Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Governance, Risk, and Compliance Handbook for Oracle Applications

You're reading from   Governance, Risk, and Compliance Handbook for Oracle Applications Written by industry experts with more than 30 years combined experience, this handbook covers all the major aspects of Governance, Risk, and Compliance management in your organization with this book and ebook.

Arrow left icon
Product type Paperback
Published in Aug 2012
Publisher Packt
ISBN-13 9781849681704
Length 488 pages
Edition 1st Edition
Arrow right icon
Toc

Table of Contents (22) Chapters Close

Governance, Risk, and Compliance Handbook for Oracle Applications
Credits
1. Foreword
About the Authors
Acknowledgement
About the Authors
Acknowledgement
About the Reviewers
2. www.PacktPub.com
3. Preface
1. Introduction 2. Corporate Governance FREE CHAPTER 3. Information Technology Governance 4. Security Governance 5. Risk Assessment and Control Verification 6. Documenting Your Controls 7. Managing Your Testing Phase: Management Testing and Certifying Controls 8. Managing Your Audit Function 9. IT Audit 10. Cross Industry Cross Compliance 11. Industry-focused Compliance 12. Regional-focused Compliance

Definitions


Before we go much further, we should lay down some basic definitions of these three key terms.

Governance

The www.businessdictionary.com has a great definition of governance:

Traditionally defined as the ways in which a firm safeguards the interests of its financiers (investors, lenders, and creditors). The modern definition calls it the framework of rules and practices by which the board of directors ensure accountability, fairness, and transparency in the firm's relationship with all the stakeholders (financiers, customers, management, employees, government, and the community). This framework consists of (1) explicit and implicit contracts between the firm and the stakeholders for distribution of responsibilities, rights, and rewards; (2) procedures for reconciling the sometimes conflicting interests of stakeholders in accordance with their duties, privileges, and roles; and (3) procedures for proper supervision, control, and information-flows to serve as a system of checks-and-balances. It is also called corporation governance.

I really like this definition, partly because it lets you know where the real accountability for Governance lies in the enterprise, but mostly because it is pretty much undefined in most of the frameworks that have had influence on the GRC market.

Risk

Probability of loss inherent in a firm's operations and environment (such as competition and adverse economic conditions) that may impair its ability to provide returns on investment. The leading framework in risk management was published by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission. COSO ERM extends the definition from not meeting a financial objective to not meeting any of the enterprise's objectives. It makes it pretty clear that the body that is responsible for signing off on the corporate strategy should also ensure that there is a process to identify the risks of not meeting the goals.

Compliance

Certification or confirmation that the doer of an action such as the writer of an audit report, or the manufacturer or supplier of a product, meets the requirements of accepted practices, legislation, prescribed rules and regulations, specified standards, or the terms of a contract.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime