Managing and Auditing in IT Controls - Essay Example

Control environment: controls shaping the corporate culture.Source code: controls that protect the integrity of program code.Change management controls: designed in ensuring changes are authorized and meets business requirements.Problem management policies and procedures: designed to aid identification and cause of incidents.Backup and recovery: designed to enable continued processing in times of adverse conditions.Physical security: it ensures the physical security of data from environmental and individual risks.

Secondly, I recommend that the agency adopt IT Application controls. The application is designed and operates automatically in ensuring accurate and complete processing of data. They vary with the type of business and the purpose. Similarly, they are very essential in ensuring the privacy and security of information which is transmitted between applications (GFS Consulting, 2014). There are many types of IT applications and they include:Authorization: it is a control that only allows authorized users to the business application.

Completeness checks: control ensuring processing of records to completion.Forensic control: controls ensuring information is scientifically and mathematically correct based on inputs and outputs.Input controls: controls that ensure the integrity of the information that is fed into the system.Identification: controls that identify users. Moreover, there is a need to have IT controls and Chief Information Officer (CIO) or Chief Information Security Officer (CISO) who will oversee the accuracy, security as well as the reliability of the systems managing and reporting the organizational data.

Enterprise Resource Planning System and financial accounting are integrated with the initiation and authorization, processing as well as reporting of financial data. Therefore, they may involve Sarbanes-Oxley compliance to mitigate particular financial risks that the agency may face (GFS Consulting, 2014). I believe additional IT control of the 22 employees will benefit the organization as it will be able to control access to the organizational data. The authorization will be essential in controlling the personnel who are required to access company information.

Additionally, the agency will be able to have an automated system that detects and fix problems hence minimizing human interference. Every personnel will have a history of how he or she uses the system, hence helping in making further recommendations and adjustments on how to control the agency information. In case you need further clarification regarding these recommendations, please contact me; Evans Dwelle, Computer Technician of Techlog Agency at (343)734-2254.