IBM®
Skip to main content
    Country/region [change]    Terms of use
 
 
 
    Home    Products    Services & solutions    Support & downloads    My account    

IBM Systems Journal
Compliance Management   Volume 46, Number 2, 2007
Table of contents: HTMLPDF This article: HTMLPDF   Copyright info

Optimized enterprise risk management - References

 by C. Abrams,
J. von Känel,
S. Müller,
B. Pfitzmann,
and S. Ruschka-Taylor
Cited references

  1. Sarbanes-Oxley Act of 2002, Public Law 107-204 (116 Statute 745), United States Senate and House of Representatives in Congress (2002).
  2. USA Patriot Act of 2001, Public Law 107-56, HR 3162 RDS, United States Senate and House of Representatives in Congress (2001).
  3. International Convergence of Capital Measurement and Capital Standards (Basel II), Basel Committee on Banking Supervision (2004), Bank for International Settlements, http://www.bis.org/publ/bcbs107a.pdf.
  4. V. Garcia, The Avant-Garde of Enterprise Risk Management in Financial Services: From Vision to Value, Research Report, TowerGroup, Rockville, MD 20852 (2004).
  5. J. Lopez, Gartner Predicts: The Cost of Compliance, Gartner Research, Stamford, CT 06902 (2005), podcast available at: http://www.gartner.com/it/products/podcasting/asset_140998_2575.jsp.
  6. J. Hagerty and F. Sirkisoon, Spending in an Age of Compliance, 2005, Research Report, AMR Research, Boston, MA 02110 (2005).
  7. J. Hagerty and F. Sirkisoon, Spending in an Age of Compliance, 2006, Research Report, AMR Research, Boston, MA 02110 (2006).
  8. The Agile CFO–Acting on Business Insight, IBM Institute for Business Value, (2005), http://www-935.ibm.com/services/us/bcs/html/2005_cfo_survey_gen.html.
  9. Money and Finance: Treasury, U.S. Department of the Treasury, Code of Federal Regulations, Title 1, Volume 1, 31 CFR 103.121 (2005).
  10. C. Supatgiat, C. Kenyon, and L. Heusler, “Cause-to-Effect Operational-Risk Quantification and Management,” Risk Management 8, No. 1, 16–42 (2006).
  11. M. Leippold and P. Vanini, “The Quantification of Operational Risk,” Journal of Risk 8, No. 1, 59–85 (2005).
  12. L.-F. Kwok and D. Longley, “Security Modelling for Risk Analysis,” Proceedings of the 19th IFIP International Information Security Conference (SEC2004), Toulouse, France (2004), pp. 29–46.
  13. S. Müller and C. Supatgiat, “A quantitative optimization model for dynamic and risk-based compliance management,” IBM Journal of Research and Development 51, No. 3/4, forthcoming.
  14. Internal ControlIntegrated Framework, Research Report, Committee of Sponsoring Organizations of the Treadway Commission (COSO), AICPA/COSO, Jersey City, NJ 07311 (1992).
  15. EU-U.S. Dialogue on Financial Market Regulation—A U.S. Perspective, Remarks of Cynthia A. Glassman before the Annual Washington Conference of the Institute of International Bankers, Washington, D.C., March 14, 2005.
  16. T. Kontzer, “Under Pressure: Technological Glitches at Experienced e-Commerce Companies Serve as a Warning to Others Not to Take a Scalable IT Infrastructure for Granted,” InformationWeek (January 10, 2005), http://www.informationweek.com/showArticle.jhtml?articleID=57300668.
  17. M. S. Beasley, R. Clune, and D. R. Hermanson, “ERM: A Status Report,” Internal Auditor 62, No. 1, 67–72 (2005).
  18. C. Petit, D. W. Latimore, and P. Pourquery, Risk, Regulation and Return: Delivering Value Through Enterprise Risk Management, IBM Institute for Business Value (2005), http://www-03.ibm.com/industries/financialservices/doc/content/resource/thought/1595397103.html.
  19. IBM Institute for Business Value, http://www-935.ibm.com/services/us/bcs/html/bcs_whatwethink.html.
  20. A. Hesseldahl, “Taiwan's Dry Chips,” Forbes.com (May 13, 2002), http://www.forbes.com/2002/05/13/0513drought.html.
  21. C. Giblin, A. Y. Liu, S. Müller, B. Pfitzmann, and X. Zhou, “Regulations Expressed as Logical Models (REALM),” Proceedings of the 18th Annual Conference on Legal Knowledge and Information Systems, Brussels, Belgium (2005), pp. 37–48.
  22. C. Giblin, S. Müller, and B. Pfitzmann, From Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation, Research Report RZ-3662, IBM Research GmbH, Zurich Research Laboratory, 8803 Rüschlikon, Switzerland (2006), http://domino.research.ibm.com/library/cyberdig.nsf/le4115aea78b6e7c85256b360066f0d4/
    8568614878e51e9b85257205003600d7?OpenDocument    .
  23. Spotlight On: Interactive Data and XBRL Initiatives, U.S. Securities and Exchange Commission, http://www.sec.gov/spotlight/xbrl.htm.
  24. Welcome to XBRL International, http://www.xbrl.org/Home/.
  25. The Promise of Interactive Data, Remarks of Christopher Cox before the 14th International XBRL Conference, Philadelphia, PA, December 5, 2006, http://www.sec.gov/news/speech/2006/spch120506cc.htm.
  26. Enterprise Risk Management—Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), AICPA/COSO, Jersey City, NJ (2004).
  27. Control Objectives for Information and Related Technology (COBIT), Version 4.0, IT Governance Institute and the Information Systems Audit and Control Association (2005).
  28. IT Infrastructure Library (ITIL), Office of Government Commerce (2006), http://www.itil.co.uk/.
  29. Y. Liu, S. Müller, and K. Xu, “A Static Compliance-Checking Framework for Business Process Models,” IBM Systems Journal 46, No. 2, 335–361 (2007, this issue).
  30. F. Cheng, D. Gamarnik, N. Jengte, W. Min, and B. Ramachandran, Modeling Operational Risks in Business Processes, Research Report RC-23672, IBM Thomas J. Watson Research Center, Yorktown Heights, NY 10598 (2005).


    About IBM    Privacy    Contact