IT service management (ITSM) extraction, decomposition, analysis and assessment can provide the key to unlock the knowledge door for understanding an entity’s IT governance framework. The way in which IT is delivered as a service to end users is a critical managerial component that can impact IT effectiveness as a business enabler. Hence, IT service delivery and support areas should be periodically examined by IT audit to attest foundational vigor.
ISACA’s Effect of Pervasive IS Controls guideline suggests, the effectiveness of the controls in the Acquire and Implement (AI) and Deliver and Support (DS) domains are influenced by the effectiveness of controls operated in the Plan and Organise (PO) and Monitor and Evaluate (ME) domains. As presented, “Inadequate planning, organization and monitoring by management imply that controls over acquisition, implementation and service delivery and support will be ineffective. Conversely, strong planning, organization and monitoring can identify and correct ineffective controls over acquisition, implementation and service delivery and support.”
Post Note: As of January 12, 2012, Robert E. Davis, MBA, CISA, CICA is a Master of Science in IT Auditing and Cyber-Security Program instructor at Temple University.