General controls that we come across in Information Systems
SriNageshKumar
7 views
13 slides
Sep 14, 2024
Slide 1 of 13
1
2
3
4
5
6
7
8
9
10
11
12
13
About This Presentation
General Controls in IT systems
Slide Content
GENERAL CONTROLSGENERAL CONTROLS
Meaning of ControlMeaning of Control
Power or authority to check or restrain; Power or authority to check or restrain;
restraining or regulating influence; restraining or regulating influence;
superintendence; government;. superintendence; government;.
That which serves to check, restrain, or That which serves to check, restrain, or
hinder; restraint. hinder; restraint.
Meaning of ControlMeaning of Control
Power or authority to check or restrain; Power or authority to check or restrain;
restraining or regulating influence; restraining or regulating influence;
superintendence; government;. superintendence; government;.
That which serves to check, restrain, or That which serves to check, restrain, or
hinder; restraint. hinder; restraint.
Controls are developed to provide Controls are developed to provide
reasonable assurance to management reasonable assurance to management
that the organisations business that the organisations business
objectives will be achieved and risk objectives will be achieved and risk
events will be prevented or detected events will be prevented or detected
and correctand correct
Controls are developed to provide Controls are developed to provide
reasonable assurance to management reasonable assurance to management
that the organisations business that the organisations business
objectives will be achieved and risk objectives will be achieved and risk
events will be prevented or detected events will be prevented or detected
and correctand correct
Controls are implemented by defining Controls are implemented by defining
control objectives for identified risks and control objectives for identified risks and
control procedures that will achieve control procedures that will achieve
control objectivescontrol objectives
Controls should address two key aspects Controls should address two key aspects
What should be achievedWhat should be achieved
What should be avoidedWhat should be avoided
Controls are implemented by defining Controls are implemented by defining
control objectives for identified risks and control objectives for identified risks and
control procedures that will achieve control procedures that will achieve
control objectivescontrol objectives
Controls should address two key aspects Controls should address two key aspects
What should be achievedWhat should be achieved
What should be avoidedWhat should be avoided
Controls can be classified as Controls can be classified as
PreventivePreventive
Detective Detective
CorrectiveCorrective
Controls can be classified as Controls can be classified as
PreventivePreventive
Detective Detective
CorrectiveCorrective
Controls include Controls include
Policies Policies
ProceduresProcedures
PracticesPractices
That are established by management to That are established by management to
reasonable assurance that specific reasonable assurance that specific
objectives will be achievedobjectives will be achieved
Controls include Controls include
Policies Policies
ProceduresProcedures
PracticesPractices
That are established by management to That are established by management to
reasonable assurance that specific reasonable assurance that specific
objectives will be achievedobjectives will be achieved
General controls apply to all areas of organisation General controls apply to all areas of organisation
they include :they include :
Internal accounting controlsInternal accounting controls
Operational controlsOperational controls
Administrative controlsAdministrative controls
Organisational security policiesOrganisational security policies
Overall policies and procedures for use of documents Overall policies and procedures for use of documents
and recordsand records
Procedures to ensure adequate safeguard of assetsProcedures to ensure adequate safeguard of assets
Physical and logicial security policiesPhysical and logicial security policies
General controls apply to all areas of organisation General controls apply to all areas of organisation
they include :they include :
Internal accounting controlsInternal accounting controls
Operational controlsOperational controls
Administrative controlsAdministrative controls
Organisational security policiesOrganisational security policies
Overall policies and procedures for use of documents Overall policies and procedures for use of documents
and recordsand records
Procedures to ensure adequate safeguard of assetsProcedures to ensure adequate safeguard of assets
Physical and logicial security policiesPhysical and logicial security policies
Internal accounting controlInternal accounting control
Are primarily directed at accounting Are primarily directed at accounting
operations. They concern the safeguarding operations. They concern the safeguarding
the assets and reliability of financial records.the assets and reliability of financial records.
Operational ControlsOperational Controls
Are concerned with day to day operations Are concerned with day to day operations
functions and activities and ensure the functions and activities and ensure the
operation is meeting the business objectivesoperation is meeting the business objectives
Internal accounting controlInternal accounting control
Are primarily directed at accounting Are primarily directed at accounting
operations. They concern the safeguarding operations. They concern the safeguarding
the assets and reliability of financial records.the assets and reliability of financial records.
Operational ControlsOperational Controls
Are concerned with day to day operations Are concerned with day to day operations
functions and activities and ensure the functions and activities and ensure the
operation is meeting the business objectivesoperation is meeting the business objectives
Administrative controlAdministrative control
Are concerned with operational efficiency Are concerned with operational efficiency
in a functional area and adherence to in a functional area and adherence to
management policiesmanagement policies
Support the operational controls Support the operational controls
specifically concerned with operating specifically concerned with operating
efficiency and adherence to organizational efficiency and adherence to organizational
policiespolicies
Administrative controlAdministrative control
Are concerned with operational efficiency Are concerned with operational efficiency
in a functional area and adherence to in a functional area and adherence to
management policiesmanagement policies
Support the operational controls Support the operational controls
specifically concerned with operating specifically concerned with operating
efficiency and adherence to organizational efficiency and adherence to organizational
policiespolicies
Organizational security policies and Organizational security policies and
procedures to ensure proper usage of procedures to ensure proper usage of
information and technology assetsinformation and technology assets
Overall policies for the design and use Overall policies for the design and use
of adequate documents and records of adequate documents and records
(Manual/Automated) to help ensure (Manual/Automated) to help ensure
proper recording of transactions – proper recording of transactions –
Transaction audit trialTransaction audit trial
Organizational security policies and Organizational security policies and
procedures to ensure proper usage of procedures to ensure proper usage of
information and technology assetsinformation and technology assets
Overall policies for the design and use Overall policies for the design and use
of adequate documents and records of adequate documents and records
(Manual/Automated) to help ensure (Manual/Automated) to help ensure
proper recording of transactions – proper recording of transactions –
Transaction audit trialTransaction audit trial
Procedures and features to ensure Procedures and features to ensure
adequate safeguards over access to and adequate safeguards over access to and
use of assets and facilitiesuse of assets and facilities
Physical and logical security policies for Physical and logical security policies for
Computer Centers and IT ResourcesComputer Centers and IT Resources
Procedures and features to ensure Procedures and features to ensure
adequate safeguards over access to and adequate safeguards over access to and
use of assets and facilitiesuse of assets and facilities
Physical and logical security policies for Physical and logical security policies for
Computer Centers and IT ResourcesComputer Centers and IT Resources
Information Systems Control Information Systems Control
ProceduresProcedures
Each of the preceding General Control Each of the preceding General Control
procedure can be translated into IS Specific procedure can be translated into IS Specific
control procedurecontrol procedure
A well designed information system should A well designed information system should
have controls built in for all its sensitive and have controls built in for all its sensitive and
critical functionscritical functions
Information Systems Control Information Systems Control
ProceduresProcedures
Each of the preceding General Control Each of the preceding General Control
procedure can be translated into IS Specific procedure can be translated into IS Specific
control procedurecontrol procedure
A well designed information system should A well designed information system should
have controls built in for all its sensitive and have controls built in for all its sensitive and
critical functionscritical functions
IS control procedures includeIS control procedures include
Strategy and directionStrategy and direction
Access to data and programsAccess to data and programs
Systems development methodologies and Systems development methodologies and
change controlchange control
Data processing operationsData processing operations
Systems programming and technical Systems programming and technical
supportsupport
IS control procedures includeIS control procedures include
Strategy and directionStrategy and direction
Access to data and programsAccess to data and programs
Systems development methodologies and Systems development methodologies and
change controlchange control
Data processing operationsData processing operations
Systems programming and technical Systems programming and technical
supportsupport
Data processing quality assurance Data processing quality assurance
proceduresprocedures
Physical access controlsPhysical access controls
Business continuity/disaster recovery Business continuity/disaster recovery
planningplanning
Network and communicationsNetwork and communications
Database administrationDatabase administration
Data processing quality assurance Data processing quality assurance
proceduresprocedures
Physical access controlsPhysical access controls
Business continuity/disaster recovery Business continuity/disaster recovery
planningplanning
Network and communicationsNetwork and communications
Database administrationDatabase administration
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 7
- Slides 13
- Age 442 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views