Discover the benefits of our IT General Controls Assessment Report, specifically focusing on critical areas such as logical access, operations management, change management and the system development lifecycle (SDLC). It provides an executive summary outlining the background, audit objectives, scope of work, significant findings and conclusions, and offers detailed observations and agreed-upon action plans to address issues related to those critical areas.

It also includes recommendations for improving internal controls, ensuring compliance and safeguarding data integrity. Additionally, it emphasizes the importance of formalized policies, periodic reviews and adherence to industry best practices to mitigate risks and enhance the overall IT governance framework. The report is intended for management and stakeholders to facilitate informed decision-making, drive process improvements, and ensure that the organization's IT infrastructure supports its strategic objectives effectively.

The following issues were noted in the observations summary:

• Formal policies for IT security, operations management and change management are lacking.
• Third-party control environments are not reviewed.
• Password controls are inadequate.
• Internal controls related to logical access are poor.