Project 1: ITGC Assessment for a Hypothetical Organization

Timeline: Week 1-3
Objective: Conduct an ITGC assessment for a fictional company. The goal is to identify key ITGC components, evaluate their effectiveness, and identify gaps.

Project Tasks:

  1. Understand the Organization’s Structure:

    • Define the company’s business model, IT infrastructure, and key systems (e.g., ERP, CRM).
    • Identify critical assets, such as financial systems, sensitive data, and intellectual property.
  2. Assess ITGC Components:

    • Access Controls: Evaluate user authentication mechanisms, RBAC implementation, and segregation of duties (SoD) controls.
    • Change Management: Review the company’s change management process and identify any missing documentation or inadequate controls.
    • Data Backup & Recovery: Assess the current backup strategies and disaster recovery plans for effectiveness and completeness.
  3. Deliverable:

    • Provide a report detailing the organization’s current ITGC framework.
    • Identify strengths and weaknesses in access control, change management, and data security.
    • Suggest improvements for enhancing overall ITGC effectiveness.
Alert: You are not allowed to copy content or view source !!