ITAF Information Technology Assurance Framework 


ITAF’s design recognizes that IS audit and assurance professionals are faced with different requirements and different types of audit and assurance assignments, ranging from leading an IS-focused audit to contributing to a financial or operational audit. ITAF is applicable to any formal audit or assurance engagement.

ITAF applies to individuals who act in the capacity of IS audit and assurance professionals and are engaged in providing assurance over some components of IT systems, applications and infrastructure. However, these standards, guidelines and IS audit and assurance procedures are designed in a manner that may also be useful, and provide benefits to, a wider audience, including users of IS audit and assurance reports.

View new Guidelines >>

Download complimentary PDF

  ITAF, 3rd Edition
A Professional Practices Framework for IS Audit/Assurance

The application of the framework is a prerequisite to conducting assurance work. The standards are mandatory while guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work and additional detail to support compliance with standards. Please visit for links to the most current individual guidance files.

 View ITAF Fact Sheet 


If you have questions about ITAF publications and ongoing research, please contact:

Research Department
Tel: +1.847.660.5630
Fax: +1.847.253.1443