With IT spend increasing exponentially for more and more organizations today it makes sense to ensure that well defined and mature IT governance is in place to provide management with assurance that the organization is seeing a return on this investment. Best practice frameworks such as COBIT, ITIL and others are becoming commonplace for organizations who are trying to get control of the IT organization. Defining and implementing IT governance structures based on these frameworks is the first step to ensuring compliance. This paper introduces practices and process useful for auditing IT governance structures, and references the Institute of Internal Auditors (IIA) International Standards for the Profession of Internal Auditors guidance as a baseline for the audit process.

IT governance ensures that the operations of IT are aligned with the requirements of the business, and as such is important in determining the return on investment gained from IT initiatives within any organization. Ensuring the IT governance structures are properly aligned to business needs and that they are delivering intended outcomes is where an IT governance audit becomes important.

One vital component of this audit includes the assessment of the framework or structure of the IT governance capability. Auditing IT governance structures provides management with the assurance that the IT governance is effective and supporting the organizations strategy and objectives.

This paper introduces practices and process useful for auditing IT governance structures, and references the Institute of Internal Auditors (IIA) International Standards for the Profession of Internal Auditors guidance as a baseline for the audit process. 

Login to continue reading or register to download now.