A-Z Popular Blog Encyclopedia Search »
Technology Guides
Key Concepts
Information Technology

Related Topics

It Management

Systems Technology

29 Examples of IT Controls

 , updated on
IT controls are procedures, policies and activities that are conducted to meet IT objectives, manage risks, comply with regulations and conform to standards. Controls can be automated or human activities or some combination of the two. They can be driven by requirements, processes, calendars or events. Controls can be high level management practices or low level and specific. The following are a few illustrative examples of IT controls.

Audit Log

A system logs the IP of all user requests together with a timestamp and other relevant data.


Compliance training for all new IT staff within six months of hire with refresher courses every 3 years.

Source Control

All source control repositories backup up on a nightly basis and retained.

Source Control (2)

Developers check in code on a daily basis.

Change Management

Requests to make changes to systems are entered into a change request system.

Change Management (2)

An expedited change request process is available for emergency changes that requires approval of senior managers.

Segregation of Duties

A person involved in writing code can't be the one to sign off on software quality assurance.

Capacity Management

A web server sends out warnings when its disk is near capacity.

Application Health

An application health check is conducted each year to identify risks related to legacy applications such as inability to scale to business volumes.

Physical Security

Employees maintain a clean desk and lock computing devices when unattended.

Physical Security (2)

Employees are trained to report suspicious activities as a matter of precaution.

Information Security

A tool is deployed to automatically filter suspicious emails.

Information Security (2)

Employees immediately call service desk for support if they sense that any email or other communication such as a voice mail is remotely suspicious.

Information Security (3)

Changing a firewall rule requires a change request that is approved by network security teams.

Incident Management

Error logs of major applications are monitored for severe errors. An incident ticket is automatically created when such errors occur.

Incident Management (2)

Application owners maintain a list of errors that require an incident ticket.

Problem Management

A root cause analysis is performed for all significant incidents and problem tickets created as required.

Knowledge Management

All documents are checked into a knowledge management repository. Sending documents as attachments or creating shared file areas is disallowed.

Knowledge Management (2)

A version history is maintained for all documents.


As a policy, IT managers have a representative from HR and two other IT managers interview candidates before hiring. Each interviewer can veto the selection with a process whereby they defend the veto.

Recruiting (2)

Managers who hire a friend, former colleague or relative disclose the relationship to HR.

Input Validation

An equity trading application validates input and stops trades where it looks like a limit price is too far from the current market price.

Access Control

Employees logon to a system using two-factor authentication.

Antivirus Software

Antivirus software is deployed on computing devices.

Risk Management

Projects identify and manage risks on an ongoing basis from project initiation.

Lessons Learned

Projects perform a lessons learned activity at close.

Application Owners

Each significant application, service and platform has a named owner.


Any employee can submit a concern to IT Governance by a clearly defined process that protects them from reprisal.


A policy preventing unapproved communications tools from being used to transmit business related information.

IT Control Examples

This is the complete list of articles we have written about it control examples.
Audit Trail
Business Rules
Change Control Board
Data Anonymization
Data Authentication
Data Backup
Data Custodian
Data Masking
Data Wipe
Four Eyes Principle
Least Privilege
Security Code Review
Segregation Of Duties
Self-Destruct Mechanism
If you enjoyed this page, please consider bookmarking Simplicable.

IT Control Examples

An overview of IT controls with examples.

Audit Trail

An overview of audit trails.


A definition of non-repudiation with several common examples.

Business Rules

The definition of business rules with examples.


An overview of control with examples.

IT Asset Management

An overview of IT asset management.

Types of Technology

A reasonably comprehensive list of information technologies.


A list of gamification techniques.

Information Technology Problems

A list of common IT problems.

Types Of Cloud

The basic types of cloud computing.

Machine Data

The common types of machine data.

Types Of Software

The common types of software.

Proprietary Technology

A definition of proprietary technology with examples.

Systems Design

The common elements of a systems design.

Systems vs Applications

The difference between systems and applications explained.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map