Organizations can use the automation and standardization best practices in this guide to enhance their IT processes and improve compliance.  

As this guide explains, IT processes that are primarily relevant to risk assessment are those that directly impact the critical functionality within financially significant applications and data. Risks to the reliability of financially significant applications and data and providing a context for critical controls are based on the achievement or failure of IT process objectives – those that reasonably assure the reliability of financially significant applications and data. Risks can be assessed for each IT business process at each element in the IT infrastructure.