Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

PO8.6 - Quality Measurement, Monitoring and Review

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective PO8.6 - Quality Measurement, Monitoring and Review is contained within Process Popup Manage Quality.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
2 Members
0 Online
674 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Points: 3


Quality Measurement, Monitoring and Review

Define, plan and implement measurements to monitor continuing compliance to the QMS, as well as the value the QMS provides. Measurement, monitoring and recording of information should be used by the process owner to take appropriate corrective and preventive actions.

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • Staff members aware of quality performance
  • Consistent reporting
  • Quality reporting integrated into and facilitating the organisation’s QMS
  • Measurable and tangible value of the QMS
  • Feedback concerning compliance with and usefulness of the QMS
  Risk Drivers
  • Lack of clear and consistent quality objectives
  • Preventive and corrective actions unidentified
  • Inconsistent quality reporting
  • Reports failing to contribute to the enterprise’s QMS
  • Lack of clarified objectives
  • Inconsistent quality reporting
  • Failure of the QMS to enhance the organisation’s objectives
  • QMS not taken seriously or complied with by the organisation
  • Weaknesses and strengths within the QMS not recognised
  • Non-compliance not identified
  • Projects at risk to be over time and budget and delivered with poor quality

View Control Practices  help

Hide Control Practices  help

  1. Define and maintain quantifiable, goal-driven quality metrics (or measurements) aligned to overall quality objectives covering the quality of individual projects and services.
  2. Ensure that management and process owners regularly review QMS performance against defined quality metrics.
  3. Analyse overall quality performance results to determine:
    • The extent of compliance with the QMS
    • Trends indicating quality strengths and weaknesses
    • The effectiveness of the QMS in identifying quality problems
    • Efficiency in timely identification of faults
    • Management commitment to ongoing QMS performance and improvement

 

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 105 total

Must be a Topic member to contribute
View All »
Downloads
Posted by ISACA 344 days ago
Downloads
Posted by ISACA 397 days ago
Downloads
Posted by ISACA 397 days ago
Downloads
Posted by ISACA 729 days ago
Research
Posted by ISACA 23 hours ago

Events & Online Learning: 9 total

7 May 2012
ISACA International Event
Orlando, Florida, USA
Get the knowledge you need to stay one step ahead of the competition and keep up with changing professional trends at ISACA’s North America CACS Conference.
12 Jun 2012
ISACA International Event
Dallas, Texas, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
7 Aug 2012
ISACA International Event
Chicago, Illinois, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.
10 Sep 2012
ISACA International Event
Munich, Germany
EuroCACS/ISRM is a multidimensional event featuring audit, security, governance and risk content, and the audit and security programs, tools and the resources you need to be responsive to industry changes.
11 Sep 2012
ISACA International Event
San Francisco, California, USA
ISACA Training is a unique educational event designed to provide the tools you need to maintain, update and upgrade your skills, and to continue your professional development.

Journal Articles: 259 total

Volume 3, 2012
by Aarni Heiskanen, LJK
A program or project portfolio explains how an organization is implementing its strategy with projects.
Volume 3, 2012
by Kai-Uwe Ruhse, CISA, PCI QSA, and Maria Baturova
This article describes real cloud computing project case studies, which show that moving to the cloud is an important strategic decision for IT managers.
Volume 3, 2012
by Robert Findlay, CISA
Robert Findlay has had a 30-year career in a variety of IT roles, including computer operations, programming, project management, IT audit and emergency project management.
Volume 3, 2012
by Fabrizio Baiardi, Claudio Telmon, CISA, CISSP, and Daniele Sgandurra, Ph.D.
Haruspex is a risk evaluation methodology defined and implemented by the research group on risk management in the Department of Computer Science at the University of Pisa, Italy.
Volume 2, 2012
by Steven J. Ross, CISA, CISSP, MBCP
The Conference Board study addresses the resilience of companies “to bounce back from a disruption” caused by security events, which are defined rather loosely as environmental disasters, terrorism and cyberattacks.
Volume 2, 2012
by John P. Pironti, CISA, CISM, CGEIT, CRISC, CISSP, ISSAP, ISSMP
Risk and security will no longer be something that the organization consciously considers and instead will become integrated in business-as-usual activities.

Wikis: 2 total

Blog Posts: 100 total

Having been associated with the BS 7799 from its introduction as a Security Standard, and as a Contributor to the ISO 27001, and the last and final Chair of the ISO 27001 at the Department of Trade and Industry (DTI) I have been a long term supporter, and...
Posted By : John379 | 0 comments
Gone are the days of check list auditing (Tick and bash audit). To add value to business auditors need to go beyond check listing. Be it an application control review (ACR), IT General Controls Review (ITGCR), A project review or an integrated audit, i...
Posted By : Tichaona Zororo CISA, CISM, CRISC, CGEIT | 0 comments
During my audits, training & teaching sessions one of the frequent queries I came across is 'Sir, How do I become an IT Auditor? What are the qualification criteria?' The best answer for this to quote from the famous book, Information Systems Control and ...
Posted By : KvR | 0 comments
We are in the year 2012 – the year of the UK Olympics, and the prospect of good times, fantastic events, and on mass tourism is something the UK is liking forward to, and embracing – but like all good things, there can be baggage, and in this case that ma...
Posted By : John379 | 0 comments
IT Security industry does a great disservice to itself by constantly portraying itself as the great savior and protector from all evils, somehow capable of taking us to that magical place where no one gets robbed or no breach happens, while in reality, th...
Posted By : Umesh391 | 1 comments
New post on IT Grackle: "The Privacy Lock On Your Phone" http://goo.gl/qMNfC #mobile #security
Posted By : Calvin Powers | 0 comments