The ISACA, an international professional association focused on IT governance, announced Tuesday the release of three new resources designed to assist audit professionals in enhancing their skills to meet the needs of the evolving audit landscape.
The start of the pandemic brought with it not only a heightened reliance on virtual private networks (VPNs) as many shifted to working from home, but also the need to manage the associated enhanced risks and implement new security safeguards.
To help meet these needs, the ISACA released its VPN Security Audit Program, a resource intended to offer “a foundation for auditors to provide assurance around the effectiveness of implemented VPN controls, including pre-audit planning, governance and oversight, implementation and configuration, operations, and maintenance and monitoring,” the ISACA stated.
Also during the pandemic, organizations embraced methods to increase agility and efficiency with so-called “agile auditing.” Thus, the ISACA’s second resource, “Destination: Agile Auditing,” outlines how audit professionals can incorporate agile principles into their audit methodologies.
“Auditors can learn the basics about agile auditing; its benefits; how agile complements established assurance standards; (and) how developing competency in agile can enhance the planning, fieldwork, and reporting phases of an audit,” the ISACA said. “The white paper also includes examples of elements from the agile tool set, including an agile road map and agile audit engagement workflows, and illuminates key components like sprints, audit backlog, and daily standups.”
Thirdly, the ISACA released a new edition of its “IT Control Objectives for Sarbanes-Oxley,” which it describes as “guidance on the assessment of the effectiveness of internal control over financial reporting (ICFR) in attestation of the management assessment to comply with the Sarbanes-Oxley Act of 2002.”
The new edition of the resource “incorporates updated guidance and standards from the Public Company Accounting Oversight Board (PCAOB) and the American Institute of CPAs (AICPA) and its Auditing Standards Board,” the ISACA stated.
“The audit landscape is constantly shifting as technologies and regulations evolve, making it essential that audit professionals prioritize continuous learning to ensure they are applying the most current and effective audit practices,” said Robin Lyons, IT audit professional practices lead at the ISACA, in a press release. “ISACA is committed to equipping the global audit community with the tools they need to deliver the highest audit standards at their organizations.”