IT Essentials — Computer Operations

            Additional Resources

            Additional resources for further reading includes The IIA Global Technology Audit Guides:
            The IIA’s GTAG “Management of IT Auditing, 2nd Edition.”
            The IIA’s GTAG “IT Essentials for Internal Auditors.”
            The IIA’s GTAG “Information Technology Outsourcing, 2nd Edition.”
            The IIA’s GTAG: “IT Change Management: Critical for Organizational Success, 3rd Edition.”
            The IIA’s GTAG: “Auditing Insider Threat Programs.”
            The IIA’s GTAG: “Auditing IT Governance.”

            Summary

            Computer operations concerns have a tremendous impact on an organization’s ability to meet
            stakeholder needs, and must be considered holistically and systemically. The effects of computer
            operations-related control failure can range from user inconvenience to regulatory fines and data
            disclosure, corruption, or destruction. Investments in IT-related risk management and controls are
            necessary to protect organizations from sophisticated and widely used attack methods by insiders
            and external bad actors.

            Being an independent voice offers opportunities for internal auditors to demonstrate their abilities
            as trusted advisors, going beyond ensuring a mere performance according to plan, and instead
            offering strategic thought-leadership to the organization. A strong internal audit activity that is
            sufficiently resourced and trained is one of the most important tools available to boards and audit
            committees, as they craft and refine strategies, policies, and protocols to provide holistic protection
            to the organization from human, cyber, and equipment-related threats.







































            Copyright © 2021 by The Institute of Internal Auditors, Inc. All rights reserved.