Audits are performed to evaluate information validity, reliability, and internal controls. The goal is to express an opinion on the subject based on test work. IT audits specifically examine technology infrastructure, applications, development processes, and governance to evaluate security, integrity, effectiveness, and risk management. Key areas include systems, facilities, development lifecycle, management, architecture, and client/server environments. Findings are reported to assess controls and risks with recommendations for improvement.