IT Governance
An information system (IS) auditor must have knowledge of Enterprise Governance of IT (EGIT) and aspects related to it. EGIT is a framework that ensures the alignment of IT with business objectives, maximizing the value of IT investments while managing risks and ensuring the efficient use of resources. This chapter will discuss leadership, organizational structures, and processes that ensure that IT supports the organization’s strategies and objectives.
This chapter covers Domain 2, Governance and Management of IT, part A – IT Governance, of the CISA exam. In this chapter, you will explore the following topics:
- EGIT
- IT-related frameworks
- IT standards, policies, and procedures
- Organizational structure
- Enterprise architecture
- Enterprise risk management
- Maturity models
- Laws, regulations, and industry standards affecting the organization
- Data privacy program and principles
- Data classification
By the end of...
