Information system auditing is a function that has been developed to assess whether computer systems safeguard assets, maintain data integrity, and allow the goals of an organization to be achived effectively and efficiently. As a result, the need to maintain the integrity data processed by computers now seems to pervade our lives. We have concerns about the privacy of data we exchange with organizations such as tax department and credit granting institutions. Information systems auditing is the process of collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, allows organizational goals to be achieved effectively, and uses resources efficiently. This paper will explain about how to conduct information system audit in organization and some risk that might happen during an information system audit.