Building the evaluation model of the IT general control for CPAs under enterprise risk management
作者:
摘要
The purpose of this study is to build the evaluation model of the Information Technology General Control (ITGC) for the certified public accountants (CPAs) under an Enterprise Risk Management (ERM) — Integrated Framework. First, this study investigates and sorts out the control objectives of ITGC over financial reporting under ERM. The control objectives were prioritized by Analytic Hierarchy Process (AHP) and then, the ITGC evaluation model was constructed accordingly. Finally, the study utilizes the case study approach to verify the CPAs' acceptance for the evaluation model of ITGC. According to case study and post hoc confirmations conducted with two experts, the evaluation model can be accepted by CPAs and employed to enhance the efficiency of ITGC assessment for CPAs to meet the challenges in a dynamic information technology environment.
论文关键词:Enterprise Risk Management (ERM),Information Technology General Control (ITGC),Control Objectives for Information and Related Technology (COBIT)
论文评审过程:Available online 19 August 2010.
论文官网地址:https://doi.org/10.1016/j.dss.2010.08.015