An IT audit is a review of the controls within an entity's technology infrastructure. These reviews are typically performed in conjunction with a financial statement audit, internal audit review, or other form of attestation engagement. The IT audit is the process of collecting and evaluating evidence of an organization's information system, practices, and operations. Evaluation of the evidence ensures that the organization's information system safeguards assets, maintains data integrity, and is operating effectively and efficiently to achieve the organization's goals.
We look for applications of policies through a unique integrated approach of technological knowledge and business acumen. We explore practical methods for automated controls within a corporation's financial infrastructure that not only allows a company to comply with the requirements of Sarbanes-Oxley, but helps to improve overall corporate efficiency.
On February 12, 2014 by decree of Executive Order the National Institute of Standards and Technology issued the "Framework for Improving Critical Infrastructure Cybersecurity".