Published under Risk Management

A large number of Business Governance Frameworks exist in a national and international context. They affect various geographical regions and apply to different industry sectors. There are guidelines for business governance in every country – however, not all are formulated as regulations of the governing law, some are only generally accepted norms of conduct. Furthermore, the OECD has developed its own set of principles for corporate governance.

Due to the limited resources ENISA decided that only three most relevant Governance Frameworks will be examined in this web site, namely Basel II, MIFID and SOX. Criteria for the selection of these Frameworks were the global reach and the maturity level of their contents. Descriptions of the selected Frameworks can be found in the relative three sub-sections.

Basel II is an international regulation. While SOX and MiFID were created for specific markets (respectively USA and EEA) they heavily influence companies operating outside of the said markets. All discussed frameworks have either been present and active for a reasonable time period (Basel II, SOX) or are based on previously existing regulations (MiFID) and have already multiple implementations worldwide.

It should be noted that all analysed Frameworks are business oriented. However, they also influence IT – either directly or indirectly. This aspect is of a special interest to this effort, as most interfaces to ENISA IT RM/RA Framework will exist in the area of IT.


We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more