Skip Ribbon Commands
Skip to main content

Global Technology Audit Guide (GTAG) 12: Auditing IT Projects

GTAG 12Whether IT projects are developed in house or are co-sourced with third-party providers, they are filled with challenges that must be considered carefully to ensure success. Insufficient attention to these challenges can result in wasted money and resources, loss of trust, and reputation damage. Early involvement by internal auditors can help ensure positive results and the accompanying benefits. They can serve as a bridge between individual business units and the IT function, point out previously unidentified risks, and recommend controls for enhancing outcomes.

Auditing IT Projects provides an overview of techniques for effectively engaging with project teams and management to assess the risks related to IT projects. This GTAG includes:

  • Key project management risks.
  • How the internal audit activity can actively participate in the review of projects while maintaining independence.
  • Five key components of IT projects for internal auditors to consider when building an audit approach.
  • Types of project audits.
  • A suggested list of questions for use in the IT project assessment.​

Downloads and Links

Non-members may purchase this GTAG from the IIA Bookstore.


An updated edition of the International Professional Practices Framework (IPPF) guide, more commonly known as the Red Book, is now available. Visit the IIA Bookstore for more information.