This discussion is focused on general computer controls as well as capability assessments in the context of IT audit and controls. The main aim of general computer controls (GCC) audits is typically to define computer control effectively. In this context, GCC audits are used to find whether such controls support the integrity, availability, and confidentiality of modern information systems (IS) (Gollmann, 2010). Here, GCC includes controls all over the info technology (IT) environ, data and programs access, computer operations as well as data and program development changes. In this way, the discussion has analysed six control categories include: physical security, business continuity, information security, management of IT risks, change control, IT operations (Gollmann, 2010).
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
