IT general controls

Area 1: Information Systems and Data Management (35-45%)

Your Progress

0 of 79 questions attempted

Topics

  • Logical access controls
  • Program change controls
  • Computer operations controls

Lessons

Study Frameworks

IT General Controls (ITGCs)

IT General Controls
Logical Access Controls
Authentication (passwords, MFA, biometrics)
Authorization (RBAC, least privilege)
Provisioning and deprovisioning
Periodic access recertification
Program Change Controls
Change request and CAB approval
Testing (unit, integration, UAT)
Segregation of dev/test/production
Emergency change retroactive approval
Computer Operations Controls
Job scheduling and batch processing
Backup (full, incremental, differential)
System monitoring and alerting
Capacity and performance management
System Development Controls
SDLC methodology and phases
Version control and code review
Security testing before deployment
APOCAccess controls, Program change controls, Operations controls, Creation/development controls

The four categories of IT General Controls (ITGCs). All automated application controls depend on these ITGCs being effective.

Practice These Topics(79 questions)