Affiliations: [a] Electrical Engineering Department, University of Brasília (UnB), Brasília, DF, Brazil | [b] Computer Science Department, University of Brasília (UnB), Brasília, DF, Brazil
Corresponding author: Edna Dias Canedo, Computer Science Department, University of Brasília (UnB), Brasília, DF, Brazil. Tel.: +55 61 981140478; E-mail: firstname.lastname@example.org.
Note:  A shorter version of this paper (Clara et al., 2017) was presented in the dg.o 2017: 18th Annual International Conference on Digital Government Research, Staten Island, NY, USA, June 7–9, 2017.
Abstract: Information and Communications Technologies (ICT) comprise a large integrated set of structures and functions employed to access, transfer, store and treat all forms of information. These technologies continue to be an important factor for improving organizational management and achieving competitive advantage, since they can be used to add value, continuously, to almost all business processes. Based on a survey of the literature, international and national regulations, and best practices bodies, this paper presents and discusses common elements that are considered important to guide regulatory compliance verifications of ICT management practices. Designated hereinafter as Elements that Orient Regulatory Compliance Verification Audits (ECVAs), these elements are characterized and their selection is validated in a case study for improving ICT Governance in a Brazilian Public Agency.
Keywords: Information and Communications Technologies (ICT), ICT governance, ICT management, regulatory compliance, auditing, Brazilian public companies