Posted: September 12th, 2022

Control Assessment

Control Assessment
Read the Gail Industries Case Study.

Assess the controls in place for thoroughness, applicability, etc. using the elements of the case study. What evidence should be collected to test these controls?

Write a 2- to 4-page summary assessment.
Control Assessment
As Gail industries hope to continue with their services to the city of Smallville, they have implemented several controls in place. These controls cover the datacenter, facilities, environmental safeguards, change management, logical security, payment processing, data transmissions and deposits. To ensure the thoroughness and applicability of the controls, a control assessment should be conducted using collected evidence from the company’s documented report. Through examination, interviews and testing, it shall be possible to carry out data collection to build upon the evidence supporting the controls (Horan, 2019). During a control assessment, the mechanisms used at Gail industries, activities, written specifications, and individuals are considered to determine whether the controls are applicable in real life and not just in writing.
The first four controls – data center, facilities, environmental safeguards, and change management – consist of sectors that could be assessed for both applicability and thoroughness. Self-assessments are essential to organizational functions as they help management take a closer look at their system measures (Loughran, 2010). Gail industries claims to revoke badges of terminated employees, as well as use a two factor authentication system. Evidence to be collected could include the number of terminated employees within a certain period versus the number of revoked budges. The organization should also show the type of mechanism they use to perform biometrics. For the case of facilities, data collected should show the number of points with access codes and people with certain levels of access. Environmental controls should be able to produce the number of rooms fitted with fire detectors and their ability to function properly. The issue of change management control should be easy to handle as there are CR forms that should be available if change management meeting has been taking place. Once the data is selected and collected, the analysis will be much easier (Domanski, 2019). Each of the evidence collected determines the true worth of the control measures.
Moreover, logical security, payment processing, data transmissions, and deposits controls are other objectives that, when assessed, should give relevant data that contribute to performance. The logical security control objectives exhibit thoroughness as they determine the access privileges of individuals. Data to be collected from this control measure includes password requirements, invalid password lockouts, and password expiration intervals. This information should be documented within the information security policies of Gail Industries. The next controls could be assessed through reperformance, where tests to create new transactions are used to check the effectiveness of the controls (Bragg, 2019). Data collected from the payment processing control should have evidence of successful financial reports as well as segregation of balancing, mailroom, and data entry personnel. Assessment of the data transmission should unveil the financial connection between Gail industries and Smallville through the help of previous invoices. Deposits control show thoroughness in that they ensure deposits made are complete, hence the possible evidence for documented procedures that dictate transactions of financial instruments.
In conclusion, control assessments are essential as they help control the risk posed to an organization. In some cases, a firm may have control measures on paper but not in reality; hence he needs a frequent control assessment. This lets the organization know if all its control objectives are thorough and applicable. Moreover, the weak points are identified earlier while remedies are still possible. The results from the controlled assessment on Gail industries will enable them to identify their vulnerabilities and get back on track with their objectives once they can streamline controls.

References
Bragg, S. (2019). Tests of Control. Accounting Tools. Retrieved from https://www.accountingtools.com/articles/what-are-tests-of-controls.html
Domański, P. D. (2019). Control Performance Assessment: Theoretical Analyses and Industrial Practice (Vol. 245). Springer Nature.
Horan, M. (2019). NIST Security Controls Assessment Guide. FTP Today. Retrieved from https://www.ftptoday.com/blog/nist-security-controls-assessment-guide
Loughran, M. (2010). Auditing for dummies. John Wiley & Sons.

Order | Check Discount

Tags: custom written college papers, essay custom writer service writing paper, essay writer free generator, essay writing service online free, free essay typer