IT Audit. Practical Guidance for Internal Auditors in the Public Sector

June 2021

This paper is based on materials and discussions at a Smart Interactive Talk with IACOP country auditor members, including IT auditors, which featured a presentation by an information technology audit expert entitled “Virtual Training on IT Audit”.

The aim was to outline the concept and approach of IT audit and discuss related internal audit areas of focus and concerns. Participants learned about IT annual risk assessments, the IT audit universe, IT audit engagement planning, execution, and reporting, as well as the process to follow-up recommendations. There was also discussion of IT governance challenges in the public sector including strategic IT risk management and how to audit IT Governance in the public sector; critical business application system controls and the supporting IT general controls; Business Continuity Management audit; as well as how to be a strategic adviser to senior management in this digital era.