Technical audit (TA) is an audit performed by an auditor, engineer or subject-matter expert evaluates deficiencies or areas of improvement in a process, system or proposal. Technical audit covers the technical aspects of the project implemented in the organization. For this, an auditor should have a deep knowledge of development, design and security standards, user needs and ethical considerations, with latest algorithms updates.
Objectives of technical auditing
- The technical operations are being performed as per requirement.
- Sound framework of control is in place to sufficiently mitigate the potential risk, with potential ethics and harm reduction as factors.
- The procured technical equipment is technically suitable for the purpose.
- Authority and responsibility for operating activities are assigned properly.
- Information system is adequate to provide assurance of operating activities being performed properly.
- If applicable, the system is updated to incorporate user values (e.g., in the case of ethical artificial intelligence algorithm auditing).
Concentration of technical auditing
- Planning and design
- Procurement or purchase
- Implementation
- Impact of project
Areas to be covered by technical audit
Planning and design |
|
Procurement/Purchase |
|
Implementation |
|
Impact of project
|
- Need analysis & Demand analysis
- Technical Specification preparation and authorization
- Quality Assurance and Experience of Supplier required in the project
- If applicable, solicit feedback from or design with users
|
→ |
- Compliance with Financial Manual
- Independent evaluation of received proposal.
|
→ |
- Timely completion of project
- Provision of liquidity damage in case of delay in project completion.
- Acceptance Test Report
|
→ |
- Reduction in operation cost or improvement in operation.
- Increase market share
- Improvement in Key Performance Indicator (KPI)s
- Increase customer loyalty or decrease customer churn
- Increase Revenue of the company
- Reduce risk to users
|
Benefits of technical auditing
- Improvement in internal control systems to mitigate the potential risk.
- Improvement in the quality of service.
- Assurance of Revenue.
- Transparent and cost effective procurement of goods and services.
- Completion of project on time.
- Reduction of project cost and annual operating cost.
- Helps re-scheduling of project activities.
- Performance improvement of a system.
- Harm reduction and centering of system users' values.
Incorporation of users in technical auditing
While there are methods that developers and researchers can leverage to gain information for effectively auditing systems, such as the scraping approach (i.e., issuing repeated queries and observing system behavior) or code audits (i.e. using tests to understand what vulnerabilities may exist in the source code),[1] it is sometimes the case that users' insight is critical to understand problems with a system (e.g., concerning the ethics of artificial intelligence). As such, there are methods of soliciting (nontechnical) user perceptions and feedback to support a technical algorithm audit. For example, in noninvasive user auditing, researchers and developers may survey users in conjunction with user activity (e.g., through activity logs) to understand interactions with the system and unmet needs that could benefit from auditing.[1] Crowdsourced or collaborative auditing is another approach, in which users are considered as testers, sometimes specifically hired to do so, to provide feedback about system design and behavior.[1] With a trend toward user-centered, ethical systems (e.g., to avoid issues in which harm or bias may go unchecked due to lack of expertise or knowledge that only a diverse range of users can surface), incorporation of users' feedback in the auditing process is becoming increasingly common.
See also
References