Metrics
16 Record Views
Journal article
Delineating Responsibilities for COBIT 2019 IT Control Activities Between Cloud Service Providers and Cloud Service Users
Journal of emerging technologies in accounting, Vol.online ahead of print, p.19
05/21/2025
Web of Science ID: WOS:001538227900001
Abstract
This paper intersects the delineation of responsibilities for information systems (IS) functions between cloud service users (CSUs) and cloud service providers (CSPs) specified in the Committee of Sponsoring Organizations of the Treadway Commission (COSO) (2021) “Enterprise Risk Management for Cloud Computing” with control activities in the most recent ISACA Control Objectives for Information Technologies (COBIT) “2019 Governance Management Objectives Practices Activities.” This intersection helps CSUs and CSPs understand their responsibilities for information technology (IT) control activities when establishing service level agreements (SLAs). In addition, it advises CPAs on internal control over financial reporting (ICFR) under Sarbanes-Oxley when performing annual financial statement audits for publicly traded CSUs and CSPs. Furthermore, it informs CPAs on CSPs’ IT control responsibilities when conducting third-party System and Organization Controls (SOC) engagements for CSPs under Statement on Standards for Attestation Engagements 18 (SSAE 18).
Data Availability: Data are available from the public sources cited in the text.
JEL Classifications: G31; G32; G33; M21.
Related links
Details
- Title
- Delineating Responsibilities for COBIT 2019 IT Control Activities Between Cloud Service Providers and Cloud Service Users
- Publication Details
- Journal of emerging technologies in accounting, Vol.online ahead of print, p.19
- Resource Type
- Journal article
- Publisher
- American Accounting Association
- Number of pages
- 19
- Identifiers
- WOS:001538227900001; 99381364161206600
- Academic Unit
- Business Administration; Lewis Bear Jr. College of Business; Accounting and Finance
- Language
- English