IT General Controls Questionnaire

Subscriber Content
Screenshot of the first page of IT General Controls Questionnaire
IT General Controls Questionnaire: Designed for Reliable Data Processing

IT general controls are critical and central to business processes. They typically impact multiple applications in the technology environment and prevent certain events from impacting the integrity of processing data. Computer operations, physical and logical security, program changes, systems development, and business continuity are examples of processes where general IT controls reside.

The objective of these controls is to mitigate risks associated with their pervasive effect on the reliability, integrity and availability of processing relevant data. In this questionnaire, you can determine whether the control exists, whether it was designed properly, related test procedures, and management's action plan for deficiencies.

Example control objectives in this questionnaire include:

  • Management has prepared strategic plans for IT that align business objectives with IT strategies. The planning approach includes mechanisms to solicit input from relevant internal and external stakeholders affected by the IT strategic plans.
  • Management obtains feedback from business process owners and users regarding the quality and usefulness of its IT plans for use in the ongoing risk assessment process.
  • Control activities are in place and followed to ensure compliance with external requirements, such as regulatory and legal rules.

Topics
Sarbanes-Oxley Act
Internal Controls
Project Management
Change Management
COSO
IT Audit
IT Controls

Related Resources

Audit Programs

Program Changes Audit Work Program

Audit Programs

IT General Controls Audit Work Program

Audit Reports

IT Risk Assessment Audit Report

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It