ITAF’s design recognizes that IS audit and assurance professionals are faced with different requirements and different types of audit and assurance assignments, ranging from leading an IS-focused audit to contributing to a financial or operational audit. ITAF is applicable to any formal audit or assurance engagement.
ITAF applies to individuals who act in the capacity of IS audit and assurance professionals and are engaged in providing assurance over some components of IT systems, applications and infrastructure. However, these standards, guidelines and IS audit and assurance procedures are designed in a manner that may also be useful, and provide benefits to, a wider audience, including users of IS audit and assurance reports.
The application of the framework is a prerequisite to conducting assurance work. The standards are mandatory while guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work and additional detail to support compliance with standards. Please visit www.isaca.org/standards for links to the most current individual guidance files.
View ITAF Fact Sheet
If you have questions about ITAF publications and ongoing research, please contact: