IT Governance, Risk, and Compliance

Mar 2 2012   10:12PM GMT

Auditing IT Governance – Part VII

Robert Davis Robert Davis Profile: Robert Davis

An IT auditor should include in the audit ambit relevant processes for planning, organizing, and monitoring the IT activity. Contextually, the audit ambit should include control systems for the use and protection of the full range of COBIT framework IT resources. Whereby, specifically; people, information, applications, and infrastructure are the IT resources that should be addressed within the IT governance audit ambit’s control systems.

Moreover, critical for a viable IT governance audit plan is the IT audit function’s organizational status. Specifically, internal IT audit organizational status may become a factor in determining whether to proceed with an IT governance audit. For instance, management may consider it inappropriate to grant internal IT auditors access to high-level business documents. Accordingly, organizational status may require hiring an independent third party to manage and perform the IT governance audit.

View Part I of the Auditing IT Governance series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: