Examining the role of IS audit in the public sector

There is a tension in the role of the IS auditor in public sector financial audits. Budgets for the conduct of such audits are tight. However, systems facilitating the production of financial reports are increasingly complex. How can IS audit be most effectively used to improve audit effectiveness and efficiency? Accordingly, this research reports the results of 23 extended interviews with public sector auditors from four public sector audit offices in contemplation of the IS audit function’s role in the public sector.

Overall, the evidence supports the expectation that financial IS audit increasingly contributes to audit planning, is more involved when significant changes to existing IS are made or new IS are implemented, and increasingly utilizes sophisticated tools to support the financial audit. By contrast the evidence does not support the expectation that financial IS audit is increasingly involved in the implementation of continuous auditing and undertaking application control reviews.

Training of future IS auditors should aim to ensure a strong understanding of IS audit’s role in the audit planning process. The results also imply that training for future IS auditors in environment and system general controls, and in sophisticated data mining and knowledge discovery tools, is crucial.