IT General Controls Audit

Audit Objective

Provide management assurance that the proper system controls have been implemented across its IT Systems and Network environments


Potential Scope Areas


  • Problem Management
  • Host Security Review
  • Internal Network Domain Security Review
  • Backup/Recovery & Disaster Recovery Review
  • Security Administration
  • Database Security
  • Workstation Security Review
  • Policy/Procedures Review
  • Physical Security Review
  • Network Security Review

Type of Issues Identified by an Audit Serve IT General Controls Audit


  • Internal systems are accessible from the Internet
  • Monitoring processes are not in place to detect external attacks
  • Applications IDs used by the application to authenticate to the database are not properly secured
  • Detective review processes do not exist to identify production job & backup failures

Next Steps

Complete the Information Request form  and Audit Serve will contact you to scale the audit scope to the requirements of your organization and establish a proposal for the engagement.


AuditNet - The Global Resource for Auditors

Audit Vision

Since 1991
Join 3,500 other subscribers



Free Audit Serve Seminars Posted Online

25 minute extract from the seminar entitled "Alternate Control Design Approaches for z/OS" presented by Mitch Levine in London (at the Churchill War Rooms) March, 2018 which would be of interest to IT Audit, Security and GRC personnel

General Data Protection Regulation Seminar

Copyright © 2015. All Rights Reserved.