{"title":"集成IT治理、风险和遵从性的业务观点","authors":"P. Vicente, M. Silva","doi":"10.1109/SERVICES.2011.62","DOIUrl":null,"url":null,"abstract":"Due to increasing requirements, standards and tight oversight from governments, along with the immediate need to effectively manage the increasing business and operational risks inherent to competing in a complex global market, integrated Governance, Risk and Compliance (GRC) is becoming one of the most important business requirements for organizations. In particular, IT requirements, standards and best practices play a crucial role in IT organizations/departments. The lack of guidance in this domain, namely scientific research, results in unaided attempts to improve efficiency and effectiveness in organizations. In this paper we propose a business architecture that describes the integration of the main processes for IT Governance, IT Risk Management and IT Compliance (IT GRC). Based on a process model for IT GRC and a conceptual model for GRC, we use ArchiMate to model the behavioural, structural and informational structure of the business viewpoint - business processes, roles and business objects respectively. To end with, we discuss the final result and draw some conclusions about the constructed artifact.","PeriodicalId":429726,"journal":{"name":"2011 IEEE World Congress on Services","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"A Business Viewpoint for Integrated IT Governance, Risk and Compliance\",\"authors\":\"P. Vicente, M. Silva\",\"doi\":\"10.1109/SERVICES.2011.62\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to increasing requirements, standards and tight oversight from governments, along with the immediate need to effectively manage the increasing business and operational risks inherent to competing in a complex global market, integrated Governance, Risk and Compliance (GRC) is becoming one of the most important business requirements for organizations. In particular, IT requirements, standards and best practices play a crucial role in IT organizations/departments. The lack of guidance in this domain, namely scientific research, results in unaided attempts to improve efficiency and effectiveness in organizations. In this paper we propose a business architecture that describes the integration of the main processes for IT Governance, IT Risk Management and IT Compliance (IT GRC). Based on a process model for IT GRC and a conceptual model for GRC, we use ArchiMate to model the behavioural, structural and informational structure of the business viewpoint - business processes, roles and business objects respectively. To end with, we discuss the final result and draw some conclusions about the constructed artifact.\",\"PeriodicalId\":429726,\"journal\":{\"name\":\"2011 IEEE World Congress on Services\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE World Congress on Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERVICES.2011.62\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE World Congress on Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERVICES.2011.62","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Business Viewpoint for Integrated IT Governance, Risk and Compliance
Due to increasing requirements, standards and tight oversight from governments, along with the immediate need to effectively manage the increasing business and operational risks inherent to competing in a complex global market, integrated Governance, Risk and Compliance (GRC) is becoming one of the most important business requirements for organizations. In particular, IT requirements, standards and best practices play a crucial role in IT organizations/departments. The lack of guidance in this domain, namely scientific research, results in unaided attempts to improve efficiency and effectiveness in organizations. In this paper we propose a business architecture that describes the integration of the main processes for IT Governance, IT Risk Management and IT Compliance (IT GRC). Based on a process model for IT GRC and a conceptual model for GRC, we use ArchiMate to model the behavioural, structural and informational structure of the business viewpoint - business processes, roles and business objects respectively. To end with, we discuss the final result and draw some conclusions about the constructed artifact.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
