An IT audit evaluates an organization's IT systems, management, operations, and related processes. It ensures that IT controls are adequate, systems provide reliable information, and data/systems are properly protected from unauthorized access. An IT audit typically establishes objectives and scope, develops an audit plan, evaluates controls through tests and analysis, and reports findings. It provides assurance that IT systems are reliable, secure, and achieving their intended benefits for the organization.