| Popis: |
This chapter identifies and describes major drivers of IT auditing, including laws and regulations, industry standards and certification, and internal objectives such as operational effectiveness and quality improvement. It distinguishes between drivers primarily coming from external sources, especially laws and regulatory frameworks, and internal sources tied to strategic management, governance, or performance. It summarizes the major provisions and subsequent rules promulgated to enforce industry or sector-specific laws and regulations. It also briefly describes commonly sought standards for which organizations pursue certification. The intent is not to provide authoritative legal guidance on implementation of or compliance with legislative mandates, but instead to illustrate the varied and potentially abundant external drivers many organizations face. The initial impetus provided by many such requirements often leads organizations to establish or expand their internal auditing capabilities to facilitate their own compliance with external regulations and standards or to enable more effective internal operations through initiatives such as quality assurance and continuous process improvement. |
