How does IT governance fit into an organization’s overall governance? The Executive Summary makes five recommendations for management with respect to IT. What are these recommendations? How would an auditor likely view a company’s IT environment if the organization had implemented the above recommendations?