First classification of IT controls:
  “Internal Control,” introduces the concept of IT controls, which are commonly
  classified as general or application controls:

▪ General controls apply to all systems components, processes, and data for a
   given organization or systems environment. (for the whole system)

• Access controls
• Segregation of duties controls

▪ Application controls pertain to the scope of individual business processes or
   application systems and include controls within an application around input,
   processing, and output.” (for part of the system one transaction cycle)

          • Input controls
          • Processing controls
          • Output controls

 A- General controls:
     General controls apply to all systems components, processes, and data for a
     given organization or systems environment. (For the whole system)

 B- Access controls:
     Access control is a security technique that regulates who or what can view
     or use resources in a computing environment because Information
     security is an integral part of IT controls. Information security controls
     protect an information system from unauthorized physical and logical
     access

                                                           24

                                                                             23

‫جميع الحقوق محفوظة ـ الإعتداء على حق المؤلف بالنسخ أو الطباعة يعرض فاعله للمسائلة القانونية‬