IT Governance, Risk, and Compliance

Jan 11 2011   5:07PM GMT

Governing IT: Policy Formulation and Enforcement – Part VIII

Robert Davis Robert Davis Profile: Robert Davis

Without clear policies that define acceptable IT related behavior, sustaining an effective and efficient internal control system is a remote possibility. Conversely, the formulation of clear IT policies is a mechanism for creating and propagating transparent plans for the achievement of adopted IT objectives at all organizational levels. Though deploying IT policies cannot guarantee errors, mistakes, omissions, irregularities, or illegal acts are prevented, detected and/or corrected in a timely manner; enforcement of policies addressing IT control issues can reduce unacceptable risks to an acceptable level. Where IT policies are deployed, management is empowered to ensure IT related activities are aligned with IT objectives, and employees are following IT related expectation guidelines. Specifically, if IT policy formulation and enforcement are based on a closed-loop system, there normally are provisions for the measurement and feedback of results as well as for corrective actions to be implemented wherever deemed appropriate.

View Part I of the Governing IT: Policy Formulation and Enforcement series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: