Font Size: 

This paper shows the overview of models used for business and IT alignment (CobIT, COSO etc.) and their interrelationships. We present the results of international audits according to control areas by CobIT and the most important findings, especially identified weaknesses. The general result of these audits is awareness and willingness of top management to align business and IT, but with minimal compliance costs. We describe the process of IT internal audit and performance monitoring at business and IT levels, based on risk assessment through testing implemented controls. It shows the relationships between business and IT objectives and metrics, and it could be used for detecting broken connections between them. It is a great opportunity for recognition of improvement areas for aligning business and IT. Because of that, the final result of IT internal audit is not a report by an internal auditor but monitoring the realization and implementation of agreed improvements. It should lead continuously to better aligned business and IT.