It allows determination of the state of information technologies, from time to time, to see if they are adequate, necessary or sufficient for the development of the business according to the company’s strategy defined by the organisation and if they are scaled according to the business output of the company.
An audit of information systems may be centred in defined aspects of the I.T. or it can cover all aspects: from the study of the infrastructure (system output, security, availability of information, intrusion test, etc) to the I.T. organisation (organisation, structure, procedures, service quality, management of incidents, change control, etc) in the company milieu.