2017 International Conference on Computer and Applications (ICCA) 2017
DOI: 10.1109/comapp.2017.8079741
|View full text |Cite
|
Sign up to set email alerts
|

Managing Information Security Risk Using Integrated Governance Risk and Compliance

Abstract: Section 6 of the "Repository policy for OpenAIR @ RGU" (available from http://www.rgu.ac.uk/staff-and-currentstudents/library/library-policies/repository-policies) provides guidance on the criteria under which RGU will consider withdrawing material from OpenAIR. If you believe that this item is subject to any of these criteria, or for any other reason should not be held on OpenAIR, then please contact openair-help@rgu.ac.uk with the details of the item and the nature of your complaint.International conference … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
3
0
1

Year Published

2018
2018
2023
2023

Publication Types

Select...
5
1
1

Relationship

0
7

Authors

Journals

citations
Cited by 9 publications
(4 citation statements)
references
References 38 publications
0
3
0
1
Order By: Relevance
“…Taking into account the advantages of GRC within organizational settings, we have come across several studies that delve into the application of GRC in the realm of information systems. Among these studies, Nicho et al (2017) focused on using GRC for managing information security risk, Mayer et al (2015) contributed to developing the integrated model for IT GRC and an ISO compliant, and Asnar and Massacci (2011) proposed a method for security GRC based on a goal‐process approach. Considering the benefits of implementing GRC to support organizational performance and its application in information systems, we propose its implementation in digital transformation.…”
Section: Literature Review and Hypothesis Developmentmentioning
confidence: 99%
“…Taking into account the advantages of GRC within organizational settings, we have come across several studies that delve into the application of GRC in the realm of information systems. Among these studies, Nicho et al (2017) focused on using GRC for managing information security risk, Mayer et al (2015) contributed to developing the integrated model for IT GRC and an ISO compliant, and Asnar and Massacci (2011) proposed a method for security GRC based on a goal‐process approach. Considering the benefits of implementing GRC to support organizational performance and its application in information systems, we propose its implementation in digital transformation.…”
Section: Literature Review and Hypothesis Developmentmentioning
confidence: 99%
“…Thus, governance affects how healthcare organizations address everything, such as daily operations and patient care strategies. If any organizational operation fails, the board of directors and executives are held accountable rather than the policies or organizational culture [9]. Therefore, an accountability issue arises whether external and internal constituencies trust that the healthcare providers are doing everything to protect the quality of care and mitigate risk.…”
Section: A Factors Led To the Emergence Of It Grc In The Healthcare Sectormentioning
confidence: 99%
“…• Strategy: The alignment among healthcare strategy, IT strategy, and IT GRC activities is crucial for integrating IT GRC in healthcare organizations [21]. A study conducted in Swiss hospitals found that IT directors usually make all the decisions without any discussion with related departments in about 75% of the hospitals [1].…”
Section: Research Frameworkmentioning
confidence: 99%
“…Actualmente la relación entre computadora y humano va reduciendo brechas, lo cual genera consigo una gran necesidad en implementación de seguridad informática. La seguridad informática es considerada un tema de gestión alineado a estándares y buenas prácticas [13], por lo cual requiere de un sistema de autenticación para restringir el acceso de los usuarios a cierta información almacenada en computadores. Dentro de los diferentes tipos de autenticación se encuentra la autenticación biométrica que incluye la detección de una señal biométrica, la extracción de diversas características contenidas en la señal biométrica, y el uso de clasificadores para manejar las características extraídas [14].…”
Section: Introductionunclassified