GTAG 17: Auditing IT Governance
This GTAG provides internal auditors, in both the public and private sectors, with the knowledge necessary to fulfill their responsibilities in providing assurance and consulting services for IT governance. The guidance covers the different aspects of governance that should be in place to ensure IT supports the organization’s strategies and objectives, and discusses red flags to look for that might signal this is not the case. It also describes elements of effective governance and performance frameworks, such as balanced scorecards, maturity models, and quality systems. This guidance provides a description of example controls that address IT governance risks, audit planning, verification, testing and reporting actions to assist in the development of practical audit programs. Finally, it provides guidelines to facilitate audits of IT governance by providing direction on how to scope the engagement, define audit objectives, and evaluate related risks and controls.
Downloads and Links
Non-members may purchase this GTAG from The IIA Research Foundation Bookstore.