ITASA illustration

Research & Training Hub

Team leader

National Audit Office of Estonia
Mr Alvar Nõuakas
This email address is being protected from spambots. You need JavaScript enabled to view it.

As audit institutions are increasingly expected to evaluate and audit the risks related to new technologies, it is becoming vital for every public-sector auditor to have basic IT knowledge – they must understand IT-related risks and use different IT tools for auditing.

Furthermore, in this dynamic environment, IT auditors are expected to be the experts who empower their institutions with a thorough understanding of IT security and operations. These developments are relevant for all audit types. For example, as financial auditing requires giving an assessment of the integrity and level of protection of financial assets stored today mainly in IT systems, specific IT expertise (e.g. application controls, IT security measures, IT-Grundschutz and ISO 27000 series) need to be developed.

To enhance SAIs’ impact, the Moscow declaration encourages SAIs to nurture the auditors of the future who can employ data analytics, artificial intelligence tools, and advanced qualitative methods as well as enhance innovation and act as strategic players, knowledge exchangers, and producers of foresight.

Research and Training Hub focuses on capacity building of SAI's in the field of IT auditing. It relies on the cooperation between ITWG experts for research and comparison of IT auditing tools and methodologies in different guidelines and practices.

Training course “IT audit for non-IT auditors"

The purpose of the training course “IT audit for non-IT auditors" is to increase the quality and impact of contemporary audits that frequently include IT components. Therefore, non-IT-auditors would benefit from basic knowledge about IT auditing provided in the training course. The first module "IT audit in a supreme audit institution“ is available to start learning. The first module has five chapters, it starts with an overview of SAI audits with IT components followed by addressing IT components in SAI audits, standards and frameworks relevant to the IT audit, planning of an audit with an IT component, and IT auditing methods. The EUROSAI ITWG Moodle is operated by the EUROSAI ITWG Secretariat / the National Audit Office of Estonia. To take the course, please go to and create your account.