The term IT Audit is so often used and misused by IT and business professionals in all industries.
According to Wikipedia, IT Audit is defined as, “an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives.”
Ok, that’s not bad, but it is also incomplete. It doesn’t speak to the People, and Process part of the picture, only the Technology.