Find Resources and
Connect with members on topics that interest you.
Please sign in to see your topics.
The internal audit team of one of the biggest gaming operators in Europe implemented a cloud-based governance, risk and compliance (GRC) platform to improve the quality of its audit work papers and the productivity and collaboration with the other assurance teams (i.e., compliance, risk, security) of the company. MetricStream1 was selected as partner for this implementation. The platform provided the functionality to quickly evaluate the effectiveness and efficiency of processes, risk and controls.
For assessing the capability of IT processes and the related controls’ design and operational effectiveness, the COBIT® 5 process model was selected and uploaded to the GRC software platform processes universe. The COBIT® process model could be easily mapped to the International Organization for Standardization/International Electrotechnical Commission’s (ISO/IEC’s) ISO/IEC 27001: 2013 information security standard, which is incorporated within the WLA Security Control Standard (WLA-SCS:2016),2 a standard widely adopted by lottery companies. Therefore, using both an automated audit management system and a standardized control framework, consistent and repeatable evaluation of the organization’s IT processes’ efficiency, effectiveness, maturity and compliance readiness with the worldwide lottery industry standards could be easily achieved.
To read the rest of this article, click here.
You must login to leave a comment.
You must be a logged in to start a discussion.