Accounting and IT Control Frameworks
In most companies of any size, data moves between multiple business groups
and IT systems on its way from initial transactions to the reports
that the CEO and CFO must attest to.
Attesting to the accuracy of the data requires confidence in accounting procedures and controls. These are addressed within the COSO framework.
The SOX 404 attestation also requires confidence in the IT systems that house, move, and transfom data. This requires confidence
in the processes and controls for those IT systems and databases.
The COBiT framework was designed to address IT concerns.