organisation's risk management, governance, and internal control processes are operating effectively, and are advancing engagements to evaluate the effectiveness of IT controls, identify areas of risk, and provide recommendations Conducting IT audit fieldwork, including testing IT controls, systems and applications. Evaluate IT infrastructure and data protection controls. Analyse data and documentation to assess control effectiveness. Document findings and workpapers related to IT systems and controls. Communicate with IT and business stakeholders