Whether IT projects are developed in house or are co-sourced with third-party providers, they are filled with challenges that must be considered carefully to ensure success. Insufficient attention to these challenges can result in wasted money and resources, loss of trust, and reputation damage. Early involvement by internal auditors can help ensure positive results and the accompanying benefits. They can serve as a bridge between individual business units and the IT function, point out previously unidentified risks, and recommend controls for enhancing outcomes.
Auditing IT Projects* provides an overview of techniques for effectively engaging with project teams and management to assess the risks related to IT projects. This GTAG includes:
- Key project management risks.
- How the internal audit activity can actively participate in the review of projects while maintaining independence.
- Five key components of IT projects for internal auditors to consider when building an audit approach.
- Types of project audits.
- A suggested list of questions for use in the IT project assessment.
*Under Review: This practice guide contains some outdated material and references. It remains available while a review is underway.