Week 1: Introduction to IT General Controls (ITGC)
Week 2: Access Control and User Management
Week 3: Change Management and System Development
Week 4: Data Backup, Recovery, and Security
Week 5: ITGC Auditing and Compliance
Week 6: Managing IT Risks
Week 7: Emerging Trends and Advanced Topics in ITGC
Week 8: ITGC Best Practices and Case Studies
Real-Time Project
This feature has been disabled by the administrator
Timeline: Week 6-7
Objective: Conduct an ITGC audit for a simulated organization, including both internal and external auditing perspectives. Identify control weaknesses and recommend corrective actions.
Project Tasks:
-
Prepare for the Audit:
- Review the company’s ITGC documentation, including policies on access control, change management, and backup/recovery processes.
- Identify the scope of the audit and the specific ITGC areas to focus on.
-
Perform the Audit:
- Test key ITGC components (e.g., user access reviews, change approval processes, system security controls).
- Conduct interviews with stakeholders and review relevant logs, system documentation, and compliance records.
-
Identify Weaknesses:
- Highlight any gaps or non-compliance issues (e.g., inadequate documentation, lack of segregation of duties, or outdated risk management practices).
- Identify root causes for each weakness and assess potential consequences (e.g., security breaches, regulatory fines, system downtime).
-
Deliverable:
- Audit report including audit findings, a risk assessment, and prioritized recommendations for corrective actions.
- Present findings in a formal audit presentation.