Corporate governance has become increasingly important worldwide, especially in the wake of the Enron and MCI WorldCom incidents in the US. The Australian Stock Exchange Corporate Governance Council defines corporate governance as “... the system by which companies are directed and managed. It influences how the objectives of the company are set and achieved, how risk is monitored and assessed, and how performance is optimised” (ASX, 2003). IT governance has increasingly become a key area of concern under the umbrella of corporate governance because of the pervasive influence of information systems and the associated technology infrastructure in every area of an organization’s activities. The IT Governance Institute describes IT governance as being an integral part of the corporate governance which consists of “the leadership and organizational structures and processes that ensure an organization’s IT sustains and extends the organization’s strategy and objectives” (ITGI, 2003).