What is IT General controls?
-ITGC is a set of essential controls which helps an org. to govern technology effectively in an IT environment that can be applied to IT systems, assets, apps, DBs, and any supporting IT INFRA capabilities.
IT General Controls mainly look at –
Logical access to program and data
Program/System development
Program change management
Backup/recovery controls
Data Security
Access control
Physical security
Business continuity
So, overall ITGC also support an information security
program in terms of managing all IT controls and related risk to assets and
services effectively.
ITGC will have a set of policies, procedures and, guidelines that
can support org. to govern tech space more efficiently.
For e.g. In an org. how a user can get access to any systems,
apps, or, any resources?
ITGC will help us to document & define a formal user
provisioning process in place to be followed by employees.
Apart from ITGC there are ITAC (IT Application controls)
which specifically deals with software applications and their related access, transactions.
No comments:
Post a Comment