Foundationally, the IT control environment should assist in enabling the governing body, management and all other staff in providing reasonable assurance regarding achievement of the following general objectives:
Laws and Regulations Compliance
Internal Policies Compliance
General entity objectives increase in significance when they are collectively considered in relation to operations, management and compliance fiduciary responsibilities. Categorically, these distinct general objectives can be achieved through various criteria establishment that frame aligned focus on meeting entity-centric needs. For instance, IT related information criteria (i.e. effectiveness, efficency, confidentiality, integrity, availability, compliance and availability) can be utilized to satisfy entity-level objectives that have specific fiduciary responsibilities.
“View Part I of the What Every IT Manager Should Know About Service Delivery and Support series here“