Frameworks
A large number of Business Governance Frameworks exist in a national and international context. They affect various geographical regions and apply to different industry sectors. There are guidelines for business governance in every country – however, not all are formulated as regulations of the governing law, some are only generally accepted norms of conduct. Furthermore, the OECD has developed its own set of principles for corporate governance.
Due to the limited resources ENISA decided that only three most relevant Governance Frameworks will be examined in this web site, namely Basel II, MIFID and SOX. Criteria for the selection of these Frameworks were the global reach and the maturity level of their contents. Descriptions of the selected Frameworks can be found in the relative three sub-sections.
Basel II is an international regulation. While SOX and MiFID were created for specific markets (respectively USA and EEA) they heavily influence companies operating outside of the said markets. All discussed frameworks have either been present and active for a reasonable time period (Basel II, SOX) or are based on previously existing regulations (MiFID) and have already multiple implementations worldwide.
It should be noted that all analysed Frameworks are business oriented. However, they also influence IT – either directly or indirectly. This aspect is of a special interest to this effort, as most interfaces to ENISA IT RM/RA Framework will exist in the area of IT.
-
Interoperable EU Risk Management ToolboxThis document presents the EU RM toolbox, a solution proposed by ENISA to address interoperability concerns related to the use of information...
-
Interoperable EU Risk Management FrameworkThis report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents...