Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Information Technology General Control Risk Assessment
Rating: 3.8 out of 5(11 ratings)
58 students

Information Technology General Control Risk Assessment

IT general controls, Auditing Course covers the protection of sensitive information from unauthorized access disclosure
Created byDr.Priyadarsini Karthik
Last updated 7/2023
English

What you'll learn

  • Learners will develop a comprehensive understanding of IT general controls and their significance in managing risks associated with information systems auditing
  • Learners will be able to identify and assess access controls within an organization's IT environment. They will gain knowledge of user management processes risk
  • Learners will gain the skills to evaluate change management practices and assess their effectiveness in managing IT changes policies and procedures requirements
  • Learners will be able to assess the adequacy of IT operations, management processes. They will understand the key components of IT operations and system backups

Course content

1 section10 lectures1h 14m total length

  • What is the need of Internal audit? How it evolved?2:04

    Trace the emergence of internal audit and general controls, driven by early fraud scandals and the Sarbanes-Oxley Act of 2002 regulating annual financial and operational audits.

  • Introduction to ITGC6:03
  • Access Management - User Creation12:37
  • User Termination9:33
  • High Privileged Access7:40

    Authorize high privileged access to production system only after ticket submission, manager approval, HR active employee validation, job responsibility assessment, and independent log reviews on a monthly basis.

  • User Access Review7:47

    Review the user access process to validate proper creation and termination and log findings. Ensure monthly reviews cover all users, verify extension and revocation tickets, and enforce segregation of duties.

  • Change Management6:52

    The lecture explains change management testing, detailing how a change ticket from the business unit (blue team) goes to CAB for approval, followed by development, testing, migration, and production deployment.

  • Incident Management7:26
  • IT Operations5:07
  • Audit Process8:51

Requirements

  • Basic knowledge of Information Technology
  • No Programming Knowledge needed

Description

ITGC (Information Technology General Controls) is a comprehensive course that explores the principles, methodologies, and practices associated with controlling and securing information technology systems within an organization. This course provides students with a solid foundation in understanding the control and security mechanisms necessary to protect and manage IT resources effectively.


The course begins by introducing students to the fundamental concepts of ITGC, including control frameworks, audit processes, and risk management techniques. Students learn about the importance of establishing and maintaining robust control environments to safeguard the confidentiality, integrity, and availability of information assets.


Throughout the course, students delve into various key areas of ITGC, such as access controls, change management, system development life cycle, data backup and recovery, and network security. They gain practical knowledge on designing and implementing access controls to ensure that only authorized individuals can access sensitive information. They also learn about change management processes to effectively manage system modifications while minimizing potential risks.


Moreover, the course emphasizes the significance of a structured system development life cycle to ensure that IT systems are designed, developed, and maintained with appropriate controls in place. Students explore strategies for data backup and recovery to ensure business continuity in the event of data loss or system failures. Additionally, they study network security measures, including firewalls, intrusion detection systems, and encryption techniques, to protect network infrastructure from unauthorized access and attacks.


By the end of the course, students acquire the skills necessary to assess, implement, and monitor IT controls. They learn to identify control deficiencies, mitigate risks, and establish best practices for maintaining a secure and well-controlled IT environment. Overall, ITGC equips students with the knowledge and skills to address the complex challenges associated with information technology controls and security.

Who this course is for:

  • Individuals working in risk management or compliance roles, including risk managers, compliance officers, or information security officers,

Report abuse