Information Systems and Internal Control Essay

Order ID# 45178248544XXTG457	Plagiarism Level: 0-0.5%	Writer Classification: PhD competent
Style: APA/MLA/Harvard/Chicago	Delivery: Minimum 3 Hours	Revision: Permitted
Sources: 4-6	Course Level: Masters/University College	Guarantee Status: 96-99%

Instructions

Information Systems and Internal Control Essay

Question Description

Read the article below: Information Systems and Internal Control.

Write: Develop a bulleted list of 1or 2 issues or best practices that you identified based on your reading of this article and how it may impact you while performing in an accounting position.

Information Systems and Internal Control:

IT Risk Assessment

Executive Summary Report Executive Summary

Engagement Scope and Objectives

Scope

The objective of the engagement was to perform an IT Risk Assessment for XYZ Company, through the identification and evaluation of controls using the Assessor Company Control Framework. The computer applications and related IT processes were identified for inclusion in the assessment based on criteria such as criticality, financial impact, and operational support.

The applications identified for the assessment are listed in a section that follows, along with a processing flow diagram. The results solely rest on the documentation provided for review and the information obtained in the interviews with XYZ Company staff; testing was not performed as part of the Risk Assessment.

Risk Assessment

The Risk Assessment process examines the IT applications and infrastructure to identify areas that are critical to XYZ Company operations and then evaluates controls present to determine areas of risk for these processes. The risk assessment was performed through the collection and examination of XYZ Company documentation, a self-assessment survey, and interviews with key staff and management. Assessor Company’s approach is detailed below.

Assessor Company Approach

In developing the IT Risk Assessment, an Assessor Company staff member performed the following tasks:

– Interviewed key personnel within the XYZ Company IT organization, to determine:

• Recent organizational changes,
• Recent technology changes, and
• Auditable universe.

– Obtained selected documentation and information from various sources, including IT and Internal Audit.

– Distributed an IT Risk Assessment survey which was completed by various IT staff within XYZ Company.

– Reviewed recent IT SOX audit reports performed by Internal Audit and by the external auditors.

Developed an audit plan based on the planning strategy:

– Determine the auditable units,

– Assign a risk rating to each audit unit based on the Risk Assessment conducted, and on subjective criteria,

– Identify the nature of the audit procedures that may be performed, and

– Identify the type and timeframe/frequency of reviews for each auditable unit. Determine if there are any mandatory annual audit requirements.

– Review the draft IS Audit Plan with Corporate IS management and Internal Audit management and adjust the nature of audit procedures and timeframe as appropriate.

During this assessment, Assessor Company did not perform any testing of any XYZ Company controls, policies, procedures, or methodologies. The controls examined relate to the core areas within IT and were assessed to identify any potential control risks within the following framework:

Control Framework

Organization” – governance, policy, organization, and compliance

Access – management and administration of user and administrative access

Network – management and administration of user and administrative access Change

Management – approvals, testing, and separation of duties

Operations – monitoring, asset management, physical and network security

XYZ Company IT Organization

Interviews were conducted as part of the information gathering phase and as a validation of the analysis of the control risks. The contents of the interviews included key applications, process flows, and organizational responsibilities. Below is an organization chart that reflects the scope of this IT risk assessment.

Information Systems and Internal Control Essay

RUBRIC
Excellent Quality 95-100%	Introduction 45-41 points The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.		Literature Support 91-84  points The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.			Methodology 58-53 points Content is well-organized with headings for each slide and bulleted lists to group related material as needed. Use of font, color, graphics, effects, etc. to enhance readability and presentation content is excellent. Length requirements of 10 slides/pages or less is met.
Average Score 50-85%	40-38 points More depth/detail for the background and significance is needed, or the research detail is not clear. No search history information is provided.		83-76  points Review of relevant theoretical literature is evident, but there is little integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are included. Summary of information presented is included. Conclusion may not contain a biblical integration.			52-49  points Content is somewhat organized, but no structure is apparent. The use of font, color, graphics, effects, etc. is occasionally detracting to the presentation content. Length requirements may not be met.
Poor Quality 0-45%	37-1 points The background and/or significance are missing. No search history information is provided.		75-1 points Review of relevant theoretical literature is evident, but there is no integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are not included in the summary of information presented. Conclusion does not contain a biblical integration.			48-1 points There is no clear or logical organizational structure. No logical sequence is apparent. The use of font, color, graphics, effects etc. is often detracting to the presentation content. Length requirements may not be met
You Can Also Place the Order at www.perfectacademic.com/orders/ordernow or www.crucialessay.com/orders/ordernow Information Systems and Internal Control Essay

Information Systems and Internal Control Essay

PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!