Purpose
An IT audit is different from a financial statement audit. While a financial audit's purpose is to evaluate whether an organization is adhering to standard accounting practices, the purposes of an IT audit are to evaluate the system's internal control design and effectiveness. This includes, but is not limited to, efficiency and security protocols, development processes, and IT governance or oversight. Installing controls are necessary but not sufficient to provide adequate security. People responsible for security must consider if the controls are installed as intended, if they are effective if any breach in security has occurred and if so, what actions can be done to prevent future breaches. These inquiries must be answered by independent and unbiased observers. These observers are performing the task of information systems auditing. In an Information Systems (IS) environment, an audit is an examination of information systems, their inputs, outputs, and processing.
Read more about this topic: Information Technology Audit
Famous quotes containing the word purpose:
“In using the strong hand, as now compelled to do, the government has a difficult duty to perform. At the very best, it will by turns do both too little and too much. It can properly have no motive of revenge, no purpose to punish merely for punishment’s sake. While we must, by all available means, prevent the overthrow of the government, we should avoid planting and cultivating too many thorns in the bosom of society.”
—Abraham Lincoln (1809–1865)
“Of what significance the light of day, if it is not the reflection of an inward dawn?—to what purpose is the veil of night withdrawn, if the morning reveals nothing to the soul? It is merely garish and glaring.”
—Henry David Thoreau (1817–1862)
“War is in truth a disease in which the juices that serve health and maintenance are used for the sole purpose of nourishing something foreign, something at odds with nature.”
—Johann Wolfgang Von Goethe (1749–1832)