Over the last thirty years, the technological advances we have seen have surpassed any predictions of the past with digital now permeating every facet of our personal and work lives. Organizations have achieved a profound level of automation and efficiency in their work that has led to greater economies of scale and mass production using technology.
Technology is now part and parcel of any organization, and I have been repeatedly saying that many professions like the accounting world, I was initiated into, will in the future require the highest degree of technology expertise to be conducted correctly as accounts become electronic. Alongside accounting, technology has crept into every aspect of organizations’ operational activities, from human resources through purchasing. Technology is now rampant in any organization and will continue to grow as we see new technologies take root such as artificial intelligence, IoT, and as we relinquish greater control to technology to help us make decisions.
Even our cities are becoming more dependent on technology in order to build new, sustainable cities at a time where innovative solutions are required to cope with increasing urbanization and providing equitable services to a growing population. I have written at length of the development of smart cities in my new book ‘The Inevitable Digital Future’.
Technology then, has become the beacon of light to which all of us are flocking and in turn means that we are placing more reliance on technology. This increased reliance means that technology must be governed and audited in a robust, transparent manner and is no longer something that can be swept under the rug or dealt with in a superficial manner. Technology auditing is paramount for all organizations to ensure that it is delivering the value expected and it is effectively controlling organizational risks. Technology auditing has become as important as financial auditing and traditional auditing in the past; services which TAG.Global has been providing for half a century.
The demand that I am seeing for technology audit under my IT consulting firm, TAGITI, is now unprecedented, with regular requests from leading firms to audit their IT implementations to provide assurance to executive management that technology is in alignment with business, delivering the value expected and is in line with regulation as regulatory bodies demand greater compliance. Data is now money, and organizations must ensure their IT infrastructures are secure and in-line with international best practices.
In my mind, technology auditing is a necessity for all organizations as it:
•Reduces risk and strengthens operational controls - The planning and execution of an IT audit consists of the identification and assessment of IT risks in an organization. Once risks are assessed, there can be clear vision on what course to take - to mitigate the risks through controls, to transfer the risk through insurance or to simply accept the risk as part of the operating environment.
•Assists in compliance with regulations - The IT auditor serves a critical function in ensuring that specific regulatory requirements are being met by the client organization, which is of particular importance to banking and finance entities.
•Facilitates communication between business and technology management - An IT audit can have the positive effect of opening channels of communication between an organization's business and technology management. Auditors interview, observe and test what is happening in reality and in practice. The final deliverables from an audit are valuable information in written reports and oral presentations. Senior management can get direct feedback on how their organization is functioning.
•Aids management in oversight of technology - An organization's technology exists to support business strategy, functions and operations. Alignment of business and supporting technology is critical. IT auditing maintains this alignment and demonstrates the value of technology to the business operations.
•Improves technology governance - Central to IT auditing and to overall IT management is a strong understanding of the value, risks and controls around an organization's technology environment. More specifically, IT auditors review the value, risks and controls in each of the key components of technology including applications, information, infrastructure and people that in turn allows for better IT budgeting and planning.
TAGITI’s services in the field include:
•Application systems audit and review - The main focus here is to review the core financing systems, accounting systems features, application interfaces, and information flow, and assess it against international best practices for accounting and application systems as well as business requirements.
•General computer controls audit - This service focuses on IT controls that are designed to manage and monitor the information systems environments, in addition to the IT controls over the acquisition, implementation, delivery and support of systems and services.
•IT security audit, penetration testing and vulnerability assessment – These services allow us to identify vulnerabilities in an organization’s IT infrastructure which is essential as more services become available online. It provides assurance that infrastructures are secure and internet worthy.
It is imperative to employ the expertise of well-seasoned professionals in this area as it is highly complex. TAGITI has many years’ experience in performing such audits and I extend their expertise to any organization looking to undertake this important activity.