OR-08 IT Operations & Resilience
System & Infrastructure Monitoring
Health of critical systems is observed.
- Domain
- IT Operations & Resilience
- Control type
- Detective
- Automated / manual
- Automated
- Frequency
- Continuous
- Framework reference
- COBIT DSS01; MAS TRM – Resilience
What good looks like
Availability/performance/utilisation monitored with alerting and dashboards.
Risk if it fails
Outages/degradation undetected.
How Tess tests it
3 tests — each concludes only on cited evidence.
Monitoring covers availability/perf/capacity
Design- Procedure
- Inspect monitoring.
- Expected
- Critical systems covered.
- Sample
- 1 (design inspection)
- Evidence
- Monitoring dashboards, alert configuration.
Alerts routed and actioned
Operating- Procedure
- Sample alerts.
- Expected
- Responded to.
- Sample
- 25 (or full config inspection)
- Evidence
- Monitoring dashboards, alert configuration.
Dashboards/thresholds maintained
Operating- Procedure
- Inspect dashboards.
- Expected
- Current and meaningful.
- Sample
- 25 (or full config inspection)
- Evidence
- Monitoring dashboards, alert configuration.
Evidence Tess looks for
Monitoring dashboards, alert configuration.
More in IT Operations & Resilience
Want Tess to test OR-08 against your evidence?
Book a demo