ISACA Launches Future‑Ready IT Audit Framework Update to Strengthen Digital Trust in an AI‑Driven Environment

SCHAUMBURG, Ill.--(BUSINESS WIRE)--Recent rapid evolution in the technology space has led to significant shifts and new considerations for the audit profession as well. IT audit and assurance professionals can arm themselves with new tools to help them keep pace, including ISACA’s newly updated IT Audit Framework (ITAF): A Professional Practices Framework for IT Audit. The revamped 5^th edition now incorporates updated terminology, refreshed examples, and expanded scope to better address emerging technologies, digital trust considerations, and evolving audit practices.

The revised ITAF features ISACA's updated global IT audit standards and guidelines.

Share

A longtime mainstay for audit and assurance professionals, ITAF was last updated in 2020. The comprehensive IT audit framework establishes standards that address IT audit and assurance practitioners’ roles and responsibilities, ethics, expected professional behavior, and required knowledge and skills; defines terms and concepts specific to IT audit and assurance; and provides guidance and techniques for the planning, performing and reporting of IT audit and assurance engagements.

ITAF, 5th Edition, enhances clarity, integrates ISACA’s newest resources, including AI audit guidance, and aims to support both traditional assurance functions and modern audit teams using data analytics, automation, agile methods, and AI. The new framework places greater emphasis on governance, transparency, and readiness for advanced technologies while providing more practical, flexible, and globally relevant guidance, including through:

• Modernization of content and scope: Updates terminology, definitions, and examples to reflect today’s technologies—such as cloud computing, AI/ML, and business automation—moving beyond the traditional IT control focus of the previous edition.
• Integration of digital trust and emerging technologies: Incorporates digital trust concepts throughout planning, fieldwork, and reporting, and adds guidance for AI/ML auditing aligned with ISACA’s AI audit guidance and the broader digital trust ecosystem.
• Increased flexibility, practicality, and usability: Introduces language suitable for organizations of all sizes, adds practical examples, and improves clarity through a modernized layout.
• Expanded audit practices and governance expectations: Broadens the scope of IT audit to include data analytics, agile auditing, continuous assurance, and AI governance, with enhanced expectations for transparency, ethical technology use, and oversight of automated systems.

This latest edition also includes an updated ITAF Companion Performance Guidelines 2208 that provides IT audit and assurance professionals with guidance in the design, selection, and evaluation of audit samples to obtain sufficient and appropriate evidence supporting audit conclusions. The updated guidelines better reflect data-driven and technology-enabled audit sampling approaches.

“As technology rapidly advances, it is essential for IT audit and assurance professionals to keep pace with changing tech and industry standards to ensure they are most effective in conducting engagements and ensuring their organizations comply with mandatory requirements,” said Mary Carmichael, Executive Advisor and Principal Director, Strategy and Risk at Momentum Technology, and the lead developer for ITAF, 5th edition. “The expanded and updated ITAF gives IT auditors a robust tool and trusted guidance for navigating today’s new challenges and ensuring trust in an increasingly complex and interconnected digital ecosystem.”

To access the complimentary ITAF, 5^th Edition, visit https://store.isaca.org/s/store#/store/browse/detail/a2SVQ0000029jHh2AI/. Explore ISACA’s IT audit resources at https://www.isaca.org/resources/it-audit.

About ISACA
For more than 55 years, ISACA^® (www.isaca.org) has empowered its community of 195,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. In more than 190 countries and with more than 230 chapters worldwide, ISACA offers resources tailored to every stage of members’ careers. Through the ISACA Foundation, ISACA expands IT and education career pathways, fostering opportunities to grow the next generation of technology professionals.