Chapter 3: Governance, Frameworks, and Regulatory Environment

In this section

• COSO Internal Control – Integrated Framework: Relevance to Information Systems
  Explore how the COSO Internal Control – Integrated Framework applies to technology risks, ensuring robust IT governance and effective oversight.
• COSO ERM for IT: Risk Management Across Digital Environments
  Discover how COSO ERM applies to technology resources, key IT risk categories, and effective risk responses in modern digital environments.
• COBIT 2019 Overview: Governance System Principles and Components
  Learn how COBIT 2019 provides a robust framework for aligning IT governance with business goals, focusing on principles, components, and practical applications for CPAs.
• Other Influential Standards and Regulations (e.g., PCI DSS, HIPAA, GDPR)
  Explore key data security and privacy regulations such as PCI DSS, HIPAA, and GDPR, and learn how CPAs can guide and audit compliance to ensure robust information governance and protect stakeholder interests.
• ITIL and IT Service Management Overviews
  Discover how ITIL’s structured processes, including Incident, Problem, and Change Management, strengthen internal controls and IT governance in the accounting domain.