"The criteria are defined in each case taking into account the specifics of the particular organization and audit objectives, but we can say that it infrastructure must support the enterprise in accordance with the chosen strategy of development. Important criterion is the information security solutions are used, the reliability of systems and services, timeliness and accuracy of the information users ", – adds Plaksin. As a purposeful activity, the it audit should be specific purpose, based on which criteria are developed to achieve it. "Criteria can be both qualitative and quantitative. Since the objective in each case has its own, then a set of criteria varies. There certain techniques (eg, COBIT), which help determine the criteria for it audit for compliance with international standards.
But you can select one of the most universal criteria that must comply with work it Audit, both in principle and any work – is the degree of customer satisfaction with the progress that can reveal both strengths and areas for improvement ", – says Kozin. However, Guzik said that in matters of audit "of judges" is not, and it is unlikely that in the coming years they will appear: "Throughout the world, and we have applied the practice of peer review – expression of the consolidated opinion of experts, which is determined on the basis of information collected and Information prepared by the auditors. " Subject The subject of the audit detailing it audit are different aspects of it infrastructure. Until recently, their range could include yourself if not all, almost everything: Audit of it infrastructure, it budgeting, it departments, the audit of it services (if implemented ITSM) and other asset management software can also be the subject of it audit.