IT internal auditors – those who focus specifically on auditing risks within the IT environment and evaluating the design and operating effectiveness of management’s control environment to determine how well risk is mitigated – continue to emerge as integral parts of an organization’s internal audit plan and ongoing activities. Like all of those involved in the internal audit profession, IT internal auditors must be innovative thinkers who are ready to meet a wide range of challenges, explore new technologies, identify and help to mitigate emerging risks, develop creative solutions to complex business and technology challenges, and encourage their organizations to embrace best practices that can enhance all business and IT functions.
In order to achieve these objectives, IT internal audit professionals must demonstrate a strong level of competency in key knowledge areas. To gauge how these professionals perceive their present capabilities, Protiviti recently conducted a survey of IT internal auditors who were asked to answer more than 70 questions in three subject areas: General Technical Knowledge, IT Audit Process Knowledge, and Personal Skills and Capabilities. This survey was adapted from Protiviti’s recent Internal Audit Capabilities and Needs study and captured more than 200 responses from IT internal audit professionals.
The participants’ responses underscore the areas of competency they believe require the most improvement and reveal how they prioritize those needs. Our findings show that automated and continuous monitoring, security and privacy, and fraud identification and prevention are among the top priorities for IT internal auditors. The survey results, particularly the ranking of continuous auditing as the top area for improvement under IT Audit Process Knowledge, are consistent with the results of Protiviti’s 2009 Internal Audit Capabilities and Needs Survey.
Download the entire report:
