Research Opportunities in Information Technology and Internal Auditing

This paper presents research opportunities in the area of information technology (IT) within the context of the internal audit function. Given the pervasive use of IT in organizations and the new requirements of the Sarbanes-Oxley Act of 2002, internal audit functions must use appropriate technology to increase their efficiency and effectiveness. We develop IT and internal audit research questions for three governance-related activities performed by the internal audit function-risk assessment, control assurance, and compliance assessment of security and privacy