A Metrics Generation Model for Measuring the Control Objectives of Information Systems Audit

Information technology governance (ITG) which was a relatively new concept in the late 1990s, has gained importance in the 21st century due to factors namely the collapse of Enron Inc, and the need for a better reporting and financial disclosure system as requested by the US Securities and Exchange Commission chairman in 2001. Subsequent legislations namely the Sarbanes Oxley Act (SOX) in the United States and the Turnbull Guidance in the United Kingdom provided further impetus for the need for ITG. Other factors that prompt companies to give more importance to the management, control and measurement of information systems include the risk associated with information, the investments made by companies into the IT resource and the need to be competitive in the marketplace. All of these factors emphasize the requirement to measure the performance or effectiveness of information systems. The state of performance of various entities, events and process of information systems give a ´dashboard approach´ vision to management. In this paper a metrics generation model is proposed for generating metrics that can measure the key performance indicators and goals of the control objectives of CoBIT by applying the GQM model