Control and the Accounting Information System Research Paper

Excerpt from Research Paper :

Control and the AIS

Control and the Accounting Information System

This paper discusses the process of integrating controls into the accounting information system (AIS) using enterprise risk management (ERM) components. ERM is defined as "a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives." (Committee of Sponsoring Organizations of the Treadway Commission, COSO, 2004, p.2).

According to COSO, ERM encompasses:

Aligning risk appetite and strategy

Enhancing risk response decisions

Reducing operational surprises and losses

Identifying and managing multiple and cross-enterprise risks

Seizing opportunities

Improving deployment of capital (COSO, 2004, p. 7).

ERM integrates concepts of internal control and the Sarbanes-Oxley Act. Internal controls of accounting systems are intended to protect a company from fraud, abuse, and inaccurate data recording, as well as to help organizations keep track of essential financial activities. The Sarbanes-Oxley Act created new standards for corporate accountability along with new penalties for wrongdoing that violated corporate disclosure requirements.

COSO ( 2004, pp. 3-4) developed an integrated framework for ERM that consists of eight components:

Internal environment

Objective setting

Event identification

Risk assessment

Risk response

Control activities

Information and communication


The internal environment comprises factors such as the risk appetite, ethics and values of an organization; it establishes a basis for how risk is viewed and addressed by management and staff, their risk management philosophy and the environment in which they operate.

Objective setting describes the next step in the process, defining the risk related objectives of the organization and related strategic goals. Objectives must exist prior to management identifying potential events affecting their achievement. ERM ensures that management has a process in place for setting objectives, and that…

Sources Used in Document:

Reference List

Enterprise Risk Management Framework. (2010). Retrieved on April 6, 2011 from

Committee of Sponsoring Organizations of the Treadway Commission. (2010). Enterprise Risk Management -- Integrated Framework Executive Summary . Retrieved on April 6, 2011 from

Karimi, Sabah. (2011). About Internal Controls of Accounting.

Sarbanes-Oxley Essential Information. (2006). SOX-Online.

Cite This Research Paper:

"Control And The Accounting Information System" (2011, April 06) Retrieved December 5, 2019, from

"Control And The Accounting Information System" 06 April 2011. Web.5 December. 2019. <>

"Control And The Accounting Information System", 06 April 2011, Accessed.5 December. 2019,