Original Internal Control Framework for ERP systems in accordance with SOx 404 compliance and XBRL.

The paper considers key IT controls in three important business processes in Enterprise Resource Planning (ERP) systems i.e.in Procure-to-Pay, Order-To-Cash and Financial Reporting cycle and proposes an effective internal control framework over efficient financial reportingusing XBRL and hence according to Sox 404 compliance. The paper uses COBITframework as a reference point to identify the IT controls in the systems. Key controls have been further subdivided into application, access and general controls. The paper, with examples, from SAP and Oracle ERP lists out assessment of internal controls, preparing Risk Control matrix and Segregation Of Duties conflict matrix in all the three cycles mentioned above which helps identifying deficiencies and material misstatements. The paper provides a SOx 404 compliant preliminary framework of crucial internal controls for auditors to consider while inspecting Enterprise Resource Planning Systems.