Essay: Review Of COBIT And COSO Frameworks In Queensland Health Payroll System.

Background

The health sector has been undergoing changes in the market. The accounting software of various organization has been changing over the time. This report reviews the case study of Queensland Health Payroll system.

This report discusses concept of COBIT and COSO frameworks and its application in this case study. A proper analysis for the use of these frameworks has been provided in the report. The implementation of these frameworks by Health Department of the state of Queensland, IBM and other contractor has been explained in the report.

This report outlines a critical analysis on the payroll system of the Queensland Health. The first two stages of the System Development Life Cycle has been discussed. A proper analysis of the SDLC has been provided in the report.

The report focuses on the COBIT and COSO frameworks to be used in the Queensland Health Payroll. Both the frameworks has been discussed below:

COBIT stands for Control Objectives for Information and Related Technology is a set of practices in the Information Technology management. This framework was developed by Information Systems Audit and Control Association (ISACA) and IT Governance Institute (Kerr and Murthy 2013). The COBIT framework has focused on providing information security ti the enterprises. COBIT is a framework that helps in maintaining the control flow in the organization among the employees. It helps in minimizing the business risks, technical issues and communicate with the stakeholders of the company. This framework helps in clarifying the policies and objectives of the company in the market (Krisanthi, Sukarsa and Bayupati 2014). It is always updated to the latest technology that helps in managing risks in the organization. The use of the COBIT framework has been providing enhanced IT services in the organization.

Benefits

• There are various benefits of the COBIT framework in the organization:
• It provides business focus approach with better alignment.
• There is a clear identification of responsibilities and ownership on the process orientation.
• It helps in providing acceptance with third party and other regulators.

The COBIT framework helps in fulfilling the objectives and goals of the business in the market. Effectiveness deals with data collection through ideal use of resources. Confidentiality concerns with insurance of important data from unapproved divulgence. Integrity identifies with the exactness of data and its legitimacy as per business esteems and desires (Seyal, Poon and Tajuddin 2016). Availability refers to data accessibility when required by business procedure in recent days. It likewise concerns the protecting of essential assets and related capacities. Compliance provides agreeing to the laws, directions and legally action to which business procedure is subject including remotely forced business criteria and inner strategies. Reliability identifies with arrangement of suitable data for administration to work element and exercise its trustee and administration duties.

COSO Framework

The COSO framework deals with the internal control of the business objectives. The COSO framework is designed to be used by the organization for assessing the effectiveness of system of internal control for achieving objectives of the company in the market.

Operations Objectives

It is related to the viability and proficiency of substance's operations, including operational and budgetary execution objectives, and defending resources against misfortune (Prado et al. 2016). In the 1992 Framework, the operations objective was restricted to "powerful and proficient utilization of the substance's assets."

COBIT Framework

It is related to inward and outer budgetary furthermore, non-money related answering to partners, which would incorporate unwavering quality, auspiciousness, straightforwardness, or different terms as set up by controllers, standard setters, or the substance's strategies. In the 1992 Framework, the revealing target was known as the money related revealing goal and it was depicted as identifying with the readiness of dependable monetary proclamations.

It is identified with holding fast to laws and directions that the element must take after. In the 1992, the framework has compiled with the objective to relate the entity compliance with current laws and regulations (Maidin, Othman and Ahmad 2014). The framework have increased its demand in market with the integration with current laws and policies in the market.

The COSO Framework is most regularly utilized by administration of Canadian non-wander guarantors also; SEC registrants to evaluate the adequacy of inside controls over money related providing details regarding a yearly premise as required by the CSA and SEC. While the 2013, Framework extends the budgetary revealing destinations related to inside budgetary and non-money related revealing, registrants utilizing the either the 1992 or 2013 (Martin, Sanders and Scalan 2014). Frameworks to assess the adequacy of inward controls over outside budgetary announcing in view of the targets of still should meet the CSA's and SEC's goals for effective internal control over financial reporting, which have not changed.

The project for implementation of Payroll and Finance Systems was ordered for all government offices. A particular unit of administration (called to as CorpTech) was kept in charge of dealing with all Finance and its execution organizations for the applicable government offices. Accordingly, execution at Queensland Health included three important partner groups: (1) Queensland Health staff individuals were end clients of framework, and amid usage organization. (2) IBM was the prime contractual worker of the Queensland Health usage organisation (Pett, Blomster and Wallace 2015). They were at first contracted to oversee and actualize the administration commanded implementing programming arrangement over all administration divisions (King 2016). Nevertheless, by finish of undertaking IBM was no longer in charge of the rest of administration, divisions' usage extends due to the financial plan and time invades experienced because of Queensland Heath. IBM was overseen and chosen by third partner aggregate CorpTech. (3) CorpTech was dealing with prime temporary worker's part as IBM because of Queensland Health usage organization not just in the Queensland Health division usage organization however for overall execution all through all government divisions.

While IBM was at last chosen as the prime contractual worker, various people communicated their concerns relating to whether this was the fitting decision and indicated that predisposition might be available (Graham 2015). In the offering forms the government organization, CorpTech is required to stay unbiased and give all advisor firms competing to position of prime temporary worker same data. The use of various frameworks in the project have helped in maintaining different factors included in the factors. The success of the project has been improved by the use of technical aspects of the frameworks. Nevertheless, the regal commission distinguished that the task chief favored IBM at last giving them an upper hand. All together for Queensland Health to pay their workers, the different finance framework, LATTICE and ESP (Environment for Scheduling Personnel) roistering motor, was used. The LATTICE and ESP arrangement was pulled off continuously more than six years from 1996 to 2002. The LATTICE arrangement required a significant measure of manual mediations to oblige the intricate honor and motivator structures apparent inside Queensland Health (Babkin, Malyzhenkov and Rossi 2017). Thus, with a specific end goal to keep paying their representatives Queensland Health expected to consider proper programming to supplant the out of date LATTICE framework.

Benefits

The System Development Cycle is a multistep cycle that helps in transforming a new project in an organization. There are seven stages of the system development cycle. This report discusses with first two stages of the cycle and its implementation in the Queensland Health Payroll system.

The first step of the cycle is planning. This step deals with the scope of the problem and planning strategies to mitigate those issues in the project. In the case of Queensland Health payroll system, there has been various issues identified including approach and implementation structure of the project was not properly followed, a proper project methodology was not followed and lack in performing roles and responsibilities of stakeholders of the project (Hawkins et al. 2013). Communication among the stakeholders of the project was poor. An effective communication helps in smooth implementation of the resources for the completion of project within deadline. Therefore, this causes lack in faith with IBM in the market. IBM did not put right people in the job for successful completion of the project. The team for the project was not proper functional. This causes degradation in quality of the project. Moreover, in ERP usage extends correspondence with merchant is additionally of outrageous significance.

The connection between seller, customer and specialist is a tripartite relationship in which every important partner can speak with each other. Viable and proficient communication is basic to extend communication with the merchant has best learning relating to capacities of  framework; the customer has knowledge about the behavioral aspects of the company, and the expert has mix of specialized and hierarchical learning important to play out the usage organization (Pett, Blomster and Wallace 2015). However, because of the Queensland Health usage the semi different customers changes this dynamic. Besides, as the prime temporary worker was using another item in the general Queensland Health execution organization different sellers were likewise obvious

The second step of the cycle deals with the functional and system analysis of the project. Broad framework testing is factor that is statically ended up being identified with data consumption, where broader testing is more prominent for achieving minimal data usage (Babkin, Malyzhenkov and Rossi 2017). However, in the Queensland Health usage organization thorough testing was not performed and just a subset of representatives (10%) pays were tried before going live. Because of generous inconsistency revealed in parallel finance test, additionally testing was performed. The use of upgraded system in the project have helped in improving basic criteria of the project. The success factors of the project have been enriched. This have helped in adopting various strategies for improving functionality of the project. This brought about not all the basic issues being settled preceding the Go-Live date, and subsequently when Go-Live occurred a noteworthy number of staff individuals were not paid or, on the other hand paid inaccurately (Pett, Blomster and Wallace 2015). Also if satisfactory testing were played out information transformation and respectability issues would have been distinguished. Data is a basic segment to each organization. It is used as a part of daily operations, and act, as a key segment of basic leadership, and subsequently data must be of a high caliber more, show accompanying measurements including inherent, open, and valuable.

COSO Framework

Conclusion

It can be concluded that the failure of the Queensland Health Payroll has been caused due to the bad implementation of the IS project. The poor communication among the three stakeholders if the project is one of the major cause of the failure of the project. The COBIT and COSO frameworks has been separately discussed in the report. The framework have increased its demand in market with the integration with current laws and policies in the market. The benefits of these frameworks in the project have be clarified properly. The use of the system development cycle in the Queensland Health payroll project has been depicted. The first two steps of the system development cycle has been described in the report.

References

Babkin, E., Malyzhenkov, P. and Rossi, F., 2017, May. The Perspectives of DEMO Application to COSO Internal Audit Framework Risks Mitigation. In Enterprise Engineering Working Conference (pp. 66-73). Springer, Cham.

Graham, L., 2015. Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework. John Wiley & Sons.

Hawkins, T.R., Singh, B., Majeau?Bettez, G. and Strømman, A.H., 2013. Comparative environmental life cycle assessment of conventional and electric vehicles. Journal of Industrial Ecology, 17(1), pp.53-64.

Kerr, D.S. and Murthy, U.S., 2013. The importance of the CobiT framework IT processes for effective internal control over financial reporting in organizations: An international survey. Information & Management, 50(7), pp.590-597.

Khther, R.A. and Othman, M., 2013. Cobit framework as a guideline of effective it governance in higher education: a review. International Journal of Information Technology Convergence and Services, 3(1), p.21.

King, A.M., 2016. A guide to COSO's framework: an important, practical resource to help your transition to the updated COSO internal control framework. Strategic Finance, 97(10), pp.12-13.

Krisanthi, G.T., Sukarsa, I.M. and Bayupati, P.A., 2014. Governance audit of application procurement using COBIT framework. Journal of Theoretical and Applied Information Technology, 59(2), pp.342-351.

Maidin, S.S., Othman, M. and Ahmad, M.N., 2014, October. Information sharing in governance of flood management in malaysia: Cobit based framework. In IT Convergence and Security (ICITCS), 2014 International Conference on (pp. 1-5). IEEE.

Martin, K., Sanders, E. and Scalan, G., 2014. The potential impact of COSO internal control integrated framework revision on internal audit structured SOX work programs. Research in Accounting Regulation, 26(1), pp.110-117.

Moeller, R.R., 2014. COSO Internal Control Components: Risk Assessment. Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework, pp.59-71.

Pett, J., Blomster, K. and Wallace, A., 2015. A well-oiled machine: organizations can fine-tune their internal controls over financial reporting using the COSO framework update. Internal Auditor, 72(1), pp.31-36.

Prado, E.P., Barata, A.M., Mancini, M. and Sun, V., 2016, May. IT Governance in Healthcare Industry Organizations: A Case Study of COBIT Implementation. In Proceedings of the XII Brazilian Symposium on Information Systems on Brazilian Symposium on Information Systems: Information Systems in the Cloud Computing Era-Volume 1 (p. 1). Brazilian Computer Society.

Rubino, M. and Vitolla, F., 2014. Internal control over financial reporting: opportunities using the COBIT framework. Managerial Auditing Journal, 29(8), pp.736-771.

Seyal, A.H., Poon, S.H. and Tajuddin, S., 2016, November. A Preliminary Evaluation of ICT Centers Performance Using COBIT Framework: Evidence from Institutions of Higher Learning in Brunei Darussalam. In International Conference on Computational Intelligence in Information System (pp. 235-244). Springer International Publishing.

Walden, D.D., Roedler, G.J., Forsberg, K., Hamelin, R.D. and Shortell, T.M., 2015. Systems engineering handbook: A guide for system life cycle processes and activities. John Wiley & Sons.