What is an IT audit (information technology audit)? An IT audit is the examination and evaluation of an organization's information technology, operations and controls.
What does an IT audit do? Information technology audits determine whether IT controls protect corporate assets, ensure data integrity and are aligned with the business's overall goals. IT auditors examine not only logical and physical security controls but also overall business and financial controls that involve information technology systems.
Because operations at modern companies are increasingly computerized, IT audits are used to ensure information-related controls and processes are working properly. The primary objectives of an IT audit include the following:
Evaluate the systems and processes in place that secure company data. Verify that IT controls are being regularly practiced and maintained. Determine risks to a company's information assets and identify methods to minimize them. Ensure information management processes are in compliance with IT-specific laws, policies and standards. Determine inefficiencies in IT systems and associated management.