Systems Audit is a system of evaluating information security infrastructure against a collection of defined controls and bench mark which helps in safeguarding assets, maintaining data integrity, and operational efficiency to achieve the organization's goals or objectives.
Information system audit is important because it identifies vulnerabilities in a system and suggests the degree of variation between current organizational practices and industry bench marks. System auditing is important because vulnerabilities could be exploited by intruders or external attackers like hackers to get hold of valuable information asset of an organization.
Like financial audits system audits are not conducted on sampling basis. Because each and every system is important and results of few sample systems could not be generalized to whole network. The reason behind this approach is the fact that hackers or intruders tries to explore the weakest link in enterprise security. That weakest link could be any system on the network. Therefore it becomes essential for auditors to conduct a full fledge system audit, identify the weakest link in enterprise security and fix them.