What is an IT audit?
Reviewing IT systems and controls for integrity, security, and compliance — the ISACA framing.
What it means
ISACA frames IT audit as ensuring "the functionality and integrity of an entity's tools, systems and networks; testing and monitoring the security of IT systems against intrusion or misappropriation; and providing assurance around the compliance of IT activities with relevant enterprise policies, industry best practices and government laws and regulations."
It is the basis for roles like IT Auditor and the ISACA CISA credential, sitting at the intersection of IT, security, and governance.
Definitional only.
Sources
- ISACA — IT Audit: https://www.isaca.org/resources/it-audit
Citation Ledger
| ID | Supports | Evidence | Source |
|---|---|---|---|
| CIT-01 | ISACA — IT audit | Official source page | ISACA — IT Audit |