CHAPTER 5: OVERVIEW OF GENERAL IT AND MANAGEMENT RISKS
Overview
IT controls are composed of:
• controls specific to individual systems (referred to as ‘application controls’) and
• those controls common across the whole organisation, division of computer platform (referred to as ‘IT general controls’).
Both operate within the overall context of entity level controls:
• Entity level controls are about the tone and culture of the organisation.
• IT general controls are those within the IT management processes to provide a reliable and appropriate operating environment and support the effective operation of application controls.
Application controls will be covered in a later chapter.
To put this in another way, IRM is a group of closely ...
Get Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.