Post-installation audit in information systems: what does it specifically seek to assure after a new system goes live?

Introduction / Context:
A post-installation audit (sometimes called a post-implementation review) is conducted after an information system has been deployed into production. Its purpose is to determine whether the solution is delivering the intended business value and whether it operates correctly, securely, and efficiently in the real environment. This helps close the project lifecycle and informs continuous improvement.

Given Data / Assumptions:

• The audit examines both business fit (meeting management’s information needs) and technical quality (accuracy, security).
• The system has already passed acceptance testing but now faces real data, users, and processes.
• Compliance, controls, and benefit realization are in scope.

Concept / Approach:
Benefit realization asks, “Are managers receiving the reports, dashboards, and decision support promised?” Technical assurance asks, “Is the system accurate, reliable, and secure?” A proper post-installation audit addresses both sides: it validates outcome metrics and checks internal controls, data integrity, access control, and compliance with organizational and regulatory standards.

Step-by-Step Solution:

Verification / Alternative check:
Standard IT governance frameworks emphasize post-implementation reviews that cover value delivery and risk control, confirming that both are essential.

Why Other Options Are Wrong:

• (a) only: ignores technical assurance.
• (b) only: ignores value and fitness-for-purpose.
• (d) and (e): contradict the core definition of such audits.

Common Pitfalls:
Stopping at technical metrics while neglecting managerial usefulness; or celebrating “on time/on budget” without confirming value realization and secure operations.

Final Answer:
both (a) and (b)