Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors

CHAPTER 5: OVERVIEW OF GENERAL IT AND MANAGEMENT RISKS

Overview

IT controls are composed of:

• controls specific to individual systems (referred to as ‘application controls’) and

• those controls common across the whole organisation, division of computer platform (referred to as ‘IT general controls’).

Both operate within the overall context of entity level controls:

• Entity level controls are about the tone and culture of the organisation.

• IT general controls are those within the IT management processes to provide a reliable and appropriate operating environment and support the effective operation of application controls.

Application controls will be covered in a later chapter.

To put this in another way, IRM is a group of closely ...

Get Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors by Christopher Wright

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly