answersLogoWhite

0

Auditing General ControlsA general controls review attempts to gain an overall impression of the controls that are present in the environment surrounding the information systems. These include the organizational and administrative structure of the IS function, the existence of policies and procedures for the day-to-day operations, availability of staff and their skills and the overall control environment. It is important for the IS auditor to obtain an understanding of these as they are the foundation on which other controls reside.

A general controls review would also include the infrastructure and environmental controls. A review of the data center or information processing facility should cover the adequacy of air conditioning (temperature, humidity), power supply (uninterruptible power supplies, generators) and smoke detectors/fire suppression systems, a conducive clean and dust free environment, protection from floods and water seepage as well as neat and identifiable electrical and network cabling.

Physical access control is another important area for review. Today in a highly networked world, logical access to computer systems is literally universal, yet there is a necessity to control physical access too. There are certain commands and settings that can be executed only from the console of the server and hence it is important to enclose all servers in a secure location protected by suitable mechanisms like locked doors, access swipe cards, biometric access devices or a combination of these. Further the IS auditors also should review the overall access control measures to the entire facility for controls like security guards at the entry gates, displaying of identification badges and logging visitor access

User Avatar

Wiki User

14y ago

What else can I help you with?

Related Questions

Compare general controls and application controls for information systems?

General controls are primarily designed to ensure the overall security and reliability of an information system, while application controls are more focused on specific processes or transactions within an application. General controls include measures like access controls, change management, and disaster recovery, whereas application controls include functions such as input validation, processing logic, and output generation specific to a particular application or system. Both types of controls are necessary to effectively manage risks and ensure the integrity and security of information systems.


Difference between computer application and IT?

computer application is just software, IT (information technology) in general is an organization, or the persons within that organization. They are totally different, apple and Apple computer!


What is the difference between general and general and educational psychology?

what is difference between general Psychology and educational psycholgy


Difference between general-purpose and special-purpose application?

By using general purpose software a user can fulfill his or her general needs By using special purpose software a user can fulfill his or her specific needs for which this special purpose software has been designed.


What is the difference between traction motor and general motor?

A series motor is employed for traction application which has starting torque and permits intermittent operations by braking, which cannot be expected of a general purpose motor.


What is the difference between proprietor and general manager?

Difference between propriter &manager


What is the difference between the un general assembly and the un security council?

difference between general assembly and security council


What is the difference between General Science and General Knowledge?

jgjkkgjkg


Difference of 18 and 81 general knowledge?

what is difference between 18 & 81 in general knowledge


What is the difference between a header and a title on a report?

what is the difference between titles and headings in general.


What is the difference between restaurant manager and general restaurant manager?

No, there is no difference.


What is the difference between overhead and GA?

The difference between Overhead & G&A is as follows: Overhead is always a fixed cost...such as rent. G&A (Stands for General and Administrative) so therefore all general and administrative costs go here....such a supervisor salary. G&A can have cost controls implemented into them...the fixed costs are set (usually in stone). http://www.xsellence.com