Automated Compliance System for Ser Vice Organizations

Izdanje: Sinteza 2021 - International Scientific Conference on Information Technology and Data Related Research

DOI: 10.15308/Sinteza-2021-21-27

Oblast: Computer Science, Computational Methods, Algorithms and Artificial Intelligence

Stranice: 21-27

Apstrakt:
Cloud-based applications are becoming an increasingly important component for many enterprises. For customers' data to remain confidential and secure, service organizations must adhere to security and privacy best practices, applicable laws, and regulations. There has been some effort to develop uniform standards for cloud security, but most service organizations need to apply with a combination of security and privacy regulations and standards. For early-stage technology companies, this mission can be even more challenging since they are oriented towards product development and have limited resources to invest in the compliance of security, availability, confidentiality, integrity, and privacy. These risks have led to uncertainty among Software-as-a-Service ('SaaS' customers about what measures they should require from their IT vendors and whether those measures will be in line with their policies and commitments to their customers. The rapidly evolving cloud utilization of corporations migrated to the cloud, or new technology companies (start-ups) has led to a security audit examination report. The report developed from the accounting audit, based on global accounting audit methodology and the COSO framework examined by technology auditors. This paper integrated a study case of a Service Organization's security audit in the field of financial payment. An automated compliance system has been proposed that could assist both Service Organizations and Service Auditors to ease the audit process and make it more efficient and effective, compromise lack of expertise, save employees' time, decrease human errors, and eliminate non-compliance issues by automation, integrations, machine learning, and pre-designed workflows.
Ključne reči: Cloud computing, information security, IT audit, compliance, ISMS.
Priložene datoteke:
  • 21-27 ( veličina: 260,26 KB, broj pregleda: 26 )

Preuzimanje citata:

BibTeX format
@article{article,
  author  = {G. Meiran, T. Unkašević, Z. Banjac and M. Milosavljevć}, 
  title   = {Automated Compliance System for Ser Vice Organizations},
  journal = {Sinteza 2021 - International Scientific Conference on Information Technology and Data Related Research},
  year    = 2021,
  pages   = {21-27},
  doi     = {10.15308/Sinteza-2021-21-27}
}
RefWorks Tagged format
RT Conference Proceedings
A1 Galis Meiran
A1 Tomislav Unkašević
A1 Zoran Banjac
A1 Milan Milosavljevć
T1 Automated Compliance System for Ser Vice Organizations
AD Univerzitet Singidunum, Beograd, Beograd, Srbija
YR 2021
NO doi: 10.15308/Sinteza-2021-21-27
Unapred formatirani prikaz citata
G. Meiran, T. Unkašević, Z. Banjac and M. Milosavljevć, Automated Compliance System for Ser Vice Organizations, Univerzitet Singidunum, Beograd, 2021, doi:10.15308/Sinteza-2021-21-27