IT General Controls Audit Work Program

Subscriber Content
Screenshot of the first page of IT General Controls Audit Work Program

This tool contains four sample work programs that provide best-practice steps an organization should consider when evaluating its IT general controls environment.

Sample steps in these programs include: obtain a copy of the information security policy; confirm that the policy addresses user authentication, password complexity and system security; confirm that the policy has been reviewed and approved by senior management; confirm that access to the in-scope applications requires the use of a password; confirm that desktops are required to use passwords; and confirm that the usage of default accounts (if any) is limited to one individual.


Topics
Business Continuity Management
IT Risk
IT Controls
Audit Testing
Internal Controls
Risk Assessment

Related Resources

Protiviti Booklets

Guide to the Sarbanes-Oxley Act: IT Risks and Controls

Checklists & Questionnaires

IT General Controls Questionnaire

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It