IT Governance, Risk, and Compliance

Jun 23 2013   10:47PM GMT

Government-Audit Convergence Part V

Robert Davis Robert Davis Profile: Robert Davis

Accountability is responsibility for performance against agreed-upon expectations either stated and/or implied.  Professionally, an IT auditor should exercise due caution from disclosing information acquired in the course of an engagement to any person other than the entity’s dually  appointed representatives, without consent or otherwise, as required by any statute for the time being in force.  An IT auditor “should always keep in view the various regulatory and statutory issues applicable” to the entity being audited to provide reasonable assurance of compliance with information disclosure mandates.  For example, IT auditors should disclose IAP related information as required by law and, where appropriate, with client consent.

Source:

ISACA. “Responsibility, Authority and Accountability.” In Information Systems Standards, Guidelines, and Procedures for Auditing and Control Professionals. Rolling Meadows, IL: ISACA, March 2006. http://www.isaca.org/AMTemplate.cfm?Section=Standards2&Template=/ContentManagement/ContentDisplay.cfm&ContentID=40571 (accessed May 3, 2008).

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: