Information technology general controls ITGC play a very key role in the overall IT control environment. They help in placing reliance on application controls and the integrity of the data in financial statements. A ITGC control deficiency can have a pervasive effect on the IT environment and can result in key risks. A audit of internal controls as required by sarbanes oxley may show deficiencies in ITGC controls.

An auditor should evaluate the deficiencies noted in ITGCs. The auditor should try and determine, if individually or in aggregate, these deficiencies result in key risks. In case there are several ITGC deficiencies, chances are they may cause a similar risk and require a similar response from a financial statement audit perspective. If there are no compensating controls for such ITGC deficiencies, then the auditor should go in for substantive testing. To conclude, one thing is clear, due to the pervasive nature of ITGCs, these deficiencies could result in key risks which could affect financial statement reporting.

Related Posts

Program Development Controls ITGC
Pervasive ITGC Controls
Significant Spreadsheets for SOX Scoping
How to Make an Internal Audit Plan