How IT controls improve the control environment

Abstract

PurposeThe purpose of this paper is to analyze how Information technology (IT) controls influence the control environment’s components and the internal control system.Design/methodology/approachThis paper aims to highlight how IT controls enable to improve the control environment assessment and implementation.FindingsThe analysis indicates that the implementation of the IT controls (IT organizational controls, IT process controls and IT soft variables controls) provides some indications for managers and auditors, who must implement or assess internal control system. A joint use of the three dimensions of IT control contributes to a better assessment of the individual components of the control environment. IT controls help managers to develop the design of the organizational structure and to identify the key processes to achieve the internal control objectives and to mitigate firm’s risk.Practical implicationsThe examination of three IT control dimensions allows managers to expand their knowledge about these types of controls and change the way they approach technology-based processes and associated risks. This improves the understanding of the key aspects connected to the control environment. The paper provides a list of the relevant activities that affect the three types of IT controls. This is useful for managers to begin to frame the specific controls inside the three dimensions of IT control.Originality/valueThis paper addresses an area of relevance to both practitioners and academics. This analysis focuses on accounting information systems themes and, through the examination of the IT controls, allows a better understanding of the hard and soft elements of the control environment.