In: Accounting
12) What are the 5 component of effect IT Governance? For one component, identify 2-3 indicators of possible misalignment between the organization and IT as well as the associated risks. Describe at least 3 activities/questions that an internal auditor could perform/ask in order to evaluate controls related to each risk and also describe the associated evidence the auditor would seek
Definition of IT governance
IT governance is an element of corporate governance, aimed at improving the overall management of IT and driving improved value from investment in information and technology.
IT governance frameworks enable organisations to manage their IT risks effectively and ensure that the activities associated with information and technology are aligned with their overall business objectives.
The five domains or elements of IT governance
Key risk Indicators:
1 Business interruption. 2 Reputational damage. 3 Breach of customer information. 4 Data or software damage. 5 Extortion or ransomware. 6 Third-party liability resulting from systems breaches. 7 Disruption/interruption of industrial systems or other operational technology. 8 Loss/theft of intellectual property. 9 Contingent business interruption (supply chain). 10 Physical property damage and/or bodily injury.