Week 1: Introduction to IT General Controls (ITGC)
Week 2: Access Control and User Management
Week 3: Change Management and System Development
Week 4: Data Backup, Recovery, and Security
Week 5: ITGC Auditing and Compliance
Week 6: Managing IT Risks
Week 7: Emerging Trends and Advanced Topics in ITGC
Week 8: ITGC Best Practices and Case Studies
Real-Time Project
This feature has been disabled by the administrator
Objective: Develop an ITGC framework for an organization that has migrated its systems to the cloud. Focus on cloud security, compliance, and access control.
Project Tasks:
-
Understand Cloud Computing Risks:
- Identify the specific risks associated with cloud environments, including data security, compliance challenges, and vendor management risks.
-
Design Cloud-Specific ITGC:
- Implement ITGC frameworks that align with cloud environments (e.g., access management controls, cloud data encryption, audit logging).
- Consider security controls such as data encryption at rest and in transit, access management policies, and service-level agreements (SLAs) with cloud vendors.
-
Create a Cloud Compliance Checklist:
- Develop a checklist that ensures the organization’s cloud infrastructure complies with relevant standards and regulations (e.g., GDPR, HIPAA, SOC 2).
-
Deliverable:
- A comprehensive cloud ITGC framework, including security policies, risk management controls, and a cloud compliance checklist.
- A presentation to stakeholders explaining the framework and how it mitigates cloud-specific risks.