Question

Identify the six categories of general controls and give one example of each

Answer 1

The general controls in an organisation govern the security, design, and use of computer programs and the security of data files in general throughout the infrastructure of information technology. The six categories of general controls are identified as:

1. Organization administration: It includes organisation chart and duties. For example IT Director reports to senior management

2. Segregation of duties: It targets to deter frauds and improper practices. For example software change implementation and database administration must function separately to ensure that the employee who controls programs has no access to information and this assists to prevent fraud

3. Systems development: Systems development ensures quality assurance. For example: All systems must not have access to customer data

4. Physical and online security: Physical and online security to online any fraud. For example: Hardware systems should protected access, online protection with password or firewall

5. Backup and contingency planning: Backup data on regular routine to avoid any loss. For example: Employees can be instructed to store their work files on the network to prevent any loss. They can place a copy on the desktops on laptop for ease access..

6. Controls on hardware: Hardware control must be done to ensure to prevent any disaster For example storage failure sends error message to users.