The information technology component of the COSO Framework’s Information and Communication element is a very important part of an entity’s business processes. Controls over information technology (IT) are effective when they maintain the integrity of information and the security of the data the systems process and when they include effective general IT controls (GITC) and application controls. GITC are policies and procedures that function as the foundation to support the effective operation of the system’s application controls. The increasing complexity of IT systems in many entities has resulted in a greater focus around controls in the IT environment. There is a growing trend toward automation of processes and controls as more and more entities adopt advanced IT products and services to enable greater efficiency in operations, compliance, and reporting activities. This requires an increased focus on the entity and the auditor on GITC. (Please Note: This module is part of Surgent's Audit Skills Training: Level 4.)