Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

The Importance Of Auditing IT Projects Well

Dan Swanson | October 3, 2006

Changes to a company’s IT infrastructure are a significant source of risk for every business; to protect the corporate crown jewels, robust change-management practices are absolutely critical. The need for a positive “control environment” within IT and a very unforgiving attitude regarding unauthorized IT changes cannot be overstated.

In fact, a recent study by the IT Process Institute indicates that “best of breed” IT shops outperform their counterparts by a huge margin on many different performance indices. The two controls that were almost universally present in these high performers were:

  1. Monitoring systems for unauthorized changes; and
  2. Having defined consequences for intentional, unauthorized changes.

Internal audit’s role regarding the implementation of IT initiatives varies widely, but also provides a significant opportunity for internal audit to deliver real value to the board and executive...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.