IT GRC-based IT internal control framework
暂无分享,去创建一个
Recently personal information leakage and computer hacking occur constantly. The majority of the incidents are caused by the negligence of IT internal control. It is practically impossible to prevent all the security incidents caused by the insider. However, an Automated IT internal control system - considered about administrative, technical and physical internal control reinforcement for precaution and rapid response against the incident in the early stage - can reduce the security threat considerably. The object of this paper to present an IT internal control framework with enterprise-wide perspective embraced administrative, technical and physical internal control reinforcement.
[1] Edgar R. Weippl,et al. Governance, Risk & Compliance (GRC) Software - An Exploratory Study of Software Vendor and Market Research Perspectives , 2011, 2011 44th Hawaii International Conference on System Sciences.
[2] Edgar Weippl,et al. A process model for integrated IT governance , risk , and compliance management , 2010 .