Question

course : Accounting information system

GITC/Application Controls

1. GITC, general information technology controls is control activities performed by management to ensure the ongoing effectiveness of the organization's automated application controls and related systems. Where as application controls help ensure that transactions occured are recorded completely and accurately. Application controls also are automated in nature and often apply to the processing of individual transactions. Also, GITC includes execution of policies and procedures that relate to financially relevant applications and support the effective functioning of application controls and manual controls with an IT component by helping to ensure the continued proper operation of information systems. Another major difference is that application controls have specific controls to each unique computerized application but GITC can be applied to all computerized applications. Some examples of GITC is management approval and granting of logical access to the system to users and management approval of program changes. Some examples of application controls are key reports, configuration and authorization access.

2. The company cannot rely on the confidence that the application controls are working effectively if the GITC isn't working properly. Companies can’t just rely on the application controls because both the GITC and the application controls work together to function properly. Therefore, if one control isn't working properly, that means they all aren't working properly.

What is the difference between general information technology controls (GITC) and application controls?

If GITC's are not working properly, would the organization be able to have confidence that the application controls are working effectively?

Answer 1

GITC - General Information Technology Controls

GITC are the controls apply to system, processes, data, components of organizations information technology system.

Importance information technology controls increased due to increased use of technology, internet in every where. Reliable financial information is dependent upon General IT controls. GITCs are the components of business operation and financial information control. GITC are used for reliable data communication, reports, data processing, integrity. It is important for access control, change management, operational control, cyber security.

Application Control-

Application control are the controls that restricts unauthorized access to the system. Application controls may vary from organization to organization. Main purpose of application control is ensure privacy and security of data. Application controls include completeness, validity check. Main components are identification, authentication, authorisation.

Application controls type are input control, output control, process control, boundary controls.

Application control objects is confidentiality, integrity of application and data.

Main difference between them is

1.General IT controls are for whole computer whereas application control is only for particular application

2.Types GITC are control over data, control over program and types of Application control are input, output, process control.

3.General controls ensure proper development and implimentations of application, data, program.Application control is access control mechanism for restricting unauthorized access.

4.General controls apply to all areas of organization and IT support. Application control is specific to each application.

(2) Answer

If GITC controls are not properly working then organization application control can not work properly. Application control and general IT controls are work together therefore GITC not working then organization can not depend upon application control.

GITC related to change management, access control, data processing , operational control wheras application control is relating to only specific application.

Therefore organisation is not having confidence to work without General IT control. Application control not working effectiveliy without GITC.