Information System audits review and analyze state data processing activities to determine whether they are:
Adequately controlled to assure proper financial and management information is generated,
Achieving the intended results,
Being conducted efficiently and effectively, and
Complying with applicable statutes and regulations.
These reviews result in recommendations which, if implemented, should increase the effectiveness or efficiency of the data processing activity or improve the reliability and security of information generated by the data processing activity. Information System audits may be based on the data processing activities of a single agency or may cross agency lines. Information System audits may be undertaken as separate reviews or in combination with financial-compliance or performance audits.