Define your company’s internal control testing processes and the testing frequency of its automated controls.

Under this policy, the IT department is responsible for maintaining this procedure, and the documentation control department is responsible for maintaining its configuration; at a minimum, this procedure will be reviewed by the IT department annually, or as needed, for process improvements and changes; IT and accounting personnel are responsible for updating the System X automated controls matrix as change requests are implemented; and IT and accounting personnel are responsible for testing and documenting all automated controls once a year.