What should an IS auditor recommend to best enforce alignment of an IT project portfolio with strategic priorities?

Recommending that projects be selected according to business benefits and risk ensures that the IT project portfolio is closely aligned with strategic priorities. This approach emphasizes the importance of evaluating projects based on how they contribute to the organization’s goals and the potential risks they may pose. By prioritizing projects that offer the highest business value while considering associated risks, an IS auditor helps ensure that resources are allocated efficiently and effectively, maximizing ROI and minimizing potential adverse effects on strategic initiatives.

Selecting projects based on business benefits means that the organization can focus on initiatives that directly support its objectives. Considering risk further enhances this alignment by ensuring that the organization does not engage in high-risk projects that could detract from achieving its strategic goals or divert resources from lower-risk, high-value projects. This holistic approach to project selection is vital for maintaining a portfolio that not only supports the company’s mission but also adapts to changing circumstances and priorities in the business environment.