Some years ago we fulfilled most of our data processing needs manually. The situation has since changed dramatically. Businesses today, make extensive use of Information technology. In fact, as we globalize and look outwards, we realize that critically important to the success and survival of an organization is effective management of I nformation and related T echnology (IT). Today not only the information infrastructure but the information it self is an asset. The underlying Technology Infrastructure is this global information society, where information travels through cyberspace without the constraints of time, distance and speed, this criticality arises from :

• Dependence of business on information and the systems that deliver this information.
• Vulnerability of information - threats arriving out of new technologies like Internet.
• Technology driving change in organizations and business practices.
• Scale and cost of perpetual investment in information processing.
• Dynamics of cost reduction and new opportunities.
• Dynamic & ever changing technology.

Many organizations recognize and manage the risks associated with implementing new technologies. The quality and security requirements for their information need to be satisfied for all assets. Need for controls & optimum use of available resources including data, application systems, technology, facilities and people, arises out of understanding of the risks and constraints of IT. An internal control system or framework must be in place to support the business processes and it must be clear how each individual control activity satisfies the information requirements and impacts the resources.

The aim of Information Systems Audit is to assist management in meeting these goals of excellence in IT Governance, Control and Assurance

The objectives of IS Auditing are similar to the 'attest objectives' of the external auditor and the management objective of the I.S. Audit. The auditing procedures are aimed at collecting and evaluating evidence to meet following major objectives :

• Effectiveness - Information being relevant, timely, correct, usable and consistent.
• Efficiency - Information availability with economical & productive use of resources.
• Confidentiality - Protection of sensitive information.
• Integrity - Leading to accurate and complete information.
• Availability - of Information when required - now or in future.
• Compliance - Adherence to law and regulations and contractual commitments.
• Reliability - Valid & appropriate information facilitating the purpose for it's generation.