Scribd
Upload
2K views13 pages

General Control and Application Control

This document discusses general controls and application controls. General controls relate to many applications and support application controls by ensuring proper IT system operation. They include controls over data centers, networks, access security, and physical security. Application controls are specific to individual applications and ensure completeness, accuracy, and validity of processing and accounting entries. Types of application controls include input, processing, output and master file controls. The objectives of general controls differ from application controls.

Uploaded by

Angel Juan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
2K views13 pages

General Control and Application Control

This document discusses general controls and application controls. General controls relate to many applications and support application controls by ensuring proper IT system operation. They include controls over data centers, networks, access security, and physical security. Application controls are specific to individual applications and ensure completeness, accuracy, and validity of processing and accounting entries. Types of application controls include input, processing, output and master file controls. The objectives of general controls differ from application controls.

Uploaded by

Angel Juan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
  • General Control & Application Control: Introduction to the two main categories of controls: general and application control.
  • Control Activities: Describes the overarching policies and procedures of control activities including information technology and physical controls.
  • Information Technology Control and Physical Control: Details the two groups under IT controls: general and application control, and explains the physical controls in accounting systems.
  • ITGC: Lists components of IT General Controls such as change management, incident management, and physical security.
  • IT Application Controls: Covers application controls, emphasizing checks and controls like completeness, validity, and forensic controls.
  • General Control: Explores the role of general controls in ensuring the proper operation of information systems.
  • Types of General Control: Details different types of general controls, including data center operations, access security, and system acquisition.
  • Application Control: Describes controls specific to accounting applications ensuring processing completeness and accuracy.
  • Types of Application Control: Breakdown of application control types including input, processing, output controls, and master file information.
  • General Control vs. Application Control: Comparison between general and application controls highlighting their scope and specificity within organizations.
  • Objectives: Outlines the objectives of general and application control regarding program and data integrity, and completeness.

General Control &

Application
Control
Control Activities
• These are the policies and procedures
used to ensure that appropriate actions
are taken to deal with the organization’s
identified risks.
Two Categories:
1. Information Technology Control
2. Physical Control
Information Technology Control
Two Groups:
1. General Control
2. Application Control

Physical Control
• This class of controls relates primarily to the
human activities employed in accounting systems.
ITGC
 Control Environment
 Change management
 Source code/document version control
 Software development life cycle
 Logical access
 Incident management
 Problem management
 Technical support
 Hardware/software
 Disaster recovery/ backup and recovery
 Physical security
IT application controls
 Completeness checks
 Validity checks
 Identification
 Authentication
 Authorization
 Input controls
 Forensic controls
General Control
 These are policies and procedures that
relate to many applications and support
the effective functioning of application
controls by helping to ensure the
continued proper operation of
information systems.
Types of General Control
1. Controls Over Data Centre And
Network Operations
 It deals with the access of the main data
storage of the systems.
2. Access Security
 Controls that protect the computer from
fraudulent actions.
 3.Application System Acquisition,
Development, And Maintenance
Types of General Control
4. Physical Security of Assets, including
Adequate Safeguards such as Secured Facilities
over Access to Assets and Records
 Controls that secure the efficiency of the
equipment, asset, or property.
5. Authorization for Access to Computer
Programs and Data Files
 Controls on file security for the reliability of
the file because there is a protection that
the file is highly authenticated.
Application Control
 These are controls specific to a particular
accounting application.
 Application controls are to ensure the
completeness and accuracy of all
processing and the validity of the
accounting entries made
Types of Application Control
1. INPUT CONTROLS
 Controls over input are designed to assure that
the information processed by the computer is
valid, complete, and accurate.
2. PROCESSING CONTROLS
 Controls over processing are designed to
assure that data input into the system is
accurately processed.
Types of Application Control
3. OUTPUT CONTROLS
 Controls over output are designed to assure
that data generated by the computer are valid,
accurate, and complete.
4. CONTROLS OVER MASTER FILE
INFORMATION
 There should be procedures in place to verify
that the correct version of the Master File is
being used.
General Control VS. Application
Control
 General controls apply to all areas of the
organization including the IT
infrastructure and support services.
 Application controls refer to the
transactions and data relating to each
computer-based application system;
therefore, they are specific to each
application.
Objectives
General Control
 To ensure the proper development and
implementation of applications, as well as the
integrity of programs, data files, and
computer operations.
Application Control
 1. Completeness of input and update
 2. Accuracy of input and update
 3.Validity (proper authorization)
 4. Maintenance (complete and correct over
time)

General Control & Application Control
Control Activities • These are the policies and procedures used to ensure that appropriate actions are taken to deal with t
Information Technology Control Two Groups: 1. General Control 2. Application Control Physical Control • This class of control
ITGC Control Environment Change management Source code/document version control Software development life cycle Logical
IT application controls Completeness checks Validity checks Identification Authentication Authorization Input controls
General Control These are policies and procedures that relate to many applications and support the effective functioning o
Types of General Control 1. Controls Over Data Centre And Network Operations It deals with the access of the main data sto
Types of General Control 4. Physical Security of Assets, including Adequate Safeguards such as Secured Facilities over Acce
Application Control These are controls specific to a particular accounting application. Application controls are to ensure
Types of Application Control 1. INPUT CONTROLS Controls over input are designed to assure that the information processed by

You might also like