Improving The Internal Control Of Telecommunication Enterprises In IT Environment Based On COBIT

To satisfy with 'the Sarbanes-Oxley Act' requirements, China's previous four telecom operators implemented the effective internal control based on the COSO framework. However, as telecommunication-oriented enterprises, the application of information technology in the enterprise is becoming more and more important. A good platform for IT running and a standard IT control system are two key factors for IT's safety application in enterprise. COSO, which lack particular instruction on how to control IT, only defined some subjects on IT Application. Obviously, COSO is not the best control standard in IT environment. However, we found that CobiT is the implementation of effective internal control information and related technology control objectives, which is pointed out when IT has become an important resource for enterprises. This article discusses how to improve its IT control requirements and solutions based on the CobiT framework, when telecommunication enterprises implement internal control.The three chapters in the beginning focused on three areas: the development of internal controls, the proposing of COSO framework, the publishing of the Sarbanes-Oxley Act and its impaction in China's telecommunication enterprises. In addition, the author, through the achievements of China's telecommunication enterprises based on the COSO internal controls, analyzes the aspect of COSO framework application which needs improving. Chapter IV discussed that in the information technology environment, effective IT control has become the point of establishing the internal control of the sound company. In telecommunications enterprises, business is closely related to information technology, strengthen and improve the information technology control is an important and lasting project. The article detailed on analyzing CobiT framework comprehensively and theoretically, and analyzed that in the process of implementing information technology control, CobiT plays a supplementary role on the aspect of COSO IT control. Chapter V takes the implementation of finance integrated system in CMCC as example to point out the solution of IT control referencing CobiT. A little value used for reference is hoped on this article in the process of implement internal control about IT in domestic telecom operators.