IT general controls (ITGC) are the basic controls that can be applied to IT systems such as applications, operating systems, databases, and supporting IT infrastructure.  The objectives of ITGCs are to ensure the integrity of the data and processes that the systems support.   The most common ITGCs are as follow:

• Logical access controls over applications, data and supporting infrastructure

• Program change management controls

• Backup and recovery controls

• Computer operation controls

• Data center physical security controls

• System development life cycle controls

Detailed Approach to IT General Controls

We assist organizations in designing ITGC frameworks and providing operating effectiveness assurance through co-sourcing and outsourcing of ITGC audits.

Schneider Downs’ dedicated IT audit professionals have experience working with a wide variety of industries of all sizes. We partner with you to provide a comprehensive ITGC coverage to manage and mitigate ITGC risks within your IT environment.  Our ITGC services will be tailored to the organization’s risk appetite and compliance requirements.

With a large number of skilled and seasoned IT Auditors on-staff, we are able to tailor IT audit plans and deliver results that are designed to mitigate the most critical risks to your organization.   Our staff also delivers the utmost integrity, objectivity, confidentiality, and independence required by the auditing standards.

​

We conduct compliance reviews targeted at evaluating the adequacy of controls intended to promote compliance with laws and regulations.

These reviews encompass Federal Reserve regulations, FISCAM/FISMA regulations, CFPB regulation –from the Bank Secrecy/Anti-Money Laundering Act to Regulation Z (TILA), and everything in between.

​

​