Abstract
By adopting and integrating the 3 levels of specific frameworks discussed herein, a financial institution can develop, maintain, improve, and sustain its enterprise risk management and compliance frameworks. The proposed risk management framework identifies 3 levels for bridging the gaps in industry frameworks of prudent risk management and information assurance. Context-sensitive adaptation can be enabled by integration across vulnerability analysis and penetration testing embedded within overall systems and networks controls framework and risk management frameworks. Given the discussed contexts of risk management, controls, and compliance frameworks, compliance can benefit from adapting the proposed framework to institution’s specific needs. Integration across the 3 levels of vulnerability analysis and penetration testing embedded within overall systems and networks controls and overarching risk management frameworks can facilitate such context-sensitive adaptation. From perspective of the ISACA framework, vulnerability assessment and penetration testing can be embedded within IT audit framework of assessment of adequacy of internal controls for effective risk management and compliance.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.