The rapid development of information technology (IT) has encouraged companies to adopt IT audits to improve information security and operational efficiency. IT audits are important to ensure that a company's IT systems operate safely and in accordance with applicable standards, such as COBIT and ISO 27001. This study uses a mixed method approach that combines qualitative and quantitative methods. Data were collected through in-depth interviews with auditors and IT managers and questionnaires distributed to 100 companies in Indonesia that have implemented IT audits for at least two years. Qualitative analysis was conducted using thematic methods, while quantitative data were analyzed using descriptive statistics, Pearson correlation, and linear regression. The results showed that the implementation of IT audits contributed to increased information security, with 85% of companies reporting a reduced risk of data breaches. In addition, 78% of companies stated that IT audits also improved operational efficiency, such as reduced downtime and improved system management. These findings underscore the importance of IT audits as a strategic tool in managing risk and improving company performance in the digital era.