Information Systems Assurance
IT General Controls are the controls in the general computer environment. We assess IT policies and procedures to ensure these are adequate and logical in as far as access as well as password administration to ensure adequate restrictions to systems.
We also assess change control, physical and environmental security, IT service continuity and backup, service level agreements with third party suppliers, and problem and incident management.
Application controls are the automated controls built into a system to ensure that data input into the system is complete, accurate and valid; and that output is consistent with input. We have experience in various systems including SAP, Oracle, Great Plains, Pastel, and VIP payroll, Bas, Logis and Persal among others.Areas we review include:
- Input and processing controls to ensure that data input into the system is complete, accurate and valid;
- Output controls to determine whether output is consistent with input and confidentiality is maintained;
- Segregation of duties;
- Master file amendments;
- Logical access to the application system and
- Adequate password settings.