New Delhi-- Effective internal controls are critical to an organization's success—and while financial controls generally capture the headlines, IT controls are equally critical. To meet the need for clear guidance, ISACA has issued the IT Assurance Framework (ITAF), a comprehensive assurance model incorporating standards and best practices.
"ITAF provides a single source through which IT audit and assurance professionals can seek guidance, research policies and procedures, obtain audit and assurance programs, and develop effective reports," said Robert Parker, a past president of ISACA and a developer of the framework.
The framework also:
•Provides guidance on the design, conduct and reporting of IT audit and assurance assignments
•Defines terms and concepts specific to IT assurance
•Establishes standards, guidelines, and tools and techniques that address IT audit and assurance professional roles and responsibilities, knowledge and skills, diligence, conduct and reporting requirement
ITAF applies to individuals who act in the capacity of IT assurance professionals and provide assurance over components of IT systems, processes, applications and infrastructure. However, the IT assurance standards, guidelines, and tools and techniques are also useful for a wider audience, including users of IT audit and assurance reports.
The current version of ITAF incorporates ISACA's IS Auditing Standards and Guidelines and allows for new guidance to be properly indexed as it is developed and issued. It is designed to be a living document to enable relevant tools, techniques, white papers and publications to be placed with the framework.
ITAF is applicable to any formal audit or assessment engagement. Its design recognizes that IT assurance professionals are faced with different requirements and different types of audit and assurance assignments—
A complimentary PDF summary of ITAF is available to all at www.isaca.org/
About ISACA
With more than 65,000 members in more than 140 countries, ISACA (www.isaca.org)
