|
|
GAIT for Business and IT Risk - Download PDF
This GAIT is provided as a service to members of The IIA.
IIA members please LOGIN to download a FREE copy (PDF). Learn more about the value of an IIA Membership. Non-members can add this item to your shopping cart to purchase a copy for download. Please allow 48-72 hours after placing the order to receive an email containing the link and access code to download your purchased product. What is it?
Who is it for? How can it help you? Similarly to the other practice guides in the GAIT series, the GAIT-R methodology is built around a set of principles: 1. The failure of technology is only a risk that needs to be assessed, managed, and audited if it represents a risk to the business. 2. Key controls should be identified as the result of a top-down assessment of business risks, risk tolerance, and the controls - including automated controls and IT general controls (ITGCs) - required to manage or mitigate business risk. 3. Business risks are mitigated by a combination of manual and automated key controls. To assess the system of internal control to manage or mitigate business risks, key automated controls need to be assessed. 4. ITGCs may be relied upon to provide assurance of the continued and proper operation of automated key controls.
This methodology also delivers a scope that is based on the risks to each identified business objective, which includes manual key controls within each business process; automated and hybrid key controls within each business process; key controls within ITGC processes; and controls at the entity level, including activities in the control environment, information and communication, and other layers of COSO's internal control model.
For more resources related to GAIT, visit our website.
|
Recently Viewed Items
Popular Products
|
||||
+1-770-280-4183 • Fax +1-770-280-4013 • www.theiia.org • Copyright 2013