This chapter discusses the following topics
• IT governance structure
• Human resources management
• IT policies, standards, processes, and procedures
• Management practices
• IT resource investment, use, and allocation practices
• IT contracting and contract management strategies and practices
• Risk management practices
• Monitoring and assurance
• Business continuity planning
The topics in this chapter represent 14 percent of the CISA examination. This chapter discusses CISA job practice 2, “Governance and Management of IT.”
IT governance should be the wellspring from which all other IT activities flow.
Properly implemented, governance is a process whereby senior management exerts strategic control over ...