Use proactive performance management.

CONTROL ID
00937

CONTROL TYPE
Business Processes

CLASSIFICATION
Detective

This Control directly supports the implied Control(s):

Establish, implement, and maintain a performance management standard., CC ID: 01615

There are no implementation support Controls.

AIs should implement a process to ensure that the performance of application systems is continuously monitored and exceptions are reported in a timely and comprehensive manner. The performance monitoring process should include forecasting capability to enable problems to be identified and corrected … (5.2.1, Hong Kong Monetary Authority: TM-G-1: General Principles for Technology Risk Management, V.1 â 24.06.03)
Financial institutions should ensure that performance of their ICT operations is aligned to their business requirements. Financial institutions should maintain and improve, when possible, efficiency of their ICT operations, including but not limited to the need to consider how to minimise potential … (3.5 51, Final Report EBA Guidelines on ICT and security risk management)
The Board should set and monitor performance objectives. (§ VI.D, OECD Principles of Corporate Governance, 2004)
At planned intervals, the organization shall review the performance trends and the outcomes of the services. (§ 8.3.2 ¶ 3, ISO/IEC 20000-1:2018, Information technology â Service management âPart 1: Service management system requirements, Third Edition)
The organization should practice proactive performance management to help meet its current needs and for help planning for expansion of product lines or growth. (Pg 38, FFIEC IT Examination Handbook - Operations, July 2004)