IT goals election as well as information systems design, implementation, and maintenance are bound by IT objectives. Performing an IT maturity assessment can assist in determining where improvements are most needed. Subsequently, IT control objectives selection conveys what is considered important to the entity’s IT governance program. Whereas, monitoring and evaluating IT objectives drives assurances provided or obtained through due care and due diligence as well as enables managerial fiduciary oversight expectations fulfillment. The absence of setting and periodically assessing IT control objectives is commonly interpreted as a major deficiency in the entity’s control structure that can result in a material financial loss.
“View Part I of the Governing IT: Setting Control Objectives series here“