The document discusses how an IT balanced scorecard (IT BSC) can be developed based on mapping ISO27001 control objectives to COBIT process areas. This IT BSC can then be linked to the business balanced scorecard (BU BSC) to support IT/business governance and alignment. It proposes a hierarchy of scorecards with the IT Development BSC and IT Controls/Operational BSC enabling the Strategic BSC, which in turn enables the Business BSC. Compliance to standards and control objectives through this cascade of scorecards can help establish governance and develop business unit KPIs.