Management’s control methods over compliance with laws and regulations should ensure appropriate measures are deployed to ascertain whether entity personnel understand implemented governance practices, and governance processes are being followed as intended. Legal compliance procedures for ethical control standards should be set by top management and promoted through exemplary behavior.
The importance of responsibilities of those charged with governance is recognized in codes of practice and other regulations or guidance produced for the benefit of oversight committee members. Documented primary responsibilities of those charged with governance include oversight of the design and effective operation of procedures and the process for reviewing the effectiveness of the entity’s control system. Consequently, the entity’s oversight committee should direct IT management to achieve measurable service and support value.
“View Part I of the What Every IT Manager Should Know About Service Delivery and Support series here“