ISACA Updates Audit Framework to Address AI, Digital Trust
Event summary
- ISACA released the 5th edition of its IT Audit Framework (ITAF) on February 26, 2026.
- The update incorporates terminology, examples, and scope changes to address emerging technologies like cloud computing, AI/ML, and business automation.
- ITAF provides standards for IT audit and assurance professionals, covering ethics, responsibilities, and audit practices.
- The framework includes an updated ITAF Companion Performance Guidelines 2208 for audit sampling.
- Mary Carmichael, Executive Advisor at Momentum Technology, led the development of the 5th edition.
The big picture
The update to ITAF signals a growing recognition of the need for specialized audit practices in an environment increasingly dominated by AI and cloud technologies. With over 195,000 members globally, ISACA’s framework carries significant weight in shaping IT audit standards and influencing organizational practices. The emphasis on digital trust reflects a broader shift towards greater accountability and transparency in the use of technology, particularly as regulatory scrutiny intensifies.
What we're watching
- Adoption Rate
- The speed at which audit teams adopt the new framework will indicate the industry’s responsiveness to evolving digital trust concerns and the perceived value of ISACA’s guidance.
- AI Governance
- How effectively the framework’s AI audit guidance is implemented will shape the broader landscape of AI governance and accountability within organizations.
- Competitive Response
- Other standards bodies may react to ISACA’s enhanced framework, potentially leading to a consolidation or fragmentation of IT audit best practices.
Related topics