As a chief audit executive, I recognized a growing need for guidance on technology
management written speciFcally for executives to help them keep pace with today’s evolving
business landscape. When I became president of The Institute of Internal Auditors (IIA) I made
it a priority to initiate the development of this type of guidance, which has become the Global
Technology Audit Guide (GTAG) series.
This white paper is a summary of the third in the GTAG series,
for Assurance, Monitoring, and Risk Assessment
, and is intended to provide guidance on gaining
timely, ongoing assurance regarding the effectiveness of risk management and control systems,
particularly in light of increasing regulatory and business pressures.
The audit profession has been profoundly impacted by several events over the last few years.
Though the long-term effects remain to be seen, one thing is certain – now is a great time to be
an internal auditor! Internal audit skills, talents, and focus on risk and controls assessment can
add value in ways never before possible. Sarbanes-Oxley and other regulations around the world
have created new demands and opportunities for internal auditing to meet the challenging
requirements of compliance.
While the opportunities are exciting, the challenges and resulting burden on internal audit
departments have been overwhelming for many organizations. The concepts of continuous
auditing, monitoring, and assurance, as presented in this white paper and the GTAG upon
which it is based, are key to a sustainable, resource-efFcient solution.
I encourage you to use this white paper and the entire GTAG series as a foundation to assess
and build your organization’s framework and audit practices for control, compliance, and
assurance. I am conFdent that the combination of these resources will assist you in meeting
the challenges of constant change, increasing complexity, rapidly evolving threats, and the
need to constantly improve efFciency.
The GTAG series is a true testament to what The IIA does best: “Progress Through Sharing.”
David A. Richards, CIA, CPA
President, The Institute of Internal Auditors, Inc.
by David Richards
President of The IIA