Instructor for this course

Business reliance on information technology and the associated risks are restructuring how auditors audit and what auditors assess.

Section 404 of the Sarbanes-Oxley (SOX) Act, requires public companies, and their auditors to annually assess and report on the design and effectiveness of internal control over financial reporting. The reliability of financial reporting is heavily dependent on a well-controlled IT environment.

Today, every auditor must have a good comprehension of information technology basics and the vulnerabilities, threats and risks that face organizations each day to effectively plan and execute any audit engagement.

In this course, we explore the Key Information Technology General Controls areas that must be addressed to ensure the confidentiality, integrity and availability of data and information assets, as well as the reliability of financial reporting.

Course Key Concepts: ITGC, IT Controls, Information Technology General Controls, SOX 404, IT Audit, ICFR, Internal Control over Financial Reporting, Data Confidentiality, Data Integrity, Data Availability.

Learning Objectives

  • Identify and describe the key controls over Access to Programs and Data.
  • Explore the main Physical Access and Environmental controls over critical IT Infrastructure.
  • Recognize the important Change Management controls.
Last updated/reviewed: September 13, 2021

1 Review (8 ratings)Reviews

Anonymous Author
Very detailed and clear. Enjoyed this course. The slide attachments are very useful and helpful to save for future use!


Course Complexity: Foundational

No advanced preparation or prerequisites are required for this course.
Additional takeaways from this course will include templates to help develop:
Preliminary ITGC controls assessment questionnaire – to assist in audit planning, scoping and risk assessment.
Key ITGC audit program – to guide the testing of the design and effectiveness of the ITGCs.

Education Provider Information

Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Course Syllabus
  2:10An Overview to Auditing the Key Information Technology General Controls (ITGC)
  7:40What Are ITGC?
  9:22ITGC Key Areas of Focus
  7:04Key Control Areas-Part 1
  10:10Environmental Control Consideration
  9:27Power Protection
  14:40Key Control Areas-Part 2
  8:37Key Control Areas-Part 3
  13:34Key Control Areas-Part 4
  1:22:44Auditing the Key Information Technology General Controls (ITGC)
  PDFSlide: Auditing the Key Information Technology General Controls (ITGC)
  PDFAuditing the Key Information Technology General Controls (ITGC) Glossary/ Index
  PDFKey IT General Controls Audit Program
  PDFPreliminary ITGC Controls Assessment Questionnaire