CobiT definition:
Establishing an effective internal control programme for IT requires a well-defined monitoring process. This process includes the monitoring and reporting of control exceptions, results of self-assessments and third-party reviews. A key benefit of internal control monitoring is to provide assurance regarding effective and efficient operations and compliance with applicable laws and regulations.
Control over the IT process of
Monitor and evaluate internal control
that satisfies the business requirement for IT of
protecting the achievement of IT objectives and complying with IT-related laws, regulations and contracts
by focusing on
monitoring the internal control processes for IT-related activities and identifying improvement actions
is achieved by
- Defining a system of internal controls embedded in the IT process framework
- Monitoring and reporting on the effectiveness of the internal controls over IT
- Reporting control exceptions to management for action
and is measured by
- Number of major internal control breaches
- Number of control improvement initiatives
- Number and coverage of control self-assessments
Control objectives:
ME2 Monitor and Evaluate Internal Control
ME2.1 Monitoring of Internal Control Framework
ME2.2 Supervisory Review
ME2.3 Control Exceptions
ME2.4 Control Self-assessment
ME2.5 Assurance of Internal Control
ME2.6 Internal Control at Third Parties
ME2.7 Remedial Actions
Check out the links for details on the control objectives.
Related posts:
- ME1 Monitor and Evaluate IT Performance CobiT definition: Effective IT performance management requires a monitoring process. This process includes defining relevant performance indicators, systematic and timely...
- CobiT Domain – Monitor and Evaluate The fourth domain in CobiT is Monitor and Evaluate (ME). It is made up of 4 processes and 25 control...
- ME3 Ensure Compliance With External Requirements CobiT definition: Effective oversight of compliance requires the establishment of a review process to ensure compliance with laws, regulations and...
- ME4 Provide IT Governance CobiT definition: Establishing an effective governance framework includes defining organisational structures, processes, leadership, roles and responsibilities to ensure that enterprise...
- DS1 Define and Manage Service Levels CobiT definition: Effective communication between IT management and business customers regarding services required is enabled by a documented definition of...
