This document provides an overview of chapter 2 from the 2007 CISA review course, which covers IT governance. It discusses key topics like corporate governance, information systems strategy, policies and procedures, risk management, IS management practices, IS organizational structure and responsibilities, and auditing the management, planning and organization of IS. The chapter aims to ensure CISA candidates understand how organizations can provide assurance that proper IT governance structures and processes are in place.