Examines an organization's IT systems, processes, and controls to ensure they are secure and functioning as intended.