Information systems audit is a process of gathering and evaluation of evidence that allows to decide whether the information system provides for security of assets, data integrity, and efficient achievement of the organization’s objectives and the rational use of resources. Information systems have a significant impact on the success of the company activity. The quality of the company’s operating and calculation of financial indices depend on information systems; therefore, internal auditors, in assessing the company’s activities , have to assess the use of an information system.
Only an effective and well -organized internal control may ensure the company’s information security, confidentiality, and availability. In order to manage and control the potential risks of use of information systems, general information systems control means should be used. Information systems audits are mainly intend to assess the company’s information system in two ways: internal control of the information system and management and use of information systems according to the selected evaluation criteria.