Machine learning and artificial intelligence techniques adopted for IT audit

Research background and purpose: The rapid advancement of artificial intelligence (AI) and machine learning (ML) is reshaping IT audit practices by enhancing cybersecurity through improved risk management, technological integration, and data-driven strategies. Despite these advancements, there is a lack of comprehensive frameworks that fully integrate AI and ML into IT auditing, particularly for addressing complex threats like Advanced Persistent Threats (APTs). This study aims to explore these technologies' potential to transform IT audits. Design/methodology/approach: A Systematic Literature Review (SLR) was conducted, analyzing studies from Scopus and Web of Science to identify trends and gaps in applying AI and ML in IT audits. Key areas of focus included risk management frameworks, cybersecurity methodologies, and emerging AI-driven audit techniques. Findings: The review underscores AI and ML's pivotal roles in predictive analytics, anomaly detection, and real-time risk assessment. Frameworks like Transfer, Accept, Reduce, Avoid (TARA) and methodologies such as the Experimental Framework for Detecting Cyber-Attacks (ECAD) illustrate practical AI applications. The research also highlights the integration of blockchain, cloud computing, and game theory in enhancing cybersecurity audits. Nonetheless, challenges such as data quality and ethicalconsiderations remain significant. Value added and limitations: This study contributes to IT auditing literature by providing a structured analysis of AI and ML applications, highlighting emerging trends, and suggesting future research directions. Limitations include reliance on existing studies and the evolving nature of AI technologies. Future work should focus on empirical validation of AI-driven audit models and developing standardized frameworks to ensure robustness and reliability in IT audits.