Information Lifecycle: Approach to Governance, Risk, and Compliance Management

2010 ◽  
pp. 1-12
Author(s):  
Ute Anna Riemann
Keyword(s):  
Compliance Management ◽  
Governance Risk

Emerging Standards and Protocols for Governance, Risk, and Compliance Management

2012 ◽  
pp. 768-790 ◽  
Author(s):  
Marcus Spies ◽  
Said Tabet
Keyword(s):  
Risk Management ◽  
It Governance ◽  
Software Tools ◽  
Business Rules ◽  
Compliance Management ◽  
Effective Governance ◽  
Object Management ◽  
Software Services ◽  
Governance Risk

Effective Governance, Risk, and Compliance Management (GRC) software tools and software services need standards – for reasons of technical interoperability as well as reviewing, reporting, and auditing purposes. This chapter introduces an emerging standard for GRC metadata and metadata exchange, GRC-XML, on the background of standard frameworks for IT governance and risk management. This specification is then further analyzed with regard to its integration capabilities into the Object Management Group’s GRC related standards covering business motivation, management of regulation and compliance, business vocabularies, policies, and rules. Finally, the authors discuss in more detail the challenges to business rules applications and automated inferencing when governance, risk, and compliance issues need to be verified in practice.

scholarly journals Governance, Risk, and Compliance in Cloud Scenarios

2019 ◽  
Vol 9 (2) ◽  
pp. 320 ◽  
Author(s):  
Knud Brandis ◽  
Srdan Dzombeta ◽  
Ricardo Colomo-Palacios ◽  
Vladimir Stantchev
Keyword(s):  
Cloud Computing ◽  
Quality Of Service ◽  
Current Literature ◽  
Compliance Management ◽  
Qualitative Approaches ◽  
Cloud Providers ◽  
Governance Risk ◽  
The Way ◽  
Organizational Compliance

Cloud computing is changing the way organizations approach technology and its infrastructure. However, in spite of its attractiveness, cloud computing can be seen as a threat in terms of compliance. Given its intrinsic distributed nature, regulations and laws may differ and customers and cloud providers must find a way to balance increasing compliance pressures with cloud computing benefits. In this paper, the authors present a framework aimed to help organizations to cope with compliance aspects in their cloud-oriented environments. Built upon current literature on the topic and qualitative approaches, the framework has been implemented in two organizations. Results from its contribution are encouraging, leading to adopter organizations to less reported compliance violations and higher contribution of cloud computing to overall quality of service and organizational compliance management.

Sign in / Sign up

Export Citation Format

Share Document