Building the evaluation model of the IT general control for CPAs under enterprise risk management

摘要

The purpose of this study is to build the evaluation model of the Information Technology General Control (ITGC) for the certified public accountants (CPAs) under an Enterprise Risk Management (ERM) — Integrated Framework. First, this study investigates and sorts out the control objectives of ITGC over financial reporting under ERM. The control objectives were prioritized by Analytic Hierarchy Process (AHP) and then, the ITGC evaluation model was constructed accordingly. Finally, the study utilizes the case study approach to verify the CPAs' acceptance for the evaluation model of ITGC. According to case study and post hoc confirmations conducted with two experts, the evaluation model can be accepted by CPAs and employed to enhance the efficiency of ITGC assessment for CPAs to meet the challenges in a dynamic information technology environment.