IT General Controls (ITGC)
Give your auditors assurance over the IT controls behind your financial reporting.
Control-Domain Review
Access, change, operations and backup
Design & Operating Tests
Both control-effectiveness dimensions
Control Matrix
An auditor-ready matrix and report
SOX / IFC Specialists
Financial-controls experts
What it is
IT General Controls are the foundational controls over an organisation's IT environment: access management, change management, IT operations and backup/recovery. ITGC reviews underpin financial-statement audits (SOX/ICFR/IFC), regulatory IS audits and SOC reporting.
Who must comply
Any organisation undergoing a financial audit with IT-dependent controls, listed companies (Internal Financial Controls under the Companies Act), regulated financial entities and SOC 1/SOC 2 reporters.
How IntelligenceX helps
Frequently Asked Questions
ITGC focuses on control reliability supporting financial reporting (access, change, operations, backup). A cyber/VAPT audit targets security vulnerabilities. Regulators and auditors often want both; we run them as one coordinated engagement.
Generally annually, aligned to your financial-audit and Internal Financial Controls cycle, or to each SOC reporting period. High-change environments may warrant interim testing.
That is the goal. We test ITGC the way external auditors expect, document the control matrix and evidence, and remediate deficiencies before year-end so reliance on your IT controls is straightforward during the financial audit.