An information technology audit, or information systems audit, is an examination of the management
controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence
determines if the information systems are safeguarding assets, maintaining data integrity, and operating
effectively to achieve the organization’s goals or objectives. These reviews may be performed in
conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
IT audits are also known as “automated data processing (ADP) audits” and “computer audits”. They were
formerly called “electronic data processing (EDP) audits”.
IT Audit process
The following are basic steps in performing the Information Technology Audit Process:
Studying and Evaluating Controls
Testing and Evaluating Controls