An ITAF Approach to IT Audit Advisory Services
With the fast pace of digital transformation, IT auditors may find themselves at a crossroads. Auditors are finding their roles within an enterprise shifting as they are asked to provide their expertise in an advisory or consultative capacity. While these shifts in roles keep IT auditors relevant, they also raise potential objectivity and independence concerns.
While internal IT auditors are not subject to SEC rules, the SEC’s independence guidance given to public auditing firms has been (and continues to be) a source of best practices for internal IT auditors. SEC influence and standards and guidelines in ISACA’s Information Technology Audit Framework (ITAF™) provide guidance for IT auditors as they contemplate participation in advisory services. This white paper explores challenges to the principles of independence and objectivity, and how ITAF can resolve them.
Download