CobiT definition:
Establishing an effective internal control programme for IT requires a well-defined monitoring process. This process includes the monitoring and reporting of control exceptions, results of self-assessments and third-party reviews. A key benefit of internal control monitoring is to provide assurance regarding effective and efficient operations and compliance with applicable laws and regulations.
Control over the IT process of
Monitor and evaluate internal control
that satisfies the business requirement for IT of
protecting the achievement of IT objectives and complying with IT-related laws, regulations and contracts
by focusing on
monitoring the internal control processes for IT-related activities and identifying improvement actions
is achieved by
- Defining a system of internal controls embedded in the IT process framework
- Monitoring and reporting on the effectiveness of the internal controls over IT
- Reporting control exceptions to management for action
and is measured by
- Number of major internal control breaches
- Number of control improvement initiatives
- Number and coverage of control self-assessments
Control objectives:
ME2 Monitor and Evaluate Internal Control
ME2.1 Monitoring of Internal Control Framework
ME2.2 Supervisory Review
ME2.3 Control Exceptions
ME2.4 Control Self-assessment
ME2.5 Assurance of Internal Control
ME2.6 Internal Control at Third Parties
ME2.7 Remedial Actions
Check out the links for details on the control objectives.
Related posts:
- ME1 Monitor and Evaluate IT Performance CobiT definition: Effective IT performance management requires a monitoring process. This process includes defining relevant performance indicators, systematic and timely...
- CobiT Domain – Monitor and Evaluate The fourth domain in CobiT is Monitor and Evaluate (ME). It is made up of 4 processes and 25 control...
- DS1 Define and Manage Service Levels CobiT definition: Effective communication between IT management and business customers regarding services required is enabled by a documented definition of...
- PO6 Communicate Management Aims and Direction CobiT definition: Management develops an enterprise IT control framework and defines and communicates policies. An ongoing communication programme is implemented...
- DS3 Manage Performance and Capacity CobiT definition: The need to manage performance and capacity of IT resources requires a process to periodically review current performance...
