This study analyses the characteristics of IT auditing in banks. Based upon two Italian case studies, the article provides a qualitative assessment of the objec-tives of the IT audit, the activities performed, the stakeholders served and the critical success factors that influence the capability of IT auditing to add value. The results show that the scope of the IT auditing function has extended; nowa-days senior managers expect IT auditors to support them in the evaluation of the IT system and in the assessment of IT security controls. Regarding IT auditing activities, the most commonly performed are risk assessment and information security risk assessment. Considering stakeholders, the interviewees revealed that the main stakeholders are executive managers, while the critical success factors are the characteristics of the control environment, the capacity of the IT auditor to stay in touch with the business, and behavioural skills.
IT Auditing in Italian Banks: An explanatory study
D'ONZA, GIUSEPPE;
2014-01-01
Abstract
This study analyses the characteristics of IT auditing in banks. Based upon two Italian case studies, the article provides a qualitative assessment of the objec-tives of the IT audit, the activities performed, the stakeholders served and the critical success factors that influence the capability of IT auditing to add value. The results show that the scope of the IT auditing function has extended; nowa-days senior managers expect IT auditors to support them in the evaluation of the IT system and in the assessment of IT security controls. Regarding IT auditing activities, the most commonly performed are risk assessment and information security risk assessment. Considering stakeholders, the interviewees revealed that the main stakeholders are executive managers, while the critical success factors are the characteristics of the control environment, the capacity of the IT auditor to stay in touch with the business, and behavioural skills.File | Dimensione | Formato | |
---|---|---|---|
9_IT auditing in Italian banks-4.pdf
non disponibili
Tipologia:
Versione finale editoriale
Licenza:
NON PUBBLICO - accesso privato/ristretto
Dimensione
5.65 MB
Formato
Adobe PDF
|
5.65 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.