Conclusion









                   Mobile computing risks increased dramatically in 2020 due to the impact of COVID-19, which
                   changed where and how employees conduct work. However, a remote workforce can offer
                   significant benefits to the organization. Therefore, internal audit engagements are necessary to
                   provide assurance services to the board and senior management on the effectiveness of the
                   design and use of mobile computing controls.
                   For a mobile computing engagement, the audit team typically considers the organization’s
                   circumstances and use of remote access or web-based tools to determine the scope of key risks
                   and related controls. There are many IT-IS control frameworks to use as reference guides, which
                   can help internal auditors provide more than just assurance of compliance with internal policies.
                   Engagement objectives and test plans generally aim to verify whether the organization has
                   designed controls to prevent, detect, or remediate significant risk occurrences and whether the
                   controls are implemented consistently and efficiently. A well-planned and professionally
                   executed internal audit engagement of mobile computing can add value to the organization by
                   providing insight to management and the board on mobile computing governance and risk
                   management, including the strength of internal controls, which may enable the organization to
                   take advantage of the many benefits mobile computing offers.







































                   14 — theiia.org