Monitor, Evaluate and Assess Performance and Conformance

Monitor, Evaluate and Assess Performance and Conformance

Purpose:

Collect, validate and evaluate business, IT and process goals and metrics. Monitor that processes are performing against agreed-on performance and conformance goals and metrics and provide reporting that is systematic and timely.

Objective:

Provide transparency of performance and conformance and drive achievement of goals.

Description:

<?>

Inputs:

  • Reporting and communications principles
  • Evaluation of enterprise reporting requirements
  • Rules for validating and approving mandatory reports
  • Assessment of reporting effectiveness
  • Performance goals and metrics for process improvement tracking
  • Process capability assessments
  • Investment portfolio performance reports
  • Service level performance reports
  • Supplier compliance monitoring review results
  • Results of program performance reviews
  • Availability, performance and reports
  • Success measures and results
  • Facilities assessment reports
  • Request fulfilment status and trends report
  • Incident status and trends report
  • Escalation guidelines
  • Non-compliance remedial actions

Outputs:

  • Monitoring requirements
  • Approved monitoring goals and metrics
  • Monitoring targets
  • Processed monitoring data
  • Performance reports
  • Remedial actions and assignments
  • Status and results of actions

Controls:

<?>

Task Instructions:

Establish a Monitoring Approach

    1. Identify stakeholders (e.g., management, process owners, and users).
    2. Engage with stakeholders and communicate the enterprise requirements and objectives for monitoring, aggregating, and reporting, using common definitions (e.g., enterprise glossary, metadata, and taxonomy), baselining, and benchmarking.
    3. Align and continually maintain the monitoring and evaluation approach with the enterprise approach and the tools to be used for data gathering and enterprise reporting (e.g., business intelligence applications).
    4. Agree on the goals and metrics (e.g., conformance, performance, value, risk), taxonomy (classification and relationships between goals and metrics), and data (evidence) retention.
    5. Agree on a life cycle management and change control process for monitoring and reporting. Include improvement opportunities for reporting, metrics, approach, baselining, and benchmarking.
    6. Request, prioritize, and allocate resources for monitoring (consider appropriateness, efficiency, effectiveness, and confidentiality).
    7. Periodically validate the approach used and identify new or changed stakeholders, requirements, and resources.

Set Performance and Conformance Targets

    1. Define and periodically review with stakeholders the goals and metrics to identify any significant missing items and define reasonableness of targets and tolerances.
    2. Communicate proposed changes to performance and conformance targets and tolerances (relating to metrics) with key due diligence stakeholders (e.g., legal, audit, HR, ethics, compliance, finance).
    3. Publish changed targets and tolerances to users of this information.
    4. Evaluate whether the goals and metrics are adequate, i.e., specific, measurable, achievable, relevant, and time-bound (SMART).

Collect and Process Performance and Conformance Data

    1. Collect data from defined processes – automated, where possible.
    2. Assess efficiency (effort in relation to the insight provided) and appropriateness (usefulness and meaning) and validate integrity (accuracy and completeness) of collected data.
    3. Aggregate data to support the measurement of agreed-on metrics.
    4. Align aggregated data to the enterprise reporting approach and objectives.
    5. Use suitable tools and systems for the processing and format of data for analysis.

Analyze and Report Performance

    1. Design process performance reports that are concise, easy to understand, and tailored to various management needs and audiences. Facilitate effective, timely decision making (e.g., scorecards, traffic light reports) and ensure that the cause and effect between goals and metrics are communicated in an understandable manner.
    2. Compare the performance values to internal targets and benchmarks and, where possible, to external benchmarks (industry and key competitors).
    3. Recommend changes to the goals and metrics, where appropriate.
    4. Distribute reports to the relevant stakeholders.
    5. Analyze the cause of deviations against targets, initiate remedial actions, assign responsibilities for remediation, and follow up. At appropriate times, review all deviations and search for root causes, where necessary. Document the issues for further guidance if the problem recurs. Document results.
    6. Where feasible, link achievement of performance targets to the organizational reward compensation system.

Ensure the implementation of Corrective Actions

    1. Review management responses, options, and recommendations to address issues and major deviations.
    2. Ensure that the assignment of responsibility for corrective action is maintained.
    3. Track the results of the actions committed.
    4. Report the results to the stakeholders