Introduction (1.1)This paper utilize and build on theprogress of IT Training and enable to understand the corporate-level aspects ofcorporate governance, risk, compliance, and assurance that can be applied inthe company. Implementing Governance, Risk, and Compliance (GRC) in the ITenvironment need an improved knowledge and skills based on the latestdevelopments and the best practices.
Information Technologyand Governance (1.3)The use of IT is increasing rapidlyin most large companies, it is also done mostly in small and medium sizedcompanies and is the main of most major business operations. After that, thereis an increasing encouragement on corporate governance by regulators. InformationTechnology is an integral part of the governance. The design and spread of successfulinformation systems using IT is determining the success of a company. So it isimportant to make sure that the controls needed are implemented from managementand regulatory perspective too, not only from the IT perspective. Because IT isdeveloping, there is an increasing in demand for pro-active goals assessmentsof governance, risk, compliance, and controls of information systems. IT Governance andGovernance of Enterprise IT (GEIT) (1.
5)The goal of IT Governance is todetermine and cause the desired behavior and outcomes to achieve the strategicimpact of IT. IT governance refers to systems in which company directorsevaluate, monitor and direct IT management to ensure IT effectiveness,accountability and compliance of IT. GEIT is a subdivision of corporategovernance and make easy performance of a framework of IS controls inside thecompany as relevant and cover all key areas. There are many benefits of GEIT, forexample to make sure that the governance requirements for board members arefulfilled, assure compliance with legal and regulatory requirements, etc.
Role of IT inEnterprise (1.7) Companies use IT not only for data processingbut also for strategic and competitive advantages as well. IT transmission has moveforward from data processing to MIS to decision support systems to onlinetransaction/services. The level to which the dissemination of technology alsoimpacts on how internal control is applied in the company. Fromthe perspective of business strategy, IT affects the way companies arestructured, operated and managed. Company can no longer develop businessstrategies without IT strategies, it is the same for IT strategies too. The auditorsshould have a good concept of management aspects as relevant to spread of ITand IT strategy.
IT organization need to set their tactics and strategies forsupporting the organization by confirm that everyday IT operations are submittedwithout compromise and efficiently.