The purpose of this paper is to present a method of identifying key risks during IT audit of an organization, regardless of the organization activity, and presenting the impact of the risks identified on the audit methodology. Our main focus is reducing the risk identification during phase...