Yves Pigneur

Bonazzi, R., Hussami, L., Pigneur, Y. (2010) Compliance management is becoming a major issue in IS design. inD’Atri, A., Saccà, D. Information systems: people, organizations, institutions, and technologies, Physica Verlag, Springer:391-398

initially presented at the 5th Conference of the Italian Chapter of AIS (2008)

This article aims at improving the information systems management support to Risk and Compliance Management process, i.e. the management of all compliance imperatives that impact an organization, including both legal and strategically self-imposed imperatives. We propose a process to achieve such regulatory compliance by aligning the Governance activities with the Risk Management ones, and we suggest Compliance should be considered as a requirement for the Risk Management platform. We will propose a framework to align law and IT compliance requirements and we will use it to underline possible directions of investigation resumed in our discussion section. This work is based on an extensive review of the existing literature and on the results of a four-month internship done within the IT compliance team of a major financial institution in Switzerland, which has legal entities situated in different countries.

(pdf)

Tags: compliance

This entry was posted on Friday, January 1st, 2010 at 10:24 pm and is filed under articles. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.