SpringerLink
Log in

SGRC System as a Basis for Building Business Processes and Measuring the Digital Sustainability of a Business

  • Conference paper
  • First Online:
Data Science and Algorithms in Systems (CoMeSySo 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 597))

Included in the following conference series:

Abstract

The study of issues of taking into account the goals and objectives of the enterprise/organization, risk management, and compliance with the requirements of regulations in the field of information security is currently provided by automated information-analytical systems Security GRC. Taking into consideration available classes of SGRC solutions on the world market, the proposed method of automating complex information security management was analyzed. The main problems and reasons for using SGRC systems were singled out. The approach of introducing such systems into a modern model of knowledge management as a way to increase the efficiency of managerial decisions in the field of information security was analyzed. The use of simulation modeling for increasing the efficiency of managerial decision-making in choosing the actual system was offered, based on which some domestic popular and new products of SGRC solutions were compared. A conclusion is made about the prospects of using such systems in the modern realities of the structure of banking organizations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. A new stage in the development of SGRC systems: technology a-SGRC (auto-SGRC). https://www.anti-malware.ru/analytics/Technology_Analysis/auto-SGRC?utm_source=yxnews&utm_medium=desktop. Last accessed 23 Mar 2022

  2. Marshall, I.J., Wallace, B.C.: Toward systematic review automation: a practical guide to using machine learning tools in research synthesis. Syst. Rev. 8(163), 1–10 (2019)

    Google Scholar 

  3. Zhuklinets, I.A., Lipatov, A.L.: A course on GRC. Information protection. Inside 2(74), 8–12 (2017)

    Google Scholar 

  4. What is the SGRC? Basic concepts and applications. https://www.securityvision.ru/blog/chto-takoe-sgrc-osnovnye-ponyatiya-i-primenenie/. Last accessed 25 Mar 2022

  5. Security Vision Security Governance, Risk Management and Compliance (SGRC/a-SGRC). https://www.securityvision.ru/products/sgrc/. Last accessed 28 Mar 2022

  6. Abramova, O.S., Posternak, E.V.: Mathematical model of risk management method development in GRC-solution for organizations of the banking system of the Russian Federation and its solution. Polytech. Youth J. 4(21), 1–11 (2018)

    Google Scholar 

  7. Kupriyanov, D.O., Stefanovich, I.D., Zavedeev, Y.M., Gadaev, E.M., Alexeev, A.B.: Analysis of intelligent control technology of cyber security «A-SGRC + SPRU». In: Materials of the II Regional Scientific-Practical Conference 2021, pp. 34–42. St. Petersburg (2021)

    Google Scholar 

  8. Rimsha, A.S., Rimsha, K.S.: Analysis of means of information security of ACS TP of gas-producing enterprises. Caspian J.: Manage. High Technol. 3(47), 102–121 (2019)

    Google Scholar 

  9. Barmin, S.V., Resh, E., Aliev, A.S., Belyaeva, E.G.: Automation and visualization of monitoring and response centers for IS incidents. Inform. Prot. Inside 4(88), 44–51 (2019)

    Google Scholar 

  10. Alekseev, A.V.: Automation of system management of information security of heterogeneous systems. In: Methods and Technical Means of Information Security (MITSOBI 2020): Proceedings of the 29th Scientific and Technical Conference, pp. 149–153. Saint-Petersburg (2020)

    Google Scholar 

  11. Mamatkulov, U.B., Kesel, S.A., Semenov, D.V., Shkatov, P.N.: Intellectualization of SGRC platforms using mivar approach. In: Artificial Intelligence in Automated Control and Data Processing Systems, pp. 379–386. Moscow (2022)

    Google Scholar 

  12. Mamatkulov, U.B., Kesel, S.A., Semenov, D.V., Varlamov, O.O., Shkatov, P.N.: Mivar intellectualization of SGRC information security platforms. In: Varlamov, O.O. (ed.) MIVAR'22, pp. 269–275. Moscow (2022)

    Google Scholar 

  13. Effective application of SGRC systems in the categorization of CII objects. https://www.ussc.ru/news/novosti/effektivnoe-primenenie-sistem-sgrc-pri-kategorirovanii-obektov-kii/. Last accessed 02 Apr 2022

  14. Boldareva, E.O.: SGRC systems as a trend in recent years in the market of information security. In: BI-technologies and Corporate Information Systems in the Optimization of Business Processes of the Digital Economy: Proceedings of the VI International Scientific-Practical Part-Time Conference, pp. 32–35. Ekaterinburg (2019)

    Google Scholar 

  15. Pitelinsky, K.V., Sigida, M.P., Makovey, S.O.: The covid-19 pattern: the impact of innovation and information technology on the formation of the digital Middle Ages. Defense Complex Sci Tech Prog Russia 1(153), 9–20 (2022)

    Google Scholar 

  16. Pitelinsky, K.V., Fedorov, N.V., Makovey, S.O., Sigida, M.P.: Classification of bionic robotics and review of some of its foreign models. Defense Complex Sci Tech Prog Russia 3(151), 39–50 (2021)

    Google Scholar 

  17. Comparison of SGRC systems (Security Governance, Risk, Compliance). https://cisoclub.ru/sgrc/. Last accessed 21 June 2022

  18. Overview of Russian SGRC products. https://studref.com/699208/informatika/obzor_rossiyskih_sgrc_produktov. Last accessed 28 June 2022

  19. Eplat4m Homepage. https://eplat4m.ru/. Last accessed 29 June 2022

  20. Egida Homepage. https://infozont.ru/egida/. Last accessed 09 Jul 2022

  21. R-Vision Homepage. https://rvision.ru/. Last accessed 29 June 2022

  22. Registration certificate for computer program RU 2019619276 dated July 15, 2019. Application number 2019618015 dd. 02.07.2019. Software suite «Security vision security governance, risk management, and compliance» (SS «SECURITY VISION SGRC»)

    Google Scholar 

  23. Ak Bars Bank was the first in Russia to confirm compliance with international and national requirements for business continuity management systems. https://plusworld.ru/daily/banki-i-mfo/ak-bars-bank-pervym-v-rossii-podtverdil-sootvetstvie-mezhdunarodnym-i-natsionalnym-trebovaniyam-k-sistemam-menedzhmenta-po-nepreryvnosti-biznesa/. Last accessed 31 June 2022

  24. Papazafeiropoulou, A., Spanaki, K.: The implementation of governance risk and compliance information systems (GRC IS): adoption lifecycle and enterprise value. Inf. Syst. Manag. 33(4), 302–315 (2016)

    Article  Google Scholar 

  25. Papazafeiropoulou, A., Spanaki, K.: Understanding governance, risk and compliance information systems (GRC IS): the experts view. Inf. Syst. Front. 18(6), 1251–1263 (2015). https://doi.org/10.1007/s10796-015-9572-3

    Article  Google Scholar 

  26. Volker, N., Wolfgang, M.: The development of a data-centred conceptual reference model for strategic GRC-management. J. Serv. Sci. Manag. 7(2), 63–76 (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. «AK BARS» Bank, Dekabristov St., 1, Kazan, Republic of Tatarstan, 420066, Russia

    Vyacheslav V. Yashkin

  2. Moscow Polytechnic University, Bolshaya Semenovskaya 38, Moscow, 107023, Russia

    Sergey A. Kesel & Sergey O. Makovey

  3. Obninsk Institute of Atomic Energy, Studgorodok, 1, Obninsk, 249039, Russia

    Alexandr S. Domnikov

Authors
  1. Vyacheslav V. Yashkin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sergey A. Kesel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sergey O. Makovey
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alexandr S. Domnikov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sergey O. Makovey .

Editor information

Editors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Radek Silhavy

  2. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Petr Silhavy

  3. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlín, Czech Republic

    Zdenka Prokopova

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yashkin, V.V., Kesel, S.A., Makovey, S.O., Domnikov, A.S. (2023). SGRC System as a Basis for Building Business Processes and Measuring the Digital Sustainability of a Business. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds) Data Science and Algorithms in Systems. CoMeSySo 2022. Lecture Notes in Networks and Systems, vol 597. Springer, Cham. https://doi.org/10.1007/978-3-031-21438-7_80

Download citation

Publish with us

Policies and ethics

Search

Navigation