Welcome to Scribd!

Risk Control Matrix Format

Uploaded by

0% found this document useful (0 votes)

78 views5 pages

The document summarizes risks related to ITGC processes. It identifies the risk of user access privileges not being timely revoked for left employees. It also notes the risk that security management practices are not fully in place. Gaps in existing controls are identified, such as access revocation only applying to assets and not other access. Suggested controls include immediately informing IT and HR of employee departures and removing all access. The information security policy is also found to not be properly approved, reviewed, or implemented across all employees.

Original Description:

Original Title

Risk Control Matrix Format (2)

Copyright

Available Formats

XLSX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as XLSX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as xlsx, pdf, or txt

0% found this document useful (0 votes)

78 views5 pages

Risk Control Matrix Format

Uploaded by

Naresh Batra Associates

Copyright:

Available Formats

Download as XLSX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as xlsx, pdf, or txt

Jump to Page

You are on page 1of 5

Search inside document

DRAFT Risk Control Matrix

Process - ITGC

Sr. No. Sub-Process Activity Risk ID Perceived Risk Description

Access Management User Access R-ITGC-2 User access privileges of left

Termination employees are not timely
revoked

Access Management

Security
Management
Security
Management

Security
Management
Security
Management
Security
Management
Security
Management
Computer
Operations

Security Information R-ITGC-41 Security management practices

Management Security Policy are not in place
Existing Process /Control Description

Upon resignation or retirement of employee, HR forwards

clearance form to Manager - IT for IT assets held by concerned
employee

IT security policy in place.

compare it policy and identify gaps
Gap Identified Suggested Control

1. This is being done only for assets and not 1. (a) On resignation or Termination of employee
for other accesses revokation provided to Department head should inform IT and HR department
exiting employee, apart from SAP ID immidiately. 1 (b) IT
department should remove accesses immidiately

1.Policy is not approved by BOD,Policy is Policy should be approved by BOD ,should be regulerly
not regulerly reviewed and updated .Policy reviewed and updated.Policy should be implemented in
implementated in informal way and 100 % formal way by way of undertaking from all employees
implenattion is not enured and reguler uwareness program.
Reference Remark observation Control Owner Frequency of
Document Control/s
1. HR As and when
2. Sr Manager IT

3. Manager IT and
Sr Manager IT

refer security
policy in it
policy
Key Control Nature of Type of Control
Control
Yes Detective(Based Manual + Automated
on email)

Google Cloud Platfor
Document6 pages
Google Cloud Platfor
john
No ratings yet
2005 Itgc Example - Racf
Document67 pages
2005 Itgc Example - Racf
حسين عبدالرحمن
No ratings yet
Active Directory Audit Work Program
Document32 pages
Active Directory Audit Work Program
Eva Julio
No ratings yet
Swifttech: Speed, Flexibility, Success
Document4 pages
Swifttech: Speed, Flexibility, Success
CROST
No ratings yet
In Ra General It Controls Noexp PDF
Document20 pages
In Ra General It Controls Noexp PDF
Alex Ahadiat Utomo
No ratings yet
Essential - 8 - Scorecard - Overview - Cyber Maturity Posture
Document2 pages
Essential - 8 - Scorecard - Overview - Cyber Maturity Posture
Marco Antonio Agnese
0% (1)
Auditing Application Controls: Gtag® 8
Document13 pages
Auditing Application Controls: Gtag® 8
mename1234
No ratings yet
Information Technology General Controls (Itgcs) 101
Document16 pages
Information Technology General Controls (Itgcs) 101
arif420_999
No ratings yet
The Impact of IT Application Control On The Quality of The Audit Evidence: An Application Example
Document14 pages
The Impact of IT Application Control On The Quality of The Audit Evidence: An Application Example
Nia Nuristiyanti
No ratings yet
Sunera Best Practices For Remediating SoDs
Document7 pages
Sunera Best Practices For Remediating SoDs
sura anil reddy
No ratings yet
IT General Controls
Document65 pages
IT General Controls
Ava White
No ratings yet
Future of IT Audit Report - Res - Eng - 0219
Document20 pages
Future of IT Audit Report - Res - Eng - 0219
Immanuel Giulea
No ratings yet
IT Audit For Non-IT Auditors: Ed Tobias, CISA, CIA, CFE
Document84 pages
IT Audit For Non-IT Auditors: Ed Tobias, CISA, CIA, CFE
ojksa
No ratings yet
SAP Security - ISACA PDF
Document48 pages
SAP Security - ISACA PDF
Eugenio Gienek
No ratings yet
Chapter 4: Revenue Cycle
Document12 pages
Chapter 4: Revenue Cycle
Cyrene Cruz
No ratings yet
Test of Controls For Some Major Activities
Document22 pages
Test of Controls For Some Major Activities
Mohsin Raza
No ratings yet
General Auditing For IT Auditors PDF
Document4 pages
General Auditing For IT Auditors PDF
Gerardo Araque
No ratings yet
Segregation of Duties - SoD
Document7 pages
Segregation of Duties - SoD
Julio Turchan Olea
No ratings yet
SOX Treasury Test Plan
Document3 pages
SOX Treasury Test Plan
mohamed sobhy
No ratings yet
Sarbanes-Oxley Walkthrough Checklist
Document1 page
Sarbanes-Oxley Walkthrough Checklist
mehmet ali
No ratings yet
Risk Control Matrix Template: Name Objective
Document3 pages
Risk Control Matrix Template: Name Objective
Kyaw Htut
No ratings yet
Application Controls: Batch Processing Application Audit
Document34 pages
Application Controls: Batch Processing Application Audit
YanYan Yumul
No ratings yet
PPM Dashboard and Report Visuals Template
Document31 pages
PPM Dashboard and Report Visuals Template
Taha Shahzad
No ratings yet
IT Governance: Arrianto Mukti Wibowo, M.SC., CISA
Document55 pages
IT Governance: Arrianto Mukti Wibowo, M.SC., CISA
Mas Uyok
No ratings yet
Feature: Writing Good Risk Statements
Document3 pages
Feature: Writing Good Risk Statements
envisage
No ratings yet
Governance Risk Compliance Software DCA
Document8 pages
Governance Risk Compliance Software DCA
V C
No ratings yet
COSO 2013 Framework Executive Summary
Document20 pages
COSO 2013 Framework Executive Summary
Lhoussaine OUABOUCH
No ratings yet
Application Controls Questionnaire
Document3 pages
Application Controls Questionnaire
Suzi M Abu Ali
No ratings yet
COSO Framework BANK
Document15 pages
COSO Framework BANK
Fahmi Nur Alfiyan
No ratings yet
Assignment 3 1
Document46 pages
Assignment 3 1
Dine Capua
No ratings yet
IT SOX 2018 - Prelim Finding Template
Document2 pages
IT SOX 2018 - Prelim Finding Template
T. Ly
No ratings yet
Internal Audit Process & Audit Committee
Document34 pages
Internal Audit Process & Audit Committee
Abhishek Pareek
No ratings yet
Risk Exposure Calculator
Document2 pages
Risk Exposure Calculator
harmandian
100% (1)
Webinar Auditing SAP
Document43 pages
Webinar Auditing SAP
mbanti20008801
No ratings yet
ERP
Document56 pages
ERP
Aiswarya Suresh
No ratings yet
Peoplesoft It General Controls: Performance Audit
Document23 pages
Peoplesoft It General Controls: Performance Audit
JhonSmith
No ratings yet
Chapter 8 SDLC
Document14 pages
Chapter 8 SDLC
Richard Ngalu Yalakwanso
No ratings yet
Rbi A Manual
Document344 pages
Rbi A Manual
Alexandru Vasile
No ratings yet
Price Waterhouse Swift PDF
Document4 pages
Price Waterhouse Swift PDF
jairo lopez
No ratings yet
Access Control
Document47 pages
Access Control
anvi
No ratings yet
CSP Delloite
Document5 pages
CSP Delloite
Nahid Hasan
No ratings yet
Project For It Audit
Document23 pages
Project For It Audit
Clarice Ilustre Guintibano
No ratings yet
R2R SOD List
Document12 pages
R2R SOD List
faridfarzana
No ratings yet
IT Audit Control
Document54 pages
IT Audit Control
wirdina
No ratings yet
ITGC Assessment Example
Document7 pages
ITGC Assessment Example
ETTORE JOHN DE VERA
No ratings yet
Internal Controls 101
Document25 pages
Internal Controls 101
Arcee Orcullo
100% (1)
SOX Deficiencies Traiing
Document49 pages
SOX Deficiencies Traiing
Sridhair Iyengar
No ratings yet
SOX Audit For Beginners: March 30
Document17 pages
SOX Audit For Beginners: March 30
Jemimah Burgas
100% (1)
Integrity Communicates Effectively Future-Focused Promotes Improvement
Document104 pages
Integrity Communicates Effectively Future-Focused Promotes Improvement
ahmed khoudhiry
No ratings yet
Internal Control Self-Assessment Checklist: (COSO)
Document16 pages
Internal Control Self-Assessment Checklist: (COSO)
Tendai Chiramba
No ratings yet
Digital GRC A Complete Guide
From Everand
Digital GRC A Complete Guide
Gerardus Blokdyk
No ratings yet
IT General Controls
Document6 pages
IT General Controls
Patrick mdagano
No ratings yet
COSO Framework and Internal Control
Document15 pages
COSO Framework and Internal Control
chiara uy
100% (1)
01 - Risk Register - Template
Document19 pages
01 - Risk Register - Template
Usama Abuelatta
No ratings yet
Enhancing The IT Audit Report Using COBIT 2019 - Joa - Eng - 0720
Document5 pages
Enhancing The IT Audit Report Using COBIT 2019 - Joa - Eng - 0720
Harish Kumar Ramachandran
No ratings yet
Guide To The Assessment of IT Risk (GAIT) - Part2
Document20 pages
Guide To The Assessment of IT Risk (GAIT) - Part2
Ko Zaw
No ratings yet
A Performance Audit of The Cybersecurity in The State of Utah-Report #2023-04
Document53 pages
A Performance Audit of The Cybersecurity in The State of Utah-Report #2023-04
Robert Gehrke
No ratings yet
IT GRC Department: Kheri Arionadi Shobirin
Document9 pages
IT GRC Department: Kheri Arionadi Shobirin
Jihad Satrio Utama
No ratings yet
Continuous Auditing A Complete Guide - 2020 Edition
From Everand
Continuous Auditing A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
Data Anonymization A Complete Guide - 2020 Edition
From Everand
Data Anonymization A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
SSD Observations Only Template Lab Manual 2-Module1-Solution
Document6 pages
SSD Observations Only Template Lab Manual 2-Module1-Solution
Naresh Batra Associates
No ratings yet
Answer - Audit Planning - Lab Manual 1
Document2 pages
Answer - Audit Planning - Lab Manual 1
Naresh Batra Associates
No ratings yet
Module 5
Document118 pages
Module 5
Naresh Batra Associates
No ratings yet
Module 3
Document88 pages
Module 3
Naresh Batra Associates
No ratings yet
Module 1
Document138 pages
Module 1
Naresh Batra Associates
No ratings yet
Introduction To Salient Features of 3GPP Release Upto Release 17
Document10 pages
Introduction To Salient Features of 3GPP Release Upto Release 17
agmebald
No ratings yet
Ready To Use - Page 2 - Welcome To Fusion HCM Consulting
Document19 pages
Ready To Use - Page 2 - Welcome To Fusion HCM Consulting
Udayraj Singh
No ratings yet
Logitech Tap Scheduler: Data Sheet
Document4 pages
Logitech Tap Scheduler: Data Sheet
G & M Soft Technologies Pvt Ltd
No ratings yet
VLAN Lab Guide
Document6 pages
VLAN Lab Guide
almi syarif Chaniago
No ratings yet
AWS Free Tier
Document105 pages
AWS Free Tier
Sridhar Rayakam
No ratings yet
Solong: and Thanks For All The Fish!
Document10 pages
Solong: and Thanks For All The Fish!
jmolfigueira
No ratings yet
Microsoft Word Assignment February 5
Document1 page
Microsoft Word Assignment February 5
wainainagm5821
No ratings yet
Teraco Industry Report
Document16 pages
Teraco Industry Report
Amon Khosa
No ratings yet
Lenovo Ideapad S145-15igm LCFC Fs441 - fs540 Nm-c111 Rev 0.2
Document60 pages
Lenovo Ideapad S145-15igm LCFC Fs441 - fs540 Nm-c111 Rev 0.2
Luis Piñero
No ratings yet
Brochure
Document6 pages
Brochure
20BCA011 Divyasri T
No ratings yet
Ovation Select Overview - Detailed
Document60 pages
Ovation Select Overview - Detailed
Mike
No ratings yet
Intel® NUC Products Nuc7Cjy/Nuc7Pjy: Technical Product Specification
Document65 pages
Intel® NUC Products Nuc7Cjy/Nuc7Pjy: Technical Product Specification
Xshadowraziel Beltmont
No ratings yet
2.7V 4-Channel/8-Channel 12-Bit A/D Converters With SPI Serial Interface
Document41 pages
2.7V 4-Channel/8-Channel 12-Bit A/D Converters With SPI Serial Interface
cuto
No ratings yet
eRAN18.1 LTE FDD Massive MIMO Solution User Guide
Document105 pages
eRAN18.1 LTE FDD Massive MIMO Solution User Guide
turi313
100% (1)
Opax322X 20-Mhz, Low-Noise, 1.8-V, Rri/O, Cmos Operational Amplifier With Shutdown
Document55 pages
Opax322X 20-Mhz, Low-Noise, 1.8-V, Rri/O, Cmos Operational Amplifier With Shutdown
hassan
No ratings yet
How To Setup My Inbox 2.0
Document62 pages
How To Setup My Inbox 2.0
suresh
No ratings yet
Technical Specifications:: D-Link DWL-7700AP Specifications
Document5 pages
Technical Specifications:: D-Link DWL-7700AP Specifications
Gopinath Suk
No ratings yet
Multipump Parameters Inaya
Document2 pages
Multipump Parameters Inaya
أبو أنس المسلم
No ratings yet
Unit-Ii 191eec303t Lic
Document125 pages
Unit-Ii 191eec303t Lic
Ponkarthika B
No ratings yet
WinAPI WinMessage
Document24 pages
WinAPI WinMessage
Tin Tin Đăng Ký
No ratings yet
Computer Languages Quiz - Quizizz
Document8 pages
Computer Languages Quiz - Quizizz
Neha Saney
No ratings yet
Dispensary Management System
Document5 pages
Dispensary Management System
Iqra Ayub
No ratings yet
4 CS115C - Control Structures
Document21 pages
4 CS115C - Control Structures
Nelson Geverola Balneg
No ratings yet
Our Free Ebook: Visual Basic Tutorial
Document3 pages
Our Free Ebook: Visual Basic Tutorial
Jemerald
No ratings yet
2.1 Quantum Algorithms 2020-07-22 10 40 38
Document4 pages
2.1 Quantum Algorithms 2020-07-22 10 40 38
arthurcgomes
No ratings yet
Kistler Como View
Document17 pages
Kistler Como View
martinxuelo
No ratings yet
SE Conspect (Nimo's Version)
Document68 pages
SE Conspect (Nimo's Version)
sk ql
No ratings yet
Dual Server Public Key Encryption
Document5 pages
Dual Server Public Key Encryption
Vinni Sketcher
No ratings yet
News
Document20 pages
News
haseebgujjar756
No ratings yet
Rohit Khadka 2407942
Document13 pages
Rohit Khadka 2407942
np03cs4a230235
No ratings yet