a) Information technology governance, which provides for the structures, policies and processes through which departments ensure that IT supports the Department's strategic objectives. b) Security management, which should prevent unauthorised access to the application system that generates the information used to prepare the financial statements. c) User access controls, through which the Department ensures that only valid and authourised users are allowed access to initiate and approve transactions on the system and that user access is adequately segregated when transactions are captured and approved. d) IT service continuity, through which the Department ensures the availability of financial and performance in instances of data loss or a disaster.