Skip Ribbon Commands
Skip to main content

Global Technology Audit Guide (GTAG) 11: Developing the IT Audit Plan

GTAG 11Results from several IIA external quality assessment reviews reveal that developing an appropriate IT audit plan is one of the weakest links in internal audit activities. Many times, internal auditors simply review what they know or outsource to other companies, letting them decide what to audit.

To this end, Developing the IT Audit Plan can help CAEs and internal auditors:

  • Understand the organization and how IT supports it.
  • Define and understand the IT environment.
  • Identify the role of risk assessments in determining the IT audit universe.
  • Formalize the annual IT audit plan.

This GTAG also provides an example of a hypothetical organization to show how to execute the steps necessary to define the IT audit universe.

Downloads and Links

English     French    Turkish​

Non-members may purchase this GTAG from the IIA Bookstore.

GTAG 11 Overview PowerPoint Presentation

An updated edition of the International Professional Practices Framework (IPPF) guide, more commonly known as the Red Book, is now available. Visit the IIA Bookstore for more information.