30th Annual Meeting of the INTOSAI Working Group on IT Audit
The 30th meeting of the INTOSAI Working Group on Information Technology Audit (WGITA) was held on September 1, 2021, which was attended by 90 representatives.
During the meeting, the representative of the SAI Mexico Mr. Hernandez, presented the stages of work on the project for the development of the Cybersecurity and Data Protection Guideline. At the moment, the structure of the document and the approximate content of its chapters were developed. In the future the document will be presented to the members of the WGITA and interested parties for detailed study.
The representative of the SAI India Mr. Dasgupta spoke about the latest achievements in the field of IT function management audit and the development of the Guidance doc on IT Audit Management, which is planned to be finalized by April 2022. The guide will include sample elements of the subject area within the INTOSAI standards, risk identification studies, examples of best practices and audit programs.
The pandemic has had a significant impact on the WGITA's activities and the implementation of its projects. Thus, the representative of the SAI Pakistan, Mr. Geba, said that the terms of the project to develop a Guidance on Performance Evaluation of Information Systems have been extended until 2023.
The USA SAI has carried out work on revising the main WGITA documents for their relevance at the present time. Based on the results of the work done, the US VA came to the conclusion that 8 of the 13 documents considered are not relevant, 3 documents are relevant, two are not amenable to evaluation. WGITA was recommended to archive outdated documents and conduct a survey among the group members on the need to review outdated documents and update them.
The SAI Bhutan, represented by Mr. Delma, spoke about the work on the formation of an IT Audit Database in the WGITA Webpage on the INTOSAI Community Portal. The main goal of the project is the exchange of IT audit reports and the dissemination of information about IT audit.
In addition, the meeting discussed ways of further interaction and synergy with the INTOSAI EUROSAI working groups, AFROSAI-E working bodies, and INTOSAI Development Initiative.