All IT processes need to be regularly assessed overtime for their quality and compliance with control requirements.


Monitors all processes to ensure that the direction provided is followed.


Monitor, Evaluate and Assess addresses performance management, monitoring of internal control, regulatory compliance, and governance. It typically addresses the following management questions:

    • Is IT’s performance measured to detect problems before it is too late?
    • Does management ensure that internal controls are practical and efficient?
    • Can IT performance be linked back to business goals?
    • Are adequate confidentiality, integrity, and availability controls in place for information security?

Entrance Criteria:

  • <?>

Exit Criteria:

  • <?>

Process and Procedures:

Tailoring Guidelines:


Process Verification Record(s):

  • <?>
    • Stored By: <?>


  • <?>
    • Maintained By: <?>
    • Submitted By: <?>
    • Frequency of Submission: <?>


  • <?>