Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
185 views10 pages

IT Controls: Global Technology Auditing Guide 1

The document discusses IT controls, including understanding IT controls, the importance of IT controls, organizational roles and responsibilities for ensuring IT controls, analyzing risks, monitoring techniques, and IT control assessment. IT controls provide assurance for information and information services and help mitigate risks associated with technology use.

Uploaded by

Emil Jabrailzadeh
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
185 views10 pages

IT Controls: Global Technology Auditing Guide 1

The document discusses IT controls, including understanding IT controls, the importance of IT controls, organizational roles and responsibilities for ensuring IT controls, analyzing risks, monitoring techniques, and IT control assessment. IT controls provide assurance for information and information services and help mitigate risks associated with technology use.

Uploaded by

Emil Jabrailzadeh
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 10

IT Controls

Global Technology Auditing Guide 1

www.theiia.org

What This Guide Covers


Understanding of IT controls Importance of IT controls Organizational roles and responsibilities for ensuring IT controls Analyzing risks Monitoring and techniques IT control assessment

www.theiia.org

Understanding IT Controls
IT control is a process
that provide assurance for information and information services, and help to mitigate risks associated with use of technology.
Automation of business controls Control of IT

Two components

www.theiia.org

Understanding Controls
Classification
General Controls Application Controls

Classification
Preventative Detective Corrective

Classification
Governance controls Management controls Technical controls
www.theiia.org

Understanding IT Controls

A top-down approach used when considering controls to implement and determining areas on which to focus.
www.theiia.org

Importance of IT Controls
Needs for IT controls, such as controlling cost remaining competitive protecting of information assets complying with laws and regulation Implementing effective IT control will improve efficiency, reliability, flexibility and availability of assurance evidence

www.theiia.org

Roles and Responsibilities


Board of Directors /Governing Body Management define, approve, implement IT controls or understand the use of IT controls Auditor Internal Auditors assurance External Auditors periodical auditing

www.theiia.org

Based On Risk
Analyzing Risk
Identify risks Consider risk in determining the adequacy of IT controls Define risk mitigation strategy accept/eliminate/share/co ntrol/mitigate Consider Baseline IT controls

www.theiia.org

Monitoring & Techniques


Monitoring & Assessing IT Controls
Choose a control framework Use proper audit methodology Ongoing monitoring/special review/automated continuous auditing

www.theiia.org

Assessment
Assessing IT controls is an ongoing process, because business processes are constantly changing Technology continues to advance Threats evolve as new vulnerabilities emerge Audit methods keep improving

www.theiia.org

You might also like