SOX and ITGC
SOX (Sarbanes-Oxley) and MIS are related. When most hear of SOX we think of accounting and auditing. Risk Assurance business lines within large client service public accounting firms test controls related to SOX. There are 3 levels of controls- Entity Level, ITGC (Information Technology General Controls), and Process Level Controls.
ITGC controls are linked to MIS. These are the controls in place for all the IT services within a company. These controls are set in place to keep employees honest and to protect the company from fraud or collusion occurring. The controls assist the company with Segregation of duties.
Segregation of duties is an incremental part of ITGC controls and SOX. ITGC controls assist external auditors with reliance of support needed to test the accuracy of the financial statements. In the end, ITGC controls are an integral part of SOX testing which assist external auditors testing the financial statements for investors.