This study analyses the characteristics of IT auditing in banks. Based upon two Italian case studies, the article provides a qualitative assessment of the objec-tives of the IT audit, the activities performed, the stakeholders served and the critical success factors that influence the capability of IT auditing to add value. The results show that the scope of the IT auditing function has extended; nowa-days senior managers expect IT auditors to support them in the evaluation of the IT system and in the assessment of IT security controls. Regarding IT auditing activities, the most commonly performed are risk assessment and information security risk assessment. Considering stakeholders, the interviewees revealed that the main stakeholders are executive managers, while the critical success factors are the characteristics of the control environment, the capacity of the IT auditor to stay in touch with the business, and behavioural skills.

IT Auditing in Italian Banks: An explanatory study

D'ONZA, GIUSEPPE;
2014-01-01

Abstract

This study analyses the characteristics of IT auditing in banks. Based upon two Italian case studies, the article provides a qualitative assessment of the objec-tives of the IT audit, the activities performed, the stakeholders served and the critical success factors that influence the capability of IT auditing to add value. The results show that the scope of the IT auditing function has extended; nowa-days senior managers expect IT auditors to support them in the evaluation of the IT system and in the assessment of IT security controls. Regarding IT auditing activities, the most commonly performed are risk assessment and information security risk assessment. Considering stakeholders, the interviewees revealed that the main stakeholders are executive managers, while the critical success factors are the characteristics of the control environment, the capacity of the IT auditor to stay in touch with the business, and behavioural skills.
2014
D'Onza, Giuseppe; Lamboglia, R.
File in questo prodotto:
File Dimensione Formato  
9_IT auditing in Italian banks-4.pdf

non disponibili

Tipologia: Versione finale editoriale
Licenza: NON PUBBLICO - accesso privato/ristretto
Dimensione 5.65 MB
Formato Adobe PDF
5.65 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/550068
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact