BAICS Form 3

INTERNAL CONTROL SELF ASSESSMENT

Bureau of Fire Protection (BFP)

Information Technology

REMARKS
(If yes, indicate
MOV/documentary
requirements/action taken
ICC
Sample submitted
Ref. ICC Statement YES NO N/A
MOV MOVs If no, indicate why is it
#
answered as NO

if N/A, provide justification

why it is not applicable)

96 The organization has an approved IT N/A

organizational chart and written job descriptions
that adequately defines the lines of authority,
duties/responsibilities
/accountabilities and reporting and
communication.
Do you have adequate IT Controls on: N/A No Trainings, Seminars and
Schooling Attended

IT General Controls N/A No Trainings, Seminars and

Schooling Attended

IT ENVIRONMENT N/A No Trainings, Seminars and

Schooling Attended

● Strategic IT Plan

● Processes, Organization and Relationships

● Management Aims and Direction

● IT Skills and Training i.

Access Control N/A No Trainings, Seminars and

Schooling Attended

● Physical Security

● Logical Access

Backup and Recovery Controls

Systems and Program

 Computer Operations Controls N/A No Trainings, Seminars and
Schooling Attended

● Service-Level Agreements

● Performance and Capacity

● Systems Security

● Configuration Management

● Problem and Incident Management

Disaster Recovery N/A No Trainings, Seminars and

Schooling Attended

Network Controls N/A No Trainings, Seminars and

Schooling Attended

Internet/Intranet Controls N/A No Trainings, Seminars and

Schooling Attended

97 ● Application/Internet Control

● Processing Control

● Output Control
Compliance to IT LRRs

Protection from Malware