Governance supports stakeholder expectations related to management’s fiduciary responsibilities. Governance also reflects how an enterprise achieves its stated mission. Specifically, as presented in the Cadbury Committee Report, “…governance is the system by which companies are directed and controlled.” Leadership, stewardship, ethics, security, vision, direction, influence, and values are prominent components within entity-level governance.
Various respected knowledge leaders, practicing professionals as well as professional organizations consider an entity’s oversight committee, executive management, internal audit, and external audit as governance cornerstones. Consequently, since IT is usually integrated into an entity’s processes, IT audit should be considered IT-level governance as well as entity-level governance cornerstones.
Post Note: Auditing IT Governance is a redacted excerpt from Assuring IT Governance.