ME4 Provide IT Governance

by Bill Oxley

CobiT definition:

Establishing an effective governance framework includes defining organisational structures, processes, leadership, roles and responsibilities to ensure that enterprise IT investments are aligned and delivered in accordance with enterprise strategies and objectives.

Control over the IT process of
Provide IT governance

that satisfies the business requirement for IT of
integrating IT governance with corporate governance objectives and complying with laws, regulations and contracts

by focusing on
preparing board reports on IT strategy, performance and risks, and responding to governance requirements in line with board directions

is achieved by

  • Establishing an IT governance framework integrated into corporate governance
  • Obtaining independent assurance over the IT governance status

and is measured by

  • Frequency of board reporting on IT to stakeholders (including maturity)
  • Frequency of reporting from IT to the board (including maturity)
  • Frequency of independent reviews of IT compliance

Control objectives:

ME4 Provide IT Governance

ME4.1 Establishment of an IT Governance Framework
ME4.2 Strategic Alignment
ME4.3 Value Delivery
ME4.4 Resource Management
ME4.5 Risk Management
ME4.6 Performance Measurement
ME4.7 Independent Assurance

Check out the links for details on the control objectives.

Leave a Comment

Previous post:

Next post: