MIS6230-IT Audit, Control, and Compliance SU01

Conduct a preliminary review of your case study’s organization. This review should include business mission, organizational structures, culture, IS, products and services, infrastructure and applications, people, skills, and competencies.

Explain the need for an IT audit of your organization. Support your analysis in IT governance terms. Identify the stakeholders for your case study.

• Identify enterprise goals and IT-related goals for your case study and then create a mapping of the two sets, indicating primary relationships and secondary relationships.
• Start developing an IT audit plan that addresses the following components: Define scope, state objectives, structure approach, provide for measurement of achievement (identify the areas you intend to measure; specific metrics will be addressed later), address how you will assure comprehensiveness, and address how you will provide approach flexibility.