Please wait...

Information Technology General Controls

Overview Of ITGC Webpage

Riskpro India assists organizations in designing ITGC frameworks and provides operating effectiveness assurance through ITGC audits. We have dedicated IT audit professionals having experience working with a wide variety of industries of all sizes to mitigate ITGC risks within your IT environment. Our ITGC services are tailored to the organization's risk appetite and compliance requirements.

Riskpro India’s Understanding of Scope for IT Audit

The management wishes to invite a proposal for the said IT Audit as per the scope below: 1. Internal Vulnerability Assessment (VA) of the Application. 2. ITGC control testing of the application which will include the following activities:

  • Access control Management
  • Input / Output Controls
  • Incident / Security Incident and Problem Management Process
  • Change Management Process
  • Release Management Process
  • Backup and Disaster Recovery Process
  • Interfaces Process and Security Control
  • Application System and Support Documentation
  • Application Security

IT General Controls The IT General Controls covers Identification, Evaluation and Validation of Controls including reporting of areas for improvement identified together with our recommendations, in the following areas:

  • Logical Access Management
  • Change & Release Management
  • Risk Management
  • Incident Management
  • SDLC
  • Application control reviews
  • End User Computing
  • Business Continuity
  • Policy Management
  • Operation Management
  • Infrastructure Physical Security

Service Ecosystem of IT General Controls

A service ecosystem of any company includes the following components: COMPLIANCE INFRASTRUCTURE

Compliance Repository

  • Policies, Procedures & Business Rule Templates
  • Organization Compliance - Data Privacy, Internal Controls, Records Management, BCP/ DR, Risk Analytics
  • Client Related Compliance – Industry Compliance, Best-Practice Compliance, SLA Compliance, Client Reporting & Disclosures, Client Asset Management
  • Geographic, Federal & Regulatory Compliance – SOX, DPA, FERC/NERC, HIPAA, FDA, FCPA, PCI DSS among others

REPORTING & ANALYSIS

  • Internal Reporting & Analysis - Aggregated Reporting
  • External Reporting - Local Regulator Reporting
  • STAKEHOLDERS Board of Directors, Finance, Legal, Sales, Contracts, HR, Controller, Treasury, IT, Audit and Risk

How Riskpro can help?

Riskpro can assist you with any of the above services. For more details, please email info@riskpro.in