(a) The IT Internal Auditor shall be responsible for evaluating the effectiveness of the organization’s IT controls and risk management structures in operations, systems, policies, strategies and practices for the achievement of the organizational objectives. He/she shall equally evaluate the impact of financial and business practices and controls on IT resources.
(b) The IT Auditor shall also evaluate the effectiveness of the security of records and data. He/she shall carry out consultations with IT and business owners on IT controls to be deployed in new IT Projects.