Tutorial by Yudistira Asnar, Andrea Micheletti and Fabio Massacci  

Outsourcing vs. Compliance - in Software Service Viewpoint

  Monday September 13th      Time: 9.00 - 13.00
Room: 28

Outsourcing is becoming a new trend in executing a business. Moreover, many believe an outsourcing benefits the organization. However, in recent years many studies indicate some (if not most) benefits are just myths and even moves against the business objectives. These studies also argue that this phenomenon occurs because of lack of control from the business owner.

In this tutorial, we present a new approach on managing a Business Process Outsourcing (BPO) that puts more emphasize on Security Governance, Risk, and Compliance (GRC) aspects of an Information System (IS). To give a high assurance on BPO, an organization needs to develop a program (i.e., not just a project) that manages GRC at business process level and not just at IT infrastructure level (commonly done in practice). Essentially, this program aims at controlling and assuring the compliance and governance of business process execution.


www.sefm2010.isti.cnr.it SEFM 2010 School
Home    |    News   |   Downloads   |   Sitemap   |  
Warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /project/FMT/sefm2010/include/footer.php on line 83
  |   rss feed   |   css 2.1   |   last updated: 08 Sep, 2010 - 11:02