Welcome » IT Booklets » Management » IT Risk Management Process » Measure and Monitor
Financial institution management should ensure
satisfactory monitoring and reporting of IT activities and risk.
These practices should include:
Financial institutions should continuously measure and monitor
the risk profile of their IT functions. Metrics, as part of the
monitoring process, will aid management in its ability to assess
the overall program. The specific metrics reported, and the
frequency, will depend upon the IT environment of the institution.
Some common examples are: