Even though IT risks are on the Board’s agenda more than ever before, few Boards understand the full degree of their operational dependence on computer systems and the role that IT plays in shaping their firm’s strategies. It is therefore increasingly critical that Internal Audit (IA) focus their IT audit effort on the things that matter and communicate those issues in a way that the Board can understand them.