Select Language


Information Systems Audit - WHAT is it?

An information technology audit, or information systems (IS) audit, is an examination of the management controls for IT infrastructure and a complete review of the security of computer systems.

It determines whether information systems are safeguarding assets, maintaining data integrity and operating effectively to achieve an organization’s goals.

WHY do I need Information Systems Audit?

Normally required by regulators and legislators, information systems audits can be based on many different frameworks, such as ISO 27001, COBIT and HIPAA, or one of the many industry-specific security standards. However, they all serve the same purpose: to provide assurance that the necessary controls have been put in place.

WHEN do I need it?

The frequency of an IS audit will sometimes be mandated by a regulator, but for any organization managing or processing personal or financial information – whatever its sector or size – annual audits are the absolute minimum.

Regular audits are essential to keep pace with changes to IT infrastructure and systems – and with changes in the risk landscape.