Skip Ribbon Commands
Skip to main content

GTAG 17: Auditing IT Governance

GTAG 17: Auditing IT GovernanceThis GTAG provides internal auditors, in both the public and private sectors, with the knowledge necessary to fulfill their responsibilities in providing assurance and consulting services for IT governance. The guidance covers the different aspects of governance that should be in place to ensure IT supports the organization’s strategies and objectives, and discusses red flags to look for that might signal this is not the case. It also describes elements of effective governance and performance frameworks, such as balanced scorecards, maturity models, and quality systems. This guidance provides a description of example controls that address IT governance risks, audit planning, verification, testing and reporting actions to assist in the development of practical audit programs. Finally, it provides guidelines to facilitate audits of IT governance by providing direction on how to scope the engagement, define audit objectives, and evaluate related risks and controls.

Downloads and Links

Non-members may purchase this GTAG from The IIA Research Foundation Bookstore.

New IPPF Resources
Educate staff, colleagues, and stakeholders on these changes by utilizing these tools:

The 2013 Red Book is still a useful and binding reference source as a majority of the content has not changed and remains valid. The IIARF Bookstore is exploring an online tool with searchable, on-demand access to all IPPF content. Learn more in the FAQs.