ACTG 4620 Study Guide - Final Guide: Missing Data, Fixed Asset, Acceptance Testing

75 views9 pages

Document Summary

General controls internal controls that apply to a multitude of systems. Internal control instruction, procedure or tool to mitigate an inherent risk. Not an essential business activity or procedure for a transaction. It steering committee: segregation of duties, code of business conduct, management of consultants. Access controls: physical, logical, applies to infrastructure, software, people, information and procedures. Systems development and acquisition controls: systems development methodology, approval at checkpoints, documentation standards, testing. Disaster prevention controls: data backup, software backup, hardware and network redundancy, backup testing, fire and water resistant data centers, locating data centers away from hazardous or high crime area, preventive maintenance schedule and monitoring, hardware performance monitoring. Incident response procedures: disaster recovery plan, disaster recovery testing. Computer operations controls: controls over it purchases, processing schedule, hardware and software deployment procedures, network and hardware operation proceudres, network documentation, server and network configuration, network transmission controls, service level agreement, capacity planning.