Welcome » IT Booklets » Management » IT Risk Management Process » Measure and Monitor
Financial institution management should ensure satisfactory monitoring and reporting of IT activities and risk. These practices should include:
Financial institutions should continuously measure and monitor the risk profile of their IT functions. Metrics, as part of the monitoring process, will aid management in its ability to assess the overall program. The specific metrics reported, and the frequency, will depend upon the IT environment of the institution. Some common examples are: