Foods Fantastic Company Case Essay

1055 Words Nov 25th, 2015 5 Pages
IT General Controls Risk Assessment Report
Foods Fantastic Company
Siqi Li
Oct 29TH 2013

Foods Fantastic Company is a public company which mainly operating regional grocery store in Maryland. This Company relies on application programs, such as bar-code scanner, to entre sales to the system. The FFC majority depends on the computer system to run their business. Based on this situation, the Information General Controls review is necessary for this company as the reason that ITGC is the foundation of every categories of the internal control. To review the ITGC will help the audit committee to determine the risk assessment of the internal controls in the company’s information system. The ITGC mainly classified by five areas, such as
…show more content…
For the IT Management area, I put a low level of risk assessment. For the information technology management, the company has a specific IT strategic plan, which is consistent with the Company’s strategic plan. In addition, based on the company’s organization cart, I found out the company have a clear reporting and response system. The responsibility for chief information officer clearly classified to four parts, application, operation, information security and database administration. Above all the key aspects we take a review about IT management, the company have a good internal controls for it. There is unlikely happen a risk in this area.
For the System Development, I define it as a medium level of risk assessment. The company did design, develop and implement new systems for a certain time or logical reason. However, the new system testing is not as well as we think. As the result, the new system does no perform well as we expected. Even though the company have involve the internal audit department for the new system development, and the set them as part of the new project team to review the new project, which the team members are all been voting. They have a good process of development of new systems, but the new systems do not perform well. It will still result in a small probability of risk assessment. In general, I set a medium level of risk assessment to let the company consider about this issue. For the Data Security area, I define it as a

More about Foods Fantastic Company Case Essay