CHAPTER TWENTY TWO
IT Governance and the Audit Committee’s IT Role
THE PREVIOUS CHAPTERS HAVE DISCUSSED many aspects and processes to understand and improve enterprise IT governance. Our IT governance comments and suggested actions have been directed to all types and sizes of business enterprises, although we have been more focused on the larger, multinational corporation, with multiple units often spanning international boundaries. Some of these IT governance practices also can be costly for the smaller enterprise, while others require significant management contributions. When implementing any IT governance process, management should always consider the costs involved and then balance them against the benefits received.
This last chapter concludes with a discussion on the role of the board of directors’ audit committee, an extremely important element in corporate and IT governance. We too often think of the audit committee only in terms of its role in supervising the internal audit functions as well as coordinating external audit activities. The audit committee also sets the tone for many IT governance activities. This chapter will briefly review the audit committee’s role in establishing the tone for and reviewing enterprise IT governance activities.
THE ENTERPRISE AUDIT COMMITTEE AND IT GOVERNANCE
Public corporations are managed by boards of directors, elected by shareholders, ...