The IT program manager should first obtain confirmation from the business and a decision by the steering committee before proceeding with the requirement change request. This is because the requirement change request is a major scope change that will affect the program budget, schedule, quality, and risk. The IT program manager needs to ensure that the business owner and the steering committee are aware of the implications and benefits of the change, and that they approve it formally. The IT program manager also needs to follow the established change management process and document the change request and its approval.

Requesting additional funding from the business owner to cover the additional scope is not the first step, as it assumes that the change request is already approved and justified. The IT program manager should first seek confirmation and approval from the business owner and the steering committee before asking for more resources.

Reporting the matter to internal audit as a program deviation to be reviewed is not the first step, as it implies that the change request is a violation or a problem. The IT program manager should first communicate with the business owner and the steering committee to understand their rationale and expectations for the change request, and to present the impact analysis and alternatives.

Aligning IT with the business and agreeing to the business request is not the first step, as it disregards the role and authority of the steering committee. The IT program manager should not accept or reject the change request without consulting with the steering committee, which is responsible for overseeing and governing the program.

References := Program Management Best Practices | Smartsheet, Best Practices for Running an Ongoing Program section. Program Management: 8 Tips & Tricks for Success (Update 2023), Tip 2: Defining the control processes section. Program Management Best Practices - Project Management Institute, Comprehend the differences between programs and projects section.