IT controls - General vs Application Controls
Вставка
- Опубліковано 9 лип 2024
- In this video I explain the difference between general IT controls and application IT controls.
#InternalControls #ITControls #Auditing
My ultimate audit video study guide is available here
amandalovestoaudit.com/learni...
Subscribe to watch more auditing videos
/ amandalovestoaudit
Catch me on social media!
/ amandalovestoaudit
/ amandasaudit
/ amandalovestoaudit
Camera - Sony A6500 + 28mm, illustrations captured on Explain Everything on the iPad Pro
Mic - Rode SmartLav+
Monitor - SmallHD Focus
Lighting - Aputure 672S, Aputure AL-MC
Normal it general controls are categorised into domains:
1. Access: to application, to servers, to data centers
2. Changes in Inscope Application and related infrastructure: if there any code changes performed in the application, or if there any such changes in the application which changes the functioning of the application (like changing the tax rate on any product), patches applied in the application, security patches made on the servers,
3. Security: testing of Firewall, antivirus elements
4. Other IT Operations: Scheduled jobs, interfaces, Backups, Incidents
Hi Parminder - thanks for sharing this :)
Recently found your channel and have my uni audit exam next week! Thank you so much for these videos, they are so helpful and well made!
This video couldn’t have come at a better time! Currently studying this topic this week! Thank you so much!!
Great! Happy studies 😊
This is such an fantastic video with clear explanation and examples. Absolutely loving it! Keep it up Amanda will follow the channel!
Thanks Tony!
Great explanation, thank you so much.
Thanks I really loved that video, I was really struggling with general v application controls, now all is clear.
Great to hear!
This is my second presentation today
Lots of appreciations for the these valuable videos 👍
Thank you so much for this video! I'm interviewing for IT Risk Consultant this week and this clarifies things for me a lot.
One year on, did you get the job?
I DIIIIIID and I’m a senior now!!!!
@@abdulwahabalhaji8662 hmdl 🤲🏽
Hos do you like it? :) I have my last interview tomorrow, but Reddit says it’s really boring and few exit opportunities
Thank you, this was very informative!!!
Thanks Stace!
Beautifully explained in simple language
So wonderful thank you so much. You are great teacher
You’re welcome Jome! 😊
Thanks for clarification 🙏🏻
Ha, when you got to the LMS part, literally a relational DB scheme I created years ago... 😍
They haven't changed!
Thank you so much, you just contributed to my exam success.
Good luck in your exams Thabang!
👍Thank You very much for great video and answering my question.
Your way of explaining is great to understand easily within shortest time 👍
You’re welcome Mustafa!
thank you so much for sharing this helpful video
You're welcome Yosita!
very insightful and easily illustrated
Thanks!
Thanks, this is great
Amanda, it was amazing. Great job
Thank you Kwabena - good luck in your studies :)
Hi Amanda. This video is really good. Can you break this down further into the 6 general controls (control environ, system development,access control, continuity, system software and doc)? Enjoy your style of lecturing. Everything fits into perspective with the videos you do.
Great video Amanda☺
Thank you, this is very clear. Even my 100 euro's of textbooks can't explain like you do. gr from Amsterdam
“Dr Amanda”
That flexxxxxxx
I *think* that’s a compliment - thanks 😊
you're awesome, thanks!
Thank you so much Fadi 🙏☺️
Thank You for this video and also to the person who requested this video, It helped a lot.
You're welcome Syed!
really helpful...thanks a lot!!!!
Thanks Yuqian!
Don’t forget that I have a full study guide of videos on my website - amandalovestoaudit.com/learning-resources/audit-study-guide/
Thank you so much... but I want to understand the ICT controls in Revenue and receipts cycle!!! It confuses me big time.
Hiii ur videos are superb, will u do a video on socq type2 audit
Would you clarify the role of a group financial controller
Thank you
You're welcome Jus - thank you for watching :)
Hey Amanda..your way of teaching is just wow...can you please upload video on HIPPA with complete understanding from zero to hero
Hey - I don't know much about HIPPA (if you mean the healthcare privacy law) - sorry!
Thank you for the video. Do you have a video on sampling IT general controls?
Hi - not yet - when sampling, the key is going to be sampling over the entire year
Niceeeee!!! What about making a video where you explain the differences between an audit of private and public company?
Keep up the work!!
I salute🤙
您的英语讲得真好!
Hi Mike - unfortunately I can’t read Chinese characters!
How can you relate the IT controls with IT Audits
Nice
Very nice. 🌹
Thank you! 😊
I understand this video is old, however, is it correct to assume applications like email filters/blockers that are add-ons for other applications are considered General IT controls as opposed to IT Application Controls? I'm assuming it's General because it's not programmed into the application, but rather an add-on.
Do you have any tips for an IT Audit SOX interview? How to impress and stand out?
Hi Gib Gob - do you mean going for a job in IT Audit/SOX? Or do you mean interviewing clients?
I presume it is the latter - know your potential employer:
* what sort of companies do they audit?
* check out the SOX 404 reports on some of those companies - what are common issues that fall under the IT category? (rather than the manual category)
* how would you go about detecting those sorts of major deficiencies
And the final one - make sure you have at least 1 question for your employer that shows you want to know whether you fit in at their organisation - that may be about clients, location, travel, advancement, culture, diversity & inclusion.
Good luck!
@@amandalovestoaudit Insightful. Thank you
Can you explain , what is configurable and Non Configurable Controls and explain with an example
Hi Arvind - the teacher in me always asks a question first. What do you think the difference is? Give it a go and then I’ll happily provide some guidance based on your response ☺️
Kindly do a video on cloud accounting and/or share a link where one can get more insight on what it is and how it works, pros and cons etc. Thank you in advance.
Hey Vivianne
Definitely check out Heather Smith for everything cloud accounting. She has a great website and be sure to sign up for her newsletter
ua-cam.com/users/ANISEConsulting
I need to get some more info from you are you free to go for 30 minutes
Can I ask some question?
for access into organization network (Internal Network) >> ITGC
but access into each application (e.g. internal application) and some time we use different credential form internal network can we call IT application control?
So,if focus in application >> call Application Control right?
Yes - focus within an application is an Application Control
Greetings,can you please highlight which aspects to dwell much on when coming to computer auditing?
Hi Edward - I’m unsure of your question. Do you mean when you are studying computer audit? Or when you are auditing a client’s systems?
@@amandalovestoaudit on both aspects, and how to go about the subsequent events as an Auditor?
Hi Edward - auditing computers are like auditing any other process - understand the internal controls, identify the control activities, test the controls for effectiveness.
As for subsequent events - I have 3 videos on this topic
A strategy for answering subsequent event questions
ua-cam.com/video/i1nZ3k0E4JQ/v-deo.html
Subsequent events - some worked examples
ua-cam.com/video/pv-zenAjTGQ/v-deo.html
Interpreting the Auditing Standard on SUBSEQUENT EVENTS ISA/ASA560
ua-cam.com/video/H-R3LwHwdVg/v-deo.html
How do you manage not to say "um" when you are speaking?! Great job.
Lots of practice - but I still do it occassionally! Trying to speak too fast also can cause ums. I think in this video I wrote a script and used my teleprompter!
@@amandalovestoaudit thanks for your content. I am just at the bottom rung of aca doing assurance and your vids proper help!
pause instead of saying um
is this about Sarbanes Oxley?
Hi Peter - not specifically. SOX does require you to report on any material deficiencies in internal controls - but this video is just about the difference between 2 types of IT controls - application and general. SOX requires you to look at all controls - manual (done by people) and IT
Batch Jobs scheduled in an application, do they come under ITGC's or ITAC? (add/modify/delete critical scheduled jobs or interfaces between in-scope SOX system)
Batch jobs within an application would be an Application Control ☺️
@@amandalovestoaudit thanks for the clarification and Quick reply!😁
i need help for my task:(
My textbook also mentions ‘user controls’, what is that exactly?
User controls are those related to guiding user behaviour. Does it refer to computer end user controls?
www.prweb.com/releases/2004/12/prweb185286.htm
Dear Amanda how to check for back up ?
Asking about the process, see if they’ve done any restorations from backups (usually this process needs to be documented and signed off by mgmt). You can’t usually physically/actually test the backup
@@amandalovestoaudit Thank u so much
Amanda, what is a BSO test?
Hi - I don’t remember mentioning that in the video ... or do you mean generally?
Amanda, thanks for responding. I had someone at work ask me this and dont know what they were referring to. what kind of test is it?
Ok - it is something I’ve actually never heard of before! I will ask around and see if I can help - it might be something specific to your audit firms
Hello
I'm asking for an assistance relating to General control vs Application control
What sort of assistance?
I was trying to send the document but I couldn't
I was asking for you email so that I can share the document
@@karabondlovu6528 I am sorry, but that seems a bit shady. Just ask her the question instead of sending documents?
1 2 3
Sometimes it may be correct to say that Auditing is an art not having any logical approach and only limited by your imaginations as no answer is right or wrong !
🤣im in my final year and I still have to remind myself now and then about the difference between these 2.The line that differentiates them is too thin its easy to mix them up
I would think the app controls are more interface controls rather than SOD
There are many that are likely to be both
1
Hello , please if u can help as I am new IS Auditor need some Authorised SW's of the below:
Transaction logging
Query tools
Statistics and data analysis (CAAT)
Database management system (DBMS)
Data warehouses, data marts, data mining
AI
Embedded audit modules (EAM)
Neural network technology
Standards such as Extensible Business Reporting Language (XBRL)
Hi Bo - I’d check out Auditnet.org - this is a great resource for practitioners.
「上記のギフトのいずれかを選択できます」、
Best at 1.25x
crykey mate