IT Governance, Risk, and Compliance

Jun 17 2013   1:31AM GMT

Government-Audit Convergence Part III

Robert Davis Robert Davis Profile: Robert Davis

Professional prudence dictates legal mandates impacting IT-IAP audit practice areas should be thoroughly understood by audit team members prior to proceeding with fieldwork. Specifically, IT auditors “should review compliance with applicable statutory laws, regulations as well as contracts and, where applicable, seek legal guidance” when participating in an IAP related audit. Therefore, through preliminary discussions with a practicing attorney, an IT auditor should acquire sufficient knowledge to identify illegal act indicators. However, an IT auditor should not be expected to have the expertise of individuals whose primary responsibility is detecting and investigating illegal acts.


ISACA. “Professional Competence.” In Information Systems Standards, Guidelines, and Procedures for Auditing and Control Professionals. Rolling Meadows, IL: ISACA, January 2005. (accessed May 3, 2008).

ISACA. “Responsibility, Authority and Accountability.” In Information Systems Standards, Guidelines, and Procedures for Auditing and Control Professionals. Rolling Meadows, IL: ISACA, March 2006. (accessed May 3, 2008).

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: