GII principles flashback with today's IT/IA Governance

The era in electronic communication and technology convergence is the Global Information Infrastructure (GII) which is aimed at risks in compliance, compatibility and security. This extends the national boundaries and resolves around storage, transmission and interoperability of sensitive data over the Internet.  Internal Audit offers a keen perspective in navigating and correlating key system to the enterprise as a whole.  The relationship between IT and Internal Audit is essential since IT impacts operations and organizational investments that affect the bottom line. Yes, technology changes rapid, so routine audits of IT standards, processes and governance should afford senior leadership with decision-making capabilities (and competitive edge).  However, what should not be underscored is the human element in both the design/implementation of the infrastructure and the auditor's capabilities/methods.
The IT governance program should target the following areas: infrastructure, operating systems, applications/software and related security components; as well as the process automation for each of these components. The Internet is highly dependent on the overall IT infrastructure to deliver information, communication and products/services which can have vast number of threat vectors (and vulnerabilities) that rapidly change.
Recall the 5 fundamental principles of GII by the National Telecommunications & Information Administration – US Dept of Commerce:
- Encouraging Private Investment – with suitable standards, regulatory and reforms
- Promoting Competition – global governments working constructively
- Providing Open Access – improved access and support for services and vast participation
- Creating a Flexible Regulatory Environment – creation of optimal regulatory, innovation and transparency
- Ensuring Universal Service – multilateral information exchange

We'll check on progress of 2015 and to-be 2016 after Q1...