logo-universiteit-tilburglogo-tu-eindhoven      
AI, Data & Tech

Trends in IT auditing: a perspective from TIAS

By Rob Fijneman | October 13, 2025 | 2 min read
The ongoing developments in Technology and the rising impact of regulations puts IT auditing into the spotlight. Not only does IT auditing focus on traditional quality aspects such as security and reliability, but nowadays also ethics and fairness of AI solutions are relevant. The need for assurance goes across different Technology solutions and informs multiple stakeholders. 

At the frontiers of IT Auditing

IT auditing is based on a solid foundation of around 50 years of practice, accelerating now due to the huge increase in Technology changes and speed thereof. At the TIAS School for Business and Society we stay at the forefront of IT audit developments with the master theses yearly performed. This year the participants of the Master of Science IT auditing course performed 30 IT audits across multiple industries. 

Key topics covered are:

- Compliance with the DORA (Digital Operational Resilience Act) regulations. The topic of operational resilience increased hugely, and multiple engagements covered this. It focused on the readiness for DORA and the details of being compliant with the detailed rules of this regulation.
- Cyber security remains a key topic reflecting the fact that almost all companies must demonstrate their Cyber defense frameworks, respond to Cyber incidents and are held accountable for a mature Cyber governance. Engagements covered compliance with the NIS2 regulations and other specific frameworks used by governments.
- Privacy audits especially focused on the Healthcare segment.
- Reviewing the AI governance for some companies. The recently published CEO Outlook 2025 of KPMG clearly outlines the huge investments in AI and most of the CEO’s emphasize this will continue. AI Assurance and validating the AI models also against ethical standards become more common practice. 
- Validating the quality of RPA and data analytics tools to drive efficiency in key processes.
- Validating the data quality of non-financials used for ESG reporting. 

Of course, some more traditional IT audits like system audits to validate the key IT general controls and application controls are here to stay and are still very relevant. 

Professionalization in practice

The IT audit profession itself is getting more mature resulting in methodologies and frameworks used like the 3000 Assurance frameworks, the SOC1 and 2 reporting structures and other standards issued by the Dutch professional body of IT auditors (NOREA). The interaction between the Academic insights and business reality hugely contributes to more mature solutions. 

It is a promising development and good to see that more professionals develop themselves in this space.

Advance your career with the Executive Master of IT Auditing

Ready to deepen your expertise and make smarter, risk-based decisions? The part-time Executive Master of IT Auditing at TIAS equips working professionals to lead on DORA/NIS2, cybersecurity, AI governance, and data assurance—combining academic rigor with hands-on practice.
Discover the Executive Master of IT Auditing »

About Rob Fijneman

Prof. dr. Rob Fijneman RE RA is Professor of IT Auditing at TIAS and Tilburg University and a partner at KPMG Switzerland. With 30+ years at the forefront of the profession, he bridges academia and practice, guiding executives on IT governance, risk, and assurance.
 
Related articles
Knowledge area's

Grow at TIAS

At TIAS we believe in Life Long Development, continuous personal, professional and network development during and after your studies. With more knowledge, better skills and a broader network, you will be able to create more impact and be successful.

More about learning at TIAS » 
Programs

Brochure TIAS School for Business & Society

Get to know TIAS: The business school for tomorrow's leaders.

Online brochure >>
Brochure CTA