An Information Technology (IT) Audit is review of Organization’s Management, Operational and Technical Controls.

The prime objective of IT Audits includes:

 

• Evaluating the reliability of Data from IT Systems which have an impact on the Financial Statements.

• Ascertaining the Level of Compliance with the applicable Laws, Policies and Standards in relation to IT.

• Ensuring if there are instances of excess, extravagances, inefficiency and wastage in the use and management of IT Systems.

• Ensures asset safeguarding – assets includes: Data, Application Systems, Technologies, Facilities, People, etc.

• Ensures that Effectiveness (EF), Efficiency (EC), Confidentiality (C), Integrity (I), Availability (A), Compliance (CO), and Reliability of Information (RI), all these seven (7) attributes of data or information are maintained.

 

IT Audits are important because it gives assurance that the IT Systems are adequately protected, provide reliable information to users and properly managed to achieve their intended benefits.

 

IT Audit may also help to reduce risks of data tampering, data loss or leakage, service disruption, and poor management of IT Systems.

With the increase in the investment and dependence on computerized systems by the organizations, it has become imperative for audit to change the methodology and approach to audit because of the risks to data integrity, abuse, privacy, etc.