Browse > Article
http://dx.doi.org/10.5762/KAIS.2014.15.1.460

A Study on Technical Approach for Compliance Management Service  

Lee, Jun-Ho (Division of IT Infra Business, Koscom Corporation)
Oh, Hea-Seok (Division of IT, Gachon University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.15, no.1, 2014 , pp. 460-465 More about this Journal
Abstract
The Financial Supervisory Institution constantly has tightened the regulation for secure electronic financial service. Information Security Consulting and Service companies are not enough to cover about 4,500 financial institutes required to comply with the regulation, and the Financial Supervisory Institution also suffers from work overload. The demand for real-time work of risk management is getting stronger. Compliance with the regulation has to be attempted with technical approach so that requirement, implementation, monitoring, and supervision are efficiently performed. And, articles have to be concluded with compliance management service. In this research used compliance management framework and IT GRC process model, have to be designed compliance management lifecycle and 34 index.
Keywords
Compliance Management; GRC; Risk Management;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. Racz, E. Weippl, and A. Seufert, "A process model for integrated IT governance, risk, and compliance management," Databases and Information Systems, Proc. of the Ninth Internantional Baltic Conference(DB &IS 2010), Riga University Press, Jul. 2010. pp. 155-170.
2 Racz, N., Weippl, E. & Seufert, A.: A frame of reference for research of integrated governance, risk, and compliance (GRC). In: Proceedings of the 11th TC11 Conference on Communications and Multimedia Security (2010)
3 PricewaterhouseCoopers: Integrity-Driven Performance. A New Strategy for Success Through Integrated Governance, Risk and Compliance Management. http://www.globalcompliance.com/pdf/PwCIntegrityDrivenPerformance.pdf (2004)
4 Frigo, M.L., Anderson, R.J.: A Strategic Framework for Governance, Risk, and Compliance. Strategic Finance 44:1, 20-61(2009)
5 ISO/IEC 38500:2008. Corporate governance of information technology, ISO/IEC
6 COSO: Enterprise risk management framework. www.coso.org(2004)
7 Taehee Kim, YoungTae Kim, Jaemo Sung "Study on Financial IT Security Compliance Framework" 35th Korea Information Processing Society Spring Conference 18 1, 2011
8 Junho Lee, Haeseok Oh, "The Research for Financial IT Compliance Management Framework based on Cloud" Korea Society of IT Services Spring Conrerence Paper, 2013
9 Financial Security Agency, "Report of IT Compliance Analysis on Financial Sector" 2009
10 Financial Security Agency, "Financial IT Security Compliance Research", TTAK.KO-12.0179, TTA, 2011
11 Telecommunication Technology Association, "Financial Information Security Compliance Framework", 2011
12 Financial Services Commission "Standard for Information Technology Security in Financial Institutes", 2011
13 Bank of Korea "Internet Banking Statistics 2012 in Korea", 2013