Including EAS-SGR IT Risk Framework in an IT GRC Global Framework
In the context of IT governance, different companies are using their expertise to come out with a new solution that helps their own governance. In fact, information systems managers struggle to comply with laws and regulations applied by their companies countries. With the variety of tools and frameworks, they need to know all processes in order to apply the only process that is going to be of help to their systems. In our case, we choose to discuss and study IT risk management which constitute an important component of the IT-GRC architecture. We have published several papers in this subject and we are still enhancing different aspects of the EAS-SGR architecture. In this paper, we will demonstrate the several interconnexions between IT-GRC components. These systems are based on multi-agent and expert systems knowing their integrated artificial intelligence. This expertise is one of our primal elements that were never used before in scientific research.
KeywordsIT risks management EAS-SGR architecture Expert system Multi-agent systems
Unable to display preview. Download preview PDF.
- 1.Iguer, H., Medromi, H., Sayouti, A.: A new architecture multi-agents based combining EBIOS and ISO 27001 in IT risk management. In: Proc. ICEER 2013 (2013). paper 126Google Scholar
- 3.Kim, N.-Y., Robles, R.J., Cho, S.-E., Lee, Y.-S., Kim, T.-H.: Sox act and IT security governance. In: International Symposium on Ubiquitous Multimedia Computing (2008)Google Scholar
- 4.Shukla, N., Kumar, S.: A comparative study on information security risk analysis practices. In: On Issues and Challenges in Networking, Intelligence and Computing Technologies – ICNICT 2012, November 2012Google Scholar
- 5.Iguer, H., Faris, S., Medromi, H., Sayouti, A.: Conception d’une plateforme de gestion des risques basée sur les systèmes multi-agents et ISO 27005Google Scholar
- 6.Ferber, J.: Les systèmes multi-agents, vers une intelligence collective. InterEditions, pp. 63–144 (1995)Google Scholar
- 7.IT Governance: Developing a successful governance strategy: A best practice guide for decision makers in IT, ISACAGoogle Scholar
- 8.IT compliance and IT security— Part 1: Why is it necessary to comply with legal requirements? Privacy & Data Protection 7(4)Google Scholar
- 9.Mangalaraj, G., Singh, A., Taneja, A.: IT governance frameworks and COBIT - a literature review. In: Twentieth Americas Conference on Information Systems, Savannah (2014)Google Scholar
- 10.Developing an IT governance framework: Alan Calder, National Computing CenterGoogle Scholar
- 11.Racz, N., Panitz, J.C., Amberg, M., Weippl, E., Seufert, A.: Governance, Risk & Compliance (GRC) status quo and software use: results from a survey among large enterprises. In: ACIS 2010 Proceedings (2010). Paper 21, http://aisel.aisnet.org/acis2010/21 (retrieved December 13, 2010)
- 13.Racz, N., Weippl, E., Seufert, A.: A process model for integrated IT governance, risk, and compliance management. In: Proceedings of the Ninth International Baltic Conference on Databases and Information Systems, Baltic DB&IS 2010, pp. 155–170. University of Latvia Press, Riga (2010)Google Scholar
- 14.Roiter, N.: CSO online article. IT GRC tools control your environment (2011)Google Scholar
- 15.Bonazzi, R., Hussami, L., Pigneur, Y.: Compliance management is becoming a major issue in IS design. In: D’atri, A., Saccà, D. (eds.) Information Systems: People, Organizations, Institutions, and Technologies (PDF), pp. 391–398. Springer (2009). doi: 10.1007/978-3-7908-2148-2 (retrieved April 6, 2013)
Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (http://creativecommons.org/licenses/by-nc/2.5/), which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.