This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 1. Users, not IT, should initiate transactions 2. Users should take charge of program change 3. Access on a need to know basis 4. IT has all custodial functions of data, hardware, and software 5. Monitoring by Internal auditors and users...
View Full Document
- Fall '08
- general controls, internal auditors, process control activities, custodial functions