Abstract
The study of issues of taking into account the goals and objectives of the enterprise/organization, risk management, and compliance with the requirements of regulations in the field of information security is currently provided by automated information-analytical systems Security GRC. Taking into consideration available classes of SGRC solutions on the world market, the proposed method of automating complex information security management was analyzed. The main problems and reasons for using SGRC systems were singled out. The approach of introducing such systems into a modern model of knowledge management as a way to increase the efficiency of managerial decisions in the field of information security was analyzed. The use of simulation modeling for increasing the efficiency of managerial decision-making in choosing the actual system was offered, based on which some domestic popular and new products of SGRC solutions were compared. A conclusion is made about the prospects of using such systems in the modern realities of the structure of banking organizations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
A new stage in the development of SGRC systems: technology a-SGRC (auto-SGRC). https://www.anti-malware.ru/analytics/Technology_Analysis/auto-SGRC?utm_source=yxnews&utm_medium=desktop. Last accessed 23 Mar 2022
Marshall, I.J., Wallace, B.C.: Toward systematic review automation: a practical guide to using machine learning tools in research synthesis. Syst. Rev. 8(163), 1–10 (2019)
Zhuklinets, I.A., Lipatov, A.L.: A course on GRC. Information protection. Inside 2(74), 8–12 (2017)
What is the SGRC? Basic concepts and applications. https://www.securityvision.ru/blog/chto-takoe-sgrc-osnovnye-ponyatiya-i-primenenie/. Last accessed 25 Mar 2022
Security Vision Security Governance, Risk Management and Compliance (SGRC/a-SGRC). https://www.securityvision.ru/products/sgrc/. Last accessed 28 Mar 2022
Abramova, O.S., Posternak, E.V.: Mathematical model of risk management method development in GRC-solution for organizations of the banking system of the Russian Federation and its solution. Polytech. Youth J. 4(21), 1–11 (2018)
Kupriyanov, D.O., Stefanovich, I.D., Zavedeev, Y.M., Gadaev, E.M., Alexeev, A.B.: Analysis of intelligent control technology of cyber security «A-SGRC + SPRU». In: Materials of the II Regional Scientific-Practical Conference 2021, pp. 34–42. St. Petersburg (2021)
Rimsha, A.S., Rimsha, K.S.: Analysis of means of information security of ACS TP of gas-producing enterprises. Caspian J.: Manage. High Technol. 3(47), 102–121 (2019)
Barmin, S.V., Resh, E., Aliev, A.S., Belyaeva, E.G.: Automation and visualization of monitoring and response centers for IS incidents. Inform. Prot. Inside 4(88), 44–51 (2019)
Alekseev, A.V.: Automation of system management of information security of heterogeneous systems. In: Methods and Technical Means of Information Security (MITSOBI 2020): Proceedings of the 29th Scientific and Technical Conference, pp. 149–153. Saint-Petersburg (2020)
Mamatkulov, U.B., Kesel, S.A., Semenov, D.V., Shkatov, P.N.: Intellectualization of SGRC platforms using mivar approach. In: Artificial Intelligence in Automated Control and Data Processing Systems, pp. 379–386. Moscow (2022)
Mamatkulov, U.B., Kesel, S.A., Semenov, D.V., Varlamov, O.O., Shkatov, P.N.: Mivar intellectualization of SGRC information security platforms. In: Varlamov, O.O. (ed.) MIVAR'22, pp. 269–275. Moscow (2022)
Effective application of SGRC systems in the categorization of CII objects. https://www.ussc.ru/news/novosti/effektivnoe-primenenie-sistem-sgrc-pri-kategorirovanii-obektov-kii/. Last accessed 02 Apr 2022
Boldareva, E.O.: SGRC systems as a trend in recent years in the market of information security. In: BI-technologies and Corporate Information Systems in the Optimization of Business Processes of the Digital Economy: Proceedings of the VI International Scientific-Practical Part-Time Conference, pp. 32–35. Ekaterinburg (2019)
Pitelinsky, K.V., Sigida, M.P., Makovey, S.O.: The covid-19 pattern: the impact of innovation and information technology on the formation of the digital Middle Ages. Defense Complex Sci Tech Prog Russia 1(153), 9–20 (2022)
Pitelinsky, K.V., Fedorov, N.V., Makovey, S.O., Sigida, M.P.: Classification of bionic robotics and review of some of its foreign models. Defense Complex Sci Tech Prog Russia 3(151), 39–50 (2021)
Comparison of SGRC systems (Security Governance, Risk, Compliance). https://cisoclub.ru/sgrc/. Last accessed 21 June 2022
Overview of Russian SGRC products. https://studref.com/699208/informatika/obzor_rossiyskih_sgrc_produktov. Last accessed 28 June 2022
Eplat4m Homepage. https://eplat4m.ru/. Last accessed 29 June 2022
Egida Homepage. https://infozont.ru/egida/. Last accessed 09 Jul 2022
R-Vision Homepage. https://rvision.ru/. Last accessed 29 June 2022
Registration certificate for computer program RU 2019619276 dated July 15, 2019. Application number 2019618015 dd. 02.07.2019. Software suite «Security vision security governance, risk management, and compliance» (SS «SECURITY VISION SGRC»)
Ak Bars Bank was the first in Russia to confirm compliance with international and national requirements for business continuity management systems. https://plusworld.ru/daily/banki-i-mfo/ak-bars-bank-pervym-v-rossii-podtverdil-sootvetstvie-mezhdunarodnym-i-natsionalnym-trebovaniyam-k-sistemam-menedzhmenta-po-nepreryvnosti-biznesa/. Last accessed 31 June 2022
Papazafeiropoulou, A., Spanaki, K.: The implementation of governance risk and compliance information systems (GRC IS): adoption lifecycle and enterprise value. Inf. Syst. Manag. 33(4), 302–315 (2016)
Papazafeiropoulou, A., Spanaki, K.: Understanding governance, risk and compliance information systems (GRC IS): the experts view. Inf. Syst. Front. 18(6), 1251–1263 (2015). https://doi.org/10.1007/s10796-015-9572-3
Volker, N., Wolfgang, M.: The development of a data-centred conceptual reference model for strategic GRC-management. J. Serv. Sci. Manag. 7(2), 63–76 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Yashkin, V.V., Kesel, S.A., Makovey, S.O., Domnikov, A.S. (2023). SGRC System as a Basis for Building Business Processes and Measuring the Digital Sustainability of a Business. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds) Data Science and Algorithms in Systems. CoMeSySo 2022. Lecture Notes in Networks and Systems, vol 597. Springer, Cham. https://doi.org/10.1007/978-3-031-21438-7_80
Download citation
DOI: https://doi.org/10.1007/978-3-031-21438-7_80
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-21437-0
Online ISBN: 978-3-031-21438-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)