How to use COSO to assess IT controls 
Maintaining proper controls over information technology is a constant concern for businesses as they try to use technological advances to drive efficiency and growth.
Principle 11 in the updated internal control framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) provides guidelines for assessing the effectiveness of controls over IT. As part of an organization’s overall assessment of internal control under the framework, Principle 11 can help CPAs manage the rapidly advancing technology their organizations are using.
This article shows the steps CPAs can follow to use Principle 11 to understand their organization’s IT system and its controls, and assess the effectiveness of those controls.
- Management accounting: Technical: Risk management & internal control: Internal control, Intermediate
- Financial accounting & reporting: Technical: Internal control, Intermediate
- Assurance: Technical: Audit: Internal control, Intermediate
- IT management & assurance: Technical: IT risk & assurance services: IT controls, Intermediate
Explore Topics
© 2024 Association of International Certified Professional Accountants. All rights reserved.
2 Comments/Reflections