The Institute of Internal Auditors (IIA) Standards identify IT governance as a key area that should be regularly reviewed by the internal audit function. Objectives of this sample IT governance report include gaining a high-level understanding of the organization's IT governance processes and providing management with a benchmark against which to determine and pursue improved IT governance performance.

The following are key observations noted during the IT governance review:

• There were inconsistent messages on the amount of input and involvement business management has on the enterprise application roadmap.
• There were questions raised on the overall strategy for enterprise applications. Members of management did not feel that they understood why specific projects were not selected for the roadmap.
• There was a lack of knowledge by business management on the availability of the published roadmap.