Audit professionals have a significant role in supporting an adequate control environment when providing contributions to strategic, tactical, and operational value through governance improvement recommendations. Consistent with entity oversight responsibilities, board of directors should insist on utilizing perceptive IT auditors to permit control environment enrichment. In particular, an entity’s audit committee should proactively ensure IT service delivery and support are subject to periodic audits, reviews, as well as agreed-upon procedures by highly qualified auditors so individuals responsible for governance can advance entity oversight goals with IT enhancement triggers. Furthermore, a robust IT audit function can usually render superior performance when requested to assist management with operational control issues that may arise.
Lastly, external factors often influence an entity’s environment. Specific external influencers affecting an entity’s ability to achieve objectives include: economics, communities, governments, technologies, competitors, suppliers, and customers. Therefore, it is crucial that the external environment be accurately assessed prior to proceeding with a course of action impacting the entity’s system of controls.
“View Part I of the What Every IT Manager Should Know About Service Delivery and Support series here“