3.1.9 Performance Management
| No: 43028139 | Date(g): 4/11/2021 | Date(h): 29/3/1443 | Status: In-Force |
Principle
Efficiency and effectiveness of IT processes and services of the Member Organizations should be continuously measured through key performance indicators (KPIs).
Control Requirements
| 1. | KPIs should be defined, approved and implemented to measure the execution of IT processes and system performance. | |
| 2. | KPIs should be defined considering for the following, but not limited to: | |
| a. | IT function and related processes; | |
| b. | workforce competency and development; and | |
| c. | compliance with regulatory regulations. | |
| 3. | KPIs should be: | |
| a. | communicated to the concerned IT Divisions/Units of the Member Organizations for implementation; | |
| b. | supported by target value and thresholds; | |
| c. | analyzed to identify the deviations against targets and initiate remedial actions; | |
| d. | analyzed to identify trends in performance and compliance and take appropriate action; and | |
| e. | monitored and periodically reported to the senior management and ITSC. | |