KnowledgeLeader provides best practice articles, tools, guides and other resources on internal audit. This page contains some examples of the many resources and templates on information technology (IT) audit that are available for download. For more tools and publications on this subject, visit our
IT Audit topic area.
Page Contents:
Tools
Information Technology (IT) Infrastructure Questionnaire
This tool helps auditors gather information to better understand the IT infrastructure of a company.
IT Risk Assessment Audit Report
This report outlines findings from a high-level IT risk assessment at a company.
IT Due Diligence Questionnaire
This sample questionnaire evaluates IT management, personnel, contractors, networks, operating systems, applications, change management, data, disaster recovery, operations, third-party services, laptops/workstations, security, and spreadsheets.
IT Risks and Controls Review Report
The objective of this audit report is to reduce the volume of controls across applications, infrastructure and IT processes in order to improve consistency and focus on key risks.
IT Organization Audit Work Program
This document outlines steps to perform an IT organization audit.
Internal Audit Risk Assessment Questionnaire
Internal audit performs a risk assessment to identify and prioritize key risks to best allocate the internal audit resources for the next year. This risk-based approach is focused on surveys/interviews of a cross-section of management personnel to solicit input from the potential customers of an internal audit function.
Publications
2018 IT Audit Benchmarking Survey
The results of the latest global IT Audit Benchmarking Study from ISACA and Protiviti paint a vivid picture of the ways IT audit leaders and professionals are succeeding, as well as where they need to “step up their games,” especially given the omnipresent nature of digital transformation efforts, cyber security risk and technological advancements. This year’s results identify several areas of progress; however, there is still work to be done in order for IT audit functions to deliver the strategic insights and real-time risk advances key stakeholders expect, and also help their organizations address the transformation of legacy technologies and the rapid rise in the number and severity level of cyber security risks.
An Involved and Agile IT Audit Function Is Key to Cybersecurity
This article lists some questions for you to consider as you seek greater IT audit agility to manage cybersecurity and an action item checklist specifically for internal audit departments seeking to build that relationship and increase the agility of the IT audit function.
IT Governance Capability Maturity Model (CMM)
This document focuses on the capability maturity model for the IT governance process. This capability maturity model (CMM) describes a maturity curve on these capability levels: initial/ad hoc, repeatable, defined, managed, and optimized, along with these parameters: strategic alignment, value delivery, risk management, resource management, and performance management.
Introduction to Information Technology (IT) Audit (KLplus CPE Course)
Information Technology (IT) in today's business environment has a direct impact on a company's risk, and this relationship to risk should be an important driver in the internal audit process. IT performs or provides the information needed for many key controls in the business process, but it also brings inherent vulnerabilities.
Five Ways Technology, Media and Communications Companies Are Using RPA and AI to Save Money and Improve the Customer Experience
This article explores five emerging AI and RPA applications Protiviti is watching within the technology, media and communications (TMC) industry group.