Purpose
An IT audit is different from a financial statement audit. While a financial audit's purpose is to evaluate whether an organization is adhering to standard accounting practices, the purposes of an IT audit are to evaluate the system's internal control design and effectiveness. This includes, but is not limited to, efficiency and security protocols, development processes, and IT governance or oversight. Installing controls are necessary but not sufficient to provide adequate security. People responsible for security must consider if the controls are installed as intended, if they are effective if any breach in security has occurred and if so, what actions can be done to prevent future breaches. These inquiries must be answered by independent and unbiased observers. These observers are performing the task of information systems auditing. In an Information Systems (IS) environment, an audit is an examination of information systems, their inputs, outputs, and processing.
Read more about this topic: Information Technology Audit
Famous quotes containing the word purpose:
“In criticism I will be bold, and as sternly, absolutely just with friend and foe. From this purpose nothing shall turn me.”
—Edgar Allan Poe (1809–1845)
“I beg to assure you that I have never written you, or spoken to you, in greater kindness or feeling than now, nor with a fuller purpose to sustain you, so far as in my most anxious judgement, I consistently can. But you must act.”
—Abraham Lincoln (1809–1865)
“...Often the accurate answer to a usage question begins, “It depends.” And what it depends on most often is where you are, who you are, who your listeners or readers are, and what your purpose in speaking or writing is.”
—Kenneth G. Wilson (b. 1923)