Auditing complexity
Modern technology introduces new questions. For instance, how do we know that answers generated by algorithms are fair, and whether complex systems are sufficiently resilient to cyberattacks? These questions are extremely relevant for managers and supervisors of organizations as they must be able to account for their choices. Boards of Managements and other stakeholders have various alternatives to have these questions answered, including asking IT auditors.
IT auditing differs from consultancy
IT auditors provide consultancy; however, they will often be invited to provide assurance regarding high risk and high impact related issues. Assurance concerns trusted advice. However, auditing differs from consultancy and is primarily focused on investigating whether generally accepted IT auditing standards apply to the auditing object, where consultancy seems more focused on making recommendations. Consultancy could also be primarily based on prior experience in other engagements. Furthermore, IT auditors will also include societal relevance in their assessments and include consequences for other stakeholders.
Identify and control IT-related risks
IT auditing concerns the independent assessment of the quality of information technology, being, infrastructure, applications, processes, data, and governance. Quality includes many characteristics and is not only about integrity, availability, and security, but also includes fairness. In addition, the effectiveness and efficiency may also be assessed. This makes IT auditing an important instrument to identify and control IT-related risks, when developing and applying digital solutions.
This is the introduction of the chapter 'Auditing Complexity' written by Rob Fijneman and Egon Berghout for the book Advanced Digital Auditing, an open access book that discusses the most modern approach to auditing complex digital systems and technologies. Read the whole chapter here »
In this book, Rob Fijneman of TIAS Business School and Egon Berghout of ESAA have brought together the valuable expertise of IT professionals about auditing complex IT systems. The book is published by Springer and freely available on their website. You can find it here »
About Rob Fijneman
Rob Fijneman is professor of IT auditing at TIAS School for Business and Society, Tilburg University, and leads the Executive Master of IT Auditing at TIAS. Rob is a seasoned IT audit professional working since 1986 in the international IT assurance and advisory practice of KPMG. He served multiple global companies both as an IT audit partner or as an advisor to the Board regarding Technology programs, IT Governance and controls and compliance. Currently he works for international audit clients out of Switzerland.
Take your career to the next level with the Executive Master of IT Auditing (EMITA)
The part-time Executive Master of IT Auditing (EMITA) takes your career to the next level. As a Master of IT Auditing, you have a wide range of skills. You are up to date on the latest IT developments, can design and perform complex audits and provide support to management. You can also advise broadly on IT policies and implementation and have an understanding of ethical dilemmas. The part-time Executive Master of IT Auditing imparts academic knowledge through practical case studies relevant to the duties of an IT auditor.
Read more about the program here >