The Institute of Internal Auditors (IIA) Standards identify IT governance as a key area that should be regularly reviewed by the internal audit function. Objectives of this sample IT governance report include gaining a high-level understanding of the organization's IT governance processes and providing management with a benchmark against which to determine and pursue improved IT governance performance.
The following are key observations noted during the IT governance review:
There were inconsistent messages on the amount of input and involvement business management has on the enterprise application roadmap.
There were questions raised on the overall strategy for enterprise applications. Members of management did not feel that they understood why specific projects were not selected for the roadmap.
There was a lack of knowledge by business management on the availability of the published roadmap.