I'm not quite sure if this is what you after, but I'll give it a shot.
In my experience IT Audit have heartily welcomed ITIL initiatives as it puts into place some controls to facilitate repetative consistence performances (amongst other things) - and we all know how audit feel about things being controlled! However, they aren't just interested in the Service Support & Service Delivery processes but also the Security side.
Here is an excerpt from a paper that our auditor wrote to help me get the buy-in from management:
From an audit perspective, the primary potential benefit of adopting ITIL is an increase in the effectiveness of the controls applied. This would help to achieve the corporate objectives by reducing risk in areas such as information security, the safeguarding of physical assets and continuity of service. As with most standards, however, management must accept and acknowledge that all aspects of the ITIL guidance will not be applicable to the Council. Management must therefore select the processes and controls that specifically apply and which will provide tangible benefits.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum