Three factors will likely cause managers to confront the issues addressed in this chapter much more directly than have their predecessors. First, the events of September 11, 2001, have changed the way we think about the protecting an organization’s resources, especially its IT resources, and making them available for use. Second, as computer-based systems become more sophisticated, managers must continually question how such technological changes affect the system of internal controls. For example, some companies have already implemented paperless (totally electronic) Information Systems. Others employ electronic data interchange (EDI) technology, which we introduced in Chapter 4. The challenges to managers are to keep pace with the development of such systems, and to ensure that changes in any system are complemented by enhancements in the company’s internal controls.
Third, the events associated with the downfall of companies such as Enron Corp. has heightened the concerns of an organization’s stakeholders—stockholders, customers, employees, taxpayers, etc.—and has caused them to raise a number of corporate (organizational) governance issues. They are asking, for example, how well their board of directors governs its own performance and that of the organization’s management. And, how do the board of directors and management implement and demonstrate that they have control over their business processes? The answers to these questions can be found only in a thorough and effective system of internal control.