Internal Auditors’ Sharpened Focus on IT General Controls

A number of important internal audit responsibilities converge around security of company data – where a sharp focus on data integrity is central to gaining desired compliance with regulations or company policies for information security and privacy. Recognizing the critical importance of controls over data access and dealing with access controls proactively is a positive step in satisfying the increasing demands on the internal audit function. This paper discusses why protecting company data concerns the internal auditor, explains the critical importance of strong access controls, and why continuous auditing and monitoring are central to internal audit’s efforts.