# IT audit

**What is an IT audit?**

An IT audit is the systematic review of an organisation's information technology, meaning the systems, the processes and the evidence behind them.

The term comes from financial auditing and is broader than an IT security audit. Beyond security, an IT audit can look at system availability, licensing, cost and whether the existing IT actually supports what the business is trying to do.

In the language of small and mid sized companies, IT audit, IT check and IT security audit usually mean the same thing: an independent stocktake with a written result. When in doubt, ask two questions: what is the scope in areas and individual checks, and what does the report you end up with look like.

## Related terms
- [IT security check](https://vetosec.at/en/it-security/it-sicherheitscheck/)
- [IT security audit](https://vetosec.at/en/it-security/it-sicherheitsaudit/)
- [Findings report and action plan](https://vetosec.at/en/it-security/befund-massnahmenplan/)

## Source
https://vetosec.at/en/it-security/it-audit/ (vetosec, pruefung)
