As discussed in previous chapters, computer access controls are both system-wide and application-specific. Access control includes controlling access to the operating sys-tems, the networks, and the databases with which all applications interact. The auditors will typically test these controls as part of their review of general controls.