ISACA's New IT Assurance Framework Provides Comprehensive Guidance

April 18, 2008 - PRLog -- New Delhi-- Effective internal controls are critical to an organization's success—and while financial controls generally capture the headlines, IT controls are equally critical. To meet the need for clear guidance, ISACA has issued the IT Assurance Framework (ITAF), a comprehensive assurance model incorporating standards and best practices.

"ITAF provides a single source through which IT audit and assurance professionals can seek guidance, research policies and procedures, obtain audit and assurance programs, and develop effective reports," said Robert Parker, a past president of ISACA and a developer of the framework.      

The framework also:
•Provides guidance on the design, conduct and reporting of IT audit and assurance assignments
•Defines terms and concepts specific to IT assurance
•Establishes standards, guidelines, and tools and techniques that address IT audit and assurance professional roles and responsibilities, knowledge and skills, diligence, conduct and reporting requirement

ITAF applies to individuals who act in the capacity of IT assurance professionals and provide assurance over components of IT systems, processes, applications and infrastructure. However, the IT assurance standards, guidelines, and tools and techniques are also useful for a wider audience, including users of IT audit and assurance reports.

The current version of ITAF incorporates ISACA's IS Auditing Standards and Guidelines and allows for new guidance to be properly indexed as it is developed and issued. It is designed to be a living document to enable relevant tools, techniques, white papers and publications to be placed with the framework.

ITAF is applicable to any formal audit or assessment engagement. Its design recognizes that IT assurance professionals are faced with different requirements and different types of audit and assurance assignments—ranging from leading an IT-focused audit to contributing to a financial or operational audit.

A complimentary PDF summary of ITAF is available to all at www.isaca.org/itaf. The full publication is available as a complimentary PDF download for ISACA members and can be purchased by nonmembers for US $45.

About ISACA
With more than 65,000 members in more than 140 countries, ISACA (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, and develops international information systems auditing and control standards. It also administers the globally respected CISA designation, earned by more than 55,000 professionals since 1978; the CISM designation, earned by 7,000 professionals since 2002; and the new CGEIT designation.