IT General Controls (ITGC) - A Brief Overview
harinderrastogi884
125 views
9 slides
Sep 30, 2024
Slide 1 of 9
1
2
3
4
5
6
7
8
9
About This Presentation
IT General Controls or ITGC are guidelines that describe safety measures and procedures to keep an organization’s technology functioning appropriately and securely.
Slide Content
IT General Controls
An Overview
An Overview
About the Company
With a proven track record of serving over 650 clients and achieving compliance for more than 200
organizations, Kratikal is a CERT-In Empanelled cybersecurity solutions provider. The company has
developed over 2,000 test cases for web, mobile, and IT environments, and successfully tested over 25,000 IT
infrastructure devices.
Why Choose Kratikal?
Expert Team
Certified cybersecurity professionals bring extensive hands-on experience to the table.
Wide-Ranging Experience
Collaborate with various sectors, including fintech, healthcare, payments, education, and
e-commerce.
Global Compliance Expertise
Internal auditors and compliance implementers are well-versed in international IT frameworks and
regulations.
Customized Solutions
Focus on delivering optimized, bespoke solutions that align with your organization’s specific
requirements.
With a proven track record of serving over 650 clients and achieving compliance for more than 200
organizations, Kratikal is a CERT-In Empanelled cybersecurity solutions provider. The company has
developed over 2,000 test cases for web, mobile, and IT environments, and successfully tested over 25,000 IT
infrastructure devices.
Why Choose Kratikal?
Expert Team
Certified cybersecurity professionals bring extensive hands-on experience to the table.
Wide-Ranging Experience
Collaborate with various sectors, including fintech, healthcare, payments, education, and
e-commerce.
Global Compliance Expertise
Internal auditors and compliance implementers are well-versed in international IT frameworks and
regulations.
Customized Solutions
Focus on delivering optimized, bespoke solutions that align with your organization’s specific
requirements.
What is IT General Controls?
IT General Controls or ITGC are guidelines that describe safety measures and procedures to keep an
organization’s technology functioning appropriately and securely.
Further simplifying it, the key areas include -
•Making sure only the right people can access sensitive information.
•Ensuring any changes to systems or software are properly planned and documented.
•Regularly saving copies of data and having plans to restore it if something goes wrong.
•Monitoring and maintaining IT systems to ensure they work as intended.
IT General Controls or ITGC are guidelines that describe safety measures and procedures to keep an
organization’s technology functioning appropriately and securely.
Further simplifying it, the key areas include -
•Making sure only the right people can access sensitive information.
•Ensuring any changes to systems or software are properly planned and documented.
•Regularly saving copies of data and having plans to restore it if something goes wrong.
•Monitoring and maintaining IT systems to ensure they work as intended.
Who Needs to Follow ITGC Guidelines?
Any organization involved in managing, using, or protecting IT systems and data should follow IT
General Controls Guidelines. A few of them include -
•Publicly Traded Companies
•Financial Institutions
•Healthcare Organizations
•Government Agencies
•Companies with Sensitive Data
Any organization involved in managing, using, or protecting IT systems and data should follow IT
General Controls Guidelines. A few of them include -
•Publicly Traded Companies
•Financial Institutions
•Healthcare Organizations
•Government Agencies
•Companies with Sensitive Data
IT General Controls Methodology
Framework Selection
Select the framework that aligns best with enterprise goals and compliance, or combine elements as
needed.
Internal Controls Mapping
Make sure internal controls align with the framework before starting an audit.
GAP Analysis
Compare internal controls with framework controls to find any gaps.
Plan Creation and Execution
During the testing phase, create corrective plans for areas that don’t meet framework expectations.
Quality Checks of Controls
Test the controls after they are set up to make sure they work.
Mitigation Activity Monitoring
Continuously monitor controls to ensure they meet current requirements and adapt to changes.
Framework Selection
Select the framework that aligns best with enterprise goals and compliance, or combine elements as
needed.
Internal Controls Mapping
Make sure internal controls align with the framework before starting an audit.
GAP Analysis
Compare internal controls with framework controls to find any gaps.
Plan Creation and Execution
During the testing phase, create corrective plans for areas that don’t meet framework expectations.
Quality Checks of Controls
Test the controls after they are set up to make sure they work.
Mitigation Activity Monitoring
Continuously monitor controls to ensure they meet current requirements and adapt to changes.
IT General Controls Compliance Frameworks
IT General Controls are a set of basic security practices that help companies follow rules and
regulations related to their IT systems. There are three main security frameworks that organizations
rely on to maintain strong compliance:
•COSO (Committee of Sponsoring Organizations)
•COBIT (Control Objectives for Information Technology)
•ISO 27001
IT General Controls are a set of basic security practices that help companies follow rules and
regulations related to their IT systems. There are three main security frameworks that organizations
rely on to maintain strong compliance:
•COSO (Committee of Sponsoring Organizations)
•COBIT (Control Objectives for Information Technology)
•ISO 27001
IT General Controls Implementation - Kratikal’s Approach
Planning
Identifying the necessary IT general controls. This involves looking at the industry, the type of data
handled, and the locations of the clients.
Defining the Scope
Estimating the timeline by working backward from the target end date, considering resources and
managed service providers (MSPs).
Risk Assessment
Assessing current processes to establish a baseline and prioritize necessary enhancements for audits
or compliance.
Designing and Implementation Controls
Developing a plan using selected IT general controls and baseline insights. Combining effective
controls with security improvements, prioritizing them for audits or compliance.
Testing the Controls
To ensure each IT general control (ITGC) works effectively, Kratikal tests every ITGC with a diverse team
to identify flaws and ensure reliability.
Planning
Identifying the necessary IT general controls. This involves looking at the industry, the type of data
handled, and the locations of the clients.
Defining the Scope
Estimating the timeline by working backward from the target end date, considering resources and
managed service providers (MSPs).
Risk Assessment
Assessing current processes to establish a baseline and prioritize necessary enhancements for audits
or compliance.
Designing and Implementation Controls
Developing a plan using selected IT general controls and baseline insights. Combining effective
controls with security improvements, prioritizing them for audits or compliance.
Testing the Controls
To ensure each IT general control (ITGC) works effectively, Kratikal tests every ITGC with a diverse team
to identify flaws and ensure reliability.
Contact Us :
[email protected]
+91 9289192210
B-70, Second Floor, Sector-67,
Noida (UP) - 201301
For India
(+1) 323 287 9435
400 W Peachtree St NW Atlanta,
GA, 30308, USA
For USA
[email protected]
+91 9289192210
B-70, Second Floor, Sector-67,
Noida (UP) - 201301
For India
(+1) 323 287 9435
400 W Peachtree St NW Atlanta,
GA, 30308, USA
For USA
THANK YOU!
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 125
- Slides 9
- Age 430 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
35 views
21
Know for Certain
DaveSinNM
23 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views