Risk and Compliance Management Framework for Outsourced Global Software Development
Global Software Engineering(2010)
摘要
After the U.S. Congress enacted the Sarbanes-Oxley Act, the need to guarantee transparency to companies’ stakeholders increased substantially. To become SOX compliant, companies are required to base their Corporate Governance on a suitable internal control framework; companies shall provide transparency, accountability and control to the different stakeholders. Financial applications and ERP-systems are critical in this process; if they fail, corporate governance will fail as well. This paper provides a Risk and Compliance Management framework for outsourced GSD of financial applications and ERP-systems. The challenge is to integrate COSO-ERM, ISO 20000 and ISO 27001. We have addressed this challenge by extending the SABSA model to incorporate the integration of these standards. As a result, the framework clarifies the responsibilities of customers and outsourcing companies, thereby providing efficient risk and compliance management.
更多查看译文
关键词
compliance management framework,compliance management,sox compliant,sabsa model,corporate governance,financial application,outsourced global software development,sarbanes-oxley act,suitable internal control framework,u.s. congress,different stakeholders,software engineering,sabsa,internal control,information science,computer architecture,risk management,security,risk management framework
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要