Essential Guide

IT services management and best practices: An enterprise CIO guide

A comprehensive collection of articles, videos and more, hand-picked by our editors

control framework

A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk.

A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a commonly used framework for internal controls. The COSO framework is designed to provide a model that corporations can use to run an efficient and well-controlled financial environment.

COSO's main components:

  • Internal control environment
  • Objective setting
  • Event identification
  • Risk assessment
  • Risk response
  • Control activities
  • Information and communication
  • Monitoring.

According to COSO, those components constitute a viable framework for describing and analyzing an organization's internal control system in a way that conforms to financial compliance regulations. COSO was originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting.

IT controls are a subset of internal controls related to information technology (IT). IT control frameworks include COBIT (Control Objectives for Information and Related Technology),  ISO/IEC 17799: Code of Practice for Information Security Management and ITIL (Information Technology Infrastructure Library).

 

See also: PCI-DSS, enterprise risk management (ERM), compliance, governance, risk and compliance (GRC), GRC software

This was first published in March 2011

Continue Reading About control framework

Glossary

'control framework' is part of the:

View All Definitions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

IT services management and best practices: An enterprise CIO guide

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close