TOWARDS BETTER IT GOVERNANCE: A COMPREHENSIVE IT INTERNAL CONTROL MODEL FOR INFORMATION TECHNOLOGY FIRMS

Abstract

Purpose- The primary objective of this study is to enhance IT governance within the information technology sector by developing a comprehensive IT Internal Control Model. This model is designed to address the unique and evolving challenges in IT internal control processes, providing a structured approach to risk optimization, resource optimization, and benefit management. By introducing this model, the study aims to offer IT firms a robust internal control model that can be adapted to their specific operational needs, promoting a more effective, efficient, and resilient IT governance structure. Methodology- A thorough literature review, incorporating a wide array of international sources, forms the foundation of this study. The research involved designing an IT Internal Control Model, informed by the processes observed at THY Technology. This model was then applied across 12 distinct operational processes, and feedback from stakeholders was systematically gathered through surveys to evaluate its practicality and impact. Findings- The feedback from stakeholders was predominantly positive, underscoring the model’s efficacy in bolstering IT governance. The model was praised for its thoroughness and adaptability, successfully addressing a broad spectrum of IT internal control issues while remaining flexible enough to be tailored to various IT environments. Conclusion- This study highlights the importance of dynamic and adaptable IT internal control model in the fast-paced technology sector. The developed IT Internal Control Model opens new avenues for research into effective governance practices and provides a valuable blueprint for IT firms seeking to enhance their governangfce and control mechanisms in a digitally-driven world.

Keywords

• IT internal control model
• internal control
• IT governance
• IT compliance
• continuous improvement

References

1. Ahnan, Z. M. (2020). The Effect of Fraud Disclosure, Internal Control, Information Technology on Corporate Governance and Corporate Performance as Moderating Variable. European Journal of Business and Management. https://doi.org/10.7176/ejbm/12-33-09
2. Alayli, S. (2022). The impact of internal control practices on fraud prevention: The case of Lebanese small-medium enterprises. European Journal of Business and Management Research, 7(5), 141-147.
3. Arwinge, O. (2013). Internal Control. Physica-Verlag HD. https://doi.org/10.1007/978-3-7908-2882-5
4. Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2013). Internal Control - Integrated Framework: Framework and Appendices. North Carolina: American Institute of Certified Public Accountants.
5. Eniola, A. A., Abiodun, E. A. (2020). Internal Control Procedures and Firm’s Performance. Article in International Journal of Scientific & Technology Research, 9(2), 87-99.
6. Giriunas, L. (2012). The Concept of Internal Control Systems: Theoretical Aspect, 1(2), 35-47.
7. Elmas, B., Çelik, M., Korkmaz, E. (2023). İç kontrol sisteminin COSO iç kontrol modeli ile incelenmesi ve finansal performans üzerine etkisi: katılım bankalarında bir araştırma. Bingöl Üniversitesi İktisadi Ve İdari Bilimler Fakültesi Dergisi, 7(1), 189-206.
8. Fang, X., Zhang, C. (2022). Enterprise Internal Control Audit in Information Technology Environment. In: Pei, Y., Chang, JW., Hung, J.C. (eds) Innovative Computing. IC 2022. Lecture Notes in Electrical Engineering, vol 935. Springer, Singapore. https://doi.org/10.1007/978-981-19-4132-0_39

9. Hermanson, D. R., Smith, J. L., Stephens, N. M. (2012). How effective are organizations’ internal controls? Insights into specific internal control elements. Current Issues in Auditing, 6(1). https://doi.org/10.2308/ciia-50146
10. Information Systems Audit and Control Association. (2018). COBIT 2019 Framework: Governance and Management Objectives. ISACA.
11. Kanca, S., Çankaya, F., Dinç, E. (2021). İç Kontrol Sisteminin Şirketlerin Finansal Performansına Etkisi: BIST Şirketlerinde bir Uygulama. Uluslararası İktisadi Ve İdari İncelemeler Dergisi(32), 31-52. https://doi.org/10.18092/ulikidince.889501
12. Koç, S. (2022). İşletmelerde İç Denetim ve İç Kontrol Yapısı Etkileşimi. İşletme, 3(1), 105-120.
13. Lee, J., Kim, S. (2020). Does human resource investment for internal control system enhance future cash flow predictability? Sustainability 12(20), 1–16. https://doi.org/10.3390/su12208500
14. Meiryani, Fitriani, N. A., Habib, M. M. (2019). Can information technology and good corporate governance be used by internal control for fraud prevention? International Journal of Recent Technology and Engineering, 8(3). https://doi.org/10.35940/ijrte.C5503.098319
15. Sabuncu, B. (2017). İşletmelerde iç denetim ve iç kontrol ilişkisi. Cumhuriyet Üniversitesi İktisadi ve İdari Bilimler Dergisi, 18(2), 161-174.
16. Schneider, A., Gramling, A. A., Hermanson, D. R., Shelly Ye, Z., Ye, Z. (2009). A review of academic literature on internal control reporting under SOX. Journal of Accounting Literature, 28. http://digitalcommons.kennesaw.edu/facpubs
17. Sukirman, Hidayah, R., Suryandari, D. (2018). Fraud Prevention : Information Technology and Internal Control Perspective. International Journal of Economics, Commerce and Management, 5(10), 891-912.
18. Tetik, N., Karaca, H. (2021). İç kontrol kavramı ve uygulamalarının tarihsel gelişimi. Muhasebe ve Finans Tarihi Araştırmaları Dergisi, 189-204.
19. Tuttle, B., Vandervelde, S. D. (2007). An empirical examination of CobiT as an internal control framework for information technology. International Journal of Accounting Information Systems, 8(4), 240–263. https://doi.org/10.1016/j.accinf.2007.09.001
20. Yolanda, F., Eko Pramono, S., & Hasbi Zaenal, M. (n.d.). The Effect of Internal Control, Information Technology and Audit on Good Amil Governance Practices: Evidence from BAZNAS Kalimantan, Indonesia. In International Journal of Zakat, 5(2), 81-93.