The impact of an IT governance framework on the internal control environment

Purpose – The purpose of this paper is to analyze how an IT governance framework [Control Objectives for Information and related Technology (COBIT)] influences the control environment and the internal control system. In particular, it aims to illustrate how the COBIT’s structure and processes impact on the seven categories of factors that compose the control environment. Design/methodology/approach – This paper aims to highlight how an IT governance framework with its processes enables to improve the control environment assessment and implementation. Findings – The analysis indicates that the implementation of the COBIT framework provides some indications for managers and auditors, which must implement or assess internal control system. Practical implications – The adoption of the framework allows managers to focus effectively on integrating, aligning and linking processes. This improves the understanding of the key aspects connected to the control environment. In addition, the adoption of the framework allows overcoming some limitations regarding the Committee of Sponsoring Organizations framework. Originality/value – This paper addresses an area of relevance to both practitioners and academics. This analysis focuses on Accounting Information Systems themes and, through the examination of an IT governance framework, suggests solutions and tools than can help managers and auditors to address the control environment assessment.