An IS auditor is reviewing the maturity of a large organization's IT governance. Which of the following BEST demonstrates that IT governance has been effectively implemented?
An IS auditor is reviewing the maturity of a large organization's IT governance. Which of the following BEST demonstrates that IT governance has been effectively implemented?
Effective IT governance ensures that IT supports and enables the organization's strategies and objectives. Reviewing strategic IT key performance indicators (KPIs) demonstrates that the board is actively monitoring IT's alignment with business goals, its performance, and its contribution to the overall success of the organization. This holistic evaluation is a strong indicator of mature IT governance processes.
Option C stands out as the BEST demonstration of effective IT governance because strategic IT KPIs provide insights into the organization's IT performance, alignment with business objectives, and value delivery. When the board reviews and assesses strategic IT KPIs, it indicates a holistic understanding of IT's contribution to the organization's success and reflects the successful implementation of IT governance practices.
Option A, "The board of directors reviews compliance with legal and regulatory requirements," is important, but legal compliance alone is not enough to demonstrate the overall effectiveness of IT governance. Compliance with legal requirements is a basic requirement, but it alone cannot evaluate the strategic value and accomplishments of the IT department. Therefore, the best indicator of IT governance maturity in a large organization is the board of directors reviewing strategic IT KPIs.
Does anyone know why the answer is C?