Why do we need IT Auditing?

During first few sessions of MIS class, we were discussing on IT Auditing. But what is IT Auditing and why do we need it?  

The increased usage of IT has been further enhanced and witnessed by its wider adoption in commerce, industry, education and health, as well as in mainstream daily life since 1965. During the period, Malaysian government had actively embarked on several IT projects that were involved in computerizing government departments, including the Royal Malaysian Police, Royal Customs and Excise Department, and Dewan Bahasa dan Pustaka. Our one of his kind Prime Minister, Tun Dr. Mahathir Mohamad, had taken a big step in year 1996 when Multimedia Super Corridor (MSC) was launched in an effort to achieve Malaysia’s Vision 2020. With his mission and vision  that Malaysia will be a fully developed nation by 2020, he continued to provide a platform enabling an environment for further promoting the development of the IT industry.

However, off late, many organizations and companies in Malaysia are facing major information systems (IS) security threats such as intrusion, spamming, negligence, and misuse and abuse of information technology (IT) resources. These abnormalities and security risks pose a great challenge for most businesses when it comes to protecting and safeguarding business processes and vital information assets. The reasons for security concerns are primarily due to lack of sufficient and effective IT standards and controls over IT risks in organization business processes. Thus, auditing of IT systems based on established international standard is a practice that should be established and regulated in all companies in Malaysia to ensure that such IT controls are in place and functioning efficiently and effectively.