Skip Ribbon Commands
Skip to main content

Global Technology Audit Guide: Auditing Business Applications

Recommended Guidance

GTAG: Auditing Business ApplicationsBusiness applications are crucial enablers of business processes and may comprise single software programs or a collection of hardware, firmware, and software applications operating as an integrated system. This GTAG helps auditors understand why it is important to provide assurance over business applications and how to identify and assess the relevant risks and standardized and system-specific controls when performing audit engagements.

This guidance will enable internal auditors to:

  • Understand relevant risks and opportunities related to business applications.
  • Gain a working knowledge of the full life cycle of a business application, from planning and development to support and management reporting, along with the relevant risks and controls.
  • Become familiar with relevant guidance from three widely used control frameworks.
  • Plan and perform engagements to provide assurance over business applications.

Downloads and Links


Practice Guides are restricted to IIA members only.

Non-members may purchase this Practice Guide from the IIA Bookstore.

An updated edition of the International Professional Practices Framework (IPPF) guide, more commonly known as the Red Book, is now available. Visit the IIA Bookstore for more information.