Skip to Navigation
Skip to Main content
OIG Home
OIG Home


Skip SHARE THIS PAGE section Skip STAY CONNECTED section

Board Report: 2018-IT-B-020 November 5, 2018

The Board Can Strengthen Information Technology Governance

available formats

The effectiveness of the Board's information security program hinges on enterprisewide visibility into its IT operations. We assessed whether the Board's organizational structure and authorities support its IT needs.

We found that the Board's organizational structure and authorities could inhibit the Board's achievement of its strategic objectives regarding technology. Specifically,

  • Division Directors can make IT decisions without the CIO's approval and are not required to align investments with the Board's enterprisewide architecture
  • the various IT governance bodies lack a documented reporting hierarchy and there is not a way to elevate some concerns to officials who can stop or pause a project
  • inconsistent tracking of labor hours across divisions may result in inaccurate capitalization of software development costs

Our report includes recommendations to strengthen IT governance at the Board.