AI Checklist Generator

From the makers of Manifestly Checklists

Email address

Home > Consulting > ITGC controls checklist

ITGC controls checklist

1. Governance and Management Controls

Define IT governance structure and roles.

Identify key stakeholders.
Assign specific roles and responsibilities.
Create a governance framework document.
Communicate structure to all relevant parties.
Review and update roles periodically.

Establish IT policies and procedures.

Draft policies addressing security, usage, and compliance.
Involve stakeholders in policy creation.
Distribute policies to all employees.
Provide training on key policies.
Review and revise policies annually.

Conduct regular IT risk assessments.

Identify potential IT risks and vulnerabilities.
Evaluate the impact and likelihood of each risk.
Document assessment findings.
Prioritize risks and develop mitigation strategies.
Schedule assessments at least annually.

Ensure alignment of IT strategy with business objectives.

Review business goals and objectives.
Map IT initiatives to business priorities.
Engage with business leaders for input.
Monitor and adjust IT strategy as needed.
Report alignment status to stakeholders regularly.

2. Access Controls

Implement user access management processes.

Review and approve user access requests.

Conduct periodic access reviews and recertifications.

Enforce strong password policies.

3. Change Management Controls

Document change management processes and procedures.

Require formal approval for changes.

Conduct impact assessments for significant changes.

Maintain a change log for tracking purposes.

4. Data Management Controls

Ensure data classification and handling procedures are in place.

Implement data backup and recovery processes.

Monitor data integrity and accuracy.

Establish data retention and disposal policies.

5. System Development and Maintenance Controls

Follow a structured software development lifecycle (SDLC).

Conduct testing and quality assurance for new systems.

Document system changes and updates.

Ensure maintenance of system documentation.

6. Incident Management Controls

Develop an incident response plan.

Train staff on incident reporting procedures.

Monitor and analyze security incidents.

Conduct post-incident reviews and updates to policies.

7. Physical and Environmental Controls

Secure physical access to IT assets and facilities.

Implement environmental controls (e.g., fire suppression, climate control).

Conduct regular physical security assessments.

Maintain a visitor access log.

8. Monitoring and Reporting Controls

Implement continuous monitoring of IT systems.

Generate regular reports on ITGC compliance.

Establish key performance indicators (KPIs) for ITGC effectiveness.

Review and act on monitoring findings.

9. Training and Awareness Controls

Conduct regular IT security awareness training for employees.

Provide specialized training for IT staff on ITGC requirements.

Evaluate the effectiveness of training programs.

Update training materials to reflect current policies and threats.

10. Compliance and Audit Controls

Ensure compliance with relevant regulations and standards.

Conduct regular internal audits of ITGC controls.

Address findings from audits and implement corrective actions.

Prepare for external audits and assessments.

Download CSV Download JSON Download Markdown

Use in Manifestly

Related Checklists

Employee Orientation Checklist

A well-designed Employee Orientation Checklist helps to ensure that new employees receive a comprehensive introduction to the company and their job duties.

view →

Client Onboarding Checklist

A Client Onboarding Checklist is essential for ensuring a smooth and successful transition of new clients into a consulting engagement.

view →

Leave of Absence Checklist

A Leave of Absence Checklist is important to ensure that all necessary steps are taken to properly document and process employee absences.

view →

Performance Evaluation Checklist

Performance Evaluation Checklists are essential for measuring an employee's performance and providing feedback to ensure they are meeting the expectations of their role.

view →

Project Kickoff Checklist

A Project Kickoff Checklist is essential to ensure that all stakeholders are on the same page and that all project objectives and expectations are clearly defined.

view →

Data Security Checklist

A Data Security Checklist is an essential tool to ensure that an organization's data is secure and protected from unauthorized access.

view →

Employee Termination Checklist

A Employee Termination Checklist ensures all necessary steps are taken to ensure a smooth and compliant termination process.

view →

Risk Management Checklist

A Risk Management Checklist is a tool to help identify, assess, and manage potential risks to an organization and its stakeholders.

view →

Client Offboarding Checklist

The Client Offboarding Checklist is critical for ensuring a successful and thorough transition process, ensuring that all stakeholders are informed and any outstanding issues are resolved.

view →

Hey there! Here's a little about us or visit our recurring workflow SaaS: Manifestly Checklists

Light Dark