IT Strategy

Several SAIs have formalised their IT strategy with a clearly stated policy. Many have established a Steering Committee for planning and regulating IT activities.

The response is summarized below:

Majority of SAIs also have a separate IT Department, as shown below:

In 55 cases, the IT department reports to the top management.
The IT department generally has both hardware and software experts, though software experts are more common.
In nearly 50% cases, the IT department also comprises of qualified EDP Auditors.

The following figures show that SAIs who have a formal IT policy or strategy are more likely to have a steering committee and a separate IT department.

Of the 73 SAIs who have a formal IT policy or strategy

50 have a steering committee

59 have a separate IT department
32 have guidelines for IT systems/operations management
51 have IT security policy or procedures