COSO and COBIT Frameworks in IT Management

COSO, which stands for the Committee of Sponsoring Organizations of the Treadway Commission, was established to develop a standard definition for internal control and guide the effectiveness of internal control and improve it (Simkin et al., 2018). The COSO framework provides an applied risk management approach to internal controls. In its 2017 update, this framework integrated risk considerations into the design and implementation of internal controls and strategic objections, both relevant to financial reporting and internal reporting (Walsh, 2018). COBIT, or Control Objectives for Information and Related Technologies, is an IT management framework developed by the Information Systems Audit and Control Association (ISACA) to help businesses develop, organize, and implement strategies around information management and governance (ISACA, 2021). COBIT 5, published in 2012, has five principles that guide IT's effective management and governance within the organization. These include meeting stakeholder needs, covering the enterprise end-to-end, applying a single integrated framework, enabling a holistic approach, and separating governance from management (Simkin et al., 2018) The article's introduction indicates that data doubles every couple of years, and around 80