Learn more about the value of an IIA Membership.

Non-members can add this item to your shopping cart to purchase a copy for download.

Please allow 48-72 hours after placing the order to receive an email containing the link and access code to download your purchased product.

Almost every organization uses some form of UDAs because they can be more easily developed, are less costly to produce, and can typically be changed with relative ease versus programs and reports developed by IT personnel.  However, once end users are given freedom to extract, manipulate, summarize, and analyze their UDA data without assistance from IT personnel, end users inherit risks once controlled by IT. These risks include data integrity, availability, and confidentiality. Because management relies on UDAs, which can be a significant part of financial reporting and operational processes, as well as related decision making; the internal auditor must determine and review UDA risks and build an audit of UDAs into the annual internal audit plan as appropriate.