The Institute of Internal Auditors (IIA) Standards identify IT governance as a key area that should be regularly reviewed by the internal audit function. Objectives of this sample IT governance report include gaining a high-level understanding of the organization's IT governance processes and providing management with a benchmark against which to determine and pursue improved IT governance performance.
The following are key observations noted during the IT governance review:
- There were inconsistent messages on the amount of input and involvement business management has on the enterprise application roadmap.
- There were questions raised on the overall strategy for enterprise applications. Members of management did not feel that they understood why specific projects were not selected for the roadmap.
- There was a lack of knowledge by business management on the availability of the published roadmap.
Risk & Control Matrices - RCMs
Define IT Strategy and Organization RCM
Methodologies & Models