The sole purpose of an Information system audit
The sole purpose of an Information system audit is to evaluate and review the adequacy of automated information systems to meet processing needs, to evaluate the adequacy of internal controls, and to ensure that assets controlled by those systems are adequately safeguarded.
Role of an IS Auditor
The Information System (IS) auditor is responsible for establishing control objectives that reduce or eliminate potential exposure to control risks. After the objectives of the audit have been established, the auditor must review the audit subject and evaluate the results of the review to find out areas that need some improvement. IS auditor should submit a report to the management, recommending actions that will provide a reasonable level of control over the assets of the entity.