Strong Security Governance through Integration and Automation
eBook - ePub

Strong Security Governance through Integration and Automation

A Practical Guide to Building an Integrated GRC Framework for Your Organization

  1. 302 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Strong Security Governance through Integration and Automation

A Practical Guide to Building an Integrated GRC Framework for Your Organization

About this book

This book provides step by step directions for organizations to adopt a security and compliance related architecture according to mandatory legal provisions and standards prescribed for their industry, as well as the methodology to maintain the compliances. It sets a unique mechanism for monitoring controls and a dashboard to maintain the level of compliances. It aims at integration and automation to reduce the fatigue of frequent compliance audits and build a standard baseline of controls to comply with the applicable standards and regulations to which the organization is subject. It is a perfect reference book for professionals in the field of IT governance, risk management, and compliance. The book also illustrates the concepts with charts, checklists, and flow diagrams to enable management to map controls with compliances.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Strong Security Governance through Integration and Automation by Priti Sikdar in PDF and/or ePUB format, as well as other popular books in Business & Auditing. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Auerbach Publications
Year
2021
Print ISBN
9780367862770
eBook ISBN
9781000512946
Edition
1
Topic
Business
Subtopic
Auditing
Index
Business

1

Business Impact of Emerging Technologies and Trends

DOI: 10.1201/9781003018100-1

INTRODUCTION

Rapid advance of technology is here to stay. More and more businesses that fail to adapt will find themselves left behind, while the savvy ones that learn to keep up to date will reap the rewards. It is not necessary to rebuild from scratch. Businesses just have to understand how they can leverage technology to align their business processes to it in a more optimized way so that they reap benefits of cost and efficiency. Success of a business model depends on the linkage of business strategy and objectives, aligned with information technology strategy and organizational infrastructure.
There has been a revolutionary change in the use of technology and its manifold applications in making business smooth and transgressing global boundaries. There is a phenomenal growth in both the digitized and digital environment. Markets have now expanded from local to international, customers do online purchases, and logistics have grown exponentially to meet the delivery needs of online businesses.
Technology has invaded every nook and corner of modern living. Devices such ‘Alexa’ given by Amazon and Google ‘Home’ have been unique examples of artificial intelligence–based entertainment and information. It would be good to look at some of the emerging technologies that are a driving force for businesses today. Warren Tucker, PwC Partner (UK), has identified emerging technologies in his publication www.pwc.co.uk/services/consulting/technology/insights/eight-emerging-technologies-learn-to-love.html) as under-

Artificial Intelligence

Artificial intelligence (AI) is a set of software services that provide solutions to learn and store knowledge, undertake analysis, identify patterns and make recommendations, sense and interpret the external world, and interact using natural language. A unique example is that of neural networks used to identify patterns and report unusual behavior in systems to detect errors and frauds faced by the banking sector. The financial sector uses real-time reporting and processing of large volume of data to make important decisions. AI-enabled systems are used to get accurate and efficient results. This has helped financial companies to implement machine learning, algorithmic trading, chat-bots, automation of processes, etc.
Technologies such as voice recognition and facial recognition effectively use AI for authenticating users. AI is also used in smart homes to bring in home surveil-lance from office and hence secure one’s loved ones. Other examples include face recognition at passport control, financial fraud detection, virtual assistants on your smartphone, etc.

Augmented Reality

Augmented reality (AR) is a multisensory interactive experience of the real-world environment. The experience is woven with the physical environment in such a way that it seems to be a part of the real world. A common example would be looking at a building with an AR device and seeing its historical information superimposed via computer-generated graphics. Content in multimedia format is integrated into a real-time learning environment, popularly with scannable markers embedded in flash-cards (Figure 1.1).
FIGURE 1.1 Augmented reality example.
FIGURE 1.1 Augmented reality example.
It is a visual or audio ‘overlay’ on the physical world that uses contextualized digital information to augment the user’s real-world view. AR-enabled smart glasses help warehouse workers fulfill orders with precision, airline manufacturers assemble planes, and electrical workers make repairs. The power of bringing information to the point of action in a seamless, unobtrusive manner is undeniable. This blending of the physical and virtual worlds is cracking open a new realm for businesses across the board to explore.
AR is likely to change the way we work. It has been used in theme park planning, magazines, toy products, and military. AR application can be witnessed by retail business wanting to improve customer experience by using AR. This serves to bridge the gap between customer preferences and provide improved ways to shop. For instance, AR in digital clothing stores could enable users to see the product in a 3D format. A manufacturing company could introduce AR for its product designers, who will be able to quickly iterate on designs and model them in a 3D space

Blockchain Technology

A blockchain is a type of database – a collection of information that is stored electronically on a computer system (Figure 1.2). Information, or data, in databases is typically structured in table format to allow for easier searching and filtering for specific information. What is the difference between someone using a spreadsheet to store information rather than a database?
FIGURE 1.2 Blockchain technology.
FIGURE 1.2 Blockchain technology.
A key difference between a typical database and a blockchain is the way the data is structured. A blockchain collects information together in groups, also known as blocks, which hold sets of information. Blocks have certain storage capacities and, when filled, are chained onto the previously filled block, forming a chain of data known as the ‘blockchain’. All new information that follows the freshly added block is compiled into a newly formed block that will then also be added to the chain once filled.
A database structures its data into tables, whereas a blockchain, like its name implies, structures its data into chunks (blocks) that are chained together. This makes it appear so that all blockchains are databases but not all databases are blockchains. This system also inherently makes an irreversible timeline of data when implemented in a decentralized nature. When a block is filled, it is set in stone and becomes a part of this timeline. Each block in the chain is given an exact time stamp when it is added to the chain.
For the purpose of understanding blockchain, it is instructive to view it in the context of how it has been implemented by Bitcoin. Like a database, Bitcoin needs a collection of computers to store its blockchain. For Bitcoin, this blockchain is just a specific type of database that stores every Bitcoin transaction ever made. In Bitcoin’s case, and unlike most databases, these computers are not all under one roof, and each computer or group of computers is operated by a unique individual or group of individuals.
Imagine that a company owns a server comprising 10,000 computers with a database holding all of its client’s account information. This company has a warehouse containing all of these computers under one roof and has full control of each of these computers and all the information contained within them. Similarly, Bitcoin consists of thousands of computers, but each computer or group of computers that hold its blockchain is in a different geographic location, and they are all operated by separate individuals or groups of people. These computers that make up Bitcoin’s network are called nodes.
In this model, Bitcoin’s blockchain is used in a decentralized way. However, private, centralized blockchains, where the computers that make up its network are owned and operated by a single entity, do exist. In a blockchain, each node has a full record of the data that has been stored on the blockchain since its inception.
For Bitcoin, the data is the entire history of all Bitcoin transactions. If one node has an error in its data, it can use thousands of other nodes as a reference point to correct itself. This way, no one node within the network can alter information held within it. Because of this, the history of transactions in each block that make up Bitcoin’s block-chain is irreversible. It is possible for a blockchain to hold a variety of information like legal contracts, state identifications, or a company’s product inventory.

Drones

Drones are unmanned vehicles. Sometimes they are described as miniature robots, they are used in the military, commercial, and personal areas and are increasing in popularity. In sectors such as construction or utilities, with large sites and assets to manage, equipping drones with pattern recognition technology to help identify locations that may require closer human inspection is just one potential application (Figure 1.3).
FIGURE 1.3 Drones technology.
FIGURE 1.3 Drones technology.
Oil and gas firms have also exploited drone technology to check, for example, remote pipeline networks. In the COVID-19 pandemic, drones were used to supply medicines to some remote locations in a speedy manner. Drones have reduced the need for manual intervention, especially in surveillance and monitoring applications.
Use of drones for commercial purposes: ‘Commercial use’ means that there is money consideration involved with the use of drones.
Some examples:
  • taking aerial photos for a video production company;
  • making a promotional video for your business;
  • companies that need to view sites that are difficult to access;
  • using drones for site inspection.

Applying for a Drone License for Commercial Use

If you use a drone commercially, you need to take some permissions/licenses. Drone owners have to procure a driver’s license even if it is a personal drone and even for a single use of the drone. The user shall have to follow the same rules as applicable to recreational uses of drones.
In sectors such as construction or utilities, with large sites and assets to manage, equipping drones with pattern recognition technology to help identify locations that may require closer human inspection is just one potential application. Oil and gas firms have also exploited drone technology to check, for example, remote pipeline networks. This reduces the need for engineers to manually check these locations and can increase the frequency of checking.

Internet of Things

There is potential to link not only consumer appliances to the web but also a larger number of industries connected under the Internet of Things (IoT). Connecting physical assets to digital networks generates large volumes of data, enabling the potential for unprecedented levels of insight, prediction, and real-time control over production processes. The ability to track, measure, and monitor in real time opens up the scope for companies offering involving such aspects as part of the service.

Robotics

Robots have been used in car assembly for a long time. But its increased application in cruise ships, in care homes, and at tourist attractions is growing. Software robots are being used at help desks for query resolution (called ‘chatbots’ in many businesses) and for automating back-office operations, especially in banks. In financial services, robotic process automation (RPA) has helped banks and credit unions accelerate growth by executing pre-programmed rules across a range of structured and unstructured data. This intelligent automation gives processes the power to learn from prior decisions and data patterns to make decisions by themselves – reducing the cost of administrative and regulatory processes by at least 50% while improving quality and speed (Figure 1.4).
FIGURE 1.4 Robotics used in business.
FIGURE 1.4 Robotics used in business.
RPA in banking also simplifies compliance by keeping detailed logs of automated processes, automatically generating the reports an auditor needs to see, and eliminating human error. Since it is intuitive and easy to reconfigure software robots at any time, tweaking processes to fit new or updated regulations are never difficult. A point to note is that robots, drones and autonomous cars/vehicles use artificial intelligence to perform automatic functions.

3D Printing

It is being used as a prototyping tool and to support the manufacture of certain precision components and in some cases to develop finished products – for example, hearing aids and dental braces. The intern application within an organization is to assist with design virtualization. For example, a consumer goods firm can test new packaging design in multiple locations. Challenges remain around printing methods, the software fo...

Table of contents

  1. Cover Page
  2. Half Title Page
  3. Title Page
  4. Copyright Page
  5. Dedication Page
  6. Contents Page
  7. Preface Page
  8. 1 Business Impact of Emerging Technologies and Trends
  9. 2 Challenges and Roadblocks to Compliance
  10. 3 Adopting an Integrated Approach
  11. 4 Compliance Frameworks – Possible Solutions
  12. 5 Adoption of a Customized Approach to Compliance
  13. 6 Activities/Phases for Achieving Integrated Compliance
  14. 7 Designing an Operating Model for Risk and Compliance Aligned with the Business Model
  15. 8 Next Steps – Through Automation
  16. Index