NAA2338. Practical Tips and Effective Techniques for Identifying and Testing Relevant Information Technology General Controls (ITGCs)

The session focuses on Information Technology General Controls (ITGCs) and the revised AU-C315 Standard (SAS 145), which is effective for 2023 calendar-year audits . A high-level review of the categories of ITGCs and ITGC control objectives will be presented as a lead-in to the central topics which include a proven methodology for identifying and selecting relevant ITGCs to test, practical guidelines for testing the design and operating effectiveness of ITGCs, and documenting ITGC testing results. Additionally, the session discusses common ITGC deficiencies and their implications and relationship to the financial audit.

Learning Objectives:

• Compare ITGC issues to the revised AU-C 315 Standard (SAS 145)
• Analyze ITGC control objectives and explain their importance to the financial audit.
• Identify relevant ITGCs in IT environments and explain their significance to the financial audit.
• Apply the design and operating effectiveness of ITGCs relevant to the financial audit.
• Distinguish how to create appropriate documentation of testing results.