Certified Information Systems Auditor (CISA) — Question 216

An IS auditor has been asked to advise on measures to improve IT governance within the organization. Which of the following is the BEST recommendation?

Answer options

• A. Implement annual third-party audits.
• B. Require executive management to draft IT strategy.
• C. Benchmark organizational performance against industry peers.
• D. Implement key performance indicators (KPIs).

Correct answer: D

Explanation

Implementing key performance indicators (KPIs) is crucial as it provides measurable metrics for assessing IT governance effectiveness. While the other options also contribute to governance, they do not offer the same immediate actionable insights and ongoing measurement capabilities that KPIs provide.