EBP2337. Understanding ITGC for EBP Audits

As more and more information is provided electronically, auditors need to evaluate the reliability, completeness and accuracy of that information. Evaluating and testing of ITGC is one possibility for doing that. This session will review the concept of ITGC. By understanding how plan sponsors and their 3rd party service providers process information, auditors will have a better understanding where ITGC impacts their audits. From this point, we will discuss some risk factors to consider in testing those ITGC. This session is designed for practitioners that generally don't have access to IT auditors.

Learning Objectives:

• Identify when and why ITGC is relevant for EBP audits
• Analyze common IT risk in EBP audits and the common controls that would mitigate those risks
• Recall the tools and best practices that are relevant for an effective understanding of ITGC and where to start.