IT Assurance Framework (ITAF) - Revision history

User at 18:57, 18 July 2023

2023-07-18T18:57:42Z

User at 14:59, 21 November 2022

2022-11-21T14:59:04Z

User: The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

2021-02-06T16:18:20Z

The LinkTitles extension automatically added links to existing pages (https://github.com/bovender/LinkTitles).

User: The Information Technology Assurance Framework (ITAF) provides a single source through which IT audit and assurance professionals can seek guidance, research policies and procedures, obtain audit and assurance programmes, and develop effective reports.

2019-01-03T20:52:29Z

The Information Technology Assurance Framework (ITAF) provides a single source through which IT audit and assurance professionals can seek guidance, research policies and procedures, obtain audit and assurance programmes, and develop effective reports.

User: Created page with "'''Content Coming Soon'''"

2018-12-07T02:13:02Z

Created page with "'''Content Coming Soon'''"

New page

'''Content Coming Soon'''

@@ Line 1: / Line 1: @@
-The Information Technology Assurance Framework (ITAF), published by ISACA, is a comprehensive and good-practice-setting model that:
+The Information Technology Assurance Framework (ITAF), published by [[Information Systems Audit and Control Association (ISACA)|ISACA]], is a comprehensive and good-practice-setting model that:
 *Provides guidance on the design, conduct, and reporting of IT audit and assurance assignments;
 *Defines terms and concepts specific to IT assurance;

@@ Line 1: / Line 1: @@
-The Information Technology Assurance [[Framework]] (ITAF), published by ISACA, is a comprehensive and good-practice-setting [[model]] that:
+The Information Technology Assurance Framework (ITAF), published by ISACA, is a comprehensive and good-practice-setting model that:
-*Provides guidance on the [[design]], conduct and reporting of IT audit and assurance assignments;
+*Provides guidance on the design, conduct, and reporting of IT audit and assurance assignments;
 *Defines terms and concepts specific to IT assurance;
 *Establishes standards that address IT audit and assurance professional roles and responsibilities; knowledge and skills; and diligence, conduct and reporting requirements.<ref>What is IT Assurance Framework (ITAF) [http://www.qualified-audit-partners.be/index.php?cont=806&lgn=3 QAP]</ref>
@@ Line 12: / Line 12: @@
 ITAF applies to individuals who act in the capacity of IS audit and assurance professionals and are engaged in providing assurance over some components of IS applications and infrastructure. However, care has been taken to design these standards, guidelines, and tools and techniques in a manner that may also be useful and provide benefits to a wider audience, including users of IS audit and assurance reports.
 *When should ITAF be used?
-The [[application]] of the framework is a prerequisite to conducting IS audit and assurance work. The standards are mandatory. The guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work.
+The application of the framework is a prerequisite to conducting IS audit and assurance work. The standards are mandatory. The guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work.
 *Where should ITAF IS audit and assurance standards and related guidance be used?
 ITAF’s design recognizes that IS audit and assurance professionals are faced with different requirements and types of assignments—ranging from leading an IS-focused audit to contributing to a
@@ Line 20: / Line 20: @@
-'''ITAF [[Taxonomy]] - How ITAF is Organized Hierarchically'''<br />
+'''ITAF Taxonomy - How ITAF is Organized Hierarchically'''<br />
 [[File:IT Assurance Framework.jpg|400px|Information Technology Assurance Framework (ITAF) Hierarchy]]<br />
 source: [http://www.isaca.org/Knowledge-Center/cobit/cobit-focus/PublishingImages/Forms/AllItems.aspx ISACA]
@@ Line 26: / Line 26: @@
 ===See Also===
-[[IT_Governance|IT Governance]]<br />
+*[[IT Governance]]
-[[COBIT_(Control_Objectives_for_Information_and_Related_Technology)|COBIT]]<br />
+*[[COBIT_(Control_Objectives_for_Information_and_Related_Technology)|COBIT]]
-[[ITIL_(Information_Technology_Infrastructure_Library)|ITIL]]<br />
+*[[ITIL_(Information_Technology_Infrastructure_Library)|ITIL]]
-[[Val_IT_Framework|Val IT]]<br />
+*[[Val_IT_Framework|Val IT]]
-[[Risk_IT_Framework|Risk IT]]<br />
+*[[Risk_IT_Framework|Risk IT]]
-[[Business_Model_for_Information_Security_(BMIS)|Business Model for Information Security (BMIS)]]<br />
+*[[COSO_Internal_Control_Integrated_Framework|COSO]]
-[[COSO_Internal_Control_Integrated_Framework|COSO]]<br />
+*[[Capability_Maturity_Model_Integration_(CMMI)|CMMI]]
 ===References===

@@ Line 1: / Line 1: @@
-The Information Technology Assurance Framework (ITAF), published by ISACA, is a comprehensive and good-practice-setting model that:
+The Information Technology Assurance [[Framework]] (ITAF), published by ISACA, is a comprehensive and good-practice-setting [[model]] that:
-*Provides guidance on the design, conduct and reporting of IT audit and assurance assignments;
+*Provides guidance on the [[design]], conduct and reporting of IT audit and assurance assignments;
 *Defines terms and concepts specific to IT assurance;
 *Establishes standards that address IT audit and assurance professional roles and responsibilities; knowledge and skills; and diligence, conduct and reporting requirements.<ref>What is IT Assurance Framework (ITAF) [http://www.qualified-audit-partners.be/index.php?cont=806&lgn=3 QAP]</ref>
@@ Line 12: / Line 12: @@
 ITAF applies to individuals who act in the capacity of IS audit and assurance professionals and are engaged in providing assurance over some components of IS applications and infrastructure. However, care has been taken to design these standards, guidelines, and tools and techniques in a manner that may also be useful and provide benefits to a wider audience, including users of IS audit and assurance reports.
 *When should ITAF be used?
-The application of the framework is a prerequisite to conducting IS audit and assurance work. The standards are mandatory. The guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work.
+The [[application]] of the framework is a prerequisite to conducting IS audit and assurance work. The standards are mandatory. The guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work.
 *Where should ITAF IS audit and assurance standards and related guidance be used?
 ITAF’s design recognizes that IS audit and assurance professionals are faced with different requirements and types of assignments—ranging from leading an IS-focused audit to contributing to a
@@ Line 20: / Line 20: @@
-'''ITAF Taxonomy - How ITAF is Organized Hierarchically'''<br />
+'''ITAF [[Taxonomy]] - How ITAF is Organized Hierarchically'''<br />
 [[File:IT Assurance Framework.jpg|400px|Information Technology Assurance Framework (ITAF) Hierarchy]]<br />
 source: [http://www.isaca.org/Knowledge-Center/cobit/cobit-focus/PublishingImages/Forms/AllItems.aspx ISACA]

← Older revision		Revision as of 20:52, 3 January 2019
Line 1:		Line 1:
−	'''~~Content Coming Soon~~'''	+	The Information Technology Assurance Framework (ITAF), published by ISACA, is a comprehensive and good-practice-setting model that:
		+	*Provides guidance on the design, conduct and reporting of IT audit and assurance assignments;
		+	*Defines terms and concepts specific to IT assurance;
		+	*Establishes standards that address IT audit and assurance professional roles and responsibilities; knowledge and skills; and diligence, conduct and reporting requirements.<ref>What is IT Assurance Framework (ITAF) [http://www.qualified-audit-partners.be/index.php?cont=806&lgn=3 QAP]</ref>
		+
		+
		+	ITAF provides a single source through which IT audit and assurance professionals can seek guidance, research policies and procedures, obtain audit and assurance programmes, and develop effective reports. While ITAF incorporates existing ISACA standards and guidance, it has been designed to be a living document. As new guidance is developed and issued, it will be indexed within the framework. The scope of the guidance provided in ITAF has been incorporated into the latest thinking offered in COBIT 5 <ref> IT Assurance Framework (ITAF) [https://www.isaca.org/About-ISACA/Press-room/Documents/2016-ITAF-Fact-Sheet_pre_eng_0616.pdf ISACA]</ref>
		+
		+
		+	'''Understanding The Information Technology Assurance Framework (ITAF)'''<ref> Understanding ITAF [http://www.isaca.org/knowledge-center/research/documents/itaf-3rd-edition_fmk_eng_1014.pdf isaca.org]</ref><br />
		+	*To whom does ITAF apply
		+	ITAF applies to individuals who act in the capacity of IS audit and assurance professionals and are engaged in providing assurance over some components of IS applications and infrastructure. However, care has been taken to design these standards, guidelines, and tools and techniques in a manner that may also be useful and provide benefits to a wider audience, including users of IS audit and assurance reports.
		+	*When should ITAF be used?
		+	The application of the framework is a prerequisite to conducting IS audit and assurance work. The standards are mandatory. The guidelines, tools and techniques are designed to provide non-mandatory assistance in performing assurance work.
		+	*Where should ITAF IS audit and assurance standards and related guidance be used?
		+	ITAF’s design recognizes that IS audit and assurance professionals are faced with different requirements and types of assignments—ranging from leading an IS-focused audit to contributing to a
		+	financial or operational audit. ITAF is applicable to any formal IS audit or assessment engagement.
		+	*Does ITAF address requirements for consultative and advisory work?
		+	In addition to assessment work, IS audit and assurance professionals frequently undertake consultative and advisory engagements for their employers or on behalf of clients. These assignments usually result in an assessment of a particular area; identification of issues, concerns or weaknesses; and the development of recommendations. For a number of reasons, including nature of the work, scope of the engagement, independence and degree of testing, the work is not considered an audit and, therefore, the IS audit and assurance professional does not issue a formal audit report. ITAF has not been designed to address specific requirements with respect to this consultative and advisory work.
		+
		+
		+	'''ITAF Taxonomy - How ITAF is Organized Hierarchically'''<br />
		+	[[File:IT Assurance Framework.jpg\|400px\|Information Technology Assurance Framework (ITAF) Hierarchy]]<br />
		+	source: [http://www.isaca.org/Knowledge-Center/cobit/cobit-focus/PublishingImages/Forms/AllItems.aspx ISACA]
		+
		+
		+	===See Also===
		+	[[IT_Governance\|IT Governance]]<br />
		+	[[COBIT_(Control_Objectives_for_Information_and_Related_Technology)\|COBIT]]<br />
		+	[[ITIL_(Information_Technology_Infrastructure_Library)\|ITIL]]<br />
		+	[[Val_IT_Framework\|Val IT]]<br />
		+	[[Risk_IT_Framework\|Risk IT]]<br />
		+	[[Business_Model_for_Information_Security_(BMIS)\|Business Model for Information Security (BMIS)]]<br />
		+	[[COSO_Internal_Control_Integrated_Framework\|COSO]]<br />
		+	[[Capability_Maturity_Model_Integration_(CMMI)\|CMMI]]
		+
		+
		+	===References===
		+	<references />
		+
		+
		+	===Further Reading===
		+	*A Global Look at IT Audit Best Practices [https://www.protiviti.com/sites/default/files/united_states/insights/6th-annual-it-audit-benchmarking-survey-isaca-protiviti-2017.pdf Protiviti]
		+	*A Prelude to IT Assurance Framework [http://elisa.ugm.ac.id/user/archive/download/7932/60ee52e1e805803622ccda6e8b4aaf4b Ravi Muthukrishnan, CISA, CISM, FCA]