Information Technology Auditing; Necessity or Opportunity

Considering the role and importance of information technology in organizations, the purpose of this research is to explain the audit framework in the field of information technology and review of the results of researches conducted in this field.

In this research, while reviewing the theoretical foundations of auditing in the field of information technology in foreign and domestic researches, the processes and the theoretical framework presented in order to ensure the adequacy of the controls applied on the information systems and confirm the proper effectiveness of this system has been discussed.

The findings of the research indicate that due to the rapid emergence of information technology and the demand for faster access to financial information, Familiarity of internal and external auditors to the risks of software and hardware related to information systems and their training and awareness is mandatory.

The best way to conduct a comprehensive and reliable audit in the field of information technology is to create an audit team with a diverse mix of experienced auditors and trained with sufficient skills. This can be developed through the continuous cooperation of audit committees and internal auditors with departments related to information technology and senior management.

Contribution: 

One of the best globally accepted procedures is COBIT and this topic has been addressed in a very limited way in internal researches, therefore the present research can provide useful information to auditors and interested parties and lead to more attention to the issue of information technology audit.