This creates a shared acceptance of responsibility for critical systems that support the business and ensures that IM/IT-related decisions are made to effectively achieve the mandate and priorities of the organization. In taking this approach, all stakeholders, from programs, services and IM/IT are required to participate in the decision-making process.
IM/IT governance should be viewed as how IM/IT creates value as part of the overall Corporate Governance Strategy of the organization, and not be a discrete and siloed discipline Footnote 1. The primary goal of a sound IM/IT governance framework is to ensure that investments in IM/IT enable projects to generate business value, and to mitigate the risks that are associated with IM/IT such as cybersecurity threats and misalignment of IM/IT and business priorities. IM/IT governance is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization’s IM/IT function sustains and extends the organization’s strategies and objectives. The objective of this audit was to assess the adequacy and effectiveness of IM/IT governance processes in place to identify, prioritize, monitor and measure IM/IT resource allocation decisions and ensure alignment with departmental priorities, and that these processes effectively support the achievement of CSC’s mandate. The Audit of Information Management / Information Technology ( IM/IT) Governance was conducted as part of the Correctional Service of Canada ( CSC) 2018-2020 Risk Based Audit Plan ( RBAP).
0 kommentar(er)
