Achieving information security assurance: the skills readiness of the internal auditor: a case study of National Social Security Fund

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
University of Dar es Salaam
There has been a general upsurge in the changing role of internal audit in Tanzania in the past few years to due to an increasing awareness and adoption of the corporate governance principles and application of Information Technology in Tanzanian organizations. Despite this fact, little attention has been given to the role of internal audit function which is vested with the responsibility of giving assurance on organizations internal controls, risk management and governance activities. We may therefore, have limited knowledge about the internal audit readiness in handling this challenging environment. This study examines the factors that influence internal auditors’ readiness in facing the challenging Information Technology environment. The major research question was whether the results could help general level of internal auditors’ readiness in discharging their role as assurance givers in the context of NSSF. A study of sixteen internal audit staff and forty non audit staff in Dar es Salaam based offices was used to analyze the effects of Information Technology on internal audit. Using the drawn sample, the results indicate that internal auditors are not adequately ready to competently audit and provide sufficient assurance on IT driven operations of the organization. The Managerial implications and direction of further research have been discussed. Findings from this study provide evidence that internal auditors in Tanzania have currently low readiness in employing IT while discharging their professional duty of providing assurance on organizations risk management, controls and governance in their organizations. The study also shows that competency of auditors is also at stake as most of client’s data are in electronic format hence auditors audit around the computer; print out the pertinent information and then scrutinize the printed pages. As such, the study shows that the internal auditor needs to have sufficient expertise in the application of computer technology to the auditing process to be able to interview technical people, review the systems, operating documentation and installations and finally recommend controls in the systems
Available in printed form, East Africana Collection, Dr. Wilbert Chagula Library, Class mark (THS EAF HF5668.25T34O52)
Auditing, internal, Information technology, National Social Security Fund Headquarters, Tanzania
Omary, R. K (2013) Achieving information security assurance: the skills readiness of the internal auditor: a case study of National Social Security Fund, Master dissertation, University of Dar es Salaam. Dar es Salaam.