检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张涛 Zhang Tao(CHN Energy Investment Group Co.,Ltd.Informationization Management Department,Beijing,100011)
机构地区:[1]国家能源投资集团有限责任公司信息化管理部,北京100011
出 处:《能源科技》2020年第10期5-9,共5页Energy Science and Technology
摘 要:在企业管理过程中,如何通过有效的内部合规性控制及审计,达到全面有效的风险管理、提高企业治理水平是一直被探索与实践的课题。近年来,随着信息技术的发展和企业管理信息化水平的不断提升,企业的各类业务活动从线下转到了线上,原有的业务风险管控和合规性管理问题也必然要依靠与现有业务信息系统融合并建设自身管控系统来实现。本文通过对GRC(Governance,Risk Management and Compliance Management)管理理念的研究,结合国家能源集团GRC系统在管理系统用户授权及合规性控制方面的初步实践及成果,提出如何逐步完善企业GRC平台建设的思路,帮助企业克服对治理、风险和合规性的支离破碎的低效管理方式,提升企业的风险管控水平。How to realize overall and efficient risk control and improve the enterprise governance level via effective internal compliance control and audit during the enterprise management process is a subject that has been explored and practiced all the time.As various business activities of enterprises become online along with development of the information technology and continuous improvement of the enterprise management informationization level in recent years,business risk control and compliance management have to integrate with the current business information system and construct a special control system.By researching the GRC(Governance,Risk Management and Compliance Management)management philosophy and combining the preliminary practice and achievements of the GRC system of CHN Energy in managing system user authorization and controlling compliance,this article puts forward ideas on how to gradually perfect the GRC platform construction of enterprises,thus helping enterprises abandon the broken and ineffective governance,risk,and compliance management mode and improving the risk control level of enterprises.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15