Database Reference
In-Depth Information
Introduction
This is a topic about
governance
,
risk
management
, and
compliance
management
of a large modern enterprise and how the IT infrastructure, in particular the Oracle
IT Infrastructure, can assist in that governance. The IT infrastructure both presents
a risk and also provides the infrastructure to mitigate and manage that risk. The IT
infrastructure must be shown to be in compliance with policies, laws, and regulations,
and assists in establishing and confirming that compliance. We have written this
topic from the perspective of big GRC. There have been many solutions springing
up around fashionable pieces of the compliance problem. At the start of the Sarbanes
gold rush, it was document management. For a while that was the management of
the close process. Then for a very long time it was segregation of duties. These are all
important components. We have tried our best to take the perspective of those who
are responsible for the stewardship of the company, and see the GRC problem from
their perspective. We have written at length about governance To this end, our topic
is aimed at risk assurance professionals, executives, directors, and those who advise
them. It is not an implementation manual for the GRC products, although we hope
you can get the best out of the GRC products after reading this topic. In this topic, we
have discussed many applications and technology products that are not in the GRC
product family. Again, we are not attempting to write an implementation guide for
those products. We can hopefully show you how those products participate and assist
in the governance process, how they introduce or mitigate risk, and how they can be
brought into compliance with best practice as well as applicable laws and regulations.
Search WWH ::
Custom Search