Governance, Risk, and Compliance Handbook for Oracle Applications
Nigel King, Adil Khan
- 出版商: Packt Publishing
- 出版日期: 2012-06-10
- 售價: $3,120
- 貴賓價: 9.5 折 $2,964
- 語言: 英文
- 頁數: 488
- 裝訂: Paperback
- ISBN: 1849681708
- ISBN-13: 9781849681704
-
相關分類:
Oracle
海外代購書籍(需單獨結帳)
相關主題
商品描述
- Governance: In depth coverage of corporate, IT, and security Governance, which includes important topics such as strategy development and communication, strategic reporting and control, and more
- Risk Management: Creating a risk management program, performing risk assessment and control verification, and more
- Compliance Management: Cross-industry, cross-regional laws and regulations, industry-specific laws and regulations, region-specific laws and regulations
- To maximize real world learning, the book is built around a fictional company establishing its governance processes
- Written by industry experts with more than 30 years combined experience
In Detail
It seems that every year since the Enron collapse there has been a fresh debacle that refuses to lower the spotlight from corporate Governance, Risk, and Compliance management.
Before Sarbanes Oxely forced company managers to become risk conscious, if you asked a chief executive whether he thought he had adequate internal controls, the most likely answer would have been "What is an internal control?"
The book is divided into three major sections:
- Governance – where we discuss the strategic management of the enterprise, setting plans for managers, making disclosures to investors, and ensuring that the board knows that the enterprise is meeting its goals and staying within its policies.
- Risk Management – where we discuss audit disciplines. This is where we work out what can go wrong, document what we have to do to prevent it from going wrong and check that what we think prevents it going wrong - actually works! We move through the various sub-disciplines within the audit profession and show what tools are best suited from within the Oracle family to assist.
- Compliance Management – where we map the tools and facilities that we have discovered in the first two sections to frameworks and legislations. We give this from an industry and geography agnostic viewpoint, and then drill into some specific industries and countries.
What you will learn from this book
- Master Oracle's Balanced Scorecard that helps management govern the enterprise through the development and communication of strategy for the enterprise
- Trace execution of the strategy that was laid out in the balanced scorecard through Oracle Business Intelligence
- Express security priorities and objectives in the form of a balanced scorecard and ensure that the objectives are in line with the corporate strategy
- Perform risk assessment and control verification
- Capture whistleblower complaints by setting up a guest account in iSupport
- Develop and maintain control documentation that will be effective in the verification of controls included in the audit plan
- Complete coverage of Management Testing—its uses, approach and techniques—which is a critical phase of the GRC program
- Manage your internal Audit Function and learn how it is assisted through access controls, preventative controls, and configuration controls
- Describe IT Audit activities; provide an approach for managing the IT audit program and review examples of automating IT Audit activities
- Look at regulations that apply to particular industries and manage major compliance issues in high tech manufacturing, pharmaceutical and life sciences, and banking
- Build and manage an integrated compliance platform to address regional regulations in major economic zones around the world.
商品描述(中文翻譯)
- 治理:深入探討企業、IT 和安全治理,包括策略發展與溝通、策略報告與控制等重要主題。
- 風險管理:建立風險管理計畫、執行風險評估與控制驗證等。
- 合規管理:跨行業、跨地區的法律法規、行業特定法律法規、地區特定法律法規。
- 為了最大化實際學習,本書圍繞一個虛構公司建立其治理流程而編寫。
- 由擁有超過 30 年綜合經驗的行業專家撰寫。
詳細內容
自從安然事件以來,似乎每年都有新的醜聞不斷將企業治理、風險和合規管理推向聚光燈下。
在薩班斯-奧克斯利法案迫使公司管理者提高風險意識之前,如果你問一位首席執行官他是否認為自己擁有足夠的內部控制,最可能的回答會是「什麼是內部控制?」
本書分為三個主要部分:
- 治理 – 在這裡我們討論企業的策略管理,為管理者制定計畫,向投資者披露信息,並確保董事會了解企業是否達成目標並遵循政策。
- 風險管理 – 在這裡我們討論審計學科。這是我們找出可能出錯的地方,記錄我們需要做的事情以防止錯誤發生,並檢查我們認為能防止錯誤的措施是否真的有效!我們將探討審計專業內的各種子學科,並展示 Oracle 家族中最適合的工具。
- 合規管理 – 在這裡我們將前兩部分中發現的工具和設施映射到框架和法規。我們從行業和地理無關的角度提供這些信息,然後深入探討一些特定行業和國家。
你將從本書中學到的內容:
- 精通 Oracle 的平衡計分卡,幫助管理層通過策略的發展和溝通來治理企業。
- 通過 Oracle Business Intelligence 追蹤在平衡計分卡中制定的策略的執行。
- 以平衡計分卡的形式表達安全優先事項和目標,並確保這些目標與企業策略一致。
- 執行風險評估和控制驗證。
- 通過在 iSupport 中設置來賓帳戶來捕捉舉報者的投訴。
- 開發和維護有效的控制文檔,以驗證審計計畫中包含的控制措施。
- 完整覆蓋管理測試——其用途、方法和技術——這是 GRC 計畫的一個關鍵階段。
- 管理內部審計功能,並了解如何通過訪問控制、預防控制和配置控制來協助其運作。
- 描述 IT 審計活動;提供管理 IT 審計計畫的方法,並檢視自動化 IT 審計活動的範例。
- 研究適用於特定行業的法規,並管理高科技製造、製藥和生命科學以及銀行業的主要合規問題。
- 建立和管理一個綜合合規平台,以應對全球主要經濟區的地區法規。