Primary drivers for IT service audit planning are verifying delivery and support existence and adequacy. However, as with standard IT audits, a general control environment, information systems, and control procedures understanding should be obtained during engagement planning to comply with ISACA’s assurance standards and guidelines as well as other applicable attestation, audit, accounting, and IT standards.
IT auditors should clearly define the IT service engagement objectives and ambit. Typically, management is interested in IT service delivery and support work performance processes with emphasis on requirements and expectations ensuring entity-centric objectives achievement. Consequently, the focus of IT service delivery and support attestation engagements should be on the items and services produced and associated processes; with the objective of improving service performance and process effectiveness.
“View Part I of the Auditing IT Service Delivery and Support series here“
Post Note: As of January 12, 2012, Robert E. Davis, MBA, CISA, CICA is a Master of Science in IT Auditing and Cyber-Security Program instructor at Temple University.