RECRAFTING CONTROL FRAMEWORK COBIT FOR CORPORATE SOCIAL

RESPONSIBILITY PROGRAMCA. SUNDAR A. RODRIGUEZ, CHARTERED ACCOUNTANT

RESEARCH SCHOLAR, LOYAL COLLEGE, CHENNAI, TAMIL NADU, INDIA.

AUTHORS PROFILE SUNDAR A. RODRIGUEZ M.COM., FCA., DISA., CFSA(USA)., FAIA(UK)., CFA(CANADA)., CICA(USA)With about 32 years of practical experience in developmental sector, in various capacities

including, but not limited to auditing, consulting, program planning, implementation etc., I am a “people’s auditor” with experience including working at United Nations as Auditor. My qualification includes:

Fellow Member of the Institute of Chartered Accountants of India.

Post Qualification Diploma in Information Systems Audit, ICAI, India

Certified Financial Services Auditor, The Institute of Internal Auditors, USA

Fellow of the Association of International Accountants, UK

Certified Financial Accountant, Canada

Certified Internal Controls Auditor, USA

Master in Commerce

Presently – Research Scholar, Commerce Department, Loyola College, Chennai

INTRODUCTION▪ With the growing role or all-persuasive presence of information technology (IT)

requires a framework for its management and governance.

▪ Though there are lot of such frameworks that had been developed by various organization/s, this paper deals with COBIT – “Control Objectives for Information and Related Technology”, created by the Information System Audit and Control Association (ISACA), USA.

▪ The corporates have been using IT control frameworks, depending on their requirements.

▪ The NPO/NGO which are either International or with a tint of IT impact in their operations are using IT control frameworks.

▪ With the introduction of CSR, insofar as it relates to the program jointly carried out by the corporates and NPO jointly requires both of them to have a basic framework not only for their programs but also for the IT

ERM FRAMEWORK - OVERVIEW▪ The eight components of the framework are interrelated.

UNDERSTANDING COBIT 5 FRAMEWORK▪ Simply stated, COBIT 5 helps enterprises create optimal value from IT by

maintaining a balance between realising benefits and optimising risk levels and resource use.

▪ COBIT 5 enables information and related technology to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to-end business and functional areas of responsibility, considering the IT-related interests of internal and external stakeholders.

▪ The COBIT 5 principles and enablers are generic and useful for enterprises of all sizes, whether commercial, not-for-profit or in the public sector.

COBIT - OVERVIEW

COBIT – OVERVIEW (CONTINUED)

PRINCIPLES

ENABLERS

OBJECTIVES▪ To ascertain the actual scenario from the CSR perspective of the implementation of

the IT framework, especially COBIT by the corporates and the implementing agencies and to ascertain the differences and the gaps in implementing the framework from its principles and enablers perspective.

▪ To ascertain the methodology to integrate atleast the 5 principles and the 7 enablers of COBIT framework for both the corporates and the implementing agency, limited to the CSR program jointly carried out by them together.

METHODOLOGY

This is based on the Conceptual Research concept, mainly because the impact of the CSR on realignment of IT framework like COBIT has not begun; and hence, this is done relying on the review of the literature including the appropriate framework, in this case COBIT.

COBIT PRINCIPLES COMPARISON

COBIT PRINCIPLES COMPARISON (CONTINUED)

COBIT PRINCIPLES COMPARISON (CONTINUED)

ENABLERS

ENABLERS CONTINUED

ENABLERS CONTINUED

ENABLERS CONTINUED

ENABLERS CONTINUED

ENABLERS CONTINUED

MAJOR FINDINGS▪ The differences in the mission and vision based on the objectives of

the two players in CSR program, namely the Corporates and NGOs makes the way the IT Framework like COBIT implementation practically different with reference to its 5 principles and 7 enablers, which are the cornerstone of the COBIT framework.

▪ There is still a possibility of arriving at a minimum common ground by both the parties concerned in so far it relates to the implementation of CSR program, and then the fine tuning of the framework COBIT could be done first beginning with the principles and then with the enablers, so that both the system of framework are synchronized in so far it relates to CSR program.

RECOMMENDATIONS

The success of the CSR program not only rests with the joint operation and focus towards its objectives by both the parties concerned, but also to be supplemented with the IT Framework COBIT by both the players at least in the common accepted platform, insofar it relates to the CSR programs, with primary focus on the 5 objectives and 7 enablers of the COBIT.

BIBLIOGRAPHY

▪ Executive Summary – COBIT 5 – A Business Framework for the Governance and Management of Enterprise IT, ISACA, USA

▪ Executive Summary – COBIT 5 – A Business Framework for the Governance and Management of Enterprise IT, ISACA, USA

▪ Executive Summary – COBIT 5 – A Business Framework for the Governance and Management of Enterprise IT, ISACA, USA

▪ Executive Summary – COBIT 5 – A Business Framework for the Governance and Management of Enterprise IT, ISACA, USA

▪ http://www.iso-architecture.org/ieee-1471/afs/

▪ https://www.prince2.com/prince2-methodology

▪ http://www.opengroup.org/togaf/

QUESTIONS

CA SUNDAR RODRIGUEZCHARTERED ACCOUNTANTRESEARCH SCHOLAR, LOYOLA COLLEGE, CHENNAI