consulting services to help companies with customer relationship management. The business is
quite new and has just recently completed a successful initial public offering (IPO). All of
management's energies have been consumed with growing the business and going public. As a
result, not much time has been devoted to internal control. The company uses state-of-the art
technologies to manage its business. These include an enterprise-wide information system,
electronic commerce, an intranet, and a knowledge management system. The CEO has recently
issued a directive to Tammy Lee, the CFO, to work with the company's auditor to see how they
should proceed in developing an internal control system that manages the company's IT risks. 

Required:
a. How might you use COSO, CobiT, ISO 9000, or Six Sigma to help in constructing such
an internal control system.

The five framework of COSO will help us to construct an effective internal control. It will be the
basis for making a sound internal control. These five components are the control environment,
risk assessment, control activities, information and communication and monitoring. These five
must be considered in making an internal control to attain the goals and objectives of the
company.
Cobit was designed to be a supportive tool for managers—and allows bridging the crucial gap
between technical issues, business risks, and control requirements. It ensures quality, control,
and reliability of information systems in an organization, which is also the most important aspect
of businesses implementing efficient internal control.
The measurement of good internal control system is sustained by complying with quality
standards. ISO 9000 assess the effectiveness of your organization’s quality management system
and your organization's overall performance. It is developed to help companies effectively
document the quality system elements needed to maintain an efficient quality system.
Six Sigma can be a powerful tool for internal control practices: business process management is
a systematic way to baseline and improve internal controls over quality financial reporting,
compliance and operations.
Using COSO, Cobit, ISO 9000 or six sigma will help the internal control system to become
effective and efficient and made to improve the internal control of a business or an organization.
It will be the basis to mitigate the risks that are likely occur in an organization.

b. After developing an internal control system to manage IT risks, Tammy Lee thinks it
might be a good idea to have the company's auditor conduct a Systems
Reliability Assurance engagement to test the controls. Explain the value this might add.

The conduction of systems reliability assurance engagement is a good way to test the effectivity
and efficiency of internal control developed by the company. It will help to maintain or develop
the the quality of the financial statement especially the control over financial reporting. It is
significant in order to lessen the risk of material misstatement.
The value that it might add when the auditor will conduct a systems reliability assurance
engagement will be high because it does not only claimed that risks are eliminated or reduced to
an acceptable level but also claimed that the information the systems will provide for the
company is reliable.