Global Technology Audit Guide (GTAG) series
Guide to the Assessment of IT Risk (GAIT) series
IT Audit Guidance main page
Guide 12: Auditing IT Projects
Download (members only): (PDF 3.7MB); French (PDF 717 KB)
Rate this guide
Non-member purchase from IIA Bookstore
Whether IT projects are developed in house or are co-sourced with third-party providers, they are filled with challenges that must be considered carefully to ensure success. Insufficient attention to these challenges can result in wasted money and resources, loss of trust, and reputation damage. Early involvement by internal auditors can help ensure positive results and the accompanying benefits. They can serve as a bridge between individual business units and the IT function, point out previously unidentified risks, and recommend controls for enhancing outcomes.
Auditing IT Projects provides an overview of techniques for effectively engaging with project teams and management to assess the risks related to IT projects. This Practice Guide includes:
- Key project management risks.
- How the internal audit activity can actively participate in the review of projects while maintaining independence.
- Five key components of IT projects for internal auditors to consider when building an audit approach.
- Types of project audits.
- A suggested list of questions for use in the IT project assessment
TABLE OF CONTENTS
1. Executive Summary
2. Introduction
2.1 What Exactly Is an IT Project?
2.2 Understanding the Impact
2.3 Examples of Failed IT Projects
2.4 Historical Statistics on IT Project Success and Failure
2.5 Top 10 Reasons for Project Success
2.6 Purpose and Benefits of Internal Audit Involvement
3. Five Key Focus Areas for Project Audits
3.1 Business and IT Alignment
3.2 Project Management
3.3 IT Solution Readiness
3.4 Organizational and Process Change Management
3.5 Post Implementation
4. Project Audit Planning
4.1 IT Projects and the Annual Internal Audit Plan
4.2 Internal Auditing's Role
4.3 Types of Project Audits
4.4 External Auditor Considerations
APPENDICES
Downloadable tool (members only) - Internal Auditor's Questions for Reviewing and IT Project (Excel, 50KB)
Authors
Karine Wegrzynowicz, CIA, CISA, Lafarge SA
Steve Stein, CIA, PMP, CISA, CISSP, CFE, CGEIT, Hewlett-Packard
Questions about this guide for the author? E-mail guidance@theiia.org.
Auditing IT Projects sponsor: RSM McGladrey