With the development of new information technologies a number of threats and risks of the information system have emerged, reaching alarming levels, which requires the introduction of an internal control of the information system within the organizations.