The IT Law Wiki

Internal control

32,297pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

Internal control is

[t]he method of safeguarding business assets, including verifying the accuracy and reliability of accounting data, promoting operational efficiency, and encouraging adherence to prescribed organizational policies and procedures.[1]

Overview Edit

The five internal controls are:

access controls, which ensure that only authorized individuals can read, alter, or delete data; configuration management controls, which provide assurance that only authorized software programs are implemented; segregation of duties, which reduces the risk that one individual can independently perform inappropriate actions without detection; continuity of operations planning, which provides for the prevention of significant disruptions of computer-dependent operations; and an agencywide information security program (security management), which provides the framework for ensuring that risks are understood and that effective controls are selected and properly implemented.[2]

References Edit

  1. Auditing and Financial Management: Glossary of EDP Terminology, at 9.
  2. Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems, at 9 n.15.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki