IT general controls (ITGCs)
Definition
Controls over the IT environment that support the reliable operation of application controls. Key categories include access management, change management, computer operations, and data integrity controls. Weaknesses in ITGCs can undermine the entire control framework built on top of automated systems.
Related terms
- COBIT
- Control Objectives for Information and Related Technologies, published by ISACA. A governance and management framework for enterprise IT that defines IT-specific control...
- Control environment
- The first and foundational component of the COSO framework. It encompasses the board's oversight, management's philosophy and operating style, organisational structure, commitment...
- COSO Integrated Framework
- A framework for internal control published by the Committee of Sponsoring Organizations of the Treadway Commission, defining five interrelated components: control environment,...
- Detective control
- A control designed to identify an error or irregularity after it has occurred. Examples include bank reconciliations, exception reports, variance analysis, and...
- Preventive control
- A control designed to stop an error or fraudulent act before it occurs. Examples include segregation of duties, mandatory authorisation limits, access...
Explained in
- Internal Control Frameworks and Control DesignControls over the IT environment that support the reliable operation of application controls. Key categories include access management, change management, comp...