Introduction

IT Auditors are fast becoming part of management strategic partner since most
aspects of the organisation run on IT systems and IT auditors play a major role to
ensure that the systems are up to scratch and they are performing to enhance
the element of elevating the organisation thereby safeguarding a shareholders
equity.
But it should be noted that IT Audit has often times left out a critical element,
most often the Audit process dwell much on already implemented systems and
leave out systems that are being developed. This oversight has impacted
negatively to the IT Auditors themselves and the organisation as a whole. In this
writeup we look at the major role of IT Audit in the Systems Development Life
Cycle.
The Role of an IT Auditor in the Systems Development Life Cycle
To look at the role of an IT Auditor in the systems development Life Cycle the
SDLC has to be looked at from an IT Auditors point and not from a Developer or
analysts perspective. So the question is how does an IT Auditor look at the
SDLC??
A generalized systems development life cycle methodology, viewed from the
auditors perspective, should encompass the following phases: investigation,
analysis and general design, detailed design and implementation, installation,
and review. These can be compacted to be Analysis, Development, Testing and
Implementation
The reason why there is need for audit involvement in systems development
encompasses reasons of:

Economy
continuity
complexity
cost effectiveness
auditability.

The auditors major contributions to the systems development life cycle (SDLC)
stem from:

minimizing the degree of risk to the organization

assuring that all aspects of the project are documented fully, in

accordance with organizational policy

Thus in the Systems Development Life Cycle an IT Auditors role will come in at:

Pre-Implementation:- this is where they will monitor the analysis, design,

development and testing up to the implementations stage to make sure
that the system being developed is effective, adhering to cost margins,
checks are being implemented with an effective pre-implementation audit
issues are corrected before installation or handover which is often times

time saving and cost effective

Post Implementation:- this is the IT Audit that most organisations are
familiar with where the IT Auditors will Audit IT Systems as they are being
used. It also helps to review the system if they are doing what they were
meant to do and to find out ways and means to perfect

It should be noted that software designers and analysts see IT Auditors in the
SDLC as a constant pain rather than a partner and financially they believe that
the External IT Auditors are an unnecessary cost if they are also involved in first
stages of the SDLC.
Conclusion
The presence of an IT Auditor in the systems development life cycle plays a
major role in the systems development and its outcome. When there is an
Auditor during the whole process checks and balances are provided along the
way, corrections are made as issues are detected by the IT Auditor, development
and SDLC budgets are also checked and adhered to but the major element of
having an IT Auditor during the whole systems development lifecycle is that the
systems that are developed are holistic with very few errors as most of the
aspects are corrected along the way.