What audit technique provides the best evidence of segregation of duties in an IT department?

The best technique for providing evidence of segregation of duties in an IT department is through observation and interviews. This approach allows the auditor to directly witness the interactions and workflows within the department. By observing how tasks are performed and how individuals interact in executing their responsibilities, the auditor can assess whether duties are effectively separated to minimize the risk of fraud or error.

Interviews also play a crucial role, as they provide insights into the understanding and implementation of segregation of duties from the perspective of the personnel involved. Through discussions with employees, auditors can gather information about their roles, responsibilities, and whether there are any overlaps that could pose risks to the organization.

Collectively, these methods provide robust evidence regarding the actual practices in place within the IT department, making them more effective than merely reviewing an organization chart or having discussions with management. While foundational, these other methods do not offer the same level of direct evidence regarding the execution and effectiveness of the segregation of duties.