More Related Content
Similar to SIM - Mc leod ch10
Similar to SIM - Mc leod ch10 (20)
SIM - Mc leod ch10
- 1. © 2007 by Prentice Hall© 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod and George SchellManagement Information Systems, 10/e Raymond McLeod and George Schell 11
ManagementManagement
Information Systems,Information Systems,
10/e10/e
Raymond McLeod and George SchellRaymond McLeod and George Schell
- 2. © 2007 by Prentice Hall© 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod and George SchellManagement Information Systems, 10/e Raymond McLeod and George Schell 22
Chapter 10Chapter 10
Ethical Implications of InformationEthical Implications of Information
TechnologyTechnology
- 3. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod3
Learning ObjectivesLearning Objectives
► Understand how morals, ethics, & laws differ.Understand how morals, ethics, & laws differ.
► Be familiar with computer legislation that has been passedBe familiar with computer legislation that has been passed
in the United States & know how legislation in one countryin the United States & know how legislation in one country
can influence computer use in others as well.can influence computer use in others as well.
► Know how a firm creates an ethical culture by firstKnow how a firm creates an ethical culture by first
establishing a corporate credo, then establishing ethicsestablishing a corporate credo, then establishing ethics
programs, & then lastly establishing a corporate ethicsprograms, & then lastly establishing a corporate ethics
code.code.
► Know why society demands that computers be usedKnow why society demands that computers be used
ethically.ethically.
► Know the four basic rights that society has concerning theKnow the four basic rights that society has concerning the
computer.computer.
- 4. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod4
Learning Objectives (Cont’d)Learning Objectives (Cont’d)
► Know how the firm’s internal auditors can play aKnow how the firm’s internal auditors can play a
positive role in achieving information systems thatpositive role in achieving information systems that
are designed to meet ethical performance criteria.are designed to meet ethical performance criteria.
► Be aware of computer industry codes of ethics, &Be aware of computer industry codes of ethics, &
the wide variety of educational programs that canthe wide variety of educational programs that can
help firms & employees use computers ethically.help firms & employees use computers ethically.
► Know what the chief information officer (CIO) canKnow what the chief information officer (CIO) can
do to be a power center as the firm follows ethicaldo to be a power center as the firm follows ethical
practices.practices.
► Be acquainted with the most produced piece ofBe acquainted with the most produced piece of
legislation to be levied on business in recentlegislation to be levied on business in recent
history – The Sarbanes-Oxley Act.history – The Sarbanes-Oxley Act.
- 5. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod5
Prescriptive vs. DescriptivePrescriptive vs. Descriptive
CoverageCoverage
► Prescriptive coveragePrescriptive coverage is when we prescribeis when we prescribe
how the MIShow the MIS ought to beought to be developed & used in adeveloped & used in a
business firm.business firm.
► Descriptive coverageDescriptive coverage explains how thingsexplains how things areare
beingbeing done.done.
► Our mission is to recognize that businesspeople inOur mission is to recognize that businesspeople in
general & information people in particular havegeneral & information people in particular have
definite responsibilities in terms of performingdefinite responsibilities in terms of performing
within ethical, moral, & legal constraints.within ethical, moral, & legal constraints.
- 6. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod6
Morals, Ethics, & LawsMorals, Ethics, & Laws
►MoralsMorals are traditions of belief about right &are traditions of belief about right &
wrong conduct; a social institution with awrong conduct; a social institution with a
history & a list of rules.history & a list of rules.
►EthicsEthics is a collection of guiding beliefs,is a collection of guiding beliefs,
standards, or ideals that pervades anstandards, or ideals that pervades an
individual or a group or community ofindividual or a group or community of
people.people.
►Pirated softwarePirated software – software that is– software that is
illegally copied & then used or sold.illegally copied & then used or sold.
- 7. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod7
Morals, Ethics, & Laws (Cont’d)Morals, Ethics, & Laws (Cont’d)
►LawsLaws are formal rules of conduct that aare formal rules of conduct that a
sovereign authority, such as a government,sovereign authority, such as a government,
imposes on its subjects or citizens.imposes on its subjects or citizens.
►In 1966, first case of computer crimeIn 1966, first case of computer crime
Programmer for a bank altered a program not toProgrammer for a bank altered a program not to
flag his account for being overdrawn.flag his account for being overdrawn.
Programmer not charged because no lawsProgrammer not charged because no laws
existed.existed.
- 8. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod8
Computer Legislation in U.S.A.Computer Legislation in U.S.A.
► U.S. computer legislation has focused on rights and restrictions relatedU.S. computer legislation has focused on rights and restrictions related
to data access, information privacy, computer crime, and, mostto data access, information privacy, computer crime, and, most
recently, software patents.recently, software patents.
► The 1966 Freedom of Information ActThe 1966 Freedom of Information Act gave U.S. citizens andgave U.S. citizens and
organizations the right to access data held by the federal government.organizations the right to access data held by the federal government.
► The 1970 Fair Credit Reporting ActThe 1970 Fair Credit Reporting Act dealt with the handling ofdealt with the handling of
credit data.credit data.
► The 1978 Right to Federal Privacy ActThe 1978 Right to Federal Privacy Act limited the federallimited the federal
government’s ability to conduct searches of bank records.government’s ability to conduct searches of bank records.
► The 1988 Computer Matching and Privacy ActThe 1988 Computer Matching and Privacy Act restricted therestricted the
federal government’s right to match computer files for the purpose offederal government’s right to match computer files for the purpose of
determining eligibility for government programs or identifying debtors.determining eligibility for government programs or identifying debtors.
► The 1968 Electronics Communications Privacy ActThe 1968 Electronics Communications Privacy Act coveredcovered
only voice communications; rewritten in 1986 to include digital data,only voice communications; rewritten in 1986 to include digital data,
video communications, & electronic mail.video communications, & electronic mail.
- 9. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod9
Computer Legislation in U.S.A.Computer Legislation in U.S.A.
(Cont’d)(Cont’d)
►In 1984, U.S. Congress passed federalIn 1984, U.S. Congress passed federal
statutes that applied to computer crime.statutes that applied to computer crime.
►The Small Business ComputerThe Small Business Computer
Security & Education AdvisorySecurity & Education Advisory
CouncilCouncil..
Advises Congress of matters relating toAdvises Congress of matters relating to
computer crime against small businesses.computer crime against small businesses.
Evaluate the effectiveness of federal & stateEvaluate the effectiveness of federal & state
crime laws in deterring & prosecuting computercrime laws in deterring & prosecuting computer
crimes.crimes.
- 10. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod10
Computer Legislation in U.S.A.Computer Legislation in U.S.A.
(Cont’d)(Cont’d)
►The Counterfeit Access Device & ComputerThe Counterfeit Access Device & Computer
Fraud & Abuse Act made it a federal felonyFraud & Abuse Act made it a federal felony
for someone to gain unauthorized access tofor someone to gain unauthorized access to
information pertaining to national defense orinformation pertaining to national defense or
foreign relations.foreign relations.
Misdemeanor to gain unauthorized access to aMisdemeanor to gain unauthorized access to a
computer protected by the Right to Financialcomputer protected by the Right to Financial
Privacy Act or the Fair Credit Reporting Act & toPrivacy Act or the Fair Credit Reporting Act & to
misuse information in a computer owned by themisuse information in a computer owned by the
federal government.federal government.
- 11. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod11
Software PatentsSoftware Patents
► In July 1998, in theIn July 1998, in the State Street Decision,State Street Decision, thethe
US Court of Appeals affirmed that a businessUS Court of Appeals affirmed that a business
process could be patented.process could be patented.
► In April 2001, the U.S. Congress introduced a billIn April 2001, the U.S. Congress introduced a bill
requiring a determination of the significance of therequiring a determination of the significance of the
patent & whether it is appropriate for use withpatent & whether it is appropriate for use with
computer technology.computer technology.
► In this fashion, the U.S. federal government hasIn this fashion, the U.S. federal government has
gradually established a legal framework forgradually established a legal framework for
computer use.computer use.
► As with ethics, however, the computer laws canAs with ethics, however, the computer laws can
vary considerably from one country to the next.vary considerably from one country to the next.
- 12. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod12
Ethics Culture ConceptEthics Culture Concept
► Ethics cultureEthics culture states that if a firm is to bestates that if a firm is to be
ethical, then top-management must be ethical inethical, then top-management must be ethical in
everything that it does & says, i.e. lead byeverything that it does & says, i.e. lead by
example.example.
► Corporate credoCorporate credo is a succinct statement ofis a succinct statement of
values that the firm seeks to uphold.values that the firm seeks to uphold.
► Ethics programEthics program is an effort consisting of multipleis an effort consisting of multiple
activities designed to provide employees withactivities designed to provide employees with
direction in carrying out the corporate credo.direction in carrying out the corporate credo.
- 13. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod13
Figure 10.1 Top-level ManagementFigure 10.1 Top-level Management
Imposes Ethics CultureImposes Ethics Culture
- 14. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod14
Figure 10.2 Corporate CredoFigure 10.2 Corporate Credo
ExampleExample
- 15. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod15
Ethics Culture Concept (Cont’d)Ethics Culture Concept (Cont’d)
►Ethics auditEthics audit is when an internal auditoris when an internal auditor
meets with a manager in a several-hourmeets with a manager in a several-hour
session for the purpose of learning how thesession for the purpose of learning how the
manager’s unit is carrying out the corporatemanager’s unit is carrying out the corporate
credo.credo.
►Tailored corporate credoTailored corporate credo are usuallyare usually
adaptations of codes for a particularadaptations of codes for a particular
industry or profession that aindustry or profession that a firm hasfirm has
devised for their own corporate credo.devised for their own corporate credo.
- 16. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod16
Computer EthicsComputer Ethics
► Computer ethicsComputer ethics consists of two main activities:consists of two main activities:
Analysis of the nature & social impact of computerAnalysis of the nature & social impact of computer
technology; andtechnology; and
Formulation & justification of policies for the ethical useFormulation & justification of policies for the ethical use
of such technology.of such technology.
► The CIO must:The CIO must:
1.1. Be alert to the effects that the computer is having onBe alert to the effects that the computer is having on
society; andsociety; and
2.2. Formulate policies to ensure that the technology is usedFormulate policies to ensure that the technology is used
throughout the firm in the right way.throughout the firm in the right way.
- 17. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod17
Reasons for the Importance ofReasons for the Importance of
Computer EthicsComputer Ethics
► James H. Moor believes there are 3 main reasons for theJames H. Moor believes there are 3 main reasons for the
high level of interest in computer ethics:high level of interest in computer ethics:
Logical Malleability:Logical Malleability: The computer performs exactlyThe computer performs exactly
as instructed, so if it’s used for an unethical activity theas instructed, so if it’s used for an unethical activity the
computer is not the culprit.computer is not the culprit.
The Transformation Factor: CThe Transformation Factor: C omputers canomputers can
drastically change the way we do things.drastically change the way we do things.
The Invisibility FactorThe Invisibility Factor :: I Internal operations providesnternal operations provides
the opportunity for invisible programming values,the opportunity for invisible programming values,
invisible complex calculations, & invisible abuse.invisible complex calculations, & invisible abuse.
- 18. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod18
Social Rights & the ComputerSocial Rights & the Computer
► Mason coined the acronymMason coined the acronym PAPAPAPA (privacy,(privacy,
accuracy, property, and accessibility)accuracy, property, and accessibility) to representto represent
society’s four basic rights in terms of information.society’s four basic rights in terms of information.
► Mason felt that “the right to be left alone” is beingMason felt that “the right to be left alone” is being
threatened by two forces:threatened by two forces:
1.1. the increasing ability of the computer to be used forthe increasing ability of the computer to be used for
surveillance.surveillance.
2.2. the increasing value of information in decisionthe increasing value of information in decision
making.making.
► For example, decision makers place such a highFor example, decision makers place such a high
value on information that they will often be willingvalue on information that they will often be willing
to invade someone’s privacy to get it.to invade someone’s privacy to get it.
- 19. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod19
More Rights …More Rights …
► Right to Accuracy:Right to Accuracy: the potential for a level ofthe potential for a level of
accuracy that is unachievable in non-computeraccuracy that is unachievable in non-computer
systems;systems; some computer-based systems containsome computer-based systems contain
more errors than would be tolerated in manualmore errors than would be tolerated in manual
systems.systems.
► Right to PropertyRight to Property : c: copyright & patent lawsopyright & patent laws
provide some degree of protection.provide some degree of protection.
► Right to AccessRight to Access : much information has been: much information has been
converted to commercial databases, making it lessconverted to commercial databases, making it less
accessible to the public.accessible to the public.
- 20. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod20
Information AuditingInformation Auditing
► External auditors from outside the organizationExternal auditors from outside the organization
verify the accuracy of accounting records of firmsverify the accuracy of accounting records of firms
of all sizes.of all sizes.
► Internal auditors perform the same analyses asInternal auditors perform the same analyses as
external auditors but have a broader range ofexternal auditors but have a broader range of
responsibilities.responsibilities.
► Audit committee defines the responsibilities of theAudit committee defines the responsibilities of the
internal auditing department & receives many ofinternal auditing department & receives many of
the audit reports.the audit reports.
► Director of internal auditing manages the internalDirector of internal auditing manages the internal
auditing department & reports to the CEO or theauditing department & reports to the CEO or the
CFO.CFO.
- 21. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod21
Figure 10.3 Position of InternalFigure 10.3 Position of Internal
Auditing in the OrganizationAuditing in the Organization
- 22. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod22
Types of Auditing ActivityTypes of Auditing Activity
► Internal auditors offer more objectivity since their onlyInternal auditors offer more objectivity since their only
allegiance is to the board, the CEO, and the CFOallegiance is to the board, the CEO, and the CFO
► Four basic types of internal auditing activity:Four basic types of internal auditing activity:
AA financial audit:financial audit: verifies the accuracy of the firm’s records & isverifies the accuracy of the firm’s records & is
the type of activity performed by external auditors.the type of activity performed by external auditors.
AnAn operational audit:operational audit: aimed to validate the effectiveness ofaimed to validate the effectiveness of
procedures including adequacy of controls, efficiency, &procedures including adequacy of controls, efficiency, &
compliance with company policy. Systems analyst does in SDLCcompliance with company policy. Systems analyst does in SDLC
analysis stage.analysis stage.
AA concurrent audit:concurrent audit: is the same as an operational audit exceptis the same as an operational audit except
that the concurrent audit is ongoing.that the concurrent audit is ongoing.
Internal Control Systems Design:Internal Control Systems Design: the cost of correcting a the cost of correcting a
system flaw increases dramatically as the system life cyclesystem flaw increases dramatically as the system life cycle
progresses (Figure 10.4).progresses (Figure 10.4).
- 23. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod23
Figure 10.4 Escalating Cost ofFigure 10.4 Escalating Cost of
Correcting Design Errors as SDLCCorrecting Design Errors as SDLC
ProgressesProgresses
- 24. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod24
Internal Audit SubsystemInternal Audit Subsystem
►In the financial information system, theIn the financial information system, the
internal audit subsystem is one of the inputinternal audit subsystem is one of the input
subsystems.subsystems.
►Including internal auditors on systemsIncluding internal auditors on systems
development teams is:development teams is:
A good step toward having well-controlledA good step toward having well-controlled
systems, & the systems are:systems, & the systems are:
A good step toward giving management theA good step toward giving management the
information it needs to achieve & maintaininformation it needs to achieve & maintain
ethical business operations.ethical business operations.
- 25. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod25
Achieving Ethics in InformationAchieving Ethics in Information
TechnologyTechnology
►Ethic codes & ethics educational programsEthic codes & ethics educational programs
can provide the foundation for the culture.can provide the foundation for the culture.
►Educational programs can assist inEducational programs can assist in
developing a corporate credo & in puttingdeveloping a corporate credo & in putting
ethics programs in place.ethics programs in place.
►Ethic codes can be used as is or can beEthic codes can be used as is or can be
tailored to the firm.tailored to the firm.
- 26. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod26
Codes of EthicsCodes of Ethics
►ACM Code of Ethics & ProfessionalACM Code of Ethics & Professional
Conduct.Conduct.
Adopted in 1992.Adopted in 1992.
Consists of 24 “imperatives” i.e. statements ofConsists of 24 “imperatives” i.e. statements of
personal responsibility.personal responsibility.
►Code is subdivided into four parts.Code is subdivided into four parts.
General moral imperatives.General moral imperatives.
More specific professional responsibilities.More specific professional responsibilities.
Organizational leadership imperatives.Organizational leadership imperatives.
Compliance with the code.Compliance with the code.
- 27. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod27
Figure 10.5 ACM Code of Ethics &Figure 10.5 ACM Code of Ethics &
Professional Conduct OutlineProfessional Conduct Outline
- 28. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod28
Table 10.1 ACM Code of Ethics &Table 10.1 ACM Code of Ethics &
Professional Conduct TopicsProfessional Conduct Topics
- 29. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod29
Table 10.2 ACM SoftwareTable 10.2 ACM Software
Engineering Code of Ethics …Engineering Code of Ethics …
TopicsTopics
- 30. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod30
ACM Software Engineering Code ofACM Software Engineering Code of
Ethics & Professional PracticeEthics & Professional Practice
► This code consists of expectations in eight majorThis code consists of expectations in eight major
areas:areas:
Public.Public.
Client & employer.Client & employer.
Product.Product.
Judgment.Judgment.
Management.Management.
Profession.Profession.
Colleagues.Colleagues.
Self.Self.
- 31. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod31
Computer Ethics EducationComputer Ethics Education
► College coursesCollege courses – ACM developed a model– ACM developed a model
computing curriculum of courses that should becomputing curriculum of courses that should be
offered.offered.
► Professional programsProfessional programs – AMA, Amer. Mgt. Assoc.,– AMA, Amer. Mgt. Assoc.,
offers special programs addressing ethics &offers special programs addressing ethics &
integrity.integrity.
► Private educational programsPrivate educational programs – LRN, the Legal– LRN, the Legal
Knowledge Co., offers Web-based courseKnowledge Co., offers Web-based course
modules that address a wide range of ethical &modules that address a wide range of ethical &
legal issues.legal issues.
- 32. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod32
Ethics & the CIOEthics & the CIO
► As of August 11, 2002, CEOs and CFOs areAs of August 11, 2002, CEOs and CFOs are
required to sign off on the accuracy of theirrequired to sign off on the accuracy of their
financial statements.financial statements.
► This requirement puts responsibility on theThis requirement puts responsibility on the
executives but also on the corporate informationexecutives but also on the corporate information
services unit and the information services units ofservices unit and the information services units of
the business areas to provide the executives withthe business areas to provide the executives with
information that is accurate, complete, and timely.information that is accurate, complete, and timely.
► IS only one unit in the organizational structure butIS only one unit in the organizational structure but
it is in a key position to have the most influence onit is in a key position to have the most influence on
satisfying the demands of both government andsatisfying the demands of both government and
society for accurate financial reporting.society for accurate financial reporting.
- 33. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod33
Ethics & the CIO (Cont’d)Ethics & the CIO (Cont’d)
The CIO can bring financial reporting up to expectations byThe CIO can bring financial reporting up to expectations by
following a program that includes the following:following a program that includes the following:
Achieving a higher level of understanding of accountingAchieving a higher level of understanding of accounting
principles.principles.
Reviewing the information systems that accomplishReviewing the information systems that accomplish
financial reporting and taking remedial action.financial reporting and taking remedial action.
Educating the firm's executives on financial systems.Educating the firm's executives on financial systems.
Integrating alarms into information systems that alertIntegrating alarms into information systems that alert
executives to activities that require attention.executives to activities that require attention.
Actively participating in the release of financialActively participating in the release of financial
information to environmental elements.information to environmental elements.
Keeping tight control on money spent for informationKeeping tight control on money spent for information
resources.resources.
- 34. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod34
Life under Sarbanes-OxleyLife under Sarbanes-Oxley
► The objective of Sarbanes-Oxley, known as SOX, is toThe objective of Sarbanes-Oxley, known as SOX, is to
protect investors by making the firm’s executivesprotect investors by making the firm’s executives
personally accountable for the financial informationpersonally accountable for the financial information
that is provided to the firm’s environment, primarilythat is provided to the firm’s environment, primarily
stockholders & the financial community.stockholders & the financial community.
► SOX consists of 10 major provisions, 2 directly affectSOX consists of 10 major provisions, 2 directly affect
the firm’s information services unit.the firm’s information services unit.
CEOs & CFOs must certify the financial reports.CEOs & CFOs must certify the financial reports.
U.S. companies are required to have internal audit units.U.S. companies are required to have internal audit units.
- 35. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod35
SOX Provisions Affecting InformationSOX Provisions Affecting Information
Services, Resources, & ITServices, Resources, & IT
► SOX 404 – CIO must ensure that SOX imposedSOX 404 – CIO must ensure that SOX imposed
control requirements are built into systems duringcontrol requirements are built into systems during
systems development & activities should include:systems development & activities should include:
Identifying systems that play a role in financial reporting.Identifying systems that play a role in financial reporting.
Identifying the risks faced by these systems.Identifying the risks faced by these systems.
Developing controls that address the risks.Developing controls that address the risks.
Documenting & testing the controls.Documenting & testing the controls.
Monitoring the effectiveness of the controls over time.Monitoring the effectiveness of the controls over time.
Updating the controls as needed.Updating the controls as needed.
- 36. © 2007 by Prentice Hall Management Information Systems, 10/e Raymond McLeod36
SOX Provisions … (Cont’d)SOX Provisions … (Cont’d)
► SOX 409 – firm must be able to report changes in itsSOX 409 – firm must be able to report changes in its
financial condition infinancial condition in real timereal time – as the changes occur.– as the changes occur.
Should feature online inputs.Should feature online inputs.
Output subsystems should be capable of immediatelyOutput subsystems should be capable of immediately
reporting changes in the firm’s financial condition.reporting changes in the firm’s financial condition.
► SOX & COBITSOX & COBIT
COBIT is an industry organization that provides securityCOBIT is an industry organization that provides security
standards for the firm’s information resources.standards for the firm’s information resources.
COBIT can assist the firm in addressing its SOXCOBIT can assist the firm in addressing its SOX
responsibilities because COBIT standards align very wellresponsibilities because COBIT standards align very well
with the SOX expectations.with the SOX expectations.
COBIT has 47,000 members worldwide, its financialCOBIT has 47,000 members worldwide, its financial
reporting standards can have a global effect.reporting standards can have a global effect.