ME02 Monitor and evaluate internal control

focuses on	identifying improvement actions monitoring the internal control processes for IT-related activities
is controlled by	ME02.1 Monitoring of Internal Control Framework Continuously monitor, benchmark and improve the IT control environment and control framework to meet organisational objectives. ME02.2 Supervisory Review Monitor and evaluate the efficiency and effectiveness of internal IT managerial review controls. ME02.3 Control Exceptions Identify control exceptions, and analyse and identify their underlying root causes. Escalate control exceptions and report to stakeholders appropriately. Institute necessary corrective action. ME02.4 Control Self-assessment Evaluate the completeness and effectiveness of management’s control over IT processes, policies and contracts through a continuing programme of self-assessment. ME02.5 Assurance of Internal Control Obtain, as needed, further assurance of the completeness and effectiveness of internal controls through third-party reviews. ME02.6 Internal Control at Third Parties Assess the status of external service providers’ internal controls. Confirm that external service providers comply with legal and regulatory requirements and contractual obligations. ME02.7 Remedial Actions Identify, initiate, track and implement remedial actions arising from control assessments and reporting.
is part of	Monitor and Evaluate (ME) All IT processes need to be regularly assessed over time for their quality and compliance with control requirements. This domain addresses performance management, monitoring of internal control, regulatory compliance and governance.
refers to	Internal Control the policies, plans and procedures, and organisational structures designed to provide reasonable business objectives will be achieved and undesired events will be prevented or detected and corrected
can be mapped to	The 7-Step Improvement Process The improvement process spans not only the management organization but the entire service lifecycle. This is a cornerstone of CSI. [06.2] Service reporting Objective: To produce agreed, timely, reliable, accurate reports for informed decision making and effective communication.
supports	Account for and protect all IT assets. Ensure that IT services and infrastructure can properly resist and recover from failures due to error, deliberate attack or disaster Protect the achievement of IT objectives.

Lernen Sie mehr über ME02 Monitor and evaluate internal control in einer unserer Schulungen:

CobiT Basic Practitioner Schulung

Haben Sie Fragen zu diesem Thema? Oder können wir sonst etwas für Sie tun? Unsere Experten stehen Ihnen gerne zur Verfügung:

schreiben Sie uns

Dies ist ein Teil des Body of Service Knowledge der Continental Software GmbH, zusammengetragen aus den Best Practices der ITIL und CobiT und PMBOK Frameworks, der ISO 20000 Norm, sowie aus eigener Erfahrung.

© Continental Software GmbH; ITIL® und IT Infrastructure Library® sind eingetragene Warenzeichen des Office of Government Commerce (OGC). COBIT® ist eingetragenes Warenzeichen der Information Systems Audit and Control Association (ISACA). ISO® ist eingetragenes Warenzeichen der International Organization for Standardization. PMI und PMBOK sind eingetragene Marken des Project Management Institute, Inc. Andere hier erwähnte Inhalte, Produkt- oder Firmennamen können die Warenzeichen ihrer jeweiligen Eigentümer sein.