The IT auditor’s role is becoming increasingly complex, especially as technology continues to flood the enterprise. Yes, the profession has come a long way, but there’s still a ways to go as it relates to changing the perception as being an entity in the business that can help drive it forward.
“Right now most organizations consider audit this roadblock that’s stopping them from doing what they want to do,” Robert Stroud, Principal Analyst at Forrester Research, told Internal Audit Insights in a recent video interview shot at MISTI's US ITAC Conference Event Texas. “In reality, audit is part of the organization and is trying to help it protect itself and drive value.”
Advanced audit organizations are taking the role of playing the independent body that validates, approves, and governs, but they're also getting involved and engaged in becoming part of the solution set, Stroud says.
“This type of audit construct is becoming more and more constant in the industry,” he said.
In the video interview below, Stroud discusses the current state of the enterprise as it relates to IT auditors, how IT auditors can grapple with the evolving threat landscape, and why it’s important to bridge the gaps between audit, IT audit, compliance, and security within organizations.