ITF Tech Ltd
data recovery, IT consultancy, network support
An information technology audit is an examination of the checks and balances, or controls, within an information technology (IT) group. IT audits collect and evaluate “evidence” of an organization’s information systems, practices, and operations. The evaluation of this evidence determines if the information systems are safeguarding the information assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization’s business goals or objectives. The primary function of IT audits is to evaluate the systems that are in place to guard an organization’s information. Specifically, information technology audits are used to evaluate the organization’s ability to protect its information assets and to properly dispense information to authorized parties. IT audits aim to evaluate the following:
•Will the organization’s computer systems be available for the business at all times when required? (known as availability)
•Will the information in the systems be disclosed only to authorised users? (known as security and confidentiality)
•Will the information provided by the system always be accurate, reliable, and timely? (measures the integrity)
In this way, the audit hopes to assess the risk to the company’s valuable asset (its information) and establish methods of minimizing those risks. IT Audits plan Many organisations are spending large amounts of money on IT because they recognise the tremendous benefits that IT can bring to their operations and services. However, they need to ensure that their IT systems are reliable, secure and not vulnerable to computer attacks IT audits are important because they give assurance that the IT systems are adequately protected, provide reliable information to users and properly managed to achieve their intended benefits. Many users rely on IT without knowing how the computers work. A computer error could be repeated indefinitely, causing more extensive damage than a human mistake. IT audits can also help to reduce risks of data tampering, data loss or leakage, service disruption, and poor management of IT systems.
Types of IT Audit
General Control Reviews
These types of services might include audits of your company infrastructure such as the computing network, change management or how the Company deals with outside IT vendors to provide services. A general control review generally considers the configuration of the infrastructure as well as access controls to the infrastructure and applications.
These types of reviews are a type of audit that focus on an applications utilized by the Company. An application review generally considers functions for segregation of duties and access control.
Project Consulting Services
IT Audit can assist with the implementation of a new system or application. Work of this type might include review of functional and business requirements to assist in the creation of recommended security controls to be included to reduce the time frame and cost of implementing security once the new system or application has been implemented.
Due Diligence Reviews
IT Outsourcing is a process where IT Audit acts as an independent and objective partner to assist with informed decision making with regards to the internal controls that a vendor offers for the Confidentiality, Integrity and Availability of Company data prior to signing a contract with a new vendor.
, data recovery
, disaster recovery
, financial systems
, It Audits
, IT consultancy
, management software
, method statements
, network support
, Risk Assessments
, Sarbanes Oxley