The Internal Audit Function in Information Technology Governance: A Holistic Perspective

The internal audit function's (IAF) role has evolved from traditional (accounting and financial control) to more strategic (governance). The business environment has changed as well, and nowadays relies considerably on information technology (IT). Only a few studies have investigated IT governance from a holistic perspective. Further, no study has closely examined IAF involvement in IT governance as a whole. This study uses a holistic approach to describe IAF involvement in IT governance and to explore the influence of IAF characteristics on this involvement. Survey results indicate that IAF involvement in IT governance structures, processes, and relational capabilities has not fully expanded. Also, IAF resources and IT audit experience, IT personnel and IT training/certification, and interaction between the IAF and board of directors committees influence IAF involvement in overall IT governance. These IAF characteristics influence each dimension of IAF involvement in IT governance differently. The overall results should be useful to internal auditors, senior executives, and board members seeking to enhance, assess, or make changes to their organization's IT governance.