Information System Auditing is a systematic and independent examination of information systems
environment to ascertain whether the objectives, set out to be achieved, have been met
or not. Auditing is also described as a continuous search for compliance. The objective
of the IS audit are to identify risks that an organization is exposed to in the computerized
environment. IS audit evaluates the adequacy of the security controls and informs the
management with suitable conclusions and recommendations. IS audit is an
independent subset of the normal audit exercise. Information systems audit is an
ongoing process of evaluating controls; suggest security measures for the purpose of
safeguarding assets/resources, maintaining data integrity, improve system effectiveness
and system efficiency for the purpose of attaining organization goals. Well-planned and
structured audit is essential for risk management and monitoring and control of
information systems in any organization.