2008 年 28 巻 3 号 p. 73-82
The Internal Control over Financial Reporting is the process built in order to assure the assertion of the management about financial statements. On the other hand, in an IT Control over Financial Reporting, the reliability of a program and data is secured, it is required to prevent a falsification of a program and data, and the control objective corresponds to the integrity in the requirements for an Information Security. If the requirements for IT control for reliability of financial reporting are seen from a viewpoint of the integrity of data, it is classifiable into the subject of implementation and operation of the control function to an application system, and the subject of the access control function in IT infrastructure. In this paper, from a viewpoint of securing the integrity of data, I arranged the requirements for an IT Control over Financial Reporting, and tried systematization. I would like to study deeply the requirements for an IT Control over Financial Reporting from now on in the viewpoint of the relevance between the items demanded with the three-layer structure of IT control called IT Enterprise-Level Control, IT General Control, and IT Application Control, and the measure against an Information Security.