Título: Comparison of COSO and COBIT control models used in computer audits for academic institutions of secondary education in Ibarra city

Autor(es): ARCINIEGA HIDROBO SILVIA ROSARIO, CHECA GUERRERO BRYAN ALEXANDER, FLORES ARMAS STEFANY CRISTINA, IMBAQUINGO ESPARZA DAISY ELIZABETH, JACOME LEON JOSE GUILLERMO

Fecha de publicación: 14-dec-2024

Resumen: The risks and threats to technological resources and information secu-rity in educational institutions have increased today. However, the evidence of conducting this process in the IT department of educational institutions in Ibarra is limited or non-existent. Therefore, the objective of the research is to determine, through a comparative analysis, which of the COSO and COBIT control models is the most suitable for conducting an internal IT audit in the secondary education institutions of the city of Ibarra. This analysis will be the basis for the develop-ment of a set of guidelines that can be used in an auditing process. The compari-son was carried out using four metrics: purpose, supervision and monitoring, in-formation security, and adaptability, determining the degree of compliance on a Likert scale. Therefore, COSO and COBIT can be implemented in IT auditing. An auditing guide for secondary education institutions is proposed, using both control models. This guide was evaluated by experts using the Delphi method, with a 95% alignment with the two control models. The degree of compliance is determined with a Likert scale, resulting in an average score of 4 out of 5 for both models. Therefore, COSO and COBIT can be implemented in IT auditing. Fur-thermore, a guide for IT audits in secondary education institutions is proposed, utilizing both control models. This guide is evaluated by experts using the Delphi method, and they indicate that they agree with the structure of the

Palabras clave: Computer auditing; Control models; Internal control; COSO; COBIT.

DOI: https://doi.org/10.1007/978-3-031-70760-5_21

ISSN: 2367-3389

Tipo publicación: Artículo