What is it?
IT General Controls is gaining importance among the companies. Due to increasing regulations companies feel the need for establishing a sustainable IT Governance. The goal of IT controls are to ensure data and process integrity among the IT systems.
Importance of IT controls
IT General Controls support your organization in achieving operational, financial and IT objectives:
IT Controls Audit process
- Awareness: Identify the to be reviewed IT environments
- Understanding: Understand your processes by reviewing documentations and performing walkthroughs
- Assessment: Check the appropriateness of existing controls
- Validation: Validate the existing controls for proving the effectiveness of the controls
Access data
Unauthorized access on sensible data might lead to abuse and/ or fraud. Without a pro active management of access data that is driven by controls unlimited access can result in fraud and data abuse. The access to components like user provisioning, user account management, audit logs … should be therefore restricted.
Operational Security
Unavailability of systems or inaccurate processing of programs are threatening data integrity. This concerns for example the processing of batch jobs, job monitoring or the incident handling and problem management.
Program management
Program management involves changing of existing and the development of new programs. System programs that are inappropriately changed or new developed might lead to inaccurate data on the system environment. These kind of changes or developments should be properly authorized, documented, tested and approved. This concerns system migrations, changes of the system configuration, emergency changes, change management procedures and more.