Definition Edit

Control self-assessment is "[a] technique used to internally assess the effectiveness of risk management and control processes."[1]

Overview Edit

"The objective is to provide reasonable assurance that all business objectives will be met."[2]

References Edit

  1. FFIEC Information Technology Examination Handbook-Information Security, at 77.
  2. Playbook: Enterprise Risk Management for the U.S. Federal Government, at 103.