Internal IT Controls

Establishing good IT controls is difficult in a complex heterogeneous environment running numerous applications; thus, the mission critical data residing in these databases requires protection from attacks, inappropriate usage, and fraud arising from both external and internal sources. Today's technology plays a central role in internal control systems and complying with Sarbanes-Oxley is forcing IT executives to better understand the relevance of controls over IT systems that support financial transactions and reporting

Ensuring regulatory compliance to external standards such as Sarbanes-Oxley, GLBA, HIPAA, Basel II, is the priority of internal auditors to meet these requirements. The IPLocks Solution assesses database administration controls, identification code controls, developer controls, end user controls, initialized files, and privilege identification code controls. Whether you use CobiT, ISO 17799, COSO, or any other framework, IPLocks can help you implement the necessary controls.

Section 404 specifically addresses the internal controls over financial reporting and requires management to assess the effectiveness of those internal controls and annually report the results of that assessment. A well-controlled IT environment is key to the reliability of financial reporting, however it is a combined effort within the organization to define the IT controls directly related to financial reporting.

The benefits of the IPLocks solution includes:

  • Quickly & Consistently Implement Controls Across All Databases
  • IPLocks Solution: IPLocks has a consistent implementation across all major databases, providing a cost-effective way of consolidating information from multiple Financial and ERP applications.

  • Ready-Made Solution Compatible with IT Frameworks
  • IPLocks Solution: IPLocks ships with several hundred predefined rules that are consistent with these frameworks. Our professional services staff has implemented these rules at hundreds of companies, so you will quickly see massive improvements in you IT internal controls.

  • Align IT Processes with Business Unit Needs
  • IPLocks Solution: IPLocks has reports that vary from executive summaries to DBA-level details. These reports are easily customizable; saving you time any money while providing great information to your constituents.

Sample of general IT controls to be implemented:

  • Security Accreditation
  • IPLocks Solution: Assess financial databases for security weaknesses and harden databases to deter intrusion.

  • End-of-Period Adjustments
  • IPLocks Solution: Audit any and all changes to financial data by anyone or any application to identify funny transactions. In addition, more specifically, closely monitor General Ledger authorized users and changes at period ends.

  • Audit Key Data and Transactions to Ensure Data Integrity
  • IPLocks Solution: IPLocks' database monitoring and auditing features to know who accessed what data, when they did it, and from where.

The more sustainable the IT control environment, the more capable the organization's process and controls in dealing with the changing business. Compliance with SOX provides the launching pad to improve the sustainability of the internal control structure.

For more information, you can contact IPLocks directly at or by calling +81-50-3786-6911.