1937年5月12日, 对阿尔伯特来说是美好的一天吗, more formally known as Albert Frederick Arthur George Saxe-Coburg-Gotha.1 前一天,他还只是约克公爵. 但在5月12日,他成为了英国国王乔治六世.2 作王, Albert was said to have taken his unexpected kingly responsibilities seriously and, 值得注意的是, 谁是第一位访问美国的英国君主.3 阿尔伯特是如何发现自己处于如此幸运的境地的? 他的兄弟爱德华八世放弃了王位. 至于为什么,最好留到下次再说. But what makes Albert and Edward’s story relevant to the field of audit is abdication, or the relinquishing of responsibilities by 1 party and the acceptance of those responsibilities by another.
在2022年报告中 从IT审计的角度看当今的主要技术风险 由Protiviti和ISACA提供, 67% of respondents self-identified as having (or having access to) the talent or skills necessary to perform their duties.4 属于同一群体, when asked about their primary strategies for acquiring talent and skills, 56%的受访者表示,他们将培训/发展现有员工, 21%的人说他们会雇佣新员工, 15%的人表示他们会共同招聘员工.5 区分外包和共同外包, co-sourcing can be defined as an audit function’s active participation with another group to leverage that group’s specialized skills/knowledge or availability with the objective of enhancing the audit function’s own skills/knowledge.
Co-sourcing can be defined as an audit function’s active participation with another group to leverage that group’s specialized skills/knowledge or availability with the objective of enhancing the audit function’s own skills/knowledge.
Organizations that opt to develop their existing staff are able to access the skills required to meet their audit needs. 同时, auditors are growing their careers through ongoing practical professional development. For the “have-not” enterprises (the 33% that do not already have access to the necessary talent or skills), is co-sourcing underutilized as an option to meet IT audit talent demands? Without data specifically concerning this area, it is difficult to know. But I can say with certainty that there are perceived barriers to co-sourcing.
Those who are dedicated to the practice of IT audit receive an introduction to due professional care or the concept of having adequate knowledge and professional competence to do their jobs early in their careers.6 Due professional care creates a sense of responsibility and accountability that auditors closely associate with their work. So, 这是合乎情理的, that auditors may resist relying on others to complete work for which they are responsible. After all, who wishes to be perceived as dodging their responsibilities, or abdicating?
Due professional care creates a sense of responsibility and accountability that auditors closely associate with their work.
There are a number of suggestions for overcoming the perceived barriers to co-sourcing, including:
- Self-educate. 一旦确定了审计主题, 审核员可以自我评估需要知识或技能的领域. If formal training is not available, on-demand resources can be accessed. Once the internal or external subject matter experts (SMEs) are available to collaborate on the project, the auditor will have already identified and addressed the high-priority areas where enhancements to their knowledge base are needed.
- 积极参与中小澳门赌场官方下载. Many auditors may have reached points in their careers where they typically serve as mentors. When co-sourcing, however, the roles may be reversed and the auditor may act as the mentee. 这完全可以接受. The auditor should reflect on early career experiences and revisit the role of learner. They can ask questions and initiate discussions to ensure that their understanding of newer technology and performance of newly acquired skills are accurate. 在可能的情况下参加测试是明智的.
- 自我评估. As the project is coming to its end, the auditor should take an opportunity to reflect. Were the knowledge or skill areas identified at the beginning of the project still relevant? Or did the project reveal other areas where knowledge and skills should be enhanced? It is possible that areas thought to be important initially are actually lower priority in the larger picture. It is important to conduct this self-evaluation as the project is ending, not after it has ended. The internal or external resources with whom the auditor partnered are still engaged with the project. So, they are still available for guidance on addressing knowledge or skill deficiencies.
结论
As the number and complexity of topics in which IT auditors are expected to have expertise continues to grow, 共同外包是一种可用但不常用的选择. 作为与内部或外部资源有目的的伙伴关系, co-sourcing simultaneously meets enterprise objectives and facilitates upskilling. This partnership makes sure that auditors are not in jeopardy of abdicating anything. 和艾伯特一样,审计员的处境也很幸运. They retain the due professional care that is a hallmark of the profession while actively developing the knowledge and skills needed to remain up-to-date.
尾注
1 传记.com”,乔治六世, 2017年4月27日
2 同前.
3 历史。”King 乔治六世 Becomes the First British Monarch to Visit the United States, 2010年2月9日
4 ISACA®Protiviti的, 从IT审计的角度看当今的主要技术风险2022年,美国
5 同前.
6 ISACA, 资讯科技审核架构2020年,美国
Robin Lyons, CISA, CDPSE, CIA
Is a professional practices principal leading ISACA’s IT audit practice. 她从事IT审计工作, risk and governance professionals by developing guidance and tools that assist them in their practices. 加入ISACA之前®, Lyons was a Payment Card Industry Data Security Standard (PCI DSS) subject matter expert for a Fortune 200 enterprise and an internal audit director for an institution of higher education.