This policy outlines the internal control testing processes and the testing frequency of automated controls at a company. It applies to the system automated controls that have a direct impact on a company’s financial statements accuracy, completeness and validity.
This sample states that it is the responsibility of the IT department to maintain this procedure. At a minimum, this procedure will be reviewed by the IT department annually, or as needed, for process improvements and changes. IT and accounting personnel are responsible for updating the system automated controls matrix as change requests are implemented. IT and accounting personnel are responsible for testing and documenting all automated controls once a year.