CHAPTER 5: OVERVIEW OF GENERAL IT AND MANAGEMENT RISKS
IT controls are composed of:
• controls specific to individual systems (referred to as ‘application controls’) and
• those controls common across the whole organisation, division of computer platform (referred to as ‘IT general controls’).
Both operate within the overall context of entity level controls:
• Entity level controls are about the tone and culture of the organisation.
• IT general controls are those within the IT management processes to provide a reliable and appropriate operating environment and support the effective operation of application controls.
Application controls will be covered in a later chapter.
To put this in another way, IRM is a group of closely ...