Can COBIT 5 helps us in the challenges of Companies Act, 2013?
Anand Prakash Jangid and CA Anish Jain
is a key to growth and success. The same is applicable to our enactments also.
If enactments do not change with time, they will lose their value and
effectiveness. We have already observed incidents that have been reported due
to ineffective law effectiveness and enforcement. Talking of such change in
regulations, there is a lot of buzz around the amendments and additions made in “THE
COMPANIES ACT, 2013”. We are going to discuss the following: –
- What is COBIT 5?
- How COBIT 5 is related
to Companies Act, 2013?
- What are the challenges
posed by Companies Act, 2013?
- How COBIT 5 can be used
to face those challenges?
15.0pt;vertical-align:baseline’>INTRODUCTION TO COBIT 5
Covering the enterprise
Applying a Single,
Enabling a Holistic
like Companies Act, 2013 and other governs the operations of an enterprise by
defining the limits or boundaries within which organization needs to operate.
However, all the operations of the enterprise can be categorized in two
categories i.e. IT related processes and Non-IT related processes. COBIT
Framework governs and manages the IT related processes. For large companies,
more than 70-80% of their processes are IT-enabled. Hence internal controls are
automated or semi-automated to a large extent. COBIT framework can help to put
a process to design, implement and monitor internal controls on a sustainable
basis. So, what we conclude from here is an enterprise using COBIT Framework
can operate in best possible manner within the boundaries defined by the
regulation i.e. provisions of Companies Act, 2013 and that’s how they are
related to each other.
15.0pt;vertical-align:baseline’>CHALLENGES POSED BY COMPANIES ACT, 2013
a) There shall be
attached to statements laid before a company in general meeting, a report
by its Board of Directors, which shall include a statement indicating
development and implementation of a risk management policy for the company
including identification therein of elements of risk, if any, which in the
opinion of the Board may threaten the existence of the company.
b) The Independent
director shall help in bringing an independent judgment to bear on the
Board’s deliberations on risk management resources and satisfy themselves
that financial controls and the systems of risk management are robust and
c) Every audit committee
shall act in accordance with the terms of reference specified in writing
by the Board which shall inter alia include evaluation of internal
financial controls and risk management systems. (Sec-177(4)(vii))
d) Such class or classes
of companies as may be prescribed shall be required to appoint an internal
auditor, who shall either be a chartered accountant or a cost accountant,
or such other professional as may be decided by the Board to conduct
internal audit of the functions and activities of the company.
e) The auditor’s report
shall state that whether the company has adequate internal financial
controls system in place and the operating effectiveness of such controls.
15.0pt;vertical-align:baseline’>SOLUTION FROM COBIT 5 FRAMEWORK
for the given challenges is as follows: –
15.0pt;vertical-align:baseline’>Step 1: Identify Stakeholder Drivers
need is to comply with all the provisions.
15.0pt;vertical-align:baseline’>Step 3: Relate Needs to Enterprise Goals
a) IT compliance and
support for business compliance with external laws and regulations.
b) Managed IT-related
c) IT compliance with
15.0pt;vertical-align:baseline’>Step 4: Align IT-Related Goals with Enterprise goals
- a) Compliance with
external laws and regulations.
- b) Compliance with
- c) Managed business risk
(safeguarding of assets)
- d) Business service
continuity and availability.
- e) Optimisation of
service delivery costs.
15.0pt;vertical-align:baseline’>Step 5: Select Processes based on IT-Related Goals
a) Ensure Governance
Framework Setting and Maintenance.
b) Manage Service
c) Ensure Risk
d) Ensure Stakeholder
e) Manage the IT
f) Manage Risk.
g) Manage Security.
h) Manage Changes and
COBIT 5 Framework proves to be the ideal framework for any enterprise to adopt
and get the desired results (value creation) in form of:
- Benefits Realisation
- Risk Optimisation
- Resources Optimisation