| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Show document Help

Title:Organizacija notranjih kontrol v informacijskem sistemu korporacije
Authors:ID Godec, Patrik (Author)
ID Leskovar, Robert (Mentor) More about this mentor... New window
Files:.pdf MAG_Godec_Patrik_2014.pdf (2,33 MB)
MD5: 9AAD869CF065133C6BEAF9D0F5DF4203
 
Language:Slovenian
Work type:Master's thesis/paper
Organization:FOV - Faculty of Organizational Sciences in Kranj
Abstract:V magistrski nalogi je predstavljen proces notranjega nadzora v informacijskem sistemu korporacije. Opisan je okvir notranjega nadzora, projekt implementacije sistema notranjega nadzora in njegove komponente. Predstavljene so najpomembnejše smernice, okviri in standardi na področju notranjega nadzora, med drugim okvirja COSO in COBIT ter zakon Sarbanes-Oxley. Ker so napotki razmeroma splošni, smo se pri vseh osredotočili na dele, ki se nanašajo na notranji nadzor v informacijski dejavnosti. Prikazana je implementacija sistema notranjega nadzora na področju uporabniških pravic v informacijskem sistemu konkretnega podjetja, ki deluje v jugo-vzhodni evropski regiji. Vpeljana je korporacijska politika in procedure na področju dodajanja, odvzemanja in spreminjanja uporabniških dostopov v sistemu ERP Microsoft Navision Dynamics. Še posebej smo preverili ločitev dolžnosti in prekomerne dostopne pravice v vseh procesih, ki pomembno vplivajo na finančna poročila in bilanco podjetja. Izvedli smo notranjo revizijo uporabniških dostopov in preverili delovanje notranjega nadzora, učinkovitost sistema notranjega nadzora in sodelovanje med oddelki pri zagotavljanju notranjega nadzora v informacijskemu sistemu podjetja. Rezultati pregleda so omogočili oceno trenutnega stanja in izdelavo na dejstvih temelječih predlogov ter usmeritev za izboljšanje procesov notranjega nadzora. Implementirali smo proces rednih notranjih revizij, ki omogočajo pregled stanja in izvedbo preventivnega načrta pred prihodom korporativnih ali zunanjih revizorjev. Predlagali smo implementacijo podpornega informacijskega sistema, ki bi podpiral delovni in dokumentni tok v procesu, uvedbo digitalnega podpisa in avtomatizacijo sistemskih poročil za pregled uporabniških pravic. Dokumentni sistem, ki omogoča digitalno podpisovanje, bi povečal učinkovitost notranjega nadzora in olajšal upravljanje z nadzorno dokumentacijo. Avtomatizirana sistemska poročila pa bi zmanjšala število človeških napak pri izvedbi revizije in omogočala pogostejše preglede in revizije brez dodatnih obremenitev zaposlenih v informatiki.
Keywords:notranji nadzor, informacijski sistem, revizija informacijskih sistemov, uporabniški dostop, ločitev dolžnosti
Place of publishing:Maribor
Year of publishing:2014
PID:20.500.12556/DKUM-46909 New window
COBISS.SI-ID:7402259 New window
NUK URN:URN:SI:UM:DK:NTBACYAM
Publication date in DKUM:16.02.2015
Views:2112
Downloads:200
Metadata:XML RDF-CHPDL DC-XML DC-RDF
Categories:FOV
:
Copy citation
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:Bookmark and Share


Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Secondary language

Language:English
Title:Organization of internal controlling in corporate information system
Abstract:The process of internal controls in the corporate information system is presented in the master’s thesis. The purpose of internal controls and the project of implementation of internal control system and its components are presented. The most important guidelines, frameworks and standards in the area of internal controls are summarised as well as frameworks of COSO, COBIT and Sarbanes-Oxley law. All the frameworks provide the rather general guidelines so we focused on the sections that are related to the internal controls in information technology. The implementation of internal control system in the process of user accesses in the information system in the corporate company present in South-East European region was realised. The corporate politics and procedures for granting, removing and changing the user accesses in ERP system Microsoft Navision Dynamics are deployed. The controlling segregation of duties and excessive accesses in all the processes in the company that have the impact to financial reporting and balance sheet are highlighted. We performed the internal revision of user accesses in the system and verified the internal controls, checked the efficiency of internal control system and cooperation between various departments to ensure the internal control system in information technology is working properly. The results of the revision have enabled the assessment of the current state and development of fact based guidelines and proposals for improvements in internal controls related proceses. We implemented the process of regular internal revisions that can help us evaluate the current state and start with preventive action plan before the corporate or external audit. We suggested the implementation of information system that can support work and document flow, use of digital signature and automation of system report for reviewing the user accesses. Document information system, that includes digital signing, would increase the efficiency of internal controls and improve the control documentation management process. Automation of user access system reports would decrease the number of human errors during the revisions and enable more frequent checks and revisions without additional effort by the information technology employees.
Keywords:internal control, information system, revision of information systems, user access, segregation of duties


Comments

Leave comment

You must log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica