| Industries do also have compliance requirements. | | | | status. |
| Many organizations need to comply to multiple | | | | - RM Studio 2.2. offers the possibility of conducting a |
| standards or requirement. Corporate governance is | | | | gap-analysis against various compliance requirements |
| also a frequently used term in this context. Corporate | | | | or standards. The user can insert his own standards |
| governance consists of processes, customs, policies, | | | | but the system comes with ISO/IEC 27002 as a |
| laws, and institutions affecting the way an | | | | default. |
| organization is directed, managed or controlled. | | | | - The user can group user defined controls into a |
| Corporate governance also includes the relationships | | | | "User defined standard" and enter user specified |
| among the many stakeholders involved and the | | | | controls as an item of a "pre-defined standard" or |
| purpose for which the corporation is governed. The | | | | even to enter a complete international standard (i.e. |
| main stakeholders are the shareholders, management, | | | | ITIL PCI-DSS, WLA-SCS, ISO-9001 CobIT, ITIL, |
| and the board members. Other stakeholders are | | | | Coso etc.,) into RM Studio. |
| employees, customers, creditors, suppliers, regulators, | | | | |
| and the community at large. | | | | |
| - Often, compliance towards corporate governance | | | | Other new features include: |
| in the broad spectrum is the trigger for organizations | | | | - Increased Risk Treatment options: With the new |
| to implement various computer systems. However | | | | Standard entity it is now possible to use the user |
| most companies are facing multiple requirments to | | | | defined/entered standards as the input to Risk |
| comply to. Therefore a proactive and systematic | | | | Treatment. |
| overview of the various compliance issues is | | | | - Increased flexibility :Controls from user defined |
| important. Also it is important for companies to | | | | standards can be used as mitigating controls to |
| realise where they are according to the required | | | | standard threats as well as for user defined threats. |
| standard or regulation i.e. realising the gap between | | | | - Easy install: Great improvement in installation |
| the preferred or necessary status and the actual | | | | process, making the trial install more successful. |