This document provides an overview of an IT audit conducted at a state university system. It describes the types of audits performed, including operational, financial, compliance, and IT audits. For IT audits, it examines infrastructure security and controls, application security and controls, and disaster preparedness plans. Key areas investigated include physical security, network configuration, user access controls, and backup procedures. The document concludes with tips for making an IT audit go smoothly, such as avoiding an adversarial approach and fully documenting systems and controls.