CISA REVIEW The material provided in this slide
Author : danika-pritchard | Published Date : 2025-06-23
Description: CISA REVIEW The material provided in this slide show came directly from Certified Information Systems Auditor CISA Review Material 2010 by ISACA CISA REVIEW Chapter 2 Governance Learning Objectives Evaluate the effectiveness of IT
Presentation Embed Code
Download Presentation
Download
Presentation The PPT/PDF document
"CISA REVIEW The material provided in this slide" is the property of its rightful owner.
Permission is granted to download and print the materials on this website for personal, non-commercial use only,
and to display it on your personal computer provided you do not modify the materials and that you retain all
copyright notices contained in the materials. By downloading content from our website, you accept the terms of
this agreement.
Transcript:CISA REVIEW The material provided in this slide:
CISA REVIEW The material provided in this slide show came directly from Certified Information Systems Auditor (CISA) Review Material 2010 by ISACA. CISA REVIEW Chapter 2 – Governance Learning Objectives Evaluate the effectiveness of IT governance structure to ensure adequate board control over the decisions, directions and performance of IT, so it supports the organization's strategies and objectives Evaluate IT organizational structure and human resources (personnel) management to ensure that they support the organization's strategies and objectives Evaluate the IT strategy and process for their development, approval, implementation and maintenance to ensure that they support the organization's strategies and objectives Evaluate the organization's IT policies, standards, procedures and processes for their development, approval, implementation and maintenance to ensure that they support the IT strategy and comply with regulatory and legal requirements Evaluate management practices to ensure compliance with the organization's IT strategy, policies, standards and procedures Evaluate IT resource investment, use and allocation practices to ensure alignment with the organization's strategies and objectives Evaluate risk management practices to ensure that the organization's IT-related risks are properly managed Evaluate monitoring and assurance practices to ensure that the board and executive management receive sufficient and timely information about IT performance CISA REVIEW Chapter 2 – Governance IT governance is used to ensure that an organization's IT objectives are in alignment with its enterprise objectives. To ensure successful implementation of IT governance, an IS auditor needs to make certain that the organization's IS strategies are in alignment with the organization's business strategies. The IS auditor must also ensure that IS strategies comply with all local, regional and federal laws and regulations. Other critical elements of an IS auditor's role in IT governance is to ensure that IS policies exist and adequately reflect the approved IS strategies, and that IS standards and procedures effectively enforce and communicate IS policies. CISA REVIEW Chapter 2 – Governance IT governance implies a system in which all stakeholders, including the board, internal customers and related areas such as finance, have the necessary input into the decision making process. This prevents a single stakeholder, typically IT, being blamed for poor decisions. It also prevents users from later complaining that the system does not behave or perform as expected. The best way to implement IT governance so it has the most positive impact is to have collaborative senior management sponsorship between the business and IT operations. Lower management levels may
