Skip to content

Guidelines for IT Audit Risk Assessment

Answered by: 

Question: 
It has been recommended to us that we perform a risk assessment for IT Audit. Do you have any guidelines for such an assessment?
Answer: 

I'd recommend you start with ISACA - the Information Systems Audit & Control Association (although it only goes by the acronym now). Info here: http://www.isaca.org

Pay special attention to COBIT information available through ISACA. COBIT is the IT Governance Framework put out by ISACA that has become industry best practice for IT governance. There is a guide available on the ISACA COBIT site that maps FFIEC IT Exam Requirements to the COBIT framework that should be very useful. That guide is $25 for non-members, and complimentary for members.

First published on BankersOnline.com 4/11/11

First published on 04/11/2011

Filed under: 
Filed under technology as: 

Search Topics