IT General Controls are controls that are common to IT processes, providing stable and effective operation of application controls. They cover fields like creation / acquisition of systems, SDLC Process, access control, back up, change control, etc. ISO 27001 is one way to implement ITGC, providing objectives and, through ISO 27002, detailed implementation guidance.
2.What is the difference between external and internal auditors and practically how internal auditor assists external auditor ?
The internal auditor performs audits on behalf of the organization that owns the management system, while the external auditor performs audits on behalf of an organization's client (second-party auditor) or a certification body (third-party auditor). Norm ally the internal auditor may act as the guide for the external auditor, providing some general orientation for the performing of the external audit.