IT general controls are critical and central to business processes. IT general controls typically impact multiple applications in the technology environment and prevent certain events from impacting the integrity of processing or data. Computer operations, physical and logical security, program changes, systems development and business continuity are examples of processes where general IT controls reside. The objective of IT general controls is to mitigate risks because of their pervasive effect on the reliability, integrity and availability of processing and relevant data.
This Excel-based template provides a number of COBIT areas and the related control objectives for each IT general control. You can document items such as whether the control exists, whether it was designed properly, related test procedures, and management action plan for deficiencies. This questionnaire has been updated with areas defined in COBIT 4.1.