Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

DS2.4 - Supplier Performance Monitoring

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective DS2.4 - Supplier Performance Monitoring is contained within Process Popup Manage Third-party Services.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
8 Members
0 Online
4186 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Supplier Performance Monitoring

Establish a process to monitor service delivery to ensure that the supplier is meeting current business requirements and continuing to adhere to the contract agreements and SLAs, and that performance is competitive with alternative suppliers and market conditions.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Timely detection of service level non-compliance
  • Benefits of service contract realised
  • Costs controlled
  • Costly disputes and possible litigation avoided
  Risk Drivers
  • Undetected service degradation
  • Inability to challenge costs and service quality
  • Inability to optimise choice of suppliers

View Control Practices  help

Hide Control Practices  help

  1. Define and document criteria to monitor service suppliers’ performance.
  2. Ensure that the supplier regularly reports on agreed-upon performance criteria.
  3. Invite users to provide feedback for assessment of supplier performance and quality of service.
  4. Evaluate the costs and market conditions for the service levels by benchmarking against alternative suppliers, and identify potential for improvement.
  5. Define arbitration procedures to consult an arbitration committee before bringing an action.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 26 total

Events & Online Learning: 0 total

No Results Found

Journal Articles: 43 total

Volume 2, 2017
by Vasant Raval, DBA, CISA, ACMA, and Samir Shah, CISA, CA, CFE, CIA, CISSP
The business model of the early 20th century depicted a large, integrated company that owned, managed and directly controlled its resources.
Volume 6, 2016
by Sunil Bakshi, CISA, CGEIT, CISM, CRISC, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
During the past 30 years, enterprises have been embracing new methods to transform their operations to use IT and related technology to provide a higher level of customer service.
Volume 6, 2016
by Reviewed by Sunil Bakshi, CISA, CGEIT, CISM, CRISC, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
The increased use of outsourcing arrangements and the acceptance of cloud computing models has benefits and associated risk.
Volume 6, 2016
by Shirali Vyas, CA, ICAI
The 2008 financial crisis and its cascading effects have made it necessary to redefine the supplier risk management norms.
Volume 3, 2016
by Samuel Shanthan, CISA, CIPM, MBCI
It is of paramount importance to ensure the continuity of vendors, especially those that are providing and supporting the critical services and processes of the organisation.
Volume 1, 2016
by Balraj Thuppalay, CISM, CISSP
Both internal auditors and compliance analysts can play a vital role in helping companies achieve compliance with the US Sarbanes-Oxley Act of 2002, with focused reviews of IT general controls (ITGCs) around SAP.

Wikis: 2 total

Blog Posts: 5 total

Must be a Topic member to view blog posts
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
A recent publication in a local newspaper, indicated that an employee was charged with fraud with regards to claims of insurance payments that were lodged with the company were paid out to people who were not entitled to receive such payments. What potent...
Posted By : Paulina.PNI | 2 comments
"Combatirse a sí mismo es la guerra más difícil; vencerse a sí mismo es la victoria más bella"Friedrich von Logau (1605-1655) Poeta alemán.En estos momentos en que la contratación de un profesional para una empresa debe de ser un tema muy bien planteado, ...
Posted By : Javier | 0 comments
13 Nov 2014
Now a days, you don’t need to be a IT guru or best software programmer to access /control other personal/organization data. If you follow below techniques, you can easily get confidential information.1. Masquerading2. Tailgeting (Piggy back)3. Dumpster di...
Posted By : Shaklain | 1 comments
On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center. Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : appolloconsulting | 2 comments