In: Accounting
discuss about further into COBIT and the 3 types on controls: preventative, detective and corrective.
COBIT:
COBIT stands for Control Objectives for Information and Related Technology.
It is a set of best practices for Information Technology management developed by ISACA (Information Systems Audit & Control Association).
It provides good practices in Governance, and management to address the critical business issues.
It is a set of Globally accepted principles, practices,analytical tools and models that can be customized for enterprises of all sizes, industries and geographies.
It helps enterprises to create optimal value from the information and technology.
Objectives:
1) Increased Value creation from use of IT
2) User satisfaction with IT engagement and services
3) Reduced IT related risks and compliance with laws, regulations and contractual requirements
4) Development of more business focused IT Solutions and services
5) Increased enterprise wide involvement in IT related activities.
3 types of controls:
1) Preventive Controls:
The inputs which are designed to prevent an error, omission or malicious act from occurring.
Example: Use of passwords
2) Detective Controls:
The inputs which are designed to detect errors, omissions or malicious acts that occur and report the occurrence.
Example: Cash Counts and Bank Reconciliation
3) Corrective Controls:
The inputs which are designed to reduce the impact or correct an error once it has been detected.
Example: Investigate Budget Variance