Week 1: Introduction to IT General Controls (ITGC)
Week 2: Access Control and User Management
Week 3: Change Management and System Development
Week 4: Data Backup, Recovery, and Security
Week 5: ITGC Auditing and Compliance
Week 6: Managing IT Risks
Week 7: Emerging Trends and Advanced Topics in ITGC
Week 8: ITGC Best Practices and Case Studies
Real-Time Project
This feature has been disabled by the administrator
Objective: Design a risk management framework that incorporates ITGC for a mid-sized organization. The framework should mitigate risks related to security, compliance, and operational disruptions.
Project Tasks:
-
Identify IT Risks:
- Conduct a risk assessment to identify technical, operational, and compliance-related risks that the organization faces (e.g., cybersecurity threats, data breaches, non-compliance with regulations like SOX, GDPR).
-
Develop Risk Mitigation Controls:
- Propose ITGC-related controls to mitigate the identified risks. These may include implementing multi-factor authentication (MFA), improving encryption, strengthening change management processes, or introducing more robust audit controls.
-
Create a Risk Register:
- Document identified risks, their impact, and the corresponding mitigation strategies.
- Prioritize the risks based on their likelihood and potential impact on business operations.
-
Deliverable:
- A detailed risk management framework that includes the identification of risks, their likelihood and impact, and the ITGC controls needed to mitigate them.
- A risk register and recommendations for monitoring and reporting risk mitigation progress.