Scribd Logo
Upload

Welcome to Scribd!

  • 3 views

    3 InternalControl

    Uploaded by

    Jay Silen
    Internal controls are steps taken to prevent, detect, and correct errors and issues. They typically involve policies, procedures, and organizational structures. There are three main types of controls: preventive controls attempt to predict and prevent problems before they occur, detective controls find errors after they happen, and corrective controls minimize the impact of any issues. Important aspects for information system controls specifically include safeguarding assets, ensuring the integrity of operating systems and applications, user access identification and authorization, business continuity planning, and data protection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    3 InternalControl

    Uploaded by

    Jay Silen
    3 views8 pages
    Internal controls are steps taken to prevent, detect, and correct errors and issues. They typically involve policies, procedures, and organizational structures. There are three main types of controls: preventive controls attempt to predict and prevent problems before they occur, detective controls find errors after they happen, and corrective controls minimize the impact of any issues. Important aspects for information system controls specifically include safeguarding assets, ensuring the integrity of operating systems and applications, user access identification and authorization, business continuity planning, and data protection.

    Original Description:

    IT Audit Internal Control

    Original Title

    3-InternalControl

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Internal controls are steps taken to prevent, detect, and correct errors and issues. They typically involve policies, procedures, and organizational structures. There are three main types of controls: preventive controls attempt to predict and prevent problems before they occur, detective controls find errors after they happen, and corrective controls minimize the impact of any issues. Important aspects for information system controls specifically include safeguarding assets, ensuring the integrity of operating systems and applications, user access identification and authorization, business continuity planning, and data protection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    3 views8 pages

    3 InternalControl

    Uploaded by

    Jay Silen
    Internal controls are steps taken to prevent, detect, and correct errors and issues. They typically involve policies, procedures, and organizational structures. There are three main types of controls: preventive controls attempt to predict and prevent problems before they occur, detective controls find errors after they happen, and corrective controls minimize the impact of any issues. Important aspects for information system controls specifically include safeguarding assets, ensuring the integrity of operating systems and applications, user access identification and authorization, business continuity planning, and data protection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 8

    Internal Controls

    Internal Controls

    Steps performed to prevent, detect, and correct

    Usually: policies, procedures, practices,


    organizational structures

    Two important aspect: What to be achieved,


    what to be avoided

    Controls Classification

    Preventive

    Detective

    Corrective

    Preventive

    Detect Problem before they arise

    Attempt to predict potential error before it occurs

    eg: create organizational structure to oversee a


    task

    eg 2: well documented flow to make sure task is


    done properly

    Detective

    Detects error when it occurs

    The worst error is when its not detected

    eg: Checkpoints

    eg 2: Duplicate checking

    eg 3: Periodic Performance Reporting

    Corrective

    Minimize impact of risk

    Modify processing system to minimize future


    occurence

    Correct Errors immidiately to mitigate effect

    eg: Contigency Plan

    eg 2: Back up

    IS Controls

    Most common IS Controls must include these points:


    1. safeguarding asset: avoid improper access
    2. Ensuring integrity of OS Management
    3. Ensuring integrity of Applications: input authorization/
    validation, accuracy and completeness, transcation tracking,
    security, etc
    4. Identification, Authorization of User Access
    5. Business Continiuity and Disaster Recovery Plan
    6. Protection of Data

    Discuss

    Pick 4 top risks from your online shop problem


    (IT related risk)

    For every risk listed on your task, define 2 step


    to Prevent, Detect, and Correct your Risk

    Create a checklist based on previous slide (IS


    Controls) to make sure youve completed the
    objectives

    You might also like