Description

Business reliance on information technology and the associated risks are restructuring how auditors audit and what auditors assess.

The Sarbanes-Oxley Act’s Section 404 (SOX 404) requires public companies, and their auditors to annually assess and report on the design and effectiveness of internal control over financial reporting. The reliability of financial reporting is heavily dependent on a well-controlled IT environment.

Today, every auditor must have a good comprehension of information technology basics and the vulnerabilities, threats and risks that face organizations each day to effectively plan and execute any audit engagement.

ITGC, a type of internal control, are a collection of policies that assure the proper application of control systems throughout a company. ITGC audit assist a company in ensuring that ITGC controls are in place and working effectively, enabling proper risk management within the organization.

In this course, we explore the Key Information Technology General Controls (ITGC Controls) areas that must be addressed to ensure the confidentiality, integrity and availability of data and information assets, as well as the reliability of financial reporting.

The categories of ITGC controls, including systems development, change management, programs and data security, as well as how to audit the general controls (GC), will be covered in this course. We will also talk about prevalent challenges and flaws found in ITGC audit.

Course Key Concepts: ITGC, IT Controls, Information Technology General Controls, SOX 404, IT Audit, ICFR, Internal Control over Financial Reporting, Data Confidentiality, Data Integrity, Data Availability.