A. IT General Controls are controls that apply to all systems components, processes and data for an organisation

B. IT General Controls are controls that only apply to the logical access of a system for an organisation

C. IT General Controls are controls only performed centrally for all applications

A. To ensure compliance with our Auditing Standards

B. To ensure the proper development and implementation of applications as well as the integrity of programs data files and computer operations

C. To ensure the proper development and implementation of applications as well as the integrity of programs data files and computer operations

A. Segregation of Duties, Physical Security, Logical access controls, Change controls, Backup & continuity, IT operations

B. Physical Security, Logical access controls, Change controls, Backup & continuity, IT operations

C. Application mapping and data flows

D. Physical Security, Logical access controls, Change controls, Backup & continuity, IT operations, SOC reports

A. Identification of compensating controls

B. New sampling

C. Increase of tests, i.e. Journal entry testing

A. No reliance on the IT Environment

B. No reliance on the IT Application Controls

C. Not able to perform Data Analytics

A. A Service Organisation Control Report

B. A Service Operations Control Report

C.A Specific Operation Centre Report

A. There is no specific scope

B. ​Out of a total of five tests in the Backup & Continuity area, the first test regarding the Backup Strategy is mandatory whatever the Client sector. The 4 other tests are mandatory for Financial services and Retail activities when the risk profile is high.

C. Full tests of the Backup & Continuity area is mandatory whatever the sector and the risk assessment