Professional Documents
Culture Documents
IT General Controls
IT General Controls
Objective
Whether employees know it or not, IT has a tremendous effect on their everyday working lives.
IT is essentially the lifeblood of a company, ensuring employees’ laptops work, procuring and installing
the applications employees need to do their jobs, and instituting and upholding rules to help the
company stay compliant.
But how does the IT team accomplish those tasks in a standardized, secure way?
The answer lies in IT general controls. IT general controls, or ITGCs, are a set of directives that govern
how an organization’s systems operate. Yet, knowing what ITGCs are and how they work in practice isn’t
always straightforward.
One important thing to note is that Information Technology General Controls are not the same as
application controls. ITGCs govern the use of all systems within a company, from ERPs to servers,
directory platforms, and project management tools. Application controls restrict what users can do
within one particular platform, and typically these permissions are configured directly within that
application and pertain to specific features or use cases.