With the resilience of machine learning in modern technologies, the demand for Information Technology auditors has increased significantly. Studying the developments in the field, ISACA publications shared insights into machine learning, focusing on utilizing the technology.
The two new white papers from ISACA, Audit Practitioner’s Guide to Machine Learning, Part 1: Technology and Audit Practitioner’s Guide to Machine Learning, and Part 2: Compliance Risk, shared an industry-driven insight into the technology that is offering modern infrastructure for IT auditors to find new opportunities, drawbacks, and compliance requirements in the contemporary world.
The whitepapers explain the use of machine learning and how auditors can gain a deeper understanding of the complicated and occasionally tricky process of creating machine learning applications and related issues regarding the data pipeline and software development lifecycle.
ISACA publications on machine learning
Though the publication has a deeper, more linear phase of guiding IT auditors on using and implementing machine learning in different stages of development, they offer a quick roundabout on how the ML application can help organizations grow. Here is a quick breakdown of the Part 1 paper and what readers can look forward to:
- Data governance
- Data Engineering
- Feature engineering
- Model training
- Model evaluation
- Model deployment/prediction
Part 2 explores the fundamental laws, regulations, and industry standards involved in data compliance for ML auditing, including:
- Lawfulness, fairness, and transparency of personal data used in ML
- Data minimization and data security
- Accountability and governance
- Consumer’s Right to Know
According to Robin Lyons, Principal of IT Audit Professional Practices at ISACA, with enhanced knowledge and experience in machine learning, auditors could better understand the development cycle’s commercial and technical viewpoint. This would give the management guidance for practical practices to mitigate risk and promote compliance, enabling IT auditors to assess ML risk exposures.