摘要 |
A method and system for creating and managing a control structure for compliance with one or more compliance regimes by an entity is disclosed. The method is used for analyzing risks associated with deficiencies in compliance and for generating reports related to the compliance status. The method includes specifying one or more master structures for the entity, wherein specifying the master structure includes specifying one or more processes associated with the master structure, specifying one or more objectives for the processes, identifying one or more risks associated with the objective, and identifying one or more controls to mitigate the risks.
|