More than 10 years of cyber security experience
IT Audit’s objective is to obtain assurance about the IT infrastructure and processes to produce the expected business results. Those results are; effectiveness (i.e. the ability to satisfy the business requirements), efficiency (i.e. using organizational resources at an optimum level), security (i.e. protection of the information assets’ confidentiality, integrity and availability), reliability and compliance (which are the derivatives of the previous outcomes).
Although information technologies is an area of technical expertise, the planning and excercise of IT audit should be in line with the generally accepted audit practices and principles. Some of those principles are risk based audit planning and obtaining objective evidences to support the audit conclusions. IT audit is a kind of control assurance audits.