Do IT audits satisfy senior manager expectations?

Autor: Roberto Verona, Rita Lamboglia, Giuseppe D'Onza
Rok vydání: 2015
Předmět:
Zdroj: Managerial Auditing Journal. 30:413-434
ISSN: 0268-6902
DOI: 10.1108/maj-07-2014-1051
Popis: Purpose – This paper aims to analyse the relationship between the senior management and the information technology (IT) auditing undertaken in Italian banks, focusing specifically on the internal IT auditing. The purpose of this paper is to investigate senior executives’ expectations regarding IT auditing, the techniques IT auditors apply to meet these expectations, the degree to which senior managers are satisfied with the auditing and the expectation gap. Design/methodology/approach – We conducted 22 interviews with senior managers and IT auditors of seven Italian banks, comprising large and small financial institutions, to gain data for our analysis. Findings – We found that overall, the IT auditors’ contributions satisfy senior managers, even though they still see room for improvement. They expect more support for the IT governance processes, specifically for the alignment between IT investments and business needs and between IT risk management and the value that IT resources provide. In addition, they want IT auditors to focus more strongly on IT security. To meet these expectations, IT auditors would have to improve their technical and non-technical skills. These skills will allow them to expand their activities, to be more proactive and to take on effective roles in IT governance processes. Originality/value – This study contributes to the existing literature by providing insights into the internal audit function’s evolving role and into banks’ IT audit activities. It also provides a valuable insight into senior management’s expectations regarding the role IT audit activities should play to support the profession and the banking policymakers, thus providing a better understanding of IT audit activities and improving these activities’ role.
Databáze: OpenAIRE
Externí odkaz: