Professional Documents
Culture Documents
AIS - Chapter 4 Control and AIS
AIS - Chapter 4 Control and AIS
2. A boundary system
CONTROL FRAMEWORKS
A number of control frameworks have been developed to help companies develop good
internal control systems. Three of the most important are:
The COBIT framework
The COSO internal control framework
COSO’ s Enterprise Risk Management framework (ERM)
1. COBIT Framework
– Also known as the Control Objectives for Information and Related
Technology framework.
– Developed by the Information Systems Audit and Control Foundation (ISACF).
– COBIT is a framework of generally applicable information systems security and
control practices for IT control. The framework allows (1) management to
benchmark the security and control practices of IT environments, (2) users of IT
services to be assured that adequate security and control exist, and (3) auditors to