Chapter 4 - Internal controls for IT systems. This chapter presents the following content: An overview of internal controls for IT systems, general controls for IT systems, general controls from a trust services principles perspective, hardware and software exposures in IT systems, application software and application controls, ethical issues in IT systems. | Chapter 4 Internal Controls for IT Systems Chapter 4 An overview of internal controls for IT systems General controls for IT systems General controls from a Trust Services Principles perspective Hardware and software exposures in IT systems Application software and application controls Ethical issues in IT systems Study Objectives SO 1 An overview of internal controls for IT systems Accounting Information System - collects, processes, stores, and reports accounting information. Internal controls for computer-based systems have been described as being of two types: General controls Application controls Internal Controls for IT Systems SO 1 An overview of internal controls for IT systems Application controls used to control inputs, processing, and outputs. General controls apply overall to the IT accounting system. Exhibit 4-1 General and Application Controls in IT Systems Internal Controls for IT Systems SO 2 General controls for IT systems Five categories of general controls: Authentication of users and limiting unauthorized access Hacking and other network break-ins Organizational structure Physical environment and physical security of the system Business Continuity General Controls for IT Systems Authentication of Users and Limiting Unauthorized Users Log-in User IDs Password Smart card Security token Two factor authentication SO 2 General controls for IT systems Biometric devices Computer log Nonrepudiation User profile Authority table Configuration tables General Controls for IT Systems Hacking and other Network Break-Ins Firewall Symmetric encryption Public key encryption Wired equivalency privacy Wireless protected access Service set identifier Virtual private network SO 2 General controls for IT systems Secure sockets layer Virus Antivirus software Vulnerability assessment Intrusion detection Penetration testing General Controls for IT Systems Organizational Structure IT governance committee, responsibilities include: Align IT investments to business . | Chapter 4 Internal Controls for IT Systems Chapter 4 An overview of internal controls for IT systems General controls for IT systems General controls from a Trust Services Principles perspective Hardware and software exposures in IT systems Application software and application controls Ethical issues in IT systems Study Objectives SO 1 An overview of internal controls for IT systems Accounting Information System - collects, processes, stores, and reports accounting information. Internal controls for computer-based systems have been described as being of two types: General controls Application controls Internal Controls for IT Systems SO 1 An overview of internal controls for IT systems Application controls used to control inputs, processing, and outputs. General controls apply overall to the IT accounting system. Exhibit 4-1 General and Application Controls in IT Systems Internal Controls for IT Systems SO 2 General controls for IT systems Five categories of general controls: .
