37,923 Hits in 1e+01 sec

An ISO Compliant and Integrated Model for IT GRC (Governance, Risk Management and Compliance) [chapter]

Nicolas Mayer, Béatrix Barafort, Michel Picard, Stéphane Cortina
2015 Communications in Computer and Information Science  
GRC (Governance, Risk and Compliance) is an umbrella acronym covering the three disciplines of governance, risk management and compliance.  ...  In this paper, we specifically focus on defining an ISO compliant IT GRC integrated model, ISO standards representing by nature an international consensus.  ...  Supported by the National Research Fund, Luxembourg, and financed by the ENTRI project (C14/IS/8329158).  ... 
doi:10.1007/978-3-319-24647-5_8 fatcat:62su5zhxf5chziizluvv2rshsm

Logistics processes and quality framework in port operation

Bucur Marius
2020 Scientific Bulletin of Naval Academy  
Due to its excessive diversification, the quality management framework has been considerable diversified, making difficult the recognition of all the required procedures and standards, to be acquired and  ...  management standards, in order to serve the sustainable efforts in harmonizing the business practices in compliance with the social, environmental and public responsibility imperatives.  ...  , Guide for auditing management systems;  ISO / IEC 31010:2009, Risk management -techniques for risk assessment;  SR EN ISO 50001:2011, Energy management systems;  SR EN 13852-1:2014, Lifting installations  ... 
doi:10.21279/1454-864x-20-i2-031 fatcat:e2l2gyvvw5eppbncv7twhmsnse

Challenges in the Integration of Quality and Innovation Management Systems

Ana Lopes, Daniel Polónia, Adriana Gradim, Jorge Cunha
2022 Standards  
The results point to the existence of a significant set of practices in the field of quality that can support and facilitate the formalization of integrated management systems.  ...  This work intends to investigate how organisations can leverage ISO 9001:2015 in implementing the ISO 56002:2019 innovation management standard, given that both standards have a high degree of compatibility  ...  From work developed by the ISO/TC 279, a set of five documents was already published: 1. ISO 56000:2020-Innovation management-Fundamentals and vocabulary [4] . 2.  ... 
doi:10.3390/standards2010005 fatcat:lpvva4qx7zggvgxamvjadi6c6i

Comparison of Indonesian Banking Regulation for Integrated Governance, Risk Management, Compliance with Its ISO Counterparts

Nitha Pricillia
2021 RSF Conference Series: Business, Management and Social Sciences  
Management, and Compliance (GRC) in Indonesia are compatible with the requirements and suggested practices of ISO 37000/DIS on Governance, ISO 31000:2018 Risk Management, and ISO 37301: Compliance Management  ...  Authority Regulation, or Peraturan Otoritas Jasa Keuangan (POJK) on Governance, Risk Management and Compliance (GRC), with their ISO Standards counterparts.  ...  Though, apart from its extensive use in organizations in general, there is still not enough proof on its use as risk management standard in Indonesian banking industry.  ... 
doi:10.31098/bmss.v1i5.455 fatcat:fqzpfaby4bdzhlx62ws7wsb5eu

Sustainable Management Systems Standards (SMSS): Structures, Roles, and Practices in Corporate Sustainability

Cláudia Silva, José Magano, Anna Moskalenko, Teresa Nogueira, Maria Alzira Pimenta Dinis, Hélder Fernando Pedrosa e Sousa
2020 Sustainability  
in Integrated Management Systems (IMS).  ...  It expands its scope, helping companies implement sustainability effectively and systematically, resulting in the presentation of Conceptual Sustainable Management Systems Standards (SMSS).  ...  system, as defended by Blackburn [2] , are integrated into the Annex SL ISO Standard (dashed outline in Figure 2) .  ... 
doi:10.3390/su12155892 fatcat:mfvu6fxiyvgqjlvsobbdxqjcp4

Toward an Effective Information Security Risk Management of Universities' Information Systems Using Multi Agent Systems, Itil, Iso 27002,Iso 27005

2014 International Journal of Advanced Computer Science and Applications  
Therefore, it is imperative that all the actors at all levels in a university information system understand their responsibilities and are held accountable for managing information security riskthat is  ...  The purpose of this paper is to propose an information security toolkit namely URMIS (University Risk Management Information System) based on multi agent systems and integrating with existing information  ...  a brief introduction, in section two; a survey of available information security risk management methods and tools will be presented, and then the standards, ISO 27002, ISO 27005, and the framework ITIL  ... 
doi:10.14569/ijacsa.2014.050617 fatcat:g6dtwicigfe5bgoykkewjy6l64

Risk Management Model from the Perspective of the Implementing ISO 9001:2015 Standard Within Financial Services Companies

Cătălina Sitnikov, Claudiu George Bocean, Dorel Berceanu, Ramona Pîrvu
2017 Amfiteatru Economic  
In its new form, the ISO 9001:2015 standard activates and utilizes a thought pattern based on risk assessment functioning in parallel with the implementation of the system regarding quality management.  ...  from risk patterns of processes and risk types which are assessed from the perspective of financial services companies.  ...  2009 standards, in addition to an organic integration via the PDCA cycle.  ... 
doaj:d6a86655937d4bf884d43b5cfcd7c2ba fatcat:wthbbn2jerc55ofobo3hvmt3b4

An enterprise risk management framework for evaluation of eMaintenance

Peter Söderholm, Ramin Karim
2010 International Journal of Systems Assurance Engineering and Management  
ISO 31000, ISO/IEC 27000, and IEC 60300-3-14) to achieve integrated Enterprise Risk Management (ERM) and enable a linkage of eMaintenance to strategic goals of an organisation.  ...  Maintenance is one approach to manage risk by a reduction of the probability of failure of technical systems and/or the consequences of their failure.  ...  The reason is that ISO 31000 is intended to harmonise risk management processes in existing and future standards.  ... 
doi:10.1007/s13198-011-0046-9 fatcat:eh5no7bw35ecpo6iwoo3mgi4w4

Managing Information Security Risk Using Integrated Governance Risk and Compliance

Mathew Nicho, Shafaq Khan, M.S.M.K. Rahman
2017 2017 International Conference on Computer and Applications (ICCA)  
Section 6 of the "Repository policy for OpenAIR @ RGU" (available from provides guidance on the criteria under  ...  which RGU will consider withdrawing material from OpenAIR.  ...  Even though, the bank has its own security systems in place, they decided to follow ISO 27001 and ISO 27002 standards which were embedded into the bank's IT policies and procedures.  ... 
doi:10.1109/comapp.2017.8079741 fatcat:vv7o4snyuvavbfiluvpvlhjq7u

The Utility of M-31000 for Managing Health and Safety Risks: A Pilot Investigation [chapter]

Manikam Pillay
2018 Occupational Health and Safety - A Multi-Regional Perspective  
ISO 31000 risk management has been suggested to represent the natural standard for integrating OHS risk management into business operations.  ...  However, published research on this standard is very limited, so its ability to influence the management of OHS risks is unknown.  ...  Acknowledgements Parts of this chapter have been previously presented at the 2015 CIBWO99 International Health and Safety Conference, Northern Ireland.  ... 
doi:10.5772/intechopen.77949 fatcat:c5tlvbnzivgujkq7mp27yfu5yu

Performance Measurement of Management System Standards Using the Balanced Scorecard

Jan Kopia, Andreas Kompalla, Melanie Buchmüller, Bastian Heinemann
2017 Amfiteatru Economic  
Management system standards (MSS), such as ISO standards, TQM, etc. are widely-used standards adopted by millions of organizations worldwide.  ...  This research is useful for researchers and practitioners in order to understand the benefits of the usage of the BSC in the context of MSS or Integrated Management Systems.  ...  Literature review Management system standards and integration No clear link between the ISO 9000 standards and TQM was identified in scientific literature yet but indifferent research results regarding  ... 
doaj:1a15f5ced9e1474ca66c6fe872ccd240 fatcat:rhnrfviiazfshkvqfdvnqlxlba

Risk Management of Hazardous Materials in Manufacturing Processes: Links and Transitional Spaces between Occupational Accidents and Major Accidents

Francisco Brocal, Cristina González, Genserik Reniers, Valerio Cozzani, Miguel A Sebastián
2018 Materials  
These results are limited from a regulatory and technical perspective. Thus, the results are a starting point towards developing models that integrate the management systems studied.  ...  These directives may be further complemented by the recent ISO 45001:2018 standard regarding occupational health and safety management systems. These three management systems are closely related.  ...  Among these fields, risk management is particularly important, both from a systemic point of view and from more specific perspectives.  ... 
doi:10.3390/ma11101915 pmid:30304816 pmcid:PMC6213351 fatcat:wfjflxxjvrhgthi5agkbpiijpm

Business Impacts of International Standards for Information Security Management. Lessons from Case Companies

Robert M.van Wessel, Henk J. De Vries, Rotterdam School of Management, Erasmus University, the Netherlands, Rotterdam School of Management, Erasmus University, the Netherlands
2018 Journal of ICT Standardization  
This paper describes the business impact of two international standards for information security management: ISO/IEC 27001 and ISO/IEC 27002.  ...  Benefits include improved service quality, higher customer satisfaction, and in some cases, new business opportunities.  ...  Acknowledgements The authors thank the case companies for their willingness to share their experiences, and BSI and Netherlands Standardization Institute NEN for their support.  ... 
doi:10.13052/jicts2245-800x.112 fatcat:fsl6hdjqdnauhm4wbvvzzzp7ne

A process model for implementing information systems security governance

Mathew Nicho
2018 Information and Computer Security  
The implementation focus of the ISG model is on mapping ISO 27 K/NIST IT controls relevant IT controls selected from ISG frameworks from a horizontal and vertical perspective.  ...  Regarding selection of ISG frameworks, respondents preferred to have ISO 27K supported by NIST as the core framework with other relevant ISG frameworks/standards forming the peripheral layer.  ...  From a management perspective, security culture helps the management understand IT risks, as well as understands the need for investments in IT security.  ... 
doi:10.1108/ics-07-2016-0061 fatcat:et4cmzh3wndhfpo3hdlcvj3z5e

Sustainable Development and New Revision of ISO Management Standards

2017 DEStech Transactions on Social Science Education and Human Science  
This article is guided by the concept of the "corporate sustainability"a conceptual framework supported by new revision of ISO management standards (ISO 9001:2015, ISO 14001:2015  ...  The World Commission for Environment and Development defined sustainable development as a process of change in which exploitation of resources, new investments, concentration on technology development,  ...  The standards are structured according to guidelines presented in the Annex SL. ISO 9001 is a standard that sets out the requirements for a quality management system.  ... 
doi:10.12783/dtssehs/icss2016/9113 fatcat:lgsqyxzihnguhoasl6itk7kk3u
« Previous Showing results 1 — 15 out of 37,923 results