The evaluation of evidence obtained determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives.
These risks and need for high levels of assurance increase the need for IT audits to check businesses IT system performances and to lower the probability and impact of technology threats and disruptions.
More specifically, organizations should look into three major requirements: confidentiality, integrity, and availability to label their needs for security and trust in their IT systems.
An external auditor reviews the findings of the internal audit as well as the inputs, processing and outputs of information systems.
It focuses on issues like operations, data, integrity, software applications, security, privacy, budgets and expenditures, cost control, and productivity.
The purposes of these audits include ensuring the company is taking the necessary steps to: The use of departmental or user developed tools has been a controversial topic in the past.
However, with the widespread availability of data analytics tools, dashboards, and statistical packages users no longer need to stand in line waiting for IT resources to fulfill seemingly endless requests for reports.
The rise of VOIP networks and issues like BYOD and the increasing capabilities of modern enterprise telephony systems causes increased risk of critical telephony infrastructure being misconfigured, leaving the enterprise open to the possibility of communications fraud or reduced system stability.
The term "telephony audit"[13] is also deprecated because modern communications infrastructure, especially when dealing with customers, is omni-channel, where interaction takes place across multiple channels, not just over the telephone.
[15] Globalization in combination with the growth in information technology systems has caused companies to shift to an increasingly digitized working environment.
In addition, IT audit systems improve the operational efficiency and aid in decision making that would otherwise be left to hand-held calculations.
The use of IT systems and AI techniques on financial audits is starting to show huge benefits for leading accounting firms.
This allows the human auditor to retain autonomy over decisions and use the technology to support and enhance their ability to perform accurate work, ultimately saving the firm in productivity costs.
PwC recognizes the increased margin for error due to unintended biases, and thus the need for creating systems that are able to adapt to different scenarios.
[15] The utilization of IT systems and AI techniques on financial audits extend past the goal of reaching maximized productivity and increased revenue.
Firms who utilize these systems to assist in the completion of audits are able to identify pieces of data that may constitute fraud with higher efficiency and accuracy.
For example, systems such as drones have been approved by all four of the big 4 [15] to assist in obtaining more accurate inventory calculations, meanwhile voice and facial recognition is adding firms in fraud cases.