Abstract
Abstract This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.
Highlights
Information technology has become one of the most important strategic assets and a critical tool in ensuring the sustainability and development of a business
Using the extant literature in corporate governance and information technology risks and governance, we develop an integrated framework that aligns the corporate strategic and operational controls and processes of Enterprise Risk Management (ERM), COSO, and COBIT5 with Information Technology (IT) governance principles
Based on these operational controls, we portray that IT governance is influenced by five corporate domains
Summary
Information technology has become one of the most important strategic assets and a critical tool in ensuring the sustainability and development of a business. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization’s goals (Goosen and Rudman, 2013). This fundamental alignment is expected to eliminate unnecessary controls and processes which, in turn, helps in improving IT governance and regulatory compliance
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
