Having covered the control environment and IT control processes in IT Governance: The Management and Control of Information Technology and Information Integrity, we are now ready to move to the third level of control plans appearing in the hierarchy shown in Figure 8.2—process control plans (the first two were the control environment and pervasive control plans). We begin by defining the components of a control framework and introduce tools used to implement it. Then we apply the control framework to a few generic business processes. These generic processes include process controls that may be found in any information system. Later in the text, in THE “ORDER-TO-CASH” PROCESS: PART I, MARKETING AND SALES (M/S) through THE BUSINESS REPORTING (BR) PROCESS, we examine process controls that might be found in particular business processes (e.g., order-to-cash, purchase-to-pay, and so forth).
Explain the difference between the category of process control plans covered in this chapter and the process controls to be covered in THE “ORDER-TO-CASH” PROCESS: PART I, MARKETING AND SALES (M/S) through THE BUSINESS REPORTING (BR) PROCESS.