The audit concept is generic and it can be applied to different aspects, even within the world of computing. Therefore, the precise scope of each audit will depend on the concerns to be taken in each case, and it will probably be a combination of the following topics:
- Organization of the IT department. Functions and services.
- Management methodology and project development.
- Infrastructure and software development procedures.
- Quality of the existing code.
- Plan and quality management.
Security, in all its aspects :
- Regulatory Compliance.
- Identity and access management.
- Safety in the applications.
- Security in the infrastructure.
- Business Continuity.