CHAPTER 2IT Governance and Management

This chapter discusses the following topics

• IT governance structure

• Human resources management

• IT policies, standards, processes, and procedures

• Management practices

• IT resource investment, use, and allocation practices

• IT contracting and contract management strategies and practices

• Risk management practices

• Monitoring and assurance

• Business continuity planning

The topics in this chapter represent 14 percent of the CISA examination. This chapter discusses CISA job practice 2, “Governance and Management of IT.”

IT governance should be the wellspring from which all other IT activities flow.

Properly implemented, governance is a process whereby senior management exerts strategic control over ...

Get CISA Certified Information Systems Auditor All-in-One Exam Guide, 2nd Edition, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.