Posted by: Robert Davis
Certified Information Systems Auditor, Certified Information Technology Professional, Certified Internal Auditor, Certified Internal Controls Auditor, Certified Public Accountant, External Audit, Internal Audit, IT Audit, ITG, Performance Measurement, Resource Management, Risk Management, Strategic Alignment, Value Delivery
Regarding audit staffing, potential IT governance engagement members should have the appropriate seniority and proficiency. Generally, when IT governance audit objectives involve a wide range of information system functions, assigned audit personnel should have extensive organizational knowledge and related processes understanding. These audit personnel criteria can be satisfied through a combination of formal education, relevant certification and/or professional experience. If after evaluating potential in-house audit engagement candidates, audit management determines the IT audit function does not have the required skill set, professional service outsourcing may be considered to enable an IT governance audit. For example, IT audit staff members may not have the appropriate business, technical, and/or framework knowledge to adequately perform a scheduled IT governance audit in a timely manner. Hence, audit management may consider IT governance audit outsourcing to complete the scheduled engagement.