Browse Information Systems and Controls (ISC)
-
-
- 3.1 COSO Internal Control – Integrated Framework: Relevance to Information Systems
- 3.2 COSO ERM for IT: Risk Management Across Digital Environments
- 3.3 COBIT 2019 Overview: Governance System Principles and Components
- 3.4 Other Influential Standards and Regulations (e.g., PCI DSS, HIPAA, GDPR)
- 3.5 ITIL and IT Service Management Overviews
-
-
- 10.1 Change Control Concepts: Policies and Procedures
- 10.2 Environments and Testing (Development, QA/Staging, Production)
- 10.3 Patch Management: Risks and Controls
- 10.4 Continuous Integration and Continuous Deployment in Modern DevOps
- 10.5 Systems Development Life Cycle (SDLC): Waterfall vs. Agile/DevOps
-
-
-
-
-
Chapter 8: IT General Controls (ITGC) – Standard Domains
In this section
-
Access to Programs and Data
Explore essential principles of physical and logical access controls, verifying proper access rights, and aligning practices with industry frameworks for secure and efficient IT operations.
-
Program Changes
Explore best practices for formal change management procedures, approvals, version control, and documentation requirements, ensuring controlled and auditable program modifications.
-
Program Development Key Phases and Sign-Off Gates
A detailed exploration of the software development lifecycle, with a focus on milestones, sign-off gates, and acceptance tests that align with IT General Controls and CPA considerations.
-
Computer Operations
Explore the essentials of effective computer operations, including job scheduling, backups, and daily monitoring, along with real-world failure scenarios and robust control measures.
-
Aligning ITGCs with COSO and COBIT
Discover how IT General Controls align with COSO Internal Control components and COBIT principles to ensure effective governance and robust security frameworks
-
Identifying Control Deficiencies and Mitigation
Explore how to pinpoint IT general control (ITGC) weaknesses and implement effective mitigation strategies to strengthen organizational information systems.
