The trustworthiness of business services is widely recognised as a critical factor for the success of an organization. Businesses are increasing in complexity and unpredictability, while demand for accountability, as well as regulatory compliance is becoming mandatory. Yet, some reports indicate that the level of fraud within an organization is far from decreasing. Thus, a structured approach to Governance, Risk and Compliance (GRC) has become a high priority goal for many organizations. GRC solutions enable organizations to address various business challenges related to risk management and regulatory compliance. For example, GRC solutions provide end-to-end control management, deployment of controls through risk-based approaches and automatic monitoring of controls across different entities and applications. Furthermore, GRC solutions enable standardization of methodologies, vocabulary and measurements across an organization, therefore facilitating the detection of risks, the prioritization of corrective actions and so the enforcement of compliance.
Realizing Trustworthy Business Services by a New GRC Approach / Asnar, Yudistira; Lim, Hoon Wei; Worledge, Claire; Massacci, Fabio. - ELETTRONICO. - (2009), pp. 1-14.
Realizing Trustworthy Business Services by a New GRC Approach
Asnar, Yudistira;Massacci, Fabio
2009-01-01
Abstract
The trustworthiness of business services is widely recognised as a critical factor for the success of an organization. Businesses are increasing in complexity and unpredictability, while demand for accountability, as well as regulatory compliance is becoming mandatory. Yet, some reports indicate that the level of fraud within an organization is far from decreasing. Thus, a structured approach to Governance, Risk and Compliance (GRC) has become a high priority goal for many organizations. GRC solutions enable organizations to address various business challenges related to risk management and regulatory compliance. For example, GRC solutions provide end-to-end control management, deployment of controls through risk-based approaches and automatic monitoring of controls across different entities and applications. Furthermore, GRC solutions enable standardization of methodologies, vocabulary and measurements across an organization, therefore facilitating the detection of risks, the prioritization of corrective actions and so the enforcement of compliance.| File | Dimensione | Formato | |
|---|---|---|---|
|
techrep-isaca.pdf
accesso aperto
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
465.4 kB
Formato
Adobe PDF
|
465.4 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
