ABSTRACT
An organization’s reason for acquiring software is to effectively and efficiently support one or more business processes. Before acquiring software, the requirements of these processes should have already been identified. Once the business objectives have been defined for the solution being sought, the process for acquiring software can begin. Both the IT auditor and management need to be aware of the importance of this area and the critical control processes that need to be in place to support and protect the organization.
