IT General Controls (ITGC) Checklist The accuracy and reliability of financial data depend on the robustness of systems and data controls. As a finance leader, you may think these controls fall under the jurisdiction of IT. True! So logically, these controls are the responsibilities of the head of IT? Not so true! Why? For two reasons: 1- The finance leaders are responsible for ensuring the accuracy and security of the financial data. 2- In most corporates, the head of IT reports to the CFO (unless you are a tech company) Hence, ensuring these controls are implemented and monitored should be the paramount priority of the finance leaders. Specifically, the financial controller must work closely with the head of IT to ensure the security of systems and data. Security, reliability, and accuracy of financial data are your responsibility. You need to take charge of the process. Because if something goes wrong with systems or data, the finance and accounting teams suffer the most. I have been there once in my career. Trust me, it is not something any finance team wants to deal with. Considering all that, I am sharing the list of IT controls you should review with your IT team to ensure your financial data is secure and reliable. This is what you need to ensure: 1- Access Controls - the accounting system is capable of role-based controls. 2- Change Management - system changes are logged, monitored, and reviewed. 3- Backup & Recovery - disaster recovery policies and processes are in place to backup and restore data. 4- Incident Management - security breach incidents are monitored and addressed promptly. 5- Network Security - intrusions are detected and dealt with without losing or impacting financial data. 6- Data Privacy - sensitive data is encrypted in transit and stored. 7- Monitoring & Logging - the logging mechanism is implemented and reviewed to detect security incidents. 8- Vendor Management - when contracting with vendors for cloud-based services, ensure they comply with the company's internal security protocol. 9- Compliance & Audit - third-party monitoring and assurance are paramount to ensuring a regular review of the controls. How does the process work in your company? Do you sit with your IT and review these checks and balances periodically? 💡 Did you know that documenting, implementing, and auditing IT controls can save you money on cybersecurity insurance costs? #MAKAlpha ----------------------------- - Follow Abdul Khaliq + 🔔 - Sharing 20+ years of journey. - Providing Fractional CFO/Controller services to SMEs. - Download my work by visiting my profile. | 21 comments on LinkedIn