Automated Compliance System for Ser Vice Organizations
Automated Compliance System for Ser Vice Organizations
Autori:
Izdanje: Sinteza 2021 - International Scientific Conference on Information Technology and Data Related Research
DOI: 10.15308/Sinteza-2021-21-27
Oblast: Computer Science, Computational Methods, Algorithms and Artificial Intelligence
Stranice: 21-27
Apstrakt:
Cloud-based applications are becoming an increasingly important component for many enterprises. For customers' data to remain confidential and secure, service organizations must adhere to security and privacy best practices, applicable laws, and regulations. There has been some effort to develop uniform standards for cloud security, but most service organizations need to apply with a combination of security and privacy regulations and standards. For early-stage technology companies, this mission can be even more challenging since they are oriented towards product development and have limited resources to invest in the compliance of security, availability, confidentiality, integrity, and privacy. These risks have led to uncertainty among Software-as-a-Service ('SaaS' customers about what measures they should require from their IT vendors and whether those measures will be in line with their policies and commitments to their customers. The rapidly evolving cloud utilization of corporations migrated to the cloud, or new technology companies (start-ups) has led to a security audit examination report. The report developed from the accounting audit, based on global accounting audit methodology and the COSO framework examined by technology auditors. This paper integrated a study case of a Service Organization's security audit in the field of financial payment. An automated compliance system has been proposed that could assist both Service Organizations and Service Auditors to ease the audit process and make it more efficient and effective, compromise lack of expertise, save employees' time, decrease human errors, and eliminate non-compliance issues by automation, integrations, machine learning, and pre-designed workflows.
Ključne reči: Cloud computing, information security, IT audit, compliance, ISMS.
Priložene datoteke:
- 21-27 ( veličina: 260,26 KB, broj pregleda: 307 )
Zahvaljujemo se što ste preuzeli publikaciju sa portala Singipedia.
Ukoliko želite da se prijavite za obaveštenja o sadržajima iz oblasti ove publikacije, možete nam ostaviti adresu svoje elektronske pošte.
Preuzimanje citata:
BibTeX format
RefWorks Tagged format
Unapred formatirani prikaz citata
BibTeX format
@article{article, author = {G. Meiran, T. Unkašević, Z. Banjac and M. Milosavljevć}, title = {Automated Compliance System for Ser Vice Organizations}, journal = {Sinteza 2021 - International Scientific Conference on Information Technology and Data Related Research}, year = 2021, pages = {21-27}, doi = {10.15308/Sinteza-2021-21-27} }
RT Conference Proceedings A1 Galis Meiran A1 Tomislav Unkašević A1 Zoran Banjac A1 Milan Milosavljevć T1 Automated Compliance System for Ser Vice Organizations AD Univerzitet Singidunum, Beograd, Beograd, Srbija YR 2021 NO doi: 10.15308/Sinteza-2021-21-27
G. Meiran, T. Unkašević, Z. Banjac and M. Milosavljevć, Automated Compliance System for Ser Vice Organizations, Univerzitet Singidunum, Beograd, 2021, doi:10.15308/Sinteza-2021-21-27