Professional Documents
Culture Documents
Equity Funding Corporation of America
Equity Funding Corporation of America
AMERICA
BACKGROUND OF THE CASE
ACTORS BUSINESS MODEL
ISSUES
E t h i c s and
Integrity
Control
Environment
Auditors’
Competence
Impairments
in Audit
COBIT 5 EFCA ASSESSMENT
MANAGEMENT GOVERNANCE
Align, Plan And Organize
07 Manage human resources Identify key IT personnel while minimize reliance on single
✘Lack of key IT personnel individual’s performance through: (a) knowledge capture
✘Insufficient personnel skill and (documentation), knowledge sharing, succession planning
competencies and staff backup, (b) employ personnel development
✘Absence of Employee plan, and (c) apply and monitor personnel backup plan.
Performance Evaluation
Maintenance of personnel skills and competencies
through: (a) formal career planning and development, (b)
monitoring of gaps between require and available skills,
and (c) regular reviews for assessments.
Regular performance evaluation and provide timely
feedback as well as proper remuneration/ recognition
process.
COBIT 5 EFCA ASSESSMENT
MANAGEMENT
Align, Plan And Organize
MANAGEMENT
Align, Plan And Organize
MANAGEMENT
Build, Acquire and Implement
MANAGEMENT
Build, Acquire and Implement
02 Manage requirements Employ peer reviews, model validation or operational
definition prototyping with the participation of various stakeholders.
✘Inadequate functional and Performance of feasibility studies on potential solutions;
technical requirements
formulate a high-level acquisition/ development plan for
✘Failure to manage
requirement risk
larger projects.
MANAGEMENT
Decision, Service and Support (DSS)
02 Manage service request Continuous assessment of facilities- physical and IT-
and incidents and ensure its resiliency on identified risks. i.e
✘Unresolved incidents alternative power supply mechanisms, protection on
✘Failure to track incident physical alteration.
status and reports
MANAGEMENT
Decision, Service and Support (DSS)
MANAGEMENT
Monitor, Evaluate and Assess (MEA)
01 Monitor, evaluate and • Align and continually maintain the monitoring and
assess performance and evaluation approach with the enterprise approach
conformance using suitable tools and systems for data processing
✘Prejudiced monitoringand data analysis.
approach • Objectively set process performance and
✘Unrealistic performance conformance targets that concise, attainable easy to
and conformance targets understand and will tailor to various management
✘Fictitious performance
needs.
reports
• Periodically validate the approaches used and
identify new or changed stakeholders, requirements
and resources.
COBIT 5 EFCA ASSESSMENT
MANAGEMENT
Monitor, Evaluate and Assess (MEA)
02 Monitor, evaluate and • Obtain transparency for key stakeholders on the adequacy
assess the system of internal of the system of internal controls, providing trust in operations,
control. Manage confidence in the achievement of enterprise objectives and
requirements definition an adequate understanding of residual risk.
✘Override of business process • Ensure that control activities are in place and exceptions
controls are promptly reported, followed up and analyzed, and
✘Ineffective control and self- appropriate corrective actions are prioritized and
assessments implemented according to the risk management profile.
✘Unreported control
• Maintain plans and scope and identify evaluation criteria
deficiencies
for conducting self-assessments.
• Establish adherence to applicable codes of ethics and
standards and assurance standards.
COBIT 5 EFCA ASSESSMENT
MANAGEMENT
Monitor, Evaluate and Assess (MEA)
03 Monitor, evaluate and • Ensure that the enterprise is compliant with all
assess compliance with applicable external requirements.
external requirements. • Obtain independent counsel, where appropriate, on
changes to applicable laws, regulations and standards.
• Identify and assess all potential compliance
requirements and the impact on IT activities in areas
such as data flow, privacy, internal controls, financial
reporting, industry-specific regulations, intellectual
property, health and safety.
COBIT 5 EFCA ASSESSMENT
GOVERNANCE
Evaluate, Direct, and Monitor
GOVERNANCE
Evaluate, Direct, and Monitor
GOVERNANCE
Evaluate, Direct, and Monitor
”
i n d i s c h a r g i n g t h e i r o b l i g a t i o n s - to render an opinion on
EFCA’s FS.