An audit is a systematic and independent examination of books, accounts, statutory records, documents and vouchers of an organization to ascertain how far the financial statements as well as non-financial disclosures present a true and fair view of the concern. It also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditing has become such a ubiquitous phenomenon in the corporate and the public sector that academics started identifying an "Audit Society". The auditor perceives and recognises the propositions before them for examination, obtains evidence, evaluates the same and formulates an opinion on the basis of his judgement which is communicated through their audit report.
Any subject matter may be audited. Auditing is a safeguard measure since ancient times (Loeb & Shamoo,1989). Audits provide third party assurance to various stakeholders that the subject matter is free from material misstatement. The term is most frequently applied to audits of the financial information relating to a legal person. Other areas which are commonly audited include: secretarial & compliance audit, internal controls, quality management, project management, water management, and energy conservation.
As a result of an audit, stakeholders may effectively evaluate and improve the effectiveness of risk management, control, and the governance process over the subject matter.
The word audit is derived from a Latin word "audire" which means "to hear". During the medieval times when manual book-keeping was prevalent, auditors in Britain used to hear the accounts read out for them and checked that the organisation's personnel were not negligent or fraudulent. Moyer(1951) identified that the most important duty of the auditor was to detect fraud. Chatfield(1974) documented that early United States auditing was viewed mainly as verification of bookkeeping detail.
An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.