Scribd
Upload
192 views2 pages

Information Technology General Controls Leaflet

Uploaded by

gamallof
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
192 views2 pages

Information Technology General Controls Leaflet

Uploaded by

gamallof
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

www.pwc.com.

cy

Information Technology General


Controls (ITGCs)

Information Technology (“IT”) If you need to establish that:


environments continue to
increase in complexity with •• Systems are developed, configured, and implemented
ever greater reliance on the to achieve management’s objectives.
information produced by •• Changes to programmes and related infrastructure
components are requested, prioritised, performed,
IT systems and processes.
tested, and implemented in accordance with
The recent emergence of
management’s objectives.
regulations aiming to restore •• Transactions are processed completely and accurately
the investor confidence placed in accordance with management’s objectives, and
a greater emphasis on internal that processing problems are identified and resolved
controls and often requires completely and accurately to maintain the integrity
independent assessments of of financial data.
the effectiveness of internal •• Only authorised access is granted to programmes and
controls. data upon authentication of a user’s identity.

More and more market Then PwC can help you


players in their approach
towards internal control •• PwC can provide you with an overall evaluation
of management controls; assurance on business
assessment, design an
process, system and data technology management.
implementation need
Our services enable you to gain comfort that your
embedding an underlying systems, processes and risk management procedures
risk analysis approach with a are operating effectively and within a well -
focus on reliable and effective controlled environment.
key application controls. •• Our practice is backed by a global resource pool,
While Risk Management in focused tools, “standard industry practices”
itself is moving at the top knowledge, training and technology.
of the Board agenda due to
high profile business failures, The IT General Controls capability covers identification,
heavy regulatory pressure evaluation and validation of controls, including reporting
is increasing compliance of areas for improvement identified together with our
requirements which needs recommendations, in the following areas:
to be integrated into the
company internal control
framework.
Access to Programmes and Data

•• Policies and procedures


•• Roles and responsibilities
•• Security parameter settings of operating systems, applications (including
Enterprise Resource Planning (ERP) systems (e.g. SAP, Navision, Oracle)
and databases
•• User access rights
•• Monitoring & Training
•• Physical security
•• Network access

Control over Computer Operations

•• Organisation of IT function
•• Service Level Agreements
•• Business Continuity and Disaster Recovery Plans
•• Network Management
•• Backups and Recovery

Controls over Programme Development and Implementation


of New Systems

•• Testing
•• Transfer to live
•• Documentation and Training
•• Controls over Programme Changes
•• Maintenance activities
•• Change Requests

Controls over Programme Changes

•• Maintenance activities
•• Change Requests

Contact us
Christos Tsolakis PwC Cyprus
Partner Julia House
Risk Assurance Consulting 3 Themistocles Dervis Street
[email protected] CY-1066 Nicosia, Cyprus
P O Box 21612, CY-1591
Nicosia, Cyprus
Tel: +357-22555000
Fax: +357-22555001

www.pwc.com.cy/risk-assurance-consulting

This leaflet has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not
act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy
or completeness of the information contained in this publication, and, to the extent permitted by law, PricewaterhouseCoopers Ltd, Cyprus, its members, employees and agents do
not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this
publication or for any decision based on it.

©2011 PricewaterhouseCoopers Ltd. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers Ltd of Cyprus, which is a
member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity.

You might also like