Effective Communications & Accounting Systems - Assignment Example

a. Or b. – c. – 2. Part 2 Mr. Mingus, The Sarbanes-Oxley Act of 2002 did not specifically mention any compliance requirement for accounting processes employing IT in Section 404. More importantly, there was no specific mention of the controls that needs to be established in IT firms in order to conform to the Sarbanes-Oxley. In the absence of this essential element, IT firms employ a variety of IT standards for their internal controls (Lahti, Peterson & Lanza, 2005). Two of the many IT standards adopted by auditors in structuring their internal controls are COBIT and Trust Services. COBIT represents Control Objective for Information and Related Technology. The standards that are included in COBIT are platform independent which is the very reason why these standards become the de-facto standards used by auditors and in complying with Sarbanes-Oxley. The COBIT standards which are classified into six general components are composed of more than 300 objectives. These components include: (a) the executive summary, (b) framework, (c) control objectives, (d) control practices, (e) management guidelines, and (f) audit guidelines. The executive summary introduces auditors to the key principles and concepts involved in the standards; the framework and control objectives organize the elementary models of COBIT into four major segments which are planning and organizing, acquisition and implementation, delivery and support, and monitoring and evaluation; control practices defines the best practices as well as elaborate the requirements for specific controls; management guidelines link the IT objectives with the objectives of the business; and the audit guidelines provide guidelines on how controls are evaluated and assessed (Lahti, Peterson & Lanza, 2005). Like COBIT, Trust Services is also a set of core principles and selective criteria for the key areas in IT operations. Its main goals are to address the risks in operating IT and to control and regulate the associated opportunities in operating an IT. The Trust Services defines its criteria and principles into four major areas which are: policies, communication, procedures, and monitoring. Instead of focusing on firms employing IT services, the main target of Trust Services are ordinary consumers, business partners, bakers and creditors, regulators and other stakeholders (TCICA, n.d). Business processes require efficient methods of managing a lot of data and information. Information keeping and information gathering has evolved into more than just the recording of transactions and filling them up in the archives. Information has become the determining factor in decision making process. Managers and business owners who can synthesize and fully utilize the information available are likely the ones that will be able to succeed in a very competitive environment (Kobel & Gimpert, 2008). This means that businesses that are able to select the most appropriate IT platform based on the uniqueness of their IT needs will be most likely the ones who would be able to use complex information to their decision-making process. Hence, it is very important for organizations to employ IT systems that would allow it store, manage, and distribute data in the most effective, accurate, and reliable manner. Data and information that are stored in IT systems that have little, inadequate, or non-existent internal controls are in for a lot of risk. For one thing, data stored in the system can be lost, misrepresented, or can be breached by external and unauthorized access. When this occurs, businesses can be exposed to a lot of financial losses or losses on business opportunities which could hurt its long-term existence (Kobel & Gimpert, 2008). These are the reasons why the firm’s clients must pay particular interest to COBIT and Trust Services. As was discussed, COBIT and Trust Services ensures that the IT platforms the clients are using conform to the information management principles and criteria they have outlines. Those IT platforms that fail to conform to the required standards are not implemented and are scraped. Hence, using COBIT and Trust Services are advantageous than not using them for the following reasons: (a) COBIT aligns the business to its focus; Trust Services shows environmental risk factors to its stakeholders. As business organizations acquire data and information along the way, they also encounter risk factors and information-related issues that would hamper its development. In the absence of a secure and reliable platform, business organizations can easily lost track of its goals and objectives. By employing COBIT or Trust Services platforms, the business organization is assured that regardless of the volume of information it acquires and process on a daily basis, the IT framework can be able to differentiate data and information and hence allow the organization to keep track of its progress and development towards its goals and objectives; (b) COBIT maps business goals with the firm’s financial goals and vice versa; Trust Services equip firms with necessary controls to parry the environmental risk factors. Identifying risk factors that the firm must handle is just one part of the solution. The other part requires certain steps to be taken in order to correct issues and address the risk factors. By mapping business goals with the financial objectives, and vice versa, the firm can be able to see what needs to be done with the risk factors while at the same time keeping its focus on what it should do to achieve its goals and objectives. This feat can only be efficiently achieved if the firm employs the appropriate IT frameworks; and (c) COBIT translates complex IT functions into easy-to-understand information that managers can use; Trust Services assures its stakeholders of the safety of the data its stores and manages. In the end, what really matters is how the IT framework allows firms to understand the meaning of the data and information it has acquired over time. Choosing an IT platform that has the capability to do just this allows firms to focus on the more important aspects of its operations because their IT framework is able to assure the firm that it can do its intended functions. This shows that either of the platforms assures business organizations and business firms, as well as their stakeholders, of the safety, accuracy, and the reliability of their data. The advantages discussed above assert the ability of these IT platforms to process and synthesize all data and information pertaining the business organization into safe, secure, reliable, and useable forms that would allow organizations to make objective evaluations and decisions on virtually every aspect of the business. However, implementing these IT platforms and integrating them in the existing business processes would cost a lot, if not too much, depending on the key areas involved and included in the IT platform. IT would be very difficult to approximate the general cost of each IT platform done for the clients because IT platforms are typically customized to the IT needs of the clients. The more complex their needs are, or the more tedious the programming required for the IT systems they need, the more likely it is that they will spend considerable amount of money. Clients that would demand an overhaul of their existing system and a full integration of either or both of the IT platforms should expect to shed millions of dollars for the implementation alone. On the other hand, clients with existing platforms that need to be updated, or those that would require IT platforms on a per-need basis could pay considerably lesser amounts in terms of the implementation, maintenance, and updates of IT systems. Regardless of which approach is used, clients are expected to spend much for the protection of the data and information they have in their systems. After all, these data and information can spell great success for the firm in the long and short runs. COBIT and Trust Services are similar in some respect. Both are IT-dependent which means that the applications of both platforms are in the domain of IT. Both platforms are similar in the conceptual way they protect the data by conforming to established principles and standards. Most importantly, the presence of both platforms in the IT system of firms gives all the stakeholders the assurance that the data and information they have acquired are safe and protected. While COBIT and Trust Services have similar functions which are to ensure the accuracy, reliability, and safety of data and information of business firms they have their own specific functions. In the most general sense, Trust Services focus on the identification of threats and the protection of the data and information being stored in the existing platforms whereas COBIT is the more comprehensive IT framework for data management, data processing, data validation, and data distribution. Trust Services are a smaller, more specific version of COBIT which is the reason why their application is relatively limited. However, because of the segment-specific natures of Trust Services, they are more comprehensive when it comes to the protection they give, as opposed to the higher possibilities of loopholes for COBIT. References Kobel, B. & J. Gimpert. (2008). Hedge Your Bets. The Importance of IT Risk Management in M&A. Data Protection. Retrieved online http://www.csoonline.com/article/454743/Hedge_Your_Bets_The_Importance_of_IT_Risk_Management_in_M_A on August 25, 2009 Lahti, C., Peterson, R. & Lanza, S. (2005). Introduction to COBIT and SOX Compliance. Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools. Retrieved Online http://searchsecurity.techtarget.com/generic/0,295582,sid14_gci1148318,00.html on August 25, 2009 Raywood, D. (2009). The Cost of IT can be Less Painful with Better Preparation. SC Magazine. Retrieved online http://www.scmagazineuk.com/The-cost-of-IT-security-can-be-less-painful-with-better-preparation/article/126089/ on August 26, 2009 The Canadian Institute of Chartered Accountants. (n.d.). Overview of Trust Services. Retrieved online http://www.webtrust.org/overview-of-trust-services/index.aspx on August 26, 2009 Benefits and costs of the CobiT framework and the Trust Services  What they are;  Why your firm’s clients should be interested in them;  What benefits do they promise?  What possible costs could be entailed in implementing either of them (he is not interested in detailed dollar costs, simply indicate if they are likely to involve significant efforts in implementation), and  Are the two frameworks related? Write the report for Mr Mingus. You are aware that much has already been published regarding these frameworks. Remember the diverse nature of your client base and be sure to include proper referencing. Read More