What is an information technology (IT) audit?
An IT audit is the review and evaluation of IT infrastructure, applications, data usage and management, policies, procedures and operational processes against recognized standards or established policies. Audits assess whether controls can protect IT assets and ensure integrity and are aligned with organizational goals and objectives.
What does IT audit process?
An IT audit determines whether IT controls and protects a company’s assets, while ensuring data integrity and aligning with a business’ overall goals. An IT audit usually follows the same pattern as a regular financial statement audit. There are four main stages of an audit: planning, testing controls, substantive tests, and completing/reporting the audit.
What should an IT audit include?
- Investigating IT audit strategies
- Investigating the organizational structure of IT
- Review of IT policies and procedures
- Checking IT standards (related to the relevant industry)
- Review of IT documents according to the relevant standards
- Investigating the processe and performance of employees and interviewing relevant personnel.