Title: Assurance and consultancy internal audit roles in information technology risk management

Authors: Reda Elazab; Ismail Gomaa

Addresses: Department of Accounting, Faculty of Commerce, AlAlamein International University, Damnhour University, Egypt ' Department of Accounting, Faculty of Commerce, Alexandria University, Egypt

Abstract: The study explores the extent of internal audit involvement in information technology (IT) risk management. Hence, the paper proposes new assurance and consultancy internal audit roles in IT risk management. Using the data collected from 75 internal auditors through an exploratory study in Egypt, a framework of internal auditing roles in IT risk management is identified. The collected assurance and consultancy internal audit roles in IT risk management might help different parties such as management, audit committee, IT professionals to be more adaptable in assessing and monitoring IT risks. This study's contributions have important implications for exploring the extension of the internal audit profession in IT risk management. The paper is also one of the first to deal with the assurance and consultancy internal audit roles in IT risk management.

Keywords: assurance and consultancy roles; internal audit; information technology; risk management.

DOI: 10.1504/IJAUDIT.2022.129418

International Journal of Auditing Technology, 2022 Vol.4 No.4, pp.241 - 265

Received: 02 Jul 2021
Accepted: 27 Sep 2021
Published online: 09 Mar 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article