Enterprise resource planning systems: systems, life cycle, electronic commerce, and risk
Enterprise resource planning systems: systems, life cycle, electronic commerce, and risk
Security Moving from Database Systems to ERP Systems
DEXA '98 Proceedings of the 9th International Workshop on Database and Expert Systems Applications
Understanding software project risk: a cluster analysis
Information and Management
Accounting Information Systems
Accounting Information Systems
Security for Enterprise Resource Planning Systems
Information Systems Security
An Information Security Governance Framework
Information Systems Management
Information security management standards: Problems and solutions
Information and Management
Estimating the market impact of security breach announcements on firm values
Information and Management
Building the evaluation model of the IT general control for CPAs under enterprise risk management
Decision Support Systems
Motivating IS security compliance: Insights from Habit and Protection Motivation Theory
Information and Management
| Hi-index | 0.00 |
After the occurrence of numerous worldwide financial scandals, the importance of related issues such as internal control and information security has greatly increased. This study develops an internal control framework that can be applied within an enterprise resource planning (ERP) system. A literature review is first conducted to examine the necessary forms of internal control in information technology (IT) systems. The control criteria for the establishment of the internal control framework are then constructed. A case study is conducted to verify the feasibility of the established framework. This study proposes a 12-dimensional framework with 37 control items aimed at helping auditors perform effective audits by inspecting essential internal control points in ERP systems. The proposed framework allows companies to enhance IT audit efficiency and mitigates control risk. Moreover, companies that refer to this framework and consider the limitations of their own IT management can establish a more robust IT management mechanism.