IT Governance, Risk, and Compliance:

Internal Control Systems


May 3, 2011  9:33 PM

Right-sizing IT Controls – Part VIII



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Control System, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Risk Management, Roles and Responsibilities

Deploying key IT governance practices enhance an entity’s ability to meet control objectives for cost, functionality, and quality. Yet, regardless of the IT control techniques and automated tools available, the...

April 29, 2011  8:28 PM

Right-sizing IT Controls – Part VII



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Control System, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Risk Management, Roles and Responsibilities

An entity’s controlling and monitoring activities should reflect management’s strategy for ensuring an adequate IT control system. Consequently, IT policies, directives, standards, procedures, and rules should have a one-to-one or one-to-many correspondence with the assessed...


April 26, 2011  8:53 PM

Right-sizing IT Controls – Part VI



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Risk Management, Roles and Responsibilities

The risk management process introduces a systematic approach for identifying, assessing, and reducing risks as well as maintaining defined acceptable risk levels. An IT risk assessment should be considered a key risk management practice area. When management institutionalizes an...


April 22, 2011  8:16 PM

Right-sizing IT Controls – Part V



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Roles and Responsibilities

IT organization is implemented to prevent chaos and assist in identifying processes for objective achievement. The organizing process transforms the entity plan into controllable areas and includes:

  • Identification and...


April 19, 2011  8:27 PM

Right-sizing IT Controls – Part IV



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Roles and Responsibilities

Processes modify system elements deployed to assist in achieving IT program goals. When pursuing identification, process maps are a standard method to document all pertinent system information. Developmentally,...


April 15, 2011  8:01 PM

Right-sizing IT Controls – Part III



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Roles and Responsibilities

During IT governance framework construction; personnel, structures, processes, and risk management integration are foundational. Nevertheless, professionals generally agree defining...


April 12, 2011  3:11 PM

Right-sizing IT Controls – Part II



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Governance Tree, Internal Control Systems, IT Controls, IT Governanace, IT Management, Tone at the Top

As illustrated by the ‘Governance Tree’ model, an entity’s ‘Tone at the Top’ impacts IT governance effectiveness. IT governance effectiveness and efficiency are...


April 8, 2011  8:39 PM

Right-sizing IT Controls – Part I



Posted by: Robert Davis
Control Environment, Control Evaluation, Control Processes, Internal Control Systems, IT Controls, IT Governanace, IT Management

IT has enhanced control processes. It has enabled opportunities for utilizing close-loop control systems and provided the means for more timely corrective actions. Unfortunately, IT has also introduced the potential...


January 11, 2011  5:07 PM

Governing IT: Policy Formulation and Enforcement – Part VIII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Without clear policies that define acceptable IT related behavior, sustaining an effective and efficient internal control system is a remote possibility. Conversely, the formulation of clear IT policies is a mechanism for creating and propagating transparent plans for the achievement of adopted IT...


January 8, 2011  12:26 AM

Governing IT: Policy Formulation and Enforcement – Part VII



Posted by: Robert Davis
Decision Making, Feedback Control, Fuzzy Logic, Goals, Internal Control Systems, ITG, Linear Control, Logic Control, Management, Monitoring, Objectives, Organizing, Planning, Policy Enforcement, Policy Formation, Sequential Control

Due to the continuous adoption of new or improved hardware, firmware and software, IT threat vectors are likely to remain a business risk for the foreseeable future. Once an entity understands what information needs to...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: