Modelling compliance risk: a structured approach

Esayas, Samson Yoseph; Mahler, Tobias

doi:10.1007/s10506-015-9174-x

Cited by 6 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alignment with standards and best practices: In the context of compliance, risk identification involves examining how a compliance requirement-an obligation or prohibition-can lead to risk. Failure to properly consider risks can lead to the selection of inappropriate compliance measures and ineffective regulatory outcomes (Esayas & Mahler, 2015). Threat modelling can assist in locating security settings and configurations compliant with established frameworks.…”

Section: Applying Threat Modeling For Secure Cloud Migrationmentioning

confidence: 99%

A Proactive Approach to Addressing Security Challenges in Cloud Migration

Njoku

2023

AIMS Research Publication

View full text Add to dashboard Cite

In today's digital landscape, organizations are increasingly migrating their operations to the cloud. However, during this shift comes the crucial need for robust security measures. This paper explores the major security challenges organizations face during cloud migration and proposes an effective strategy to mitigate these risks. By building upon existing research, the paper identifies key security challenges and focuses on a proactive approach to address them. The paper delves into the fundamental principles of cloud security, emphasizing the shared responsibility model and the importance of encryption, access controls, identity management, and cloud governance. It highlights the specific security issues encountered during cloud migration. To address these challenges, it advocates for the application of threat modeling—a systematic approach to identify and evaluate potential threats, vulnerabilities, and risks. The benefits of threat modeling include early risk identification, risk prioritization, a security-by-design approach, alignment with standards and best practices, and ongoing security assurance. Practical guidance on implementing threat modeling for a secure cloud migration is provided particularly based on the Microsoft threat modelling approach by identifying and prioritizing potential security threats, implementing effective controls, and validating their effectiveness. Keyword: Proactive Approach, Security Challenges, Cloud Migration, Security, Risks, Models Proceedings Citation Format Njoku, J. (2023): A Proactive Approach to Addressing Security Challenges in Cloud Migration. Proceedings of the Cyber Secure Nigeria Conference. Nigerian Army Resource Centre (NARC) Abuja, Nigeria. 11-12th July, 2023. Pp 89-96. https://www.csean.org.ng/. dx.doi.org/10.22624/AIMS/CSEAN-SMART2023P11

show abstract

Section: Applying Threat Modeling For Secure Cloud Migrationmentioning

confidence: 99%

A Proactive Approach to Addressing Security Challenges in Cloud Migration

Njoku

2023

AIMS Research Publication

View full text Add to dashboard Cite

show abstract

“… Compliance risks. Regardless of industry, companies must follow laws and regulations that restrict their activities (Esayas and Mahler 2015 ). Therefore, compliance refers to the risk of incurring judicial or administrative sanctions, significant financial losses or damage to reputation as a result of violations of mandatory rules (law or regulations) or self-regulation (e.g., articles of association, codes of conduct, codes of self-discipline), (Nicolas and May 2017 ; Shivaani 2018 ).…”

Section: Theoretical Frameworkmentioning

confidence: 99%

Flexibility and Resilience in Corporate Decision Making: A New Sustainability-Based Risk Management System in Uncertain Times

Settembre-Blundo

González-Sánchez

Medina-Salgado

et al. 2021

Glob J Flex Syst Manag

165

View full text Add to dashboard Cite

Risk management plays a key role in uncertain times, preventing corporations from acting rashly and incorrectly, allowing them to become flexible and resilient. A global turbulence such as the COVID-19 pandemic has had a strong impact on individual companies and entire economic sectors, raising the question of whether a paradigm shift is necessary, in order to enable a new cycle of development that is much environmentally, socially and economically sustainable. This environmental and socio-economic context of profound uncertainty forces organizations to consider more carefully the risk factors affecting their business continuity, as well as how these factors relate to sustainability issues. However, there is a gap in knowledge about how risk management systems relate to sustainability management systems, and how both of them exert influence on business performance, especially from a theoretical point of view. The aim of this study is to address this gap, by developing a new interpretative framework for the analysis of risk management strategies in organizations. This approach has been identified in economic hermeneutics as an innovative methodological tool to improve the knowledge of risk and design the most appropriate management strategies. The paper provides two main results: the first one is the construction of a theoretical model that relates risk management to sustainability management; the second one is an operational framework of multidimensional risk assessment useful for analysis at different levels (business, competitive scenario and system). Finally, the model also makes it possible to carry out a sustainability assessment through risk evaluation in the perspective of the sustainable development goals.

show abstract

“…These are those risk categories related to the consequences of judicial, administrative or disciplinary sanctions; financial loss; or reputational damage due to non-compliance with applicable regulations that may affect business continuity. Regulatory compliance aims at preventing crimes and avoiding liability (Esayas and Mahler, 2015).…”

Section: Literature Analysismentioning

confidence: 99%