Principles for Assurance on Corporate Governance of ICT

ICT is critical to the well-being of any modern enterprise and should therefore also be governed and managed appropriately. As such, it is imperative that corporate governance of ICT (CGICT) be implemented and supported by the Board. It is quite clear that the Board remains ultimately accountable for CGICT. Consequently, the Board should have peace of mind regarding its fiduciary duties on CGICT. In other words, the Board must be provided with assurance on the overall efforts of CGICT within the enterprise, in order to provide stakeholder value. Therefore, the focus of this paper is twofold in an attempt to address the relationship between assurance and CGICT. Firstly, this paper will identify important principles and criteria from an assurance point of view, which can ideally be used to assist assurance professionals with understanding the underlying factors of assurance and its relationship with CGICT. Secondly, the principles and criteria identified in this paper can be used to develop a framework for assurance on CGICT, so as to formalise a process for providing the Board with peace of mind on their efforts towards good CGICT.