Instructor for this course

Business reliance on information technology and the associated risks are restructuring how auditors audit and what auditors assess.

The Sarbanes-Oxley Act’s Section 404 (SOX 404) requires public companies, and their auditors to annually assess and report on the design and effectiveness of internal control over financial reporting. The reliability of financial reporting is heavily dependent on a well-controlled IT environment.

Today, every auditor must have a good comprehension of information technology basics and the vulnerabilities, threats and risks that face organizations each day to effectively plan and execute any audit engagement.

ITGC, a type of internal control, are a collection of policies that assure the proper application of control systems throughout a company. ITGC audit assist a company in ensuring that ITGC controls are in place and working effectively, enabling proper risk management within the organization.

In this course, we explore the Key Information Technology General Controls (ITGC Controls) areas that must be addressed to ensure the confidentiality, integrity and availability of data and information assets, as well as the reliability of financial reporting.

The categories of ITGC controls, including systems development, change management, programs and data security, as well as how to audit the general controls (GC), will be covered in this course. We will also talk about prevalent challenges and flaws found in ITGC audit.

Course Key Concepts: ITGC, IT Controls, Information Technology General Controls, SOX 404, IT Audit, ICFR, Internal Control over Financial Reporting, Data Confidentiality, Data Integrity, Data Availability.

Learning Objectives

  • Identify and describe the key controls over Access to Programs and Data.
  • Understand the techniques for auditing key ITGC controls.
  • Explore the main Physical Access and Environmental controls over critical IT Infrastructure.
  • Recognize the important Change Management controls.
Last updated/reviewed: May 11, 2022

10 Reviews (28 ratings)Reviews

Anonymous Author
This is a great course that manages to cover a lot of ground in a short period of time. I especially appreciated the detail given to physical/environmental controls.
Anonymous Author
I learned a lot from this course. The instructor was effective in the way he presented the course materials. I will definitely take another course on ITGCs.
Anonymous Author
This video had some technical issues, it would not play continuously, this was not the case for videos played before this one or after this one.
Anonymous Author
Very detailed and clear. Enjoyed this course. The slide attachments are very useful and helpful to save for future use!
Member's Profile
This course covered ITGC auditing in more detail than I've seen in similar courses. Very valuable content!!
Anonymous Author
Content was good, but would be more helpful if instructors weren't just reading from the slides.
Member's Profile
I enjoyed how the instructor leveraged his experience to teach the audience what is important.
Member's Profile
A good course on ITGC. It has helped me refresh and reinforce my understanding of the topic
Anonymous Author
Excellent course and resources for auditing IT General Controls.
Anonymous Author
This was a great and informative course on auditing ITGc’s.


Course Complexity: Foundational

No advanced preparation or prerequisites are required for this course.
Additional takeaways from this course will include templates to help develop:
Preliminary ITGC controls assessment questionnaire – to assist in audit planning, scoping and risk assessment.
Key ITGC audit program – to guide the testing of the design and effectiveness of the ITGCs.

Education Provider Information

Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Course Syllabus
  2:10An Overview to Auditing the Key Information Technology General Controls (ITGC)
  7:40What Are ITGC?
  9:22ITGC Key Areas of Focus
  7:04Key Control Areas-Part 1
  10:10Environmental Control Consideration
  9:27Power Protection
  14:40Key Control Areas-Part 2
  8:37Key Control Areas-Part 3
  13:34Key Control Areas-Part 4
  1:22:44Auditing the Key Information Technology General Controls (ITGC)
  PDFSlide: Auditing the Key Information Technology General Controls (ITGC)
  PDFAuditing the Key Information Technology General Controls (ITGC) Glossary/ Index
  PDFKey IT General Controls Audit Program
  PDFPreliminary ITGC Controls Assessment Questionnaire