New ISACA publication highlights auditor’s machine learning techniques and compliance risks

Schaumburg, Illinois –(Business Wire)– The increase in the use of machine learning (ML) worldwide has increased the need for IT auditors to understand the technology. ISACA’s new white paper series, The Audit Practitioner’s Guide to Machine Learning, Part 1: Techniques and The Audit Practitioner’s Guide to Machine Learning, Part 2: Compliance RiskProvides auditors with guidance on technology-related opportunities, risks and compliance requirements.

With these resources, auditors can gain a better understanding of the complex and sometimes challenging process involved in building machine learning applications, as well as related considerations involving data pipelines and the software development life cycle.

The Part 1 document outlines the roadmap followed for ML adoption and the associated key risk factors that auditors should investigate, including:

  • data governance

  • data engineering

  • feature engineering

  • model training

  • Model evaluation

  • Model deployment/prediction

Part 2 explores key laws, regulations, and industry standards involved in ML audit data compliance, including:

  • Legality, fairness and transparency of personal data used in machine learning

  • Data minimization and data security

  • Accountability and Governance

  • consumer’s right to know

“Having a solid machine learning background gives auditors a better understanding of the development cycle from both a technical and business perspective,” said Robin Lyons, ISACA’s IT Audit Professional Practice Leader. “This enables IT auditors to assess ML risk exposure and Provides management with guidance on actionable procedures to mitigate risk and support compliance.”

Download free copies of Parts 1 and 2 The Audit Practitioner’s Guide to Machine Learning, visit and Additional resources on IT auditing provided by ISACA can be found at


For over 50 years, ISACA® ( provides individuals and businesses with the knowledge, credentials, education, training and community to advance their careers, transform their organizations, and build a more trustworthy and ethical digital world. ISACA is a global professional association and learning organization that draws on the expertise of its more than 165,000 members working in digital trust areas such as information security, governance, assurance, risk, privacy and quality. It operates in 188 countries, including 225 chapters worldwide. Through its One In Tech Foundation, ISACA supports IT education and career paths for underresourced and underrepresented populations.

Source link