By Topic

Risk and Compliance Management Framework for Outsourced Global Software Development

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Magnusson, C. ; Dept. of Comput. & Syst. Sci., Stockholm Univ., Stockholm, Sweden ; Sung-Chun Chou

After the U.S. Congress enacted the Sarbanes-Oxley Act, the need to guarantee transparency to companies' stakeholders increased substantially. To become SOX compliant, companies are required to base their Corporate Governance on a suitable internal control framework; companies shall provide transparency, accountability and control to the different stakeholders. Financial applications and ERP-systems are critical in this process; if they fail, corporate governance will fail as well. This paper provides a Risk and Compliance Management framework for outsourced GSD of financial applications and ERP-systems. The challenge is to integrate COSO-ERM, ISO 20000 and ISO 27001. We have addressed this challenge by extending the SABSA model to incorporate the integration of these standards. As a result, the framework clarifies the responsibilities of customers and outsourcing companies, thereby providing efficient risk and compliance management.

Published in:

Global Software Engineering (ICGSE), 2010 5th IEEE International Conference on

Date of Conference:

23-26 Aug. 2010