Preview

Itgc Case Study

Better Essays
Open Document
Open Document
6299 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Itgc Case Study
ISSUES IN ACCOUNTING EDUCATION Vol. 24, No. 1 February 2009 pp. 63–76

Assessing Information Technology General Control Risk: An Instructional Case
Carolyn Strand Norman, Mark D. Payne, and Valaria P. Vendrzyk
ABSTRACT: Information Technology General Controls (ITGCs), a fundamental category of internal controls, provide an overall foundation for reliance on any information produced by a system. Since the relation between ITGCs and the information produced by an organization’s various application programs is indirect, understanding how ITGCs interact and affect an auditor’s risk assessment is often challenging for students. This case helps students assess overall ITGC risk within an organization’s information systems. Students identify specific strengths and weaknesses within five ITGC areas, provide a risk assessment for each area, and then evaluate an organization’s overall level of ITGC risk within the context of an integrated audit. Keywords: internal controls; general control; ITGC; risk assessment.

T

INTRODUCTION he Sarbanes-Oxley Act (SOX 2002) and the Public Company Accounting Oversight Board (PCAOB) Auditing Standard No. 5 (PCAOB 2007) require that the organization’s chief executive officer (CEO) and chief financial officer (CFO) include an assessment of the operating effectiveness of their internal control structure over financial reporting when issuing the annual report. External auditors must review management’s internal control assessment as part of an annual integrated audit of an organization’s internal controls over financial reporting. In short, accountants—external auditors, internal auditors, and management accountants at all levels—are actively involved in helping their respective organizations comply with SOX-related internal control requirements. Because of the pervasiveness of IT in organizations, the information systems themselves contain many internal controls. As a result, both internal and external auditors must develop an understanding


References: American Institute of Certified Public Accountants (AICPA). 2006. Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement. Statement on Auditing Standards (SAS) No. 109. New York, NY: AICPA. Ashbaugh, H., K. Johnstone, and T. Warfield. 2002. Outcome assessment of a writing-skill improvement initiative: Results and methodological implications. Issues in Accounting Education 17 (2): 123–148. Bagranoff, N., and P. Brewer. 2003. PMB investments: An enterprise system implementation. Journal of Information Systems 17 (Spring): 85–106. Committee of Sponsoring Organizations (COSO). 1992. Internal Control—Integrated Framework. New York, NY: AICPA. ———. 2004. Enterprise Risk Management—Integrated Framework. New York, NY: AICPA. Coppage, R., and G. French. 2002. Restructuring management accounting education. Cost Management 16 (2): 40–49. Janvrin, D. 2003. St. Patrick Company: Using role-play to examine internal control and fraud detection concepts. Journal of Information Systems 17 (Fall): 17–39. Messmer, M. 2001. Enhancing your writing skills. Strategic Finance 82 (7): 8–10. O’Donnell, E., and J. Moore. 2005. Are accounting programs providing fundamental IT control knowledge? The CPA Journal 75 (5): 64–66. Public Company Accounting Oversight Board (PCAOB). 2007. An Audit of Internal Control over Financial Reporting Performed in Conjunction with an Audit of Financial Statements. Auditing Standard No. 5. Washington, D.C.: PCAOB. Reinstein, A., and M. Houston. 2004. Using the Securities and Exchange Commission’s ‘‘plain English’’ guidelines to improve accounting students’ writing skills. Journal of Accounting Education 22 (1): 53–67. Riordan, D., M. Riordan, and M. Sullivan. 2000. Writing across the accounting curriculum: An experiment. Business Communications Quarterly 63 (3): 49–59. Rothenburg, E. 2002. How writing across the curriculum can be incorporated into accounting programs. The CPA Journal 72 (4): 14. Issues in Accounting Education, February 2009
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    acct 504 case study 2
    • 600 Words
    • 3 Pages

    acct 504 case study 2

    The Sarbanes-Oxley Act of 2002 (SOX) has established the following guidelines for publicly traded corporations and require adherence for internal controls and procedures for financial reporting. Senior management and executives will be responsible for ensuring that controls are effective and reliable. Outside auditors must periodically verify the accuracy of and adherence to the internal controls. As part of the annual Exchange Act report, an internal control report will generated along with the information recorded during each fiscal year.…

    • 600 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Wk 5 Chapter 11 & 13 Learning Check
    • 627 Words
    • 3 Pages

    Wk 5 Chapter 11 & 13 Learning Check

    Before any strategy takes place, an auditor must determine the end result desired from the Information Technology being used as well as the type of technology being dealt with. The most important thing is security thus it is vital to know this technology in and out to be able to determine its strengths and weaknesses. This allows for proper compensation to combat such attacks whether they are fraudulent or accidental in nature. It is necessary to be familiar with different types of proven viable internal control setups to properly test and gage an IT’s internal control system. There are three different strategies use when testing internal controls. First includes assessing the controls using user control information. In this strategy, an auditor would gather computer-generated reports and compare those to all documentation on specific transactions. This process is also known as auditing around the computer because it deals with more hard copy documents. The next strategy entails using application controls to determine the level of risk…

    • 627 Words
    • 3 Pages
    Good Essays
    Read More
  • Best Essays

    Acct 504 Case Study 2
    • 1108 Words
    • 5 Pages

    Acct 504 Case Study 2

    Internal controls are vital to any company’s business and financial sustainability. Internal controls consist of measures taken by a company safeguarding against fraud, and theft. Internal controls ensure accuracy and reliability in accounting data, and secure policies within the organization. Further, internal controls evaluate all levels of performance. These are addressed with five principles of internal control: Establishment of responsibility, Segregation of duties, Documentation procedures, Physical controls, Independent internal verification, and Human resource controls.…

    • 1108 Words
    • 5 Pages
    Best Essays
    Read More
  • Better Essays

    Xacc/280 Week 8 Assignment Internal Controls Essay Example
    • 1015 Words
    • 4 Pages

    Xacc/280 Week 8 Assignment Internal Controls Essay Example

    Companies will often use internal controls in the accounting department in order to avoid abuse and inaccurate data recording as well as protecting companies from fraud. Internal controls will also be used by companies as a means to avoid theft of assets, and unauthorized use. The acquisition and disposal of assets is also a very important part of internal controls. These policies and procedures will help companies in the prevention or detection of any unauthorized acquisition, use or the disposition of its assets, as these types of activities could have a negative impact on the company’s financial statements. But in order for the internal controls to work, management has to ensure the proper protocols are being followed.…

    • 1015 Words
    • 4 Pages
    Better Essays
    Read More
  • Powerful Essays

    mgt 132 study guide
    • 2072 Words
    • 9 Pages

    mgt 132 study guide

    -an integrated audit performed under the Sarbanes-Oxley Act requires that auditors report of financial statements and internal control…

    • 2072 Words
    • 9 Pages
    Powerful Essays
    Read More
  • Good Essays

    Acc 544 Week 1
    • 668 Words
    • 3 Pages

    Acc 544 Week 1

    The need for an internal audit function cannot be understated. While the need to properly assess a company’s risk and controls has always been important, in today’s world it is mandatory. The accounting scandals, such as Enron and WorldCom and the early 2000’s led to the passage of the Sabanes-Oxley Act (SOX). SOX aimed to give the investing public confidence in the financial statements of company’s by offering guidelines and spelling out regulations that publicly traded companies must adhere to.…

    • 668 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Case Study
    • 625 Words
    • 3 Pages

    Case Study

    Accounting today is much more complex and difficult to understand than it has been in the past. Due to the increasing complexity Accounting Information Systems have been created to alleviate some of the pressures facing accountants. According to Frederick Jones and Dasaratha Rama (2006), Enterprise Resource Planning (ERP) systems are moving businesses from the functional approach to an integrated approach for managing transactions (p.684). Having knowledge and experience with the technological advances will help the accountant become more successful. Companies, such as CBU from the case study, must be able to effectively use technology to their advantage if they want to be successful in the future. The accounting staff of CBU must be able to develop more timely and effective system controls for future financial statement purposes and inventory audits.…

    • 625 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Acct 504 Internal Control Case Study
    • 710 Words
    • 3 Pages

    Acct 504 Internal Control Case Study

    2) No Altering of Financial Documents- If anyone falsifies or alters financial documents they are subject to criminal penalties that includes up to 20 year in prison.…

    • 710 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    Internal Control: Integrated Framework
    • 2817 Words
    • 12 Pages

    Internal Control: Integrated Framework

    Internal Control - Integrated Framework Executive Summary Senior executives have long sought ways to better control the enterprises they run. Internal controls are put in place to keep the company on course toward profitability goals and achievement of its mission, and to minimize surprises along the way. They enable management to deal with rapidly changing economic and competitive environments, shifting customer demands and priorities, and restructuring for future growth. Internal controls promote efficiency, reduce risk of asset loss, and help ensure the reliability of financial statements and compliance with laws and regulations. Because internal control serves many important purposes, there are increasing calls for better internal control systems and report cards on them. Internal control is looked upon more and more as a solution to a variety of potential problems. Internal Control Internal control means different things to different people. This causes confusion among businesspeople, legislators, regulators and others. Resulting miscommunication and different expectations cause problems within an enterprise. Problems are compounded when the term, if not clearly defined, is written into law, regulation or rule. This report deals with the needs and expectations of management and others. It defines and describes internal control to: 1. Establish a common definition serving the needs of different parties. 2. Provide a standard against which business and other entities--large or small, in the public or private sector, for profit or not--can assess their control systems and determine how to improve them. Internal control is broadly defined as a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: 1. Effectiveness and efficiency of operations. 2. Reliability of financial reporting. 3. Compliance with applicable laws and…

    • 2817 Words
    • 12 Pages
    Powerful Essays
    Read More
  • Good Essays

    The Sarbanes-Oxley Act
    • 635 Words
    • 3 Pages

    The Sarbanes-Oxley Act

    effectiveness of the internal control. In addition, they must write an formal evaluation on the effectiveness as company’s recent fiscal year. Finally, an auditor has issued an attestation report on management’s assessment (SEC, 2013). Although initially the compliance costs and efforts of this act were burdensome but after many years companies feel that compliance of the act outweight the costs as well as a great improvement in internal control over 10 years (GARP, 2013).…

    • 635 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Section 404
    • 773 Words
    • 4 Pages

    Section 404

    Researching a company that has had publicly known problems with internal controls is not that hard to find. These controls are put into place to reduce the possibility of fraud, waste, and abuse (FWA) on the annual financial reports of a company. “The Commission voted to adopt rule and form amendments to implement requirements of Section 404 of the Sarbanes-Oxley Act of 2002” (SEC, 2003). Section 404 is one of the hardest, most argued, and most expensive to actualize of all Sarbanes-Oxley Act (SOX) for compliance. There must be an Internal Control Report explaining what the managements job is, and a “satisfactory” internal control structure; there should also be a management description of the efficiency of the control structure (SOX, 2016).…

    • 773 Words
    • 4 Pages
    Good Essays
    Read More
  • Better Essays

    Ljb Company's Internal Controls
    • 1608 Words
    • 7 Pages

    Ljb Company's Internal Controls

    References: Cereola, S. J., & Cereola, R.J. (2011). Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT with a Focus on Computer Controls, Data Security, and Privacy Legislation. American Accounting Association, 26 (3). Retrieved from ProQuest Business database on October 5th, 2011.…

    • 1608 Words
    • 7 Pages
    Better Essays
    Read More
  • Good Essays

    Internal Control & Risk Evaluation
    • 761 Words
    • 4 Pages

    Internal Control & Risk Evaluation

    Since offering suggestions for Kudler earlier this month, the request has been received to analyze the risks involved. Suggestions included: improving functions of inventory, accounts receivable, accounts payable, and the payroll system with any company.…

    • 761 Words
    • 4 Pages
    Good Essays
    Read More
  • Better Essays

    Saks Fifth Avenue Case Study
    • 1198 Words
    • 5 Pages

    Saks Fifth Avenue Case Study

    The Committee of Sponsoring Organizations (COSO), consisting of many accounting regulation bodies, issued a report defining internal control as:…

    • 1198 Words
    • 5 Pages
    Better Essays
    Read More
  • Good Essays

    Accountants and Writing
    • 258 Words
    • 2 Pages

    Accountants and Writing

    The article Improving Accounting Students’ Writing Skills is about how many accounting students don’t realize how much writing is truly involved with being an accountant. It also explains that communication skills are one of the five core competencies outlined in the CPA Vision Project, tested on the CPA exam, and demanded by employers. Due to advancements in technology, accountants are spending less time gathering, processing, and reporting information, and more time strategizing and interpreting information. In a recent study one third of employers are unhappy with accountants writing skills. The CPA Vision Project plans to improve accountants’ writing skills to further satisfy their employers’ needs. One of the core competencies, communication and leadership skills, is the ability to “give and exchange information within meaningful context and with appropriate delivery and interpersonal skills.” In order to achieve this vision, accounting classes need to begin to stress the importance of having good writing skills necessary to become a successful accountant.…

    • 258 Words
    • 2 Pages
    Good Essays
    Read More

Related Topics