Abstract:
Information Technology Audit (ITA) has become very important aspect in the Information Technology (IT) industries today since it helps to minimize some of the irregularities in institutions/industries. The Defense-in-Depth (DiD) theory has been accepted by most information security specialists and has been adopted by the Department of Defense (DOD) as a general methodology for improving any organization's information security posture. It means therefore that every IT Audit framework developed should gear towards the Defense-In-Depth theory. It has been observed from documentary pertaining information Technology Audit that none of today’s information technology (IT) audit frameworks incorporate all aspects of the DiD theory.
In this research work the researcher identified shortcomings of some accredited existing IT audit frameworks, in particular, relating to Micro finance institutions and develop IT audit framework that addresses the main aspect of Defense-in-Depth (DiD) theory. Therefore, the main purpose of this research work is to come out with a holistic Information Technology Audit framework that incorporates the general aspects of Defense-in-Depth (DiD) theory that can serve as a guide in Information Technology Audit for micro finance institutions in Ghana.
