logo
Search
Vol. 69 No. 4 (2025), Researches
Vol. 69 No. 4 (2025)

Methodological foundations of IT audit and evaluation of the effectiveness of government agencies in the use of ICT in the Republic of Kazakhstan

Researches
https://doi.org/10.55871/2072-9847-2025-69-4-116-128
Published 2025-12-29
Shakirova N.A.
E-finance Center
Рахметов N.Zh.
Center for Research, Analysis and Evaluation of Effectiveness
Syzdykova A.S.
E-finance Center
Bokayev В. N.
Syracuse University Maxwell School of Citizenship and Public Affairs
https://orcid.org/0000-0002-1037-7085
PDF (Ру)

Keywords

IT audit
information security
ISSAI 5300
COBIT 2019
ISO 27001
state audit
ICT efficiency

How to Cite

Shakirova Н., Rakhmetov Н., Syzdykova . А., & Bokayev Б. (2025). Methodological foundations of IT audit and evaluation of the effectiveness of government agencies in the use of ICT in the Republic of Kazakhstan. «МЕМЛЕКЕТТІК АУДИТ – ГОСУДАРСТВЕННЫЙ АУДИТ», 69(4), 116–128. https://doi.org/10.55871/2072-9847-2025-69-4-116-128
ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver

Download Citation

Endnote/Zotero/Mendeley (RIS) BibTeX

Abstract

The article presents the results of a comprehensive research work aimed at studying the methodological, regulatory and practical aspects of the implementation of IT audit in the public administration system of the Republic of Kazakhstan. The study covers the analysis of existing approaches to assessing the effectiveness of information and communication technologies (ICT) in government agencies and their relationship to the current international auditing standards ISSAI 5300, COBIT 2019 and ISO/IEC 27001. Based on a comparative analysis of the national practice of state audit and foreign approaches used in the Supreme Audit Institutions of other countries, an updated comprehensive methodology for conducting IT audit has been developed. The proposed methodology includes tools for assessing the digital maturity of government agencies, analyzing the effectiveness and efficiency of IT processes, as well as integrating information risk management measures. The methodological basis for improving the methodology is a three-level integration: combining international standards ISSAI 5300, COBIT 2019 and ISO/IEC 27001 with national regulatory requirements; the introduction of a combined model for assessing digital maturity adapted to the realities of Kazakhstan; the use of a system of quantitative indicators and qualitative indicators of the effectiveness of IT processes. The improved methodology ensures the integration of quantitative performance indicators, risk-based analysis of the ICT infrastructure and principles of information technology manageability in government agencies. The implementation of the proposed methodological approaches and tools will allow the state bodies of the Republic of Kazakhstan and audit bodies to: increase transparency and objectivity in assessing the state of digital transformation; improve the quality and validity of audit reports and recommendations; ensure the effectiveness of ICT implementation processes and the rational use of IT resources; reduce information risks and increase information security. 

https://doi.org/10.55871/2072-9847-2025-69-4-116-128
PDF (Ру)